WP-FB-AutoConnect Support
Please use the following form to submit your question or support request.

Can't read the CAPTCHA? Click here to refresh.
Captcha image


Your message has been sent, and I'll get back to you via e-mail as soon as I can.
Close this window

What Is WP-FB AutoConnect?

The simple concept behind WP-FB AutoConnect is to offer an easy-to-use widget that lets readers login to your blog with either their Facebook account or local Wordpress credentials. Although many "Facebook Connect" plugins do exist, most of them are either overly complex and difficult to customize, or fail to provide a seamless experience for new visitors. I wrote this plugin to provide what the others didn't:
  • Full support for both Wordpress and Buddypress.
  • No user interaction is required - the login process is transparent to new and returning users alike.
  • Existing users who connect with FB retain the same local user accounts as before.
  • New visitors will be given new user accounts, which can be retained even if you remove the plugin.
  • Facebook profile pictures can be used as avatars, even on pre-existing comments.
  • No contact with the Facebook API after the login completes - so no slow pageloads.
  • No 3rd party services: your site talks directly to Facebook, through an app created and owned by you.
  • Won't bloat your database with duplicate user accounts, extra fields, or unnecessary complications.
  • Custom logging options can notify you whenever someone connects with Facebook.
  • A powerful set of hooks and filters allow developers to easily tailor the login process to their personal needs: redirect to a custom page, fill xProfile data with information from Facebook, setup permissions based on social connections, and more.
  • Fully HTML/CSS valid.

WP-FB AutoConnect Premium

To address the needs of more advanced users, I've created an additional Premium add-on which extends the functionality of the free WP-FB AutoConnect plugin. This add-on currently provides the following:

Premium Features:
  • MultiSite Support (Click for more info)
    The free plugin is not aware of users registered on other sites in your WPMU installation, which can result in problems i.e. if someone tries to register on more than one site. The Premium version will actively detect and handle existing users across all your sites.
  • Shortcode Support (Click for more info)
    While the free plugin lets you place Facebook login buttons in your widget areas, the Premium addon's shortcode support makes it easy to place them in your post or page content as well - without the need for any custom PHP.
  • Require access to user's real email address (Click for more info)
    Although the free plugin allows you to ask the user for their email, they can still refuse to share it in the Facebook login popup. This premium option performs additional checks to require that they give you access to their address, before they're permitted to login. Users who deny this permission can be shown a customizeable message (i.e. asking them to login again).
  • Use image-based login buttons (Click for more info)
    While the free plugin uses xfbml to render its login buttons, the Premium addon allows the use of standard images as well. Image-based buttons have the advantage of being fully CSS-styleable, and of loading right away - just like any other page element.
  • Cache Facebook avatars to your server (Click for more info)
    This will make a local copy of profile pictures, so they'll always load reliably, even when Facebook's servers lag. No more broken avatars, ever.
  • Allow users & admins to manually disassociate user accounts from Facebook
  • Auto-fill BuddyPress X-Profile fields with information from Facebook
  • Announce Facebook logins on the BuddyPress Activity Stream
  • Show an AJAX spinner to indicate load-in-progress after clicking the Login button
  • Customize the login button's size and text (handy for localizing to another language)
  • Add a Facebook button to the comment form, login form, registration form, and WPMU signup form
  • Customize the Redirect URL for first-time visitors ("Welcome" page), returning visitors ("Welcome Back" page), and logged-out visitors ("Come back soon" page)
  • Restrict autoregistration to Facebook friends, Facebook fans, explicitly invited users (via Secure Invites), everyone, or no one
  • Send a customizable welcome mail to autoregistered users (with their generated login and password)
  • Customize the role assigned to autoregistered users
  • Request specific avatar dimensions from Facebook (i.e. for high-res themes) (new!)
  • Silently handle "double-logins" (Click for more info)
    If a visitor opens two browser windows, logs into one, then logs into the other, the security nonce check will fail. The free version of the plugin detects and reports this, giving the visitor a link to their desired redirect page. The premium version will handle it transparently: to visitors, it'll look like the page has just been refreshed and they're now logged in.
  • Show links to connected users' Facebook profiles in the "Users" admin page
In addition, the addon includes a Premium Widget that enables you to:
  • Customize all visible text (Click for more info)
    Customizable text: User, Pass, Login, Remember, Forgot, Logout, Edit Profile, and Welcome
  • Show/Hide any of the Widget's links, checkboxes, or textfields (Click for more info)
    You can show or hide:
    • The User/Pass fields (leaving Facebook as the only way to login)
    • The 'Register' link (only applicable if registration is enabled on the site/network)
    • The 'Remember' tickbox
    • The 'Edit Profile' link
    • The 'Forgot Password' link
  • Show the user's avatar next to their username (when logged in)
  • Point the 'Edit Profile' link to the current user's BuddyPress profile (rather than Wordpress)
  • Point the "Forgot Password" link to a custom URL of your choosing
  • Simultaneously logout of Facebook and the local blog
The addon can be purchased for instant download by Credit Card or Paypal from the button below.
Important: Before making a purchase, please be sure to install and test the free plugin to confirm that it works for you; if the free version works, so will the premium:

To install it, first setup the free version of WP-FB AutoConnect and then simply drop the purchased "WP-FB-AutoConnect-Premium.php" script into your plugins directory. This will automatically enable the premium features in your admin panel, and you may continue to update the core plugin as usual.


Here are some screenshots of the plugin; click each one for a larger view and description:
Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot


To allow your users to login with their Facebook accounts, you must first setup an application for your site:
  1. Visit developers.facebook.com/apps and select "Add a New App" from the "Apps" menu at the top.
  2. When the "Add a New App" window pops up, click the "basic setup" link at the bottom.
  3. Type in a name (i.e. the name of your site), contact e-mail, select a category, and click "Create App."
  4. Go to the "Settings" page and click "Add Platform," then "Website," then fill in your "Site URL."
    Note: http://example.com/ and http://www.example.com/ are not the same.
  5. Also on the "Settings" page, note the App ID and App Secret (you'll need them in a minute), and save changes.
  6. Go to the "App Review" page and make the app public (flip the switch at the top).
Then you can install the plugin:
  1. Download the latest version from here, unzip it, and upload the extracted files to your plugins directory.
  2. Login to your Wordpress admin panel and activate the plugin.
  3. Navigate to Settings -> WP-FB AutoConn.
  4. Enter your App ID and App Secret (obtained above), and click "Save."
  5. Navigate to Appearance -> Widgets and add the WP-FB AutoConnect widget to your sidebar.
That's it - users should now be able to login to your blog with their Facebook accounts.


