Incorporating facebook login, using facebook php-sdk (v.3.0.0), with sessions and cookies

Question

I am new to PHP, and have had a very difficult time understanding the facebook login system.

I have downloaded the three src/ files from github (https://github.com/facebook/php-sdk/). I tried using the example.php file to get me started. However, I am not sure what to do with it.

For those who are unfamiliar with the file, here is a copy of example.php, with some of the styling removed:

require '../src/facebook.php';
$facebook = new Facebook(array(
  'appId'  => '...',
  'secret' => '...',
));
$user = $facebook->getUser();
if ($user) {
  try {
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
    $user = null;
  }
}
if ($user) {
  $logoutUrl = $facebook->getLogoutUrl();
} else {
  $loginUrl = $facebook->getLoginUrl();
}
$naitik = $facebook->api('/naitik');
?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
  <body>
    <?php if ($user): ?>
      <a href="<?php echo $logoutUrl; ?>">Logout</a>
    <?php else: ?>
      <div>
        Login using OAuth 2.0 handled by the PHP SDK:
        <a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
      </div>
    <?php endif ?>

    <h3>PHP Session</h3>
    <pre><?php print_r($_SESSION); ?></pre>

    <?php if ($user): ?>
      <h3>You</h3>
      <img src="https://graph.facebook.com/<?php echo $user; ?>/picture">

      <h3>Your User Object (/me)</h3>
      <pre><?php print_r($user_profile); ?></pre>
    <?php else: ?>
      <strong><em>You are not Connected.</em></strong>
    <?php endif ?>

    <h3>Public profile of Naitik</h3>
    <img src="https://graph.facebook.com/naitik/picture">
    <?php echo $naitik['name']; ?>
  </body>
</html>

Here are the questions I have in regard to it:

1)What about cookies?--I want the user to be able to be logged into my website after re-opening his/her browser.

2)What is the bare minimum I need to get out of this example.php file to validate/register a user, begin a session, store the session in a cookie, get the user's fb user id, fb name, fb picture, and list of fb friends?

3)In the src/ files, there is one 'file fb_ca_chain_bundle.crt,' and I am completely unfamiliar with what such a file, and I am not sure if it is even necessary. What is its purpose?

4)The line $naitik = $facebook->api('/naitik'); is "naitik" the username of this person--so if I type facebook.com/naitik it will show his public profile? is replacing "/naitik" with "/me" what will get the public profile of the person logged into facebook?

5)How do I get the access token, and how do I use it in my code?

6)When I create a session for the user, and a cookie so that the user is logged in after reopening the browser, what should I exactly be storing in my sessions and cookies?

I know this is many questions, but I have looked through many tutorials online, and none of them have done a good job explaining this, mostly because they just link back to the Github PHP-SDK files. Plus, most of them explain a previous version of PHP-SDK. Any help is appreciated, with any of the questions.

Answer 1

To answer your questions

1)What about cookies?

You just add a parameter to the Facebook initialization. Change it to the following

$facebook = new Facebook(array(
  'appId'  => '...',
  'secret' => '...',
  'cookie' => true,
));

2)What is the bare minimum I need to get out of this example.php file to ....

Not everything you want is in this example. The top half of the code shows you how to connect and validate a user. The second half just dumps out their basic details and naitik's details. For the rest you need to look further.

3)In the src/ files, there is one 'file fb_ca_chain_bundle.crt,'

The purpose of this file is to offer a workaround for CURL error 60. Read this:

http://www.takwing.idv.hk/blog/2011/php-sdk-demystified-%E2%80%93-how-curl-error-60-is-handled/

4)The line $naitik = $facebook->api('/naitik'); is "naitik" the username of this person--so if I type facebook.com/naitik it will show his public profile? is replacing "/naitik" with "/me" what will get the public profile of the person logged into facebook?

Exactly right

5)How do I get the access token, and how do I use it in my code?

$facebook->getAccessToken();

You add it some of the method calls, but it is not necessary for everything.

6)When I create a session for the user, and a cookie so that the user is logged in after reopening the browser, what should I exactly be storing in my sessions and cookies?

The Facebook SDk is going to take care of that. You will just need to store whatever extra information about the user your App requires.