Login with Facebook using SDK 4.0 in PHP returns only full name and id of user and nothing else

Question

I am integrating Facebook login in my site. I am using Facebook SDK 4.0. My app API version is 2.4. I am trying to get basic profile info when user successfully log in with Facebook. But problem is - I am able to get only user id and his full name. Other stuffs like first name, last name, gender etc. are not being received. Also of course I need email of the person and user profile picture later on some stage. Here is my working code which is printing only name and id:

<?php
// start session
session_start();

$app_id = 'app_id'; // Facebook App ID
$api_secret = 'app_secret'; // Facebook App Secret
$required_scope = 'public_profile, publish_actions, email'; // Permissions required
$redirect_url = 'site_url/index.php'; // FB redirects to this page with a code

require_once __DIR__ . "/facebook-php-sdk-v4.0/autoload.php";

use Facebook\FacebookSession;
use Facebook\FacebookRequest;
use Facebook\GraphUser;
use Facebook\FacebookRedirectLoginHelper;

// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication($app_id,$api_secret);

// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( $redirect_url  );

try {
  $session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
  // When Facebook returns an error
} catch( Exception $ex ) {
  // When validation fails or other local issues
}

// see if we have a session
if ( isset( $session ) ) {
  // graph api request for user data
  $request = new FacebookRequest( $session, 'GET', '/me' );
  $response = $request->execute();
  // get response
  $graphObject = $response->getGraphObject();

  // print data
  echo "<pre>";
  echo  print_r( $graphObject, 1 );
  echo "</pre>";
} else {
  // show login url
  echo '<a href="' . $helper->getLoginUrl() . '">Login</a>';
}

Following info is printed:

Facebook\GraphObject Object
(
    [backingData:protected] => Array
        (
            [name] => Fname Lname
            [id] => ID
        )

)

You can see that I have already given scope parameter. But its not helping me. Then I started search on STO and found some solution which suggest us to add following line of code if you are using API v2.4 to explicitly mention the fields you want:

$request = (new FacebookRequest($this->session, 'GET', '/me/?fields=friends,id,name,birthday,email,picture,gender,location,address,email,hometown'))->execute()->getGraphObject()->asArray();   

But when I used above code, it again didn't work instead i got blank screen not even id and name as before.

I also visited Facebook developer docs but they are so long, complex and not enough user friendly a developer can follow them easily in short time.

I think there is a lot of confusion regarding Facebook login. There are so many articles on web and each illustrating their own method. Some uses PHP and other uses JavaScript too which popups the login window. Honestly speaking I am very confused at this level and can't understand which is the best, recommended and working method of accomplish the task. Thus I'm in search of following questions:

1. I want help in making my above code working so that it can fetch all info about user including email and profile pic too.
2. Some method of login with Facebook takes user full login page and some other displays a popup for login and user remains on the same page after successful login which initially generated the popup window. How both are different?
3. What is best practice of login with Facebook. Also which SDK and Graph API version one should use?

Answer 1

While Generating a login URL you must pass on the scopes for which you seek permission. You can generate this by modifying,

echo '<a href="' . $helper->getLoginUrl() . '">Login</a>';

to

echo '<a href="' . $helper->getLoginUrl(array('public_profile','email', 'user_friends')) . '">Login</a>';

This is just a example and may not cover all your requirement. You may have to add more scopes as per your requirement.

Above three scopes are permitted by default and you don't have to go through an app verification by facebook. But if you add any other scope, you may have to go through a an approval process before you can go live with an app.

And of-course since v2.4 you must explicitly ask for each field. Before email was supplied by default with /me , not any more. you must add it like,

 /me?fields=id,first_name,last_name,friends,email

Login with a facebook will not ask for a login if user is already logged in and will go to permission screen straight away if user has not given permission to this app before. If user has already given all permission and he is already logged in facebook, clicking on login with facebook link will redirect user to redirect handler straight away.

I suggest, you should always use latest stable facebook apis.

UPDATE

Just realized that facebook allows account creation with a phone-number. So, if user has created an account with phone-number instead of an email, in api response you will receive phone-number in place of email like below,

...
'email' => '465454654654'
...

So, your code must handle this situation.