I'm not strong English grammar. sorry if some word is weird.
I have develop My first App Facebook for some campaign with PHP. This app will allow "Fans of campaign page" to Registers some Information such as Name,Phone,Email and record into my Database on ClearDB(I'm using Heroku) I ask 3-4 friends to test this application by Must Click "Like" on Fans Page or "Like Box" in My app and go to registers (if user click "Like" in "Like Box" it's will navigate user to register page on my app automatically).My app will request some permission ('user_likes') before first used
One Of my Friend.When she click "Like" in "Like Box" of campaign Page in My App.her account is suddenly Locked and Facebook show this Message
Your account has been temporarily suspended Suspicious activity has been detected on your Facebook account and it has been temporarily suspended as a security precaution.It is likely that your account was compromised as a result of entering your password on a website designed to look like Facebook.This type of attack is known as phishing.
She can't do anything with her account And must wait until Facebook allow to do some security check. I'm not sure it's because of my code or else that make my App is unsafe? And I'm sure that my friend didn't do anything weird on Facebook.
If because of my code.Then where the part of Code Should I go to check or must be rewrite?
My PHP Code initial and Login Part
$page_id = 'xxxxxx';
$app_id = 'xxxxx';
$app_secret = 'xxxxx';
$app_namespace = 'xxxxx';
$app_url = 'https://apps.facebook.com/' . $app_namespace . '/';
$scope = 'user_likes';
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true,
'sharedSession' => true,
'trustForwarded' => true,
));
if(!$user)
{
$loginUrl = $facebook->getLoginUrl(array(
'redirect_uri' => $app_url,
'scope' => $scope
));
print('<script> top.location.href=\'' . $loginUrl . '\'</script>');
}