Upload image with facebook API

Question

Question: How to upload an image from my webserver to facebook via FB API?

I'm writing an application that retrieves images from the user's photo album, makes some modifications (e.g. adding a watermark) then send it back to photo album.

The code I use to upload the photo is as follows

<?php
include_once("api/facebook.php");
include_once("config.php");
include_once("utils.php");
include_once("bemyfans.php");
$facebook=new Facebook($api_key,$app_secret);
$facebook->require_frame();
$user=$facebook->require_login();
echo "<p>Hello <fb:name useyou='false' uid=\"$user\"/></p>";
$args = array(
  'api_key' => $api_key,
  'call_id'=>microtime(true),
  'v'=>'1.0',
  'format' => 'JSON'
);
$args['Lenna.png']="@/home/thoai/htdocs/apps/bemyfans/Lenna.png";
signRequest($args,$secret);
$ch = curl_init();
$url = 'http://api.facebook.com/restserver.php?method=photos.upload';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
if ($data = curl_exec($ch)) echo "done";
echo $data;

function signRequest(&$args, $secret){
  ksort($args);
  $sig = '';
  foreach($args as $k => $v){
    $sig .= $k . '=' . $v;
  }
  $sig .= $secret;
  $args['sig'] = md5($sig);
}
?>

It just doesn't work. More specifically, I keep getting an "Incorrect signature" message.

What's wrong with the code???

Answer 1

The code in this question use the outdated REST APIs, that will soon be discontinued.

The correct way now is:

$fbk = new Facebook(/* conf */);
$fbk->setFileUploadSupport(true);

//If you are executing this in a script, and not in a web page with the user logged in:
$fbk->setAccessToken(/* access token from other sources */);

//To add to an album:
$fbk->api("/$albumId/photos", "POST", 
          array('source' => '@'. realpath($myPhoto), 'message'  => "Nice photo"));

//To upload a photo directly (the album will be created automatically):
$fbk->api("/me/photos", "POST", 
          array('source' => '@'. realpath($myPhoto), 'message'  => "Nice photo"));

Remember the $fbk->setFileUploadSupport(true);

Answer 2

You are signing your requesting using all the args including the file argument. To get a correct signature you need to sign request without the file argument in the args.

Answer 3

I think you are doing it all wrong Look at my code

$appapikey = 'keykeykey';
$appsecret = 'secretcesret';
$facebook = new Facebook($appapikey, $appsecret);
$user=$facebook->require_login()

$facebook->api_client->photos_upload($file, null, "A test Photo", $user);

This works for me

Answer 4

Judging from the error, your request is not being signed properly.

I took a quick look at the facebook API docs, and your signRequest() function looks about right to me.

So I'll suggest you check the obvious: that your $secret is correct.

EDIT: Your answer to the questions in comments make me see it now. I don't know how the facebook servers deal with binary data and signatures, but your signature is based on that @-prefixed pathname. Facebook never sees that pathname, since cURL sends the file contents. So there's no way that facebook can reconstruct the signature and verify it.

Check the facebook docs for the call you're making very carefully. You might need to omit the file from your signature-generation, or base64 encode it, or who knows what.

But it's clear that your code is sending a signature that facebook cannot verify, since it never sees anything remotely resembling "@/home/thoai/htdocs/apps/bemyfans/Lenna.png" in your request.