Things to know about writing Facebook applications

From writing my little [Zooomr RSS Reader Facebook application] I believe there are a few things that developers need to be aware of that aren’t immediately obvious.

  1. The application you write is hosted on your server not Facebook!

    Facebook secretly includes the PHP (or whatever) pages under the covers, so is actually mostly with some surrounding Facebook stuff.

  2. The Facebook profile page is static!

    Yeah you heard me it’s static. No it does not make calls to your server when people see it. Think about it, I don’t have that many Facebook apps on my profile but it’s got to be at least 10 different sections – which as we now know means 10 calls to 10 different webservers – which means it would suck, hard.

    The way it works is that you have a cron job (a job that runs every 30 minutes or so) that inserts data into a users profile page using the Facebook API in PHP (or whatever).

  3. You need to look after users data!

    This is kind of an addendum to point 1 and point 2. Lets use an example to make this clearer:

    • For my Zooomr app I need to store peoples Zooomr username
    • In order to insert stuff into their profile page I also need their Facebook ID
    • This means I have to store a (MYSQL) database of Facebook ID’s against Zooomr ID’s and look after it.

    It’s not that much of a big deal, but it seems a little strange. I guess if you do annoying things with someones Facebook ID – write crap on their profile page, send them messages etc – then they’ll just remove your app. Still weird.

So there we go, the 3 main gotchas about writing Facebook applications, at least as far as I was concerned – maybe you’ve had a different experience? Maybe you don’t care. Maybe your cat just died! I strongly doubt any of the above will help with the cat dying, but you never know.

Now that I’ve felt I’ve contributed in a constructive fashion here’s a few things that really got on my b-cups about the whole thing.

  1. No love for BETA

    Developers like to test things before they release them to the world at large. Now initially this is really easy – cos when you’re developing your app you can tick a magical box that says ‘only let developers of this app add it’.

    Great. The problem happens when version 1 of your amazing cat based app is out and you’re working on version 1.1. Lots of people have 1.0 installed, so you can’t just go and change the code running on your server willy nilly, and you can’t change the application end points on Facebook cos that will change it for everyone. So basically you need to create another application in order to have a developer stream of your app and a production stream. PAIN IN THE ASS!


    OK so this is all about point 2 – the magical cron script that updates peoples profile pages. To do this you need a valid (PHP) session key. You get one of these when you log into Facebook but it expires after 2 days which is why the infinite session key is useful – it never expires!

    Getting one though is harder than it would first seem – this is the procedure I went through to get one:

    1. Uninstall the app you’re writing from your account
    2. Install another browser (safari is good for Windows types)
    3. [Create the get_infinite_session_key.php5 file described on the Facebook developers wiki]
    4. Visit the page in your new browser and don’t forget to tick the box that says ‘remember my id’
    5. That’s the number!! KEEP IT SAFE!


OK so I think I’ve covered both sides of the things that bothered me about Facebook apps and I hope I’ve instilled some pearls of wisdom to your good selves, now get back to work!