You asked for it, you got it. My FBFoundations WordPress plugin for Facebook Connect was built to provide you the basic building blocks to create your own Facebook Connect-compatible blog. The idea being you add the foundations, and then plugin developers can add their own compatible plugins on top of that with little to no additional effort. The first version was a little rough – it required you to have a popup login button the first 3 times a user visited your site (unless they logged in), wasn’t very compatible with 3rd-party comment systems like Disqus, and required some additional effort. It was a pain for me as well.
Today I’m releasing a new version, version 0.4, which has the following updates:
- The popup login is now optional, and off by default
- There is a new Facebook login button that appears in the sidebar if the user is not logged in. This is in addition to the one above the comments box.
- You no longer have to have a specific div with an id of “#commentform” to load the login button for your users
- Better support for jquery – since jquery’s built into the latest versions of WordPress, I now load that instead.
- Meta support! Now, any blog that implements the FBFoundations plugin will automatically have the correct meta tags to properly format Facebook shares back to Facebook. On each single post, the post’s title and excerpt are loaded correctly in the share to Facebook. If the post has an image, the first image of the post appears with the share as well, instead of forcing you to surf through an endless list of images. It just works.
In addition to the above features, you get the existing features which include:
- Pre-loading of Facebook Javascript client libraries
- XFBML support out of the box – you should now be able to include XFBML anywhere in your blog, in blog posts, etc.
- Automatic authentication and authorization of Facebook users
Now your job is to go create something. Once you install this on your blog you now have a virtual playground for which you can start using the Facebook APIs via Javascript or PHP. You can add some XFBML and do a friend invite form, for example, or maybe replace your comments with an fb:comments XFBML tag. Or maybe you want to get more advanced and start loading some friends via the API and friends.getAppUsers. I’m now going to go and have some fun with my FBShare plugin.
For more information, be sure to check out the official FB Foundations post (which I’m going to update with this post). The download with all the updates mentioned here is version 0.4. You can download it by clicking or copying this link.
Please let me know in the comments if you have any suggestions, bugs, or improvements. I also welcome any patches – this is 100% GPL’d code!
Here’s the link again: http://downloads.wordpress.org/plugin/fbfoundations-facebook-connect-plugin.zip
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] on/off. Also added meta tag support and better compatibility with 3rd-party comment systems. See this blog post for more info on […]
[…] New FBFoundations Features and Updates – Stay n Alive […]
Thoughts:
You don't need to include the jquery js file in the plugin any more, since you're using the enqueue script method.
Your options subpanel still has major security issues. Basically, without nonce or user cap checking, somebody could modify your settings. Since the api_key isn't validated and output on the page itself, you have a cross-site-scripting vulnerability. It would be fairly easy to hack your site with this hole, all somebody would need is a valid login to the site (not an admin login).
If somebody does use the popup feature, it always pops up for people who disable cookies by default (or who force them to be session only, which is pretty common place). Kind of misfeature, I feel.
The title and description thing is neat, however it's possible that some sites already have this information. Should really be optional, for those two at least. The medium and image source stuff is fine, can't see those interfering much.
WordPress 2.9 includes new ways of specifying video includes, which end up using embeds. It might be worthwhile to add support for video_src too.
Hi
I installed the plugin,
added my api key
copy codes from FB
nothing happens
Thanks Otto – I'll look to getting this stuff added. I like the popup, so
not sure that will ever get removed, but it is off by default.
Are you seeing the login buttons in the upper-right and above the comments
at all? Are there any Javascript errors being produced if not?
I am going to take a wild guess and say it's a theme issue and not necessarily a problem with the plugin. Jesse, what would be the php code to include in the theme file?
Bruno, no PHP – it's just CSS. You should just be able to edit the
style.css file in your theme's main directory and set the style for the
share button accordingly. I haven't looked at it enough to be able to say
which class or id you need to change though.
same with me.. absolutely nothing happens.
same with me.. absolutely nothing happens.
Are you seeing the login buttons in the upper-right and above the comments
at all? Are there any Javascript errors being produced if not?
Thoughts:
You don't need to include the jquery js file in the plugin any more, since you're using the enqueue script method.
Your options subpanel still has major security issues. Basically, without nonce or user cap checking, somebody could modify your settings. Since the api_key isn't validated and output on the page itself, you have a cross-site-scripting vulnerability. It would be fairly easy to hack your site with this hole, all somebody would need is a valid login to the site (not an admin login).
If somebody does use the popup feature, it always pops up for people who disable cookies by default (or who force them to be session only, which is pretty common place). Kind of misfeature, I feel.
The title and description thing is neat, however it's possible that some sites already have this information. Should really be optional, for those two at least. The medium and image source stuff is fine, can't see those interfering much.
WordPress 2.9 includes new ways of specifying video includes, which end up using embeds. It might be worthwhile to add support for video_src too.