如何使用facebook-> getLoginStatusUrl（）？

Question

I currently redirect the user to the url given and it returns the user back to the web page with 2 get arguments: 'session' and 'perms'.

The meaning of perms is obvious.

Session appears to be a JSON slash escaped array. After json_decode(slashcstrip($_GET['session'])) i find the following members: uid,session_key,secret,expires,base_domain,access_token, sig. What are secret and sig? How do I use them to validate the data?

Thanks!

Answer 1

The sdk validates the data for you using that session information. All you need to do is call $facebook->getUser() and check that you get back a user id.

Answer 2

$next_url = $facebook->getLoginStatusUrl($params); retrieve fb user Login Status

Answer 3

From what I understand the status URL is used to determined the status of a user. If you do an HTTP call to the the generated status URL facebook will redirect to one of the redirect urls based on the user status, you can use the request of the URL to update the user session on your application and take a handling action for the state of the user

ok_session => user has facebook session -> start app
no_user    => unknown user, ask user to login
no_session => known user, ask to login

Answer 4

Follow these steps:

1. You generate an url: $next_url = $facebook->getLoginStatusUrl();
2. redirect the user to this url: header('Location: '.$next_url);
3. the user will be returned by FB with session information about the login status
4. the SDK will parse the returned info
5. use $facebook->getUser(); to get the access_token and userid (if logged in)

So far so good. The only problem is, this function (point 4) is broken since the transition to oAuth2.0 by Facebook API, see also this bug report: http://developers.facebook.com/bugs/295348980494364 The returned $_GET['session'] is useless in the new oAuth2.0 SDK, it was used in the old PHP-SDK v2 (current is 3.1.1).

So please let FB know that you have the same issue by adding a reproduction.

Cheers!