The Lair

Yes, I recently hopped on yet another bandwagon as some of you may well know. I decided to check out what the huge fuss was all about - I started poking around the Facebook API and wrote an application.

Is it a big deal? I rather think it is . There are reports of teething troubles aplenty and I discovered some limitations in the documentation - but overall, I really like the concept of being able to wrestle with the innards of a social networking application. It was fairly frustrating to figure things out, but ultimately it is an interesting experience. I’m still coming to grips with the possibilities.

Some interesting points to note.

• At the time of writing, the PHP4 library is broken. Easily fixed, but errm. Releasing a library with syntax errors? Not cool.
• The sample app describes a terrible method of updating content in a profile box. It simply doesn’t scale worth a damn.
  I read the sample app, it looked simple enough to do. There was a mention of the content being cached; but I thought - hey, how often can they wait without checking the cache? If someone develops an app using the method described in the sample application; there can be a wait of upto 24 hours before the content is updated. Not cool. To be fair, this is vaguely alluded to in the Gotchas section of the wiki. The solution is to use fb:ref for everything. Setting fbml manually? Not feasible under many circumstances. Had to learn this the hard way -ie:, develop the app using the manual FBML setting method and then have to rewrite the entire app to use refs instead.
• Every request that is sent over by Facebook is proxied. This is probably a good thing; but it initially triggered a state of mild unease to have a bunch of requests hitting my server all at once.
• infinite sessions - AAARGH. Please die, kthx. You need to call $facebook->api_client->session_key = ‘your session key’; somewhere in your application. Finding out the session key requires screen scraping an application. It’s all so hideously complicated (and ill documented) that I almost gave up in despair. There was lots of cursing in the interim. Facebook actually encourages having a test user for each application that is developed. This test user can never remove your application or log out of Facebook - or the infinite session is destroyed. It’s all mind blowingly convoluted. Perhaps there is a better way, but I haven’t seen it yet.

The app is here. It’s an amusing little widget for Achcharu.

There is an additional concern - best expressed by this comment. Facebook is a closed environment. The platform belongs to someone else. Building up a dependence to Facebook application development is like building up a dependence to Visual Studio or Powerbuilder or other closed environments. You never can tell when the rug is going to be yanked under your feet.

Application fatigue on Facebook notwithstanding though, the API is fairly comprehensive and does allow a fair amount of freedom. There are security related restrictions, certainly - no JavaScript is allowed, most CSS is escaped or has to be poked inline - but excluding those minor inconveniences - the API is a brilliant idea. Now if only Facebook itself had more things to do, we’d all be sorted.