How it Works

Before getting into any advanced customization, you should have a general understanding of how the login process works. When a user clicks the login button, a Facebook form pops up, they fill in their info, it closes, and a javascript callback function redirects them to _process_login.php. This is the heart of the plugin. Here's what it does:
  1. Access the User's Facebook account and get their uid (userID)
  2. Search for existing WP users tagged with this visitor's Facebook uid; whenever someone successfully connects, the plugin tags them with usermeta so it can quickly match them to their WP user account on subsequent logins. If found, this is the existing WP user we'll login.
  3. If nobody is found via usermeta, we search all existing users for someone with the same email address as the connecting FB member (assuming you've opted to ask them for their email). If found, this is the existing WP user we'll login.
  4. If nobody is found via meta or email, we assume the connecting user is a first-time visitor. We auto-create an account for them and log them in.
  5. Redirect the user to their previous page.
Note that all of the above is completely transparent - to the user, it appears that the current page was just reloaded and they're now logged in.

Hooks & Filters

During the login process, a number of hooks and filters provide an easy way for programmers to customize the script's behavior as needed:
  • Hook wpfb_prelogin runs at the very start of the login script, allowing you to perform custom actions before connecting to Facebook.
  • Hook wpfb_connect runs after pulling all the profile info from Facebook, but before searching for a local Wordpress user and deciding if this is a 'returning login' or 'automatic registration.'
  • Filter wpfb_insert_user is applied to userdata just before autoregistering an account, allowing you to customize new users without affecting existing ones.
  • Hook wpfb_inserted_user is run after the user has been autoregistered. It receives the new user's ID, letting you add or manipulate its meta.
  • Hook wpfb_existing_user runs before logging in an existing (i.e. not autoregistered) user.
  • Hook wpfb_login runs just before the login process finishes, receiving the user's Wordpress uid, their Facebook uid, and a Facebook access token. This allows you to access and utilize social information about your visitors; see the examples below for more detailed instructions.
  • Hook wpfb_add_to_form allows you to insert html into the <form> responsible for sending the user to _process_login.php. This is handy if you want to forward additional data for use during the login process.
  • Hook wpfb_add_to_js lets you insert additional javascript to be executed before submitting the <form> that sends the user to _process_login.php.
  • Hook wpfb_add_to_asyncinit lets you insert additional javascript after the Facebook API initializes.
  • Filter wpfb_extended_permissions lets you modify the extended permissions that Facebook will prompt for. The complete list of available permissions is documented here.
  • Hook wpfb_after_button lets you output custom html immediately after the Login with Facebook button.


The hook wpfb_login receives an array of arguments, formatted like this:
  • $args['WP_ID']: The local Wordpress user ID
  • $args['FB_ID']: The Facebook user ID
  • $args['access_token']: A Facebook access token for the connecting user
Because it provides a valid access token and matching local blog user, it's easy to pull whatever information you need from their profile and utilize it on your local site. As an example, I'll check if I'm friends with the connecting user, and if so, add them to a special "Personal Friends" group (via the Role Scoper plugin):
add_action('wpfb_login', 'add_to_friends');
function add_to_friends($arg)
  $myUID = '123456';
  $newUID= $arg['FB_ID'];
  $rsGrpID = 15;
  $friends = jfb_api_get("https://graph.facebook.com/me/friends/".$myUID
  if( (count($friends['data']) > 0) ) 
    ScoperAdminLib::add_group_user($rsGrpID, $arg['WP_ID']);
As you've probably guessed, jfb_api_get() is a simple convenience function I've provided to GET from a Facebook Graph URL; jfb_api_post() is also available. For information on the Graph API and how to pull content from Facebook, refer to the documentation here.

The following is a slightly more advanced example of how you might use wpfb_add_to_js and wpfb_add_to_form to forward some custom data for use during the login process:
//Add a POST variable to be sent through to _process_login.php
add_action('wpfb_add_to_form', 'nb_connect_add_to_form');
function nb_connect_add_to_form(){
  echo '<input type="hidden" name="cstm" id="cstm" value="unset" />';

//Before the form is submitted, use JS to set the field dynamically from a textbox
add_action('wpfb_add_to_js', 'nb_connect_add_to_js');
function nb_connect_add_to_js(){
  echo "document.getElementById('cstm').value = document.getElementById('t').value";
//When the user connects, insert the data into their BP xprofile.
add_action('wpfb_inserted_user', 'nb_connect_add_profiledata');
function nb_connect_add_profiledata($args){
  global $_POST;
  if( !function_exists('xprofile_set_field_data') ) return;
  xprofile_set_field_data('my_profile_field', $args['WP_ID'], $_POST['cstm']);
Finally, let's say you're a Premium customer who wants to map some Facebook user data to your BuddyPress XProfile, but the data you're after isn't one of the fields supported by default. The premium addon provides three filters for this purpose, so you can add support for mapping any information you like:
add_filter('wpfb_xprofile_allowed_mappings', 'jfb_custom_addmappings');
function jfb_custom_addmappings($allowed_mappings){
  $allowed_mappings['textbox']['music'] = 'Music*';
  $allowed_mappings['textarea']['music'] = 'Music*';
  return $allowed_mappings;

add_filter('wpfb_xprofile_fields_requiring_perms', 'jfb_custom_fieldperms');
function jfb_custom_fieldperms($fields_requiring_perms){
  $fields_requiring_perms['music'] = 'user_likes';
  return $fields_requiring_perms;

add_filter('wpfb_xprofile_fields_received', 'jfb_custom_processfields');
function jfb_custom_processfields($fb){
  if(isset($fb['music']) && is_array($fb['music']) && is_array($fb['music']['data'])){
      $arr = array();
      foreach($fb['music']['data'] as $item) array_push($arr, $item['name']);
      $fb['music'] = implode(",", $arr);
  return $fb;

Access Tokens

This plugin was intentionally designed only to interact with Facebook during login (see the 7th bullet under the list of features above). As such, access tokens obtained during the login process are short-lived and expire after only an hour or two (see Facebook's documentation here). If you'd like to utilize them to fetch additional profile information or perform actions on the user's behalf, you should do so in one of the login-time hooks or filters listed above, but please note that attempting to store, extend, or re-use them at a later point is beyond the scope of this plugin's included features and of my support.

