stackoom
  简体   繁体   中英

Facebook Access Tokens / Login

 原文  2014-03-01 19:11:03       php/ facebook-php-sdk

Question

I am trying to write a custom authorize / deauthorize script for my site using Facebook's OAuth token. I can post the token to my database, but when I delete the token and refresh the page, it just posts the token again even though I didn't click the authorize link.

My authorize.php: 

<div class="authorize_btn" style="float:right; margin-top:-35px; padding-right:10px">
<?php 
    $db_conx = mysqli_connect("localhost","root","","test");

    if (mysqli_connect_errno())
    { 
        echo mysqli_connect_error();
        exit();
    }

    $sql    = "SELECT fb_token FROM users";
    $user   = $_SESSION['username'];
    $query  = mysqli_query($db_conx, $sql);
    $row    = mysqli_fetch_array($query); 

    $login = $facebook->getLoginUrl();

    $access_token = $facebook->getAccessToken();

    $fb_token = $row[0];

    if (empty($fb_token))
    {

        $add_user = "<a href='$login'>Add User</a>";
        echo $add_user; 

        if ($add_user)
        {
            $sql = mysqli_query($db_conx, "UPDATE users SET fb_token='$access_token' where username='$user'");
        }

    }
    else 
    {
        echo "<form id='deauth' action='deauth_fb.php' method='post'>";     
        echo "<a href='#' onclick='document.forms[0].submit();'>Deauthorize User</a>";  
        echo "</form>";                                         
    }
?>
</div>

My deauth_fb.php: 

<?php
    session_start();

    include ('inc/facebook.php');
    include ('fbconfig.php');

    $db_conx = mysqli_connect("localhost","root","","test");

    if (mysqli_connect_errno())
    {
        echo mysqli_connect_errno();
        exit();
    }

    $facebook = new Facebook(array(
        'appId'         => APP_ID, 
        'appSecret'     => APP_SECRET, 
    )); 

    $user_session = $_SESSION['username'];
    $delete_sql = mysqli_query($db_conx, "UPDATE users SET fb_token='' where username='$user_session'");


    header('location:home.php');
?>

2 answers

solution1
 0 ACCPTED  2014-03-01 20:41:49

Facebook will refresh the Token if it´s still valid, you should use the official way:

https://developers.facebook.com/docs/reference/php/facebook-getLogoutUrl/

solution2
 0  2014-03-02 05:58:55

That is because you are just updating the fb_token to blank without logging out the user.

To get the logout URL: 

$params = array( 'next' => 'http://after_logout.lnk' );
$logout = $facebook->getLogoutUrl($params);

getLogoutURL() takes an optional $params array containing the key and value pairs:

next → (optional) Next URL to which to redirect the user after logging out (should be an absolute URL).

Reference

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Facebook Access Tokens Facebook SDK access tokens and ajax Access forbidden facebook login Php Facebook API Page access tokens Facebook PHP SDK dealing with Access Tokens facebook access_tokens in php and js diffeerent? Facebook Access Tokens - Server-Side Authentication How to work with Facebook App Access Tokens? How to renew/extend facebook access tokens with PHP? Facebook login - invalid access token
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM