I did some searches and I didn't find anything that was related to my problem.
I'm currently trying to implement a Facebook login to my website and I'm having problems with the login authentication due to htaccess mod rewrite URLs?
The code works perfectly and I get logged in if I use it without the mod rewrite rules like:
domain.com/view_webhosting.php?webhosting=name
But as soon as I go over to the mod rewrite URL
domain.com/webhosting-name/
Then it just doesnt work and throws a error "CSRF state token does not match one provided."
in the htaccess file it looks like this
RewriteRule ^webhosting-([a-z_0-9-]+)/$ /view_webhosting.php?webhosting=$1 [L]
Anyone have a solution to a problem like this? I am using Facebook SDK v3.1.1
The PHP SDK expects the 'state' field to be in $_REQUEST (I believe as a GET param) after the redirect before you can exchange the 'code' for an access token. From base_facebook.php:
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
Your RewriteRule may be stomping on that param.
Thanks bismark.
You were correct; it couldn't get the GET parameters, and the solution was this:
From
RewriteRule ^webhosting-([a-z_0-9-]+)/$ /view_webhosting.php?webhosting=$1 [L]
to
RewriteRule ^webhosting-([a-z_0-9-]+)/$ /view_webhosting.php?webhosting=$1 [QSA,L]
Query string append [QSA]
•'qsappend|QSA' (query string append)
This flag forces the rewrite engine to append a query string part of the substitution string
to the existing string, instead of replacing it. Use this when you want to add more data
to the query string via a rewrite rule.
Thanks guys, put me on the right track!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With