Custom Login Buttons

The Premium addon provides options to insert Facebook login buttons to various locations around your site, including post/page content (via shortcode), login and registration pages, comment forms, and more. In most cases, this is the easiest way to output additional buttons.

If you'd like to manually add a button elsewhere on your site, you may do so by calling the PHP function:
Note however that this relies on two other functions which are normally auto-invoked by wp_footer, jfb_output_facebook_callback() and jfb_output_facebook_init(). If you end up with a nonfunctional button, most likely you're on a page that doesn't call wp_footer so you'll need to explicitly call one or both of these yourself.


Click each FAQ to reveal its answer. Numbers may not be sequential as I remove old or outdated FAQs.

3. The widget's layout looks weird.
This is a CSS issue - I've provided a basic stylesheet, but you probably need to tailor it a bit to match your theme.

8. What if my theme doesn't support Widgets?
The right answer: update your theme. It's *very* easy to support them, and they've been around for ages.
The wrong answer: <?php the_widget("Widget_LoginLogout", array('title' => 'Login')); ?>

9. I'm getting a 404 server error while trying to execute _process_login.php.
Your FTP client is probably set to upload files with the wrong permissions - try changing _process_login.php and the parent directory to 755. You should be able to access _process_login.php directly and have it say "Please do not access this script directly." If not, that means your server isn't executing the php at all (and it's a problem with your server configuration rather than the plugin).

10. I'm getting a 500 internal server error while trying to execute _process_login.php
In order to find the cause, you'll need to view your raw server error logs (contact your webhost if you don't know how). 9 out of 10 times it's because some necessary module (like cURL) is missing or disabled.

11. When I click the Login button a dialog comes up, but then nothing happens - it never logs in.
Most likely your page has other javscript errors that are causing it to fail; load it up with Firebug and see. Two common mistakes are:
  1. The Site URL you entered on Facebook doesn't match the base URL of your site. Note that http://example.com is not the same as http://www.example.com. Also make sure you've entered it correctly in Wordpress under Settings -> General.
  2. JQuery is not working properly on your site. This could be due to a corrupt Wordpress install, or an improperly-coded theme; Google is your best bet for a solution.
14. When I click the "Login with Facebook" button, nothing happens - no popup dialog.
Most likely your page has other javascript errors that are causing it to stop executing before it reaches the login button. Load it up with Firebug and see. For information on how to use Firebug, please visit Firebug.com.

17. Whenever I try to login, I get stuck with "You must be logged in to Facebook to use this feature."
You've probably disabled third-party cookies in your browser. Facebook Connect requires cookies.

20. Whenever I try to connect, I get the error "Failed nonce check. Login aborted."
The "nonce" is a security feature builtin to Wordpress (see here), and not something I personally implemented. It's possible that something funky is going on with your cookies, or that a caching plugin is breaking this functionality. However, as I've never experienced the problem myself, and as nonces aren't specific to this plugin, I'm afraid I really can't tell you what your problem might be. If you simply can't figure it out and are desperate to get the plugin running, I've added a debug option to "DISABLE the nonce security check" - but note that I don't recommend using this as it will result in weakened security by skipping the nonce check entirely.

22. Can users who registered with this plugin also login manually (not via FB)? What's their password?
Yes; autoregistered users are the same as any other WP user. However, they'll need to login with Facebook once so they can edit their profile and set their own password. Alternatively, you can purchase the premium addon which can send a custom welcome message (with generated login & password) to autoregistered users.

23. I don't like the username/role/something about the autoregistered user accounts. Can you change it?
You're free to modify the userdata to anything you'd like via the filters documented above. For example, here's a simple filter you could use to make the autoregistered usernames be based on Facebook e-mail addresses:
add_action('wpfb_insert_user', 'ex_username_to_email', 99, 2);
function ex_username_to_email( $user_data, $fbuser ){
  $user_data['user_login'] = $fbuser['email'];
  $user_data['user_nicename'] = sanitize_title($user_data['user_login']);
  return $user_data;
*Note: This is provided only as an example, and should not be used exactly as-is. The reason email-based usernames aren't one of the default plugin options is that there are situations which could result in invalid names (i.e. if the connecting user refuses access to their e-mail address). Please remember to error-check carefully, and to consider all possible corner-case scenarios.

24. "Login with Facebook" only appears as text, not a clickable button.
It's probably caused by one of:
  1. Your theme isn't calling wp_footer. Try reverting to the default theme.
  2. You've got other Javascript errors on your page. See FAQ14.
  3. Make sure browser cookies are fully enabled, and/or try another browser (without any addins/extensions)
  4. If you're using a Facebook Social Plugin, try the iFrame version (rather than HTML5 or XFBML).
27. Why can't users who've connected with Facebook change their avatars anymore?
The option to use Facebook avatars cannot be overridden on a per-user basis. In other words, if enabled, all users who've connected with Facebook will see their profile picture rather than their Wordpress avatar.

30. Can I receive update notifications for the Premium addon? How do I perform the updates?
As of v28 (released 11/20/2012), the Premium addon will automatically check for updates and place a notice at the top of your admin panel whenever a new version becomes available. At that time, you may grab the latest version by accessing your purchase history on justin-klein.com/store.

31. I've downloaded and installed the Premium addon, but I still can't access its features.
WP-FB-AutoConnect-Premium.php goes in your plugins directory (i.e. wp-content/plugins/WP-FB-AutoConnect-Premium.php), not the WP-FB-AutoConnect directory (i.e. wp-content/plugins/wp-fb-autoconnect/WP-FB-AutoConnect-Premium.php). This is to prevent it from getting overwritten when you auto-update the core plugin.

33. I've downloaded the Premium addon, but installing it gives the error PCLZIP_ERR_BAD_FORMAT.
You're probably trying to install the addon from your Wordpress admin panel as though it were a plugin. As per the setup instructions above, the addon needs to be uploaded directly to the "wp-content/plugins" directory on your server. You can do this via FTP, or through your webhost's file manager.

