$facebook->getLogoutUrl(); link doesn't log user out of facebook

Question

My current user story is that user1 is logged into my website and facebook (these accounts are connected etc).

User1 logs out of my site but not facebook.

After this user2 logs into his account, but the left over session from user1 screws with user2's interaction with my site and who they post as.

So to fix this I made it check if the user who is logged in actually owns the currently logged in facebook (this would result in them going to facebook log out etc) and it shows a link that should allow the user to log out...

Upon clicking the link they go to facebook and return to the site. But if you open a new tab and go to facebook User1 is still logged in.

How can I get this link to work.. what's going on. Is this a bug with the api or what?...

Edit: I've continued testing with value user ids loading and with valid access tokens but I have yet to get the logout link to work.

Answer 1

A little late but here goes my contribution:

Use the params when you generating the logout url, there redirects to a page in which you destroy the session using the Facebook API function for that.

Here an example:

$logoutUrl = $facebook->getLogoutUrl(array("next" => "http://mydomain.com/page4logout"));

In the page4logout you can instance the facebook object and execute the following:

$facebook->destroySession();

After that you can do a redirection.

Answer 2

delete the facebook cookie and session manually. Here is my solution how I solved the problem some time ago, it think it's a bug of Facebook:

setcookie('fbs_'.$this->getAppId(), '', time()-100, '/', $_SERVER["SERVER_NAME"]);
unset($_SESSION['fb_'.$this->getAppId().'_code']);
unset($_SESSION['fb_'.$this->getAppId().'_access_token']);
unset($_SESSION['fb_'.$this->getAppId().'_user_id']);
unset($_SESSION['fb_'.$this->getAppId().'_state']);

$this->getAppID is your Facebook App ID, should be clear ;o)