php - In facebook canvas app where do I send the signed request parameter once I've captured it in log in -

i'm using javascript sdk. in documentation says signed request response object fb.getloginstatus() returns when users status = connected, need parse signed request. how send php page have parse code on? include php code on canvas app index page , send signedrequest code on same page? or keep code on separate pages , pass sr.

the first block of code on index.html page. checks login status , gets signed request parameter response object.

the second block php code facebook provides parsing signed request when capture via registratiton plug in, plug in automatically sends sr page when provide url parameter. in canvas app have pass myself. how do that?

javascript

fb.getloginstatus(function(response) {   if (response.status === 'connected') {      // user logged in , has authenticated     // app, , response.authresponse supplies     // user's id, valid access token, signed     // request, , time access token      // , signed request each expire      var uid = response.authresponse.userid;     var accesstoken = response.authresponse.accesstoken;         var signedrequest = response.authresponse.signedrequest;    } else if (response.status === 'not_authorized') {     // user logged in facebook,     } else {     // user isn't logged in facebook.   } }); 

php page

<?php define('facebook_app_id', '3*****88&'); // place app id here define('facebook_secret', '1345*****eb4f2da'); // place app secret here   // no need change function body function parse_signed_request($signed_request, $secret)  {     list($encoded_sig, $payload) = explode('.', $signed_request, 2);     // decode data     $sig = base64_url_decode($encoded_sig);     $data = json_decode(base64_url_decode($payload), true);     if (strtoupper($data['algorithm']) !== 'hmac-sha256')     {         error_log('unknown algorithm. expected hmac-sha256');         return null;     }     // check sig     $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);     if ($sig !== $expected_sig)      {         error_log('bad signed json signature!');         return null;     }     return $data; }  function base64_url_decode($input)  {     return base64_decode(strtr($input, '-_', '+/')); }  if ($_request)  {     $response = parse_signed_request($_request['signed_request'], facebook_secret); }  $name = $response["registration"]["name"];  $email = $response["registration"]["email"];  $password = $response["registration"]["password"]; $uid = $response["user_id"];  ?> 

expanding on clay's answer implement jquery.get():

var signed_request = getsignedrequest(), // this..     url = "http://yoursite.com/phppage.php", // wherever php code     ajax = $.get(url, {signed_request: signed_request}); // initiate ajax call  // ajax success handler ajax.done(function(ajaxresponse){     console.log(ajaxresponse);  }); 

of course you'll need grab value in php file

$signed_request = $_get['signed_request'];