35. It doesn't seem to work in so-and-so browser.
Please reconfirm any browser-specific issues on another computer before reporting them below; 99% of the time they're caused by something on your local system. Make sure you tell me you've done this when reporting a browser bug, or I'll just redirect you to this FAQ. Note that the plugin has been tested and confirmed working on all major browsers (including iOS and Android).

36. How can I modify the plugin to work a bit differently / How can I implement some not-included feature?
As this plugin is open-source, you're welcome to tinker and modify it as you like. However, I do not provide support on customizations beyond what's included with the plugin. If you need customizations that you can't implement on your own, I suggest hiring an experienced Wordpress developer to do so for you (i.e. from here or here). Note: asking me to tell you exactly what to add/modify is the same as asking me to do it myself.

37. Whenever someone tries to login, it says "Error: Failed to get the Facebook user session..."
This is virtually always due to conflicting plugins or themes. Some particularly common conflicts:
  1. Facebook plugins. Make sure any other Facebook plugins have been updated to OAuth2, and that they're configured to use the same AppID as this one. You cannot load more than one AppID on a given page.
  2. CDN plugins. Make sure to add an exception so this plugin's directory does not get copied to a CDN.
  3. Caching plugins. Some include CDN functionality (see above), or cause issues with cookies.
  4. Themes that have one or more of these features built-in.
38. Why isn't my login widget showing the connected user's avatar?
The option to show an avatar is available via the Premium widget only. If you're already a Premium customer but aren't seeing an avatar, head over to Appearance->Widgets in your admin panel and make sure you're using "WP-FB-AutoConnect Premium" (not "WP-FB-AutoConnect Basic"), and that the "Show Avatar" option is enabled.

40. Imported Facebook avatars are too big / too small / too unpredictably-sized / not showing at all.
Facebook thumbnails are always 50x50, so if you're seeing something different (or nothing), your theme is probably calling the avatar function wrong. Try it out on the default theme. If you're intentionally showing the fullsize profile image but want to enforce consistent dimensions, you can do that with CSS.

44. When I try to "Connect" the admin panel, it says "Error: Failed to validate your App ID and Secret."
  1. If the error message also says "wp_remote_get() failed," it means your server can't establish an outbound connection to Facebook; you’ll need to get in touch with your webhost to address the issue with them. Perhaps they have i.e. overly aggressive firewall settings that are blocking the connection, or curl hasn’t been properly setup. But this error message means the plugin can’t reach Facebook at all, so something on your server is likely blocking the connection.
  2. Otherwise, it probably means you've changed your app's settings beyond what's listed in the instructions - try creating a new one from scratch, following the setup instructions exactly. You should be able to visit https://graph.facebook.com/<YourAppID> in a browser and have it show info about your app (like this). If it doesn't, something you changed is causing Facebook to block it.
45. I'd like a copy of the Premium addon, but your price is a bit too high. Do you offer any discounts?
I believe strongly in free and opensource software, which is why I originally shared my work; however, the countless hours I spend maintaining and supporting it do significantly detract from other paid jobs. Considering that I keep my price just barely high enough to start offsetting those hours, I would apprecate it if you wouldn't request a lower price. If the addon is beyond your budget, then I suggest you take advantage of the free plugin - which I make available for anyone to use with no strings attached, and even support personally for free.

46. I'm a Premium customer. What do I need to know about updating to v3.0.0 of this plugin?
Please click here to view the detailed answer to this FAQ.

46-A) I'm a Premium customer. What do I need to know about updating to v3.0.0 of this plugin?

To put it briefly, the core WP-FB-AutoConnect v3.0.0+ plugin is not compatible with previous versions of the Premium addon. If you purchased the addon within the last year, all you need to do is login to the eStore and view your Purchase History. From there, you can download the latest addon (updated to work with plugin v3.0.0) and upload it to your server, overwriting the WP-FB-AutoConnect-Premium.php file you're using now. Note that if you've not logged in since I migrated the eStore, you'll need to reset your password first - which you can do here.

If you purchased over a year ago, please keep reading below.

46-B) I'm a Premium customer who purchased more than a year ago. I don't get a free upgrade?!

Since first releasing WP-FB-AutoConnect Premium in late 2010, I've implemented many new features, improved compatibility with countless plugins and themes, and performed several major overhauls to keep up with Facebook's ever-evolving platform. In all this time, I've never charged for an upgrade; every customer was offered every new version I implemented, free of charge. But now that more than two years have passed, a one-time "free-updates cutoff" has proven unavoidable in order to fund my continued time for development and support. Please note that having waited this long to charge for an upgrade does go considerably beyond even my own Terms & Conditions of Sale, which state: "Free upgrades will be provided for a term no less than one year from the date of purchase."

Please be clear that version 3.0.0+ of the core plugin is not compatible with previous versions of the Premium addon; you must use v30+ of the addon with v3.0.0+ of the core. This means that customers who did not purchase within the last year have the following options:
  • You can upgrade to v3.0.0 and re-buy the addon to get all the latest features.
  • You can keep using the current 2.x plugin, along with your current Premium addon. As long as Facebook doesn't change their platform, nothing will prevent this combination from continuing to work - so while you won't get all the newest features and improvements, you don't actually "lose" anything by sticking with what you've got.
  • If you prefer to update the core plugin but don't want to purchase again, you may remove your existing Premium addon; the free plugin will continue to be updated & maintained, as always.
46-C) Is actually it worth buying the addon again?

Aside from the obvious "buying helps support my continued efforts," the updated addon does contain some of the most-requested new features:
  • You'll finally be able to use any image you like as the login button.
  • Image-based login buttons are fully CSS-styleable.
  • Image-based login buttons will not delay-load; they appear the second your page does, just like any other image.
  • Support for MultiSite has been significantly improved: entire networks can share one avatar cache, cached avatars will be deleted when users are removed, options will be more accurately read from subblogs, etc.
  • New widget options have been added: the Edit Profile link can now point to your Buddypress profile, the Edit Profile link can be hidden, the "Register" link can be hidden, it supports login-over-SSL, etc.
  • Dependance on the old Facebook PHP API has been completely eliminated. This will speed up logins, reduce memory usage, and prevent errors on localhost servers without a public URL.
  • Numerous other fixes & improvements.
46-D) Why can't I upgrade to v3.0.0 but keep using my existing Premium addon?

