Menu
I have tried the PHP SDK (v.3.1.1), and the current Javascript SDK as suggested here : https://developers.facebook.com/docs/guides/web/
now when trying to log out I have tried both FB.logout() ( for js ) and $facebook->getLogoutUrl() ;
as the documentation for both clearly state, these methods log the user out of the application as well as their facebook session.
But I only need to log the user out of the facebook application ( the test site ).
I have tried logging the user out of my test site, ignoring the facebook aspect. But in this case, when the user clicks the login button again, the login flow ( facebook authentication and redirect ) does not happen.
I also tried : ( as suggested by previous unresolved questions)
$facebook->destroySession();
unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_code']);
unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_access_token']);
unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_user_id']);
however, when redirecting to the login page, $facebook->getUser() still retrieves the user.
note : as per documentation example, I am using php sdk to login the user to my test site, and the js sdk, to render and facilitate the facebook login button.
additional :
the authentication i use is basically what documentation suggests :
<?php
define('YOUR_APP_ID', 'YOUR APP ID');
//uses the PHP SDK. Download from https://github.com/facebook/php-sdk
require 'facebook.php';
$facebook = new Facebook(array(
'appId' => YOUR_APP_ID,
'secret' => 'YOUR APP SECRET',
));
$userId = $facebook->getUser();
?>
<html>
<body>
<?php if ($userId) {
$userInfo = $facebook->api('/' + $userId); ?>
Welcome <?= $userInfo['name'] ?>
<?php } else { ?>
<div id="fb-root"></div>
<fb:login-button></fb:login-button>
<?php } ?>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '<?= YOUR_APP_ID ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
</script>
</body>
</html>
263
Open the Facebook app on your device. 2. On an iPhone, tap on the three lines in the bottom right corner. If you have an Android phone, these will be in the upper right corner.
On Sunday Nic Cubrilovic posted some troubling news: Logging out of Facebook is not Enough. Facebook doesn't actually log you out when you ask it to. They pretend to, but they don't. Instead, they simply change the status of your logged in session to fool you into thinking you're logged out.
On the “Security and Login” page that opens, from the “Where You're Logged In” section, click the “See More” option. You'll see a list of devices where you use your Facebook account. To sign out of all these devices, click “Log Out of All Sessions” at the bottom-right corner of the “Where You're Logged In” section.
Taking your code, and modifying just a bit:
<?php
define('YOUR_APP_ID', 'YOUR APP ID');
//uses the PHP SDK. Download from https://github.com/facebook/php-sdk
require 'facebook.php';
$facebook = new Facebook(array(
'appId' => YOUR_APP_ID,
'secret' => 'YOUR APP SECRET',
));
session_start();
$userId = $facebook->getUser();
if ($userId && !isset($_SESSION['fbdata'])) {
$_SESSION['fbdata'] = array("userid" => $userId);
}
?>
<html>
<body>
<?php if ($userId) {
$userInfo = $facebook->api('/' + $userId); ?>
Welcome <?= $userInfo['name'] ?>
<?php } else { ?>
<div id="fb-root"></div>
<fb:login-button></fb:login-button>
<?php } ?>
<script type="text/javascript">
window.fbAsyncInit = function() {
FB.init({
appId : '<?= YOUR_APP_ID ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
</script>
</body>
</html>
I just added the saving of the user data into the session. Now, if you use this method, when the user get's into your page you should check if he already has a session, if so all is good no need to authenticate him.
When you want to log the user out of your app, but not out of facebook, just destroy that session:
session_start();
session_destroy();
That should remove all saved data you have for the user, next time he visits your page you can start fresh with him.
I'm not a php programmer, and all of the php I used here is from my (very) limited knowledge and what I've found around.
146
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
