Upload image with facebook API

Question

Question: How to upload an image from my webserver to facebook via FB API?

I'm writing an application that retrieves images from the user's photo album, makes some modifications (e.g. adding a watermark) then send it back to photo album.

The code I use to upload the photo is as follows

<?php
include_once("api/facebook.php");
include_once("config.php");
include_once("utils.php");
include_once("bemyfans.php");
$facebook=new Facebook($api_key,$app_secret);
$facebook->require_frame();
$user=$facebook->require_login();
echo "<p>Hello <fb:name useyou='false' uid=\"$user\"/></p>";
$args = array(
  'api_key' => $api_key,
  'call_id'=>microtime(true),
  'v'=>'1.0',
  'format' => 'JSON'
);
$args['Lenna.png']="@/home/thoai/htdocs/apps/bemyfans/Lenna.png";
signRequest($args,$secret);
$ch = curl_init();
$url = 'http://api.facebook.com/restserver.php?method=photos.upload';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
if ($data = curl_exec($ch)) echo "done";
echo $data;

function signRequest(&$args, $secret){
  ksort($args);
  $sig = '';
  foreach($args as $k => $v){
    $sig .= $k . '=' . $v;
  }
  $sig .= $secret;
  $args['sig'] = md5($sig);
}
?>

It just doesn't work. More specifically, I keep getting an "Incorrect signature" message.

What's wrong with the code???

Answer 1

Judging from the error, your request is not being signed properly.

I took a quick look at the facebook API docs, and your signRequest() function looks about right to me.

So I'll suggest you check the obvious: that your $secret is correct.

EDIT: Your answer to the questions in comments make me see it now. I don't know how the facebook servers deal with binary data and signatures, but your signature is based on that @-prefixed pathname. Facebook never sees that pathname, since cURL sends the file contents. So there's no way that facebook can reconstruct the signature and verify it.

Check the facebook docs for the call you're making very carefully. You might need to omit the file from your signature-generation, or base64 encode it, or who knows what.

But it's clear that your code is sending a signature that facebook cannot verify, since it never sees anything remotely resembling "@/home/thoai/htdocs/apps/bemyfans/Lenna.png" in your request.

Answer 2

Sign the request before you add the file to the args.

Answer 3

I think you are doing it all wrong Look at my code

$appapikey = 'keykeykey';
$appsecret = 'secretcesret';
$facebook = new Facebook($appapikey, $appsecret);
$user=$facebook->require_login()

$facebook->api_client->photos_upload($file, null, "A test Photo", $user);

This works for me