Although the core plugin is free and the addon is paid, "WP-FB-AutoConnect" must really be viewed as one cumulative project. Sometimes, new premium features require changes to the base plugin, and sometimes fixes to the plugin affect the addon. While I do try to minimize updates that require simultaneously altering both, sometimes they're simply unavoidable. This was one such case. For instance, the old Facebook PHP API has been removed from plugin v3.0.0; this yields significant memory and performance improvements, but means the addon had to be rewritten to work without it as well. Older addons - which still rely on the PHP API - thus won't work.

46-E) OK, I get it. But do I really have to buy it all over again? Can't you at least offer a discount?

I thought long and hard about this, and here's why I ultimately decided against it:
  • Because of its dependence on Facebook's platform, this plugin requires constant maintenance just to keep it running as-is. That means that you pay once, but I need to continue working just to keep things the same.
  • Selling premium plugins on an annual (or monthly) basis is standard practice. Rather than viewing it as "buying all over again," it's best to think of it as "an annual subscription for upgrades." When the subscription ends you're welcome to keep using the addon; it's only for my continued work that I ask an additional fee.
  • My current licensing system doesn't "know about" upgrades, and while developing a better system is of course possible, I felt like improving the product itself would be a better use of my time.
I know that despite the reasoning above, some users may still be annoyed. Nevertheless, I'd really appreciate it if you'd refrain from e-mailing to ask for exceptions. I have carefully considered this decision, and I don't think it's unfair considering the amount of work I do to keep the plugin running and completely bug-free. And while I do hope you'll choose to upgrade, don't forget that you're always entitled to continue using the version you have now.

If you have any other questions, please don't hesitate to get in touch.
47. I'm a Premium customer. Why does my order say "Expired" on the eStore's Purchase History page?
Purchasing the addon allows you to keep and use it forever, plus it includes free upgrades for no less than one year (depending on a number of factors, I may provide free upgrades for even longer). However, if your order says "expired," it means that you purchased more than one year ago, and that a "free updates cutoff" has occurred since that time. While you're entitled to continue using the addon you purchased - and to continue updating the free plugin - if you'd like all the newest premium features (as well as another year of premium updates), you'll need to purchase a new license.

51. Can you help me style/relocate/integrate the login button or widget with my theme?
  1. If you're looking for a way to place the login button in a custom location, there are 3 possible methods:
    1. Move the widget (assuming your theme has a widget area in the desired location).
    2. Use custom PHP. Instructions can be found in the "Custom Login Buttons" section above.
    3. Use shortcode. Shortcode support is available to premium users only; instructions can be found under the "Click for more info" link in the "Shortcode" section of the Premium admin panel.
  2. If what you're looking for is a consultant to assist one-on-one with your theme customization / integration, sorry, but that's beyond the scope of plugin support. Every theme integration is different, and CSS/styling in particular is rarely a quick answer - usually requiring trial-and-error and tweaking. While Google can answer most any CSS question you might throw at it, if you're in need of more personalized instructions, I'd suggest hiring a developer for a quick project from jobs.wordpress.net.
52. Where can I find a changelog for the Premium addon?
Right here.

WP-FB-AutoConnect Premium Changelog
v40 (07/19/2016):
* Facebook API calls are now versioned (v2.7)
* Updated instructions for finding a page's ID (FB changed their URL scheme yet again)
* Fix deprecated Widget constructor
* The minimum required core version is now 4.3.0

v39 (01/15/2016):
* Support for translate.wordpress.org
* New option to customize the text of "Link with Facebook" and "Disassociate from Facebook" buttons
* Fix potential XSS vulnerability (https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/)
* Fix WP_DEBUG notice that may occur with the update checker after changing the language of your WP installation
* Other small tweaks & cleanups (mostly related to localization)
* The minimum required core version is now 4.2.0.

v38 (08/09/2015):
* Fix PHP4-style class constructors (for compatibility with WP 4.3)
* Fix for autoregistration restrictions based on friendship (Facebook API change)

v37 (07/20/2015):
*Add an id to the "rememberme" and "register" text in the premium widget, so it can be styled with CSS
*In Graph 2.3, Facebook removed the ability to get the user's interests, so that XProfile mapping option has been removed
*Fix mapping the 'Birthday' field to BP XProfile (BP changed the format for passing dates to xprofile_set_field_data)
*Fix some NOTICES that may appear when saving the premium options
*Fix some NOTICES that may appear when saving the premium widget
*Fix some NOTICES that may appear when accessing the admin panel with Buddypress present
*Fix some NOTICES that may appear when logging in if BP XProfile mapping is configured for profile fields the user has not completed on FB

v36 (03/31/2015):
* Fixed error detection for XProfile mapping
* Fixed deprecation notices in the admin panel when link/disassociate buttons are enabled
* Removed the "username" field from XProfile options (Facebook eliminated the ability to fetch this field in Graph API v2.0)
* Removed the ability to restrict logins based on group membership (Facebook changed their policies and will no longer allow anyone the user_groups permission)
* Widened the XProfile admin panel section a bit

v35 (01/24/2015):
-Feature: The "REQUIRE Access To User's E-Mail" feature has been completely rewritten, and will now work with FB Graph v2.0+.
-Feature: Ability to customize the message shown when a user denies access to their e-mail address.
-Feature: Ability to request specific dimensions for 'large' Facebook avatars.
-BuddyPress v2.0 broke the "post to activity stream" feature. Fixed.
-Remove the Wordbooker integration feature.  Unfortunately, Wordbooker's author decided to pull the plugin, which no longer
 functions without his authentication service.
-Added documentation about how to find the group ID for groups with vanity URLs.
-Added documentation about Facebook's new review process (XProfile Mapping & AutoRegistration Restrictions sections).
-The minimum required core version remains 4.0.0, BUT the option to request avatar sizes will only work with 4.0.8+.

