In reply to Dare….. he’s Hijacked my news feed too!!!!
This is a Screenshot of the small application I first described in my previous blog post.
It is a simple Windows Form that lets you change your status on Facebook without having to browse to the site. It does not rely on Facebook’s API (as they won’t let you change your status, at least to date) but is really uses a hack on the Facebook mobile pages. It is based on PHP code posted by Christian Flickinger, ported to C# (.Net 2.0) by me.
When you pull down the form you get to see the settings:
Those can be stored in an XML file, that gets loaded automatically every time the program starts.
Beware that password ARE displayed and stored in clear text.
The idea so far is that you run it on your PC and you just keep it resized so it does not show the “dangerous” bits.
You can keep it minimized on the tray in windows, pop it up when you need to update your status, write your new status and click “change” – it will freeze for a couple of seconds while updates your status, since it uses synchronous calls – then you can minimize it again.
UPDATED – September 1st 2007: I have been asked by Facebook to pull down the source code from the Net, as it violates their terms of service (I had not realized that). Apologies to all.
What I had in mind was a simple program that would run on my PC, maybe minimized in the system tray, that would let me update my status in a click, thorugh the day, without having to log on to the website. Most of the day I am busy working, and I don’t really have time to go surf and check Facebook… but I like the possibility for people to hear how I am doing. Changing the status would keep them up to date, and would keep my profile current.
As I figured out afterwards, their API does not yet let you change your status yet.
There are other people asking for this possibility… but then I went further searching on the Internet, and I found this blog: http://www.nexdot.net/blog/2007/04/20/updating-facebook-status-using-php/.
I just hacked together a small WinForm written in C# that reimplements this idea.
I indeed would like to thank Christian for the idea, and my friend and colleague Pierluigi for his precious help with the regular expressions 🙂
At the moment it has terrible things such as hardcoded passwords in it, but as soon as I will have time to polish the code a bit, I will post it.
One more thing I would like to do with it is turning it from a standalone application into a Live Messenger Add-In, so that it synchronizes my messenger status with the one of Facebook. When I will have time for that.
I have been quite hooked into Facebook for the last couple of days, figuring out what it can and cannot do. It can do a lot. The possibility to inject code and brand new application into it is absolutely awesome.
Facebook, instead, empowers you to inject code into their social networking framework. Any code. In whatever language you like. They started it in PHP, but you can plug-in whatever you like: Java, Ruby, Perl…. you can even have your application running on your own server, still providing a seamless experience inside of facebook. This opens up to millions of possibilities, and I got fascinated by that.
At the same time, the paranoid part of myself has been thinking to the security implications of it. This open platform is cool, but it also sounds like a framework for cross-site-scripting (XSS) attacks. Sure, you can “report” an application made by a third party that does something weird… but who will really notice if all that happens under the hood is that your cookies get stolen (and someone accesses your bank account) ? Will you figure it out it has happenend because you wanted to see the “dancing pigs” loaded in your profile ? Or will you figure it out at all ?
This said, I set aside my fear for a while and I delved into coding. What I did learn in the last couple of years, having slowly moved away from security engagements, is to relax. When I was working costantly with security I was a lot more paranoid. Now I case much less, and I live a lot more.
So I developed a couple of quick and simple apps running from this very server into Facebook, and I started using thePHP5 library they provide, so to be able to follow the examples first and figure out how it was working.
Now I also want to take a look at the .NET library for facebook when I have time. It sounds cool.
Yet another social networking. I am on there too, now.
Ah, and by the way, I really find it incredible that every time I invite some people to a new social networking site (it has happened for all of them), it happens that some (many) of the persons I have invited reply to me or call me asking me “is this really sent by you ?” “it looked like spam” “what is this thing” and the like.
Come on, guys, we are in year 2007, you still don’t know what social networking is… especially if you work in IT you are sort of a dinosaur, you know?