The steps are quite straight-forward. Let me explain-
Publishing a post, requires an access token; and once a user has authorized your application to post on your behalf, you can post on his behalf using the app access token. That it! So here are the steps-
- When user authorized your app successfully to post on his behalf, just save his/her facebook id in your database.
Use the access token which is nothing but
app-id|app-secret
(beware, dont expose this on client side ever), to publish on his/her wall. Just like-$response = $facebook->api( "/me/feed", "POST", array ( 'message' => 'This is a test message', .... 'access_token' => "app-access-token" ) );
But things to consider:
While authorizing, the user may/may not give you the permission to post, you can check that with
/me/permissions
just after the authorization step; so you should act accordingly.At any time later, the user can delete your app, or remove the permissions of your app from the app settings. In that case your posting script while give you the authorization error; in that case too handle appropriately.