v34 (08/12/2014):
-New Feature: The addon now fully supports gettext localization.
-API Fix: Added a check to prevent the "Enforce E-Mails" option from crashing apps that were created since Graph
 API v2.1 was introduced.  While the "Enforce E-Mails" option will work fine for users who created their apps prior to 
 August 7th, 2014 (even if you weren't yet using this plugin), unfortunately, Facebook's v2.1 API breaks it completely.
 This fix will allow older apps to continue using the feature until I can find time to re-implement it for v2.1.   
-API Fix: Facebook profile links are now output from urls stored explicitly in usermeta (from core 4.0.0). 
 Graph API v2.0 breaks the ability to infer profile URLs from userIDs, due to its introduction of scoped IDs.  
-Fix: A bug where JS for associating Facebook accounts was being output by the wrong hook on BuddyPress sites.
-Fix: A hard-coded "facebook_uid" string.
-When an out-of-date core plugin is detected, the Premium script will not be included (to avoid unexpected behavior).
-Move some stray actions into the main 'actions' section (sauce).
-Change contact email to a contact link in the copyright notice.
-Cleanup the changelog, & move it from the premium php file to the FAQs on the documentation page.
-The minimum required core version is now 4.0.0.

v33 (01/10/2014):
-New Feature: Shortcode support. [jfb_facebook_btn] can now be used to add Facebook login buttons to posts and pages.
-New Feature: Allow users to manually associate their WP/BP profiles with Facebook. Useful for users who want to 
 retain their existing blog account, even if their WP & FB e-mails don't match.
-New Feature: Add the "Disconnect from Facebook" button to BuddyPress XProfiles (in addition to Wordpress profiles).
-New Feature: Option to add a Facebook button to the BuddyPress registration page.
-New Feature: Widget option to specify the destination URL for the "Forgot Password" link
-New Feature: Widget option to hide the "Forgot Password" link
-The comment form login button can now be shown even when the comment form is hidden (by the 'Users must be registered
 and logged in to comment' option).
-Replace all "Mouseover for more info" links with "Click for more info" (easier to read & more mobile-friendly).
-The Facebook section that this plugin adds to the WP/BP profile will now appear regardless of the 'show a disassociate 
 button' option.  When the option is disabled, only a UID is shown (without a button).
-Update checker improvements:
  *The message header text is now fetched from the VersionCheck script (vs hardcoded in the addon)
  *The manual check link now explicitly says "Check for Updates" (rather than just the current version)
  *Clearer messages are now shown when manually checking (i.e. 'no new version available,' etc)
  *Don't use $opt_jfbp_latestversion for the POST when checking manually (that confuses the meaning of the var).
  *When hiding update notifications, show a message & don't append a var to the URL.  Also, only hide it
   for THIS version (it'll be shown again if another update is posted).
-Fix some warnings that appear when saving premium options with WP_DEBUG defined
-Other minor tweaks & cleanups 
-Required core version is now 3.1.3

v32 (08/21/2013):
-Use wp_login_url() & wp_lostpassword_url() instead of site_url('wp-login.php') in the widget, so wp-login.php 
 can be renamed.
-Replace one old REST call in the "enforce email" option that was causing logins to fail for some users 

v31 (06/04/2013):
-Fix jfb_multisite_add_to_blog(), so it uses the same default role as when autoregistering users
-Don't include my jquery.1.4.4 on wp-login.php; use wp_enqueue_script() instead
-Add the wpuid to the wpfb_xprofile_fields_received filter
-Minor admin panel revision to show the image-based button preview in the free plugin's teaser
-Remove SERVER_NAME, SERVER_ADDR, and SCRIPT_FILENAME from auth, & use auth2() instead of auth()

v30 (03/07/2013): 
-Image-Based Login Buttons (requires core 3.0.0+):
  *You'll finally be able to use any image you like as the login button.
  *Image-based buttons are fully CSS-styleable, and will not delay-load (they load like any other page element).
-Better MultiSite Support:
  *Pass blogid to _process_login.php, and use switch_to_blog() to ensure that the user is added to the site from which
   they initiated the login.
  *Add a basedir option for avatar caching, so sites on a network can share the same cache (requires core 2.5.11)
  *Avatar files get deleted automatically when a user is deleted from the network
-Better SSL Support:
  *Widget login form uses site_url (to support FORCE_SSL_LOGIN)
  *Explicitly change the uploaddir to https if the current page is ssl (to avoid mixed content warnings)
-Remove dependance on the PHP API:
  *Redo autoregistration-by-friendship to not rely on the PHP API
  *Redo autoregistration-by-group to not rely on the PHP API
  *Redo autoregistration-by-page to not rely on the PHP API
  *Redo XProfile fetching to not rely on the PHP API
-New Widget Features:
  *Add an option to hide the "Register" link (only applicable if registration is enabled on the site/network)
  *Add an option to hide the "Edit Profile" link
  *Add an option to point the "Edit Profile" link to the BP profile (instead of WP)
  *Show simple version information if this script is accessed directly (instead of an error)
  *Fix a minor bug with the 'rememberme' javascript in the premium widget
  *Fix a bug when using the "Disconnect" button in the admin panel
  *Fix autoregistration-by-group to work for PRIVATE and SECRET groups (as well as public)
  *Fix autoregistration-by-fanpage (requires a new extended permission)
  *Remove reliance on wpfb_output_button (requires core 2.5.1+)
  *Add a keepalive & licensecheck to the updatecheck; change from twicedaily to daily (& rename the cronjob)
  *Better logging for avatar caching
  *Rearrange the admin panel a bit
  *Move spinner files into new "assets" dir
  *Other minor changes/tweaks
  *Required core version is now 3.0.0

v29 (xx/xx/xxxx):
-Fix a PHP shorttag
-Change link to the eStore in the update notification message

v28 (11/20/2012):
-New feature: Allow administrators to disassociate Wordpress user accounts from Facebook
-New feature: Optionally allow users to disassociate their own accounts from Facebook
-New feature: Set the role for autoregistered users
-New feature: Import the 'interests' and 'music' fields from Facebook to XProfile
-New feature: Update checker to automatically display a notice if the addon is out-of-date. Notices may be hidden.

