Jump to content

check if facebook user exists


Balderick

Recommended Posts

Can someone give any suggestion how to check if a facebook address is valid when send by form input?

I created a function checking the url address with get_headers at status code 302. This doesn't work when a facebook username doesn't exist, because it still gives true.

How to solve this problem?

 

Link to comment
Share on other sites

 

this is a part of the code:

<?php 


	$url_inp = 'http://www.facebook.com/thisisnothingbutcrap';

	$array = get_headers($url_inp);
		
	$string = $array[0];
	//    if( strpos($string,"200") || strpos($string,"301") || strpos($string,"302") || strpos($string,"403")   ) {
	 if(  strpos($string,"302")    ) {  
	 
	var_dump($array);	 
	var_dump($url_inp);
		
	var_dump($string);
		  }
	  
	  
	  
	  
	  
	  
	  
	  ?>

 

Link to comment
Share on other sites

and here you have the output of the script:

X:mylocation\test-forumpost.php:15:
array (size=36)
  0 => string 'HTTP/1.1 302 Found' (length=18)
  1 => string 'Location: https://www.facebook.com/thisisnothingbutcrap' (length=55)
  2 => string 'Vary: Accept-Encoding' (length=21)
  3 => string 'Content-Type: text/html; charset=UTF-8' (length=38)
  4 => string 'X-FB-Debug: H2nqcWjKt6OFa3H/7fqtn4AmaBe8bs8XU7D8p5iiBbjfIFxKPFk0AXrzmYcsb1j6CQpEAr1WWY+BMO7chtE4vg==' (length=100)
  5 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35)
  6 => string 'Connection: close' (length=17)
  7 => string 'Content-Length: 0' (length=17)
  8 => string 'HTTP/1.1 302 Found' (length=18)
  9 => string 'Location: https://www.facebook.com/unsupportedbrowser' (length=53)
  10 => string 'Strict-Transport-Security: max-age=15552000; preload' (length=52)
  11 => string 'access-control-allow-method: OPTIONS' (length=36)
  12 => string 'Vary: Origin' (length=12)
  13 => string 'Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length' (length=58)
  14 => string 'Access-Control-Allow-Origin: https://www.facebook.com' (length=53)
  15 => string 'Access-Control-Allow-Credentials: true' (length=38)
  16 => string 'Vary: Accept-Encoding' (length=21)
  17 => string 'Content-Type: text/html; charset=UTF-8' (length=38)
  18 => string 'X-FB-Debug: fc06dn16MiWV1IVm6K5HuEgZBb+X33cGRs/6WG+s8ayq3bhc48K3/4zopvdDa0ikEY97osK2u8Y/OCHRO3eLYQ==' (length=100)
  19 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35)
  20 => string 'Connection: close' (length=17)
  21 => string 'Content-Length: 0' (length=17)
  22 => string 'HTTP/1.1 200 OK' (length=15)
  23 => string 'X-XSS-Protection: 0' (length=19)
  24 => string 'public-key-pins-report-only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"' (length=259)
  25 => string 'Pragma: no-cache' (length=16)
  26 => string 'Cache-Control: private, no-cache, no-store, must-revalidate' (length=59)
  27 => string 'X-Frame-Options: DENY' (length=21)
  28 => string 'Strict-Transport-Security: max-age=15552000; preload' (length=52)
  29 => string 'X-Content-Type-Options: nosniff' (length=31)
  30 => string 'Expires: Sat, 01 Jan 2000 00:00:00 GMT' (length=38)
  31 => string 'Vary: Accept-Encoding' (length=21)
  32 => string 'Content-Type: text/html; charset=UTF-8' (length=38)
  33 => string 'X-FB-Debug: 2DMvDPHSjk4qfRmBAJo9RN+YmquJZHNnvnK7JtWUJ5tiz9sFiScne55HgP9PRhnrC/oQQjaPhBiCadng5jtfSg==' (length=100)
  34 => string 'Date: Thu, 10 Aug 2017 08:20:45 GMT' (length=35)
  35 => string 'Connection: close' (length=17)

X:mylocation\test-forumpost.php:16:string 'http://www.facebook.com/thisisnothingbutcrap' (length=44)

X:mylocation\test-forumpost.php:18:string 'HTTP/1.1 302 Found' (length=18)

...........................................................................................

I deliberately input a non existing user and get the output above, similar to a user that does exist. Which of the offsets is used to determine whether it is false or not?

 

Edited by Balderick
Link to comment
Share on other sites

I don't think any header will tell you if a user exists or not.  The original redirect is just because they're redirecting you from http to https.  I wouldn't assume that Facebook will send a header telling you whether or not something exists on their site.

Facebook does have an API, I haven't looked deeply into the capabilities but I would imagine that most things which people need would be supported in their API.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...