There are two ways to code such an application: FBML, a markup language created by Facebook, versus creating an iframe application. In the latter case, which is the most interesting, the application will run on your hosting server and will be embedded in a Facebook page. This choice gives you more freedom in data processing and technology since the application will be a real web application, with the addition of an interface to Facebook data.
The starting page for creating a web application is http://developers.facebook.com/get_started.php; there is a list of steps to complete such as:
- downloading the official php library and placing it wherever you want, for inclusion in php scripts; of course there are other libraries to take advantage of the same Api, written in other programming languages, but php is the most comfortable choice for the majority of this blog's audience.
- Register the application in the Developers application.
- insert the callback (url of your server) and canvas (official url of the application) urls; canvas is the generic term for the Facebook page where your application resides.
To try out Facebook's environment, I decided to write a throw away php application that automatically declines events whenever they contain a list of spamming keywords chosen by the user. The keywords are stored in a mysql database on its own server.
Currently NoSpam runs on my home server because I could not find a free php hosting service which has Pdo_Mysql and stream_context_wrapper() enabled at the same time. (Do you know any?)
The solution for taking advantage of precooked Facebook widgets resides in XFBML, an Xhtml namespace that allows you to embed Fbml tags in your html and having them parsed when the iframe is loaded, much like Dojo declarative model.
A guide for setting up XFBML can be found on the Facebook developers' wiki: http://wiki.developers.facebook.com/index.php/XFBML
Everyone says that xhtml sucks, but it is a standard for this really useful feature. Once XFBML is set up, creating a button that asks for extended permissions is as easy as:
<fb:prompt-permission perms="rsvp_event">Allow NoSpam to respond to your events invitation.</fb:prompt-permission>Php
The role of Php in this adventure has been fantastic: it scaled down just enough to allow me building a throw-away application, since my goal was learning how the facebook infrastructure works. I wrote only 1 class, and all the setup was in my index.php (which is only ~100 hundred lines of code long).
I am trying different hosting services (which usually are the driving force of php, but they have always interesting features and extensions disabled or not compiled at all), and all it takes to deploy the NoSpam app, to judge if it can work in an hosting environment, is uploading the files and create the mysql database. No compiling, no packaging, no dependencies resolution, no libraries of any kind but the Facebook official one. Php can create monsters sometimes, but it's certainly the path of least resistance between a web developer and a working prototype.
Note that I have not TDDed this application since I plan to throw it away. When you're working in a new environment, the best thing to learn how it works is to dive in the code.