v27 (11/11/2012):
-Remove the option for "optimize for speed and scaleability," as this fix is now included with the free plugin
-Use $wpdb->base_prefix instead of hardcoding 'wp_invitations' for invitational autoregistrations
-Special Sauce section is now handled automatically by the store
-Required core version is now 2.3.5

v26 (02/06/2012):
-New BuddyPress feature: the ability to announce new/returning logins to the Activity Stream
-New filters: wpfb_xprofile_allowed_mappings, wpfb_xprofile_fields_requiring_perms, wpfb_xprofile_fields_to_query, 
 wpfb_xprofile_fields_received.  These let you supplement the provided XProfile mappings with your own.
-Split "avatar caching" into two options, so you can enable caching of thumbnails or fullsize images separately.
 This is offered as a performance optimization for sites that don't require both.
-Replace jfb_multisite_get_users() with jfb_get_candidate_users(); it's now always enabled (not just on WPMU),
 and executes an optimized query to return only candidate users with matching usermeta, drastically speeding up
 logins on sites with many users.

v25 (11/25/2011):
-New feature: Ability to import Facebook profile data to BuddyPress XProfile fields
-Replace deprecated get_settings() calls with get_option() in the premium widget
-Add "rel=nofollow" to the Lost Password link in the premium widget
-Changes to accommodate the new tabbed layout of the admin panel 
-Required core version is now 2.1.7

v24 (10/01/2011):
-Update to OAuth 2.0.
-Required core version is now 2.1.0

v23 (09/26/2011):
-Support "%username%" variables in custom redirect URLs
-Add ability to show the user's avatar in the widget (when logged in)
-When deleting a user, also try to delete their cached avatar file (if present)
-Update the instructions for finding a userid/fanpageid (facebook changed their URL structure again)
-Get rid of legacy API code

v22 (06/09/2011):
-Created a new premium widget that adds several options not provided by the free one: customize the widget's text, 
 hide the WP login fields, show a "RememberMe" checkbox, and logout of FB (as well as WP) 
-When caching avatars, only store the relative path (under the UPLOADS dir), not absolute (requires core 2.0.1)
-Show a link to autoregistered users' Facebook profiles on the "Users" admin page 
-Replace some depreciated functions
-Remove ToDo list from the addon file
-Code reorganization: moved all add_action()/add_filter() to one code block

v21 (05/19/2011):
-New Graph API code is now migrated to the Free plugin; this update is REQUIRED for core plugin 2.0.0!
-Better error reporting if the server fails to cache avatars

v20 (04/01/2011):
-Output an html comment in the "init" fxn
-fbLoginButton is now a class instead of an id, to fix validation with multiple buttons on one page.
 As a result, clicking any one button now activates the spinner on all buttons
-Requires core version 1.9.1

v19 (03/31/2011):
-New Feature: Conditional autoregistration based on Facebook friendships
-New Feature: Conditional autoregistration based on Facebook group membership
-New Feature: Conditional autoregistration based on Facebook fanpages
-New Feature: Allow localization of Facebook popups to be disabled (checkbox)
-Admin panel cleanups: Fix a validation issue, change <small> descriptions to 
 mouseover <dfn>'s, move & rephrase various items
-Documentation cleanups: revise the setup instructions, tidy up the TODO list,
 reverse the changelog & move it to the bottom of the file, etc.
-Required core plugin version is now 1.8.7

v18 (03/24/2011):
-Add a new wpfb_extended_permissions filter

v17 (03/22/2011):
-Fix a bug with wp-login.php when using the new API

v16 (03/22/2011):
-Major new feature: Option to use the new (Graph) Facebook API.  The new API offers several advantages:
  ->It's compatible with IE9
  ->It can coexist with other official Facebook plugins (i.e. Like boxes and comment forms)
  ->If you prompt for extended permissions (i.e. email, publish-to-wall), all of the prompts will now 
    appear in a single popup. Note that this makes "request permission to get their email address" 
    effectively identical to "request and require permission"; since all prompts are now presented together,
    there will be no way for the user to accept general access but deny email access.
Important things to note:
  ->If you're using a caching plugin, make sure to clear your cache after toggling this option
  ->If you've used any of this plugin's hooks to access the Facebook API, make sure to reformat your calls
    to work with the new API. Hooks that provide a Facebook object are:
    wpfb_connect, wpfb_existing_user, wpfb_inserted_user, and wpfb_login.
    If you'd like to simultaneously support both API versions, you can use a check like:
    if( version_compare(@constant('Facebook::VERSION'), '2.1.2', ">=") ) {}//new version
    else                                                                 {}//old version
  ->As this is a very new feature, it should be considered as "beta."  If you experience any severe/breaking
    issues, you can always choose to use the old API and the plugin should function as it did previously.
    Note that it's also possible that using the new API will cause incompatibilities with older Facebook 
    plugins which have not yet been updated.
-The Premium.php file has been renamed to WP-FB-AutoConnect-Premium.php, and should now reside *outside* the 
 base plugin's directory (aka in the root /wp-content/plugins dir). This is to prevent it from getting overwritten
 when updating the core plugin.
v15 (03/17/2011):
-Remove the option to handle double-logins; it's always automatically handled now.

v14 (03/17/2011):
-Don't show the button on wp-signup.php when signups are disabled
-Add some css to align the button on wp-signup.php more nicely

v13 (03/17/2011):
-Feature: Under the "Additional Buttons" section, you can now add a button to wp-signup.php (WPMU only)
-Feature: Wordbooker Avatar integration
-Fix: Cached avatars will now always go into the specified directory, regardless of the 
      "Organize my uploads into month- and year-based folders" setting
-Fix: Corrected a bug with roles for autogenerated users on MultiSite/WPMU
-Fix: Always enqueue jQuery when the AJAX spinner option is enabled (for themes that don't do so by default)
-Rearranged the admin panel

v12 (01/29/2011):
-Output a comment showing the premium version (for debugging)

v11 (01/28/2011):
-If a language code is detected in wp-config.php, the Facebook prompts will be localized.
-Specify your own path to cached Facebook avatars
-Add a log message that this is a premium login
-Required core plugin version is now 1.6.5

v10 (01/28/2011):
-Add option to show an AJAX spinner after the Login button is clicked
-Add option for a custom logout url
-Add option to insert a Facebook button to the Registration page
-Better error checking for avatar caching
-Required core plugin version is now 1.6.4

v9 (01/23/2011):
-Slight revisions to jfb_output_premium_panel() to let me copy it to AdminPage.php
-Don't override $jfb_version

v8 (11/25/2010):
-Add a message about the minimum required core plugin version
-Rearrange & rephrase the admin panel a bit
-Begin work on option to collapse all the facebook prompts into one (unfinished, so option hidden)
-Code cleanups

v7 (11/25/2010):
-Conditional Invitations: tie in with wp-secure-invites plugin

v6 (11/24/2010):
-New Option: Custom redirect url for autoregistered users
-New Option: Custom redirect url for returning users
-New Option: Autoregistration restriction (to disallow autoregistrations)
-Fix minor logging bug (wasn't correctly showing notified user's emails)

v5 (11/24/2010):
-Add wpmu support

v4 (11/02/2010):
-Fixed auth

v3 (11/02/2010): 
-Add support for choosing button size
-Add support for choosing button text
-Add support for silently handling double-logins
-Add ability to ENFORCE that real emails are revealed (reject proxied emails)
-Add this changelog to code comments

v2 (11/01/2010): 
-Better integration with the core plugin
-Premium updates now independent of core updates
-Required core plugin version is now 1.5.1

v1 (11/01/2010): 
-Initial Release	
55. I'm a Premium customer. How can I use shortcode to add a Facebook button to my post or page?
Please see the "Click for more info" link in the "Shortcode" section of the Premium admin panel.

56. I'm having problems with X-Profile Mapping or AutoRegistration Restrictions.
Facebook now requires you to submit your app for review before you can ask your users for anything beyond their basic profile, e-mail, and friends list (see here). This unfortunate decision has made it somewhat more cumbersome to take advantage of several of this plugin's features, including X-Profile mapping and autoregistration restrictions.

To submit your app for review:
  1. Visit your app's configuration page on developers.facebook.com/apps.
  2. Go to "Status & Review."
  3. Click "Start a Submission."
  4. Check the required permissions (see below), and "Add Items."
  5. Fill in the remaining info about your app, and click "Submit for Review."
  6. Facebook should respond within 7-14 days. If approved, the feature(s) will begin working as intended.
For AutoRegistration Restrictions:
For the "Fanpage" option, you'll need to select the 'user_likes' permission.
The other options do not require approval from Facebook.

For X-Profile Mapping:
Here are the fields that require approval, along with the permission you'll need to select in step 4 above:
Profile Field.........Required Permission
57. Why are my users getting e-mail addresses like FB_123456@unknown.com?
If every user who connects with this plugin is getting such an address, you probably just haven't selected the option to "Request permission to get the connecting user's email address" in the admin panel.

If most of your users are getting real addresses but just a few aren't, those users probably explicitly denied the e-mail permission in Facebook's login popup. To prevent this, you may purchase the Premium addon, which has an additional feature that will require users to accept this permission, or not log them in at all.

58. I'm getting the error: "Given URL is not allowed by the Application configuration..."
This means you’ve not entered the correct URL in your Facebook application settings. Please refer to step 4 of the setup instructions above, and note that http://example.com is not the same as http://www.example.com. Also make sure you've entered it correctly in Wordpress under Settings -> General.

If you're still having problems, I suggest you try deleting the app and completely starting over with a fresh one to avoid confusion. Unfortunately this check is performed and enforced by Facebook themselves – not by the plugin – and there is nothing I can do to override it.

59. How can I limit autoregistration to members of a particular Facbook group?
Unfortunately, since releasing Graph API v2.3 in 03/2015, Facebook’s policy is to not grant group membership information to any app, breaking this once-popular feature. See here & here.

If you'd like to create a site where you have control over who can autoregister, I suggest these alternative approaches:
  1. Use "Friendship Autoregistration," and create a Facebook user who becomes friends with whoever you want to allow access (sort of like a 'simulated group'). Note: Make sure your Facebook user has also logged into the site at least once.
  2. Use "Open Autoregistration" (anyone can autoregister), along with a separate user approval plugin, and setup your site so the restricted areas are only accessible once a user has been approved.
  3. Use "Closed Autoregistration" (no one can autoregister), use another plugin/method to allow the desired people to register on your site initially, and then let existing members associate their accounts with Facebook for easy subsequent login.
In each case, the result should be the same - the only difference is when you approve each user (i.e. instead of approving them for group membership, you approve them for friendship, or pre-approve them for site registration, or approve them post-registration).

60. When I try to Login with Facebook, it just redirects me to wp-login.php - but I'm not logged in.
This is likely due to your webhost putting in some nonstandard ModSecurity rules that block the form submission that usually performs the login. Please contact your host and ask them to temporarily disable ModSecurity so you can test if this fixes it. If so, they should be able to debug which of their rules is breaking the way Wordpress is supposed to behave, and disable just that rule.

100. Something else isn't working. What should I do?
  1. Try disabling *ALL* your other plugins and using the default theme; conflicting plugins and broken themes are by far the most common cause of problems. If that works, you should be able to pinpoint the source of the issue by reactivating them one at a time.
  2. If your server uses a CDN (like CloudFlare) or caching (like WPEngine), disable that functionality. Once you determine if it works without CDN/Caching, you can experiment with your server settings (ie exclude the plugins directory) to get them working together.
101. I still can't get this thing to work! Can you just help me figure out what's wrong?
If you've done your best with everything above and are still having a problem, you may submit a question below - but please make sure you've tried it on the default theme and with all your other plugins disabled, and answered "yes" to that question on the contact form. If I've directed you to this FAQ, it probably means you answered "No," ignoring this FAQ and FAQ100 above.

102. But my site is live, I can't disable the other plugins or try the default theme.
Then you should mirror your site to a staging server and test there. Aside from the fact that it's generally a bad idea to develop on a production site, there are just too many possibilities to guess the cause of a problem without being able to simplify. To put it more clearly: if you're unwilling or unable to help pinpoint the conflict by enabling/disabling code, then I won't be able to help you debug your site.


So, you've setup the plugin and it isn't doing what you expect. What now? The first thing you should do is carefully reread all the documentation above, paying special attention to the FAQs; 99% of support questions are solved by the solutions already offered above. Still no joy? Go ahead and submit your question below, and I'll get back to you as soon as I can.

Contact | Disclaimer
©2004-2016 Justin Klein
whos online
HTML5 Valid
12:57:35 0.40s 48q 24.1MB