Facebook Cookbook - Jay Goldman [68]
Figure 6-3. Visible to friends who are over 21
Underage users would see the same thing, but with the pop-related message. Users who aren’t friends with the Profile owner would see the gray box in Figure 6-4.
Figure 6-4. Visible to everyone else
It’s very important to understand how the fb:visible tags actually work, since it affects the type of information that you should put in them. If you look at the HTML that the FBML parser renders for the “Have a drink” example (assuming you’re over 21), you’ll note that the part we don’t want some people to see is right there in the source:
That’s not very well hidden, so don’t put really sensitive content in them! You definitely don’t want to use these tags for things like the following:
Your credit card number is 1234 5678 9012 3456!
Hiding Private Profile Content
Problem
Privacy is such an important concern on Facebook, and I want to make sure my application follows all of the rules and regulations so I respect my users and don’t get Terms of Service violations! How do I make sure I’m showing users only the Profile content from other users that they’re supposed to see?
Solution
The fb:if-can-see tag gives you full control over whether to display one user’s Profile content to another user. The simplest form is:
Discussion
The simplest case is probably not all that useful to you, since you’re probably more interested in a specific part of the Profile rather than the whole thing. Add a what parameter and include any one of the following: profile, friends, not_limited, online, statusupdates, wall, groups, photosofme, notes, feed, contact, email, aim, cell, phone, mailbox, address, basic, education, professional, personal, seasonal:
You're allowed to see You're not allowed to see them.
Note that you can’t chain the whats together, so you’ll have to nest fb:if-can-see tags if you want to check for more than one permission at a time:
You can see
Hiding Private Photos
Problem
How do I know whether I can show a photo to a user?
Solution
Use the fb:if-can-see-photo and specify a photo ID (pid). The simplest form is:
For more information on fb:photo, see Embedding Facebook Photos.
Discussion
The default behavior of fb:if-can-see-photo is to check for permission for loggedinuser, but you can specify a uid for a different user to check that person’s permissions instead. As always, you can include fb:else to display an alternate image:
Embedding an iFrame
Problem
I was smart and didn’t build my app as an iFrame, but now I need to put an iFrame inside the page.
Solution
Use the fb:iframe tag to embed an iFrame inside of FBML. The simplest form is:
Discussion
The embedded iFrame actually gets all kinds of interesting goodies appended to the embedding URL (these are similar to the parameters added by the fb:swf tag; see Embedding Adobe Flash), which you can use in that page to render more intelligent content. If you take a peek at the HTML rendered by the FBML parser, you’ll see something like: