我正在开发一个基本上将在信息亭中运行的应用程序,重点是允许用户在企业时能够登录到Facebook,并在登录后发布一条消息说他们在那里,后记他们得到了一张优惠券。
问题出现了,在他们登录然后注销后,下一个使用其帐户登录的人最终会以上一个用户的身份发布,这继续令人作呕。
获得优惠券后,脚本会在 15 秒后自动将其注销,并将应用程序返回到主屏幕供下一个用户使用。当他们登录时,他们能够这样做,它会将他们返回到页面,要求发布权限,但它正在提取所有以前的用户信息。这是发送到Facebook登录后在页面中调用的代码。
<?php
//include the Facebook PHP SDK
include_once 'couponGenerator/facebook.php';
//start the session if necessary
if( session_id() ) {
} else {
session_start();
}
//instantiate the Facebook library with the APP ID and APP SECRET
$facebook = new Facebook(array(
'appId' => '00000000000',
'secret' => '000000000000000000000',
'cookie' => true,
'status' => true,
'oath' => true
));
$access_token = $facebook->getAccessToken();
$_SESSION['active'][$access_token];
//get the news feed of the active page using the page's access token
$page_feed = $facebook->api(
'/me/feed',
'GET',
array(
'access_token' => $_SESSION['active']['access_token']
)
);
$fbuser = $facebook->api('/me');
//var_dump($page_feed); exit;
?>
尝试在主页上删除facebook cookie和会话,但这并没有解决任何问题,我只是想弄清楚我做错了什么,任何建议都非常受欢迎。
$facebook->destroySession();
$facebook->_killFacebookCookies();
public function _killFacebookCookies()
{
// get your api key
$apiKey = $this->getAppId();
// get name of the cookie
$cookie = $this->getSignedRequestCookieName();
$cookies = array('user', 'session_key', 'expires', 'ss');
foreach ($cookies as $name)
{
setcookie($apiKey . '_' . $name, false, time() - 3600);
unset($_COOKIE[$apiKey . '_' . $name]);
}
setcookie($apiKey, false, time() - 3600);
unset($_COOKIE[$apiKey]);
$this->clearAllPersistentData();
}
这是更新的连接类`
<?php
//include the Facebook PHP SDK
include_once 'facebook.php';
//instantiate the Facebook library with the APP ID and APP SECRET
$facebook = new Facebook(array(
'appId' => '122628977190080',
'secret' => '123123123123123123123123',
'cookie' => true
));
$access_token = $facebook->getAccessToken();
unset ($_SESSION['active'][$access_token]);
session_unregister ($_SESSION['active'][$access_token]);
//Get the FB UID of the currently logged in user
$user = $facebook->getUser();
//if the user has already allowed the application, you'll be able to get his/her FB UID
if($user) {
//start the session if needed
if( session_id() ) {
} else {
session_start();
}
//do stuff when already logged in
//get the user's access token
$access_token = $facebook->getAccessToken();
//check permissions list
$permissions_list = $facebook->api(
'/me/permissions',
'GET',
array(
'access_token' => $access_token
)
);
//check if the permissions we need have been allowed by the user
//if not then redirect them again to facebook's permissions page
$permissions_needed = array('publish_stream', 'email');
foreach($permissions_needed as $perm) {
if( !isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1 ) {
$login_url_params = array(
'scope' => 'publish_stream,email',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
$login_url = $facebook->getLoginUrl($login_url_params);
header("Location: {$login_url}");
exit();
}
}
//if the user has allowed all the permissions we need,
//get the information about the pages that he or she managers
$accounts = $facebook->api(
'/me/accounts',
'GET',
array(
'access_token' => $access_token
)
);
//save the information inside the session
$_SESSION['access_token'] = $access_token;
$_SESSION['accounts'] = $accounts['data'];
//save the first page as the default active page
$_SESSION['active'] = $accounts['data'][0];
//redirect to manage.php
header('Location: ../facebook_result.php');
} else {
//if not, let's redirect to the ALLOW page so we can get access
//Create a login URL using the Facebook library's getLoginUrl() method
$login_url_params = array(
'scope' => 'read_stream,email',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
$login_url = $facebook->getLoginUrl($login_url_params);
//redirect to the login URL on facebook
header("Location: {$login_url}");
exit();
}
?>'
调用注销脚本后,我在主页上运行这段代码以查看是否设置了所有内容。
<?php
try {
$uid = $facebook->getUser();
$fbme = $facebook->api('/me');
echo "$uid";
} catch (FacebookApiException $e) {
print_r($e);
}
?>
它给了我这个结果
FacebookApiException Object ( [result:protected] =>
Array ( [error] => Array ( [message] =>
An active access token must be used to query information about the current user.
[type] => OAuthException [code] => 2500 ) )
[message:protected] => An active access token must be
used to query information about the current user.
[string:private] => [code:protected] => 0 [file:protected] =>
/home/m3dev/public_html/couponsite/couponGenerator/base_facebook.php
[line:protected] => 1046 [trace:private] => Array ( [0] => Array ( [file] => /home/m3dev/public_html/couponsite/couponGenerator/base_facebook.php [line] => 751 [function] => throwAPIException [class] => BaseFacebook [type] => -> [args] => Array ( [0] => Array ( [error] => Array ( [message] => An active access token must be used to query information about the current user. [type] => OAuthException [code] => 2500 ) ) ) ) [1] => Array ( [function] => _graph [class] => BaseFacebook [type] => -> [args] => Array ( [0] => /me ) ) [2] => Array ( [file] => /home/m3dev/public_html/couponsite/couponGenerator/base_facebook.php [line] => 560 [function] => call_user_func_array [args] => Array ( [0] => Array ( [0] => Facebook Object ( [appId:protected] => 162628977190080 [apiSecret:protected] => **SECRET KEY REMOVED ** [user:protected] => 0 [signedRequest:protected] => Array ( [algorithm] => HMAC-SHA256 [code] => 961628b1ca0354544541d58e.1-34319949|p3D3pSNoawlC1wBllhiN7zoEpJY [issued_at] => 1331218933 [user_id] => 34319949 ) [state:protected] => [accessToken:protected] => 162628977190080|**SECRET KEY REMOVED** [fileUploadSupport:protected] => ) [1] => _graph ) [1] => Array ( [0] => /me ) ) ) [3] => Array ( [file] => /home/m3dev/public_html/couponsite/index.php [line] => 71 [function] => api [class] => BaseFacebook [type] => -> [args] => Array ( [0] => /me ) ) ) )
您可能正在破坏Facebook会话,但您似乎并没有破坏自己的会话。
㨃
$_SESSION['active'][$access_token];
您需要
为每个用户强制Facebook重新进行身份验证。
我不确定您使用的 PHP API 是否支持此功能,但 OAuth 对话框可以接收auth_type,当值为 reauthenticate 时,会强制用户提供其凭据:
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. '&auth_type=reauthenticate&auth_nonce=' . $auth_nonce;
这也可以使用 Javascript API 来完成。