Facebook SDK返回错误:跨站点请求伪造验证失败。URL和会话中的"state"参数不匹配。
好的。我已经试过了我在stackoverflow上找到的关于同一个问题的所有方法,但不幸的是,同样的问题一直在发生,我现在疯了。请帮帮我!
这是login.php:
<?php
require_once __DIR__ . ''Facebook'autoload.php';
if(!session_id()) {
session_start();
}
$fb = new Facebook'Facebook([
'app_id' => 'my_app_id',
'app_secret' => 'and_my_app_secret',
'default_graph_version' => 'v2.5',
// 'persistent_data_handler'=>'session',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // Optional permissions
$loginUrl = $helper->getLoginUrl('http://my_ip/facebook/login-callback.php', $permissions);
foreach ($_SESSION as $k=>$v) {
if(strpos($k, "FBRLH_")!==FALSE) {
if(!setcookie($k, $v)) {
echo "there is no cookie";
exit;
} else {
$_COOKIE[$k]=$v;
}
}
}
var_dump($_COOKIE);
echo '<a href="' . htmlspecialchars($loginUrl) . '">Log in with Facebook! </a>';
?>
这是login-callback.php:
<?php
require_once __DIR__ . ''Facebook'autoload.php';
if(!session_id()) {
session_start();
}
foreach ($_COOKIE as $k=>$v) {
if(strpos($k, "FBRLH_")!==FALSE) {
$_SESSION[$k]=$v;
}
}
$fb = new Facebook'Facebook([
'app_id' => 'my_app_id',
'app_secret' => 'my_app_secret',
'default_graph_version' => 'v2.5',
// 'persistent_data_handler'=>'session',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
var_dump($accessToken);
} catch(Facebook'Exceptions'FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook'Exceptions'FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "'n";
echo "Error Code: " . $helper->getErrorCode() . "'n";
echo "Error Reason: " . $helper->getErrorReason() . "'n";
echo "Error Description: " . $helper->getErrorDescription() . "'n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
$_SESSION['fb_access_token'] = (string) $accessToken;
?>
hello纠正您的权限变量,如
FacebookSession::setDefaultApplication( 'app_id','app_secreat' );
// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper('redirect url' );
try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
$session = null;
// When Facebook returns an error
} catch( Exception $ex ) {
// When validation fails or other local issues
}
// see if we have a session
if ( isset( $session ) ) {
// graph api request for user data
$accessToken = $session->getAccessToken();
$longLivedAccessToken = $accessToken->extend();
if (isset($longLivedAccessToken)) {
// Logged in!
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
}
$request = new FacebookRequest($session, 'GET', '/me',
array(
'fields' => 'id,name,email'
) );
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject();
//print_r($graphObject);die();
$fbid = $graphObject->getProperty('id'); // To Get Facebook ID
$fbfullname = $graphObject->getProperty('name'); // To Get Facebook full name
$femail = $graphObject->getProperty('email');
//checkuser($fbid,$fbfullname,$femail);
$request1 = new FacebookRequest($session, 'GET', '/me/accounts',
array(
'fields' => 'id,access_token,name'
) );
$pageList= $request1->execute()
->getGraphObject()
->asArray();
使用此代码并获取请求
请转到文件
src/Facebook/PersistentData/PersistentDataFactory.php
在您的Facebook SDK 中
查找此代码
if ('session' === $handler) {
new FacebookSessionPersistentDataHandler();
}并替换为
if ('session' === $handler) {
return new FacebookSessionPersistentDataHandler();
}