Why my facebook log in code not ask user for permission ?
Normally facebook lo ing on other website. when user log in with facebook on first time. It's will show ask permission box. But my facebook login code not show ask permission box. (still log in success)
How can i do for show ask permission box
<?php
include("connect.php");
session_start();
ob_start();
define('APP_ID', 'xxxxxxxxxxxxxxx'); // Your Facebook Application ID goes in here
define('APP_SECRET', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); // Your Facebook Application Secret goes in here
define('LOGIN_PAGE_URL', 'https://www.example.com/'); // The URL to your login page ending with a slash goes in here. Example: https://www.vasplus.info/demos/login_with_fb/
include 'vpb_fb/facebook.php';
//Facebook Application Details
$facebook_application_info = new Facebook(array('appId' => APP_ID, 'secret' => APP_SECRET));
//Get Facebook user id
$vpb_get_user = $facebook_application_info->getUser();
/**************************************************************************************************
* This script is brought to you by Vasplus Programming Blog by whom all copyrights are reserved.
* Website: www.vasplus.info
* Email: vasplusblog#gmail.com or info#vasplus.info
* Do not remove this information from the top of this page please.
***************************************************************************************************/
//Be sure that the user id is not an empty field before you can proceed
if ($vpb_get_user && !empty($vpb_get_user))
{
try { $vpb_fetch_data = $facebook_application_info->api('/me'); } // This user is authenticated therefore, proceed
catch (FacebookApiException $ex)
{
error_log($ex);
$vpb_get_user = null;
}
//Be sure user data from Facebook is not empty
if (!empty( $vpb_fetch_data ))
{
$uid = $vpb_fetch_data['id'];
$first_name = $vpb_fetch_data['first_name'];
$last_name = $vpb_fetch_data['last_name'];
$full_name = $vpb_fetch_data['name'];
$user_name = $vpb_fetch_data['username'];
$email = $vpb_fetch_data['email'];
$gender = $vpb_fetch_data['gender'];
$birthday = $vpb_fetch_data['birthday'];
$location = $vpb_fetch_data['location'];
$bio = $vpb_fetch_data['bio'];
$vpb_fb_logout = array('next' => LOGIN_PAGE_URL.'logout.php');
$logout_url = $facebook_application_info->getLogoutUrl($vpb_fb_logout);
$_SESSION['complete_logout'] = $logout_url;
// Be sure that the most important user info are in place then proceed
if(!empty($uid))
{
$_SESSION['Username'] = $username_user;
$_SESSION['admin'] = '0';
}
else
{
// There was an error therefore, take the user back to the login page
header('location: index.php?facebook_error=1'); // If the user denies the application access to his or her account
}
}
else
{
// There was an error therefore, take the user back to the login page
header('location: index.php?facebook_error=2'); // If something go wrong
}
}
else
{
// There was an error therefore, take the user to login via Facebook again with permission info
$vpb_login_url = $facebook_application_info->getLoginUrl(array('scope' => 'email, user_birthday, user_location, user_photos', 'redirect_uri' => LOGIN_PAGE_URL.'facebook_redirect_to_index.php'));
header("location: " . $vpb_login_url);
}
?>
Related
I register my user, but when I log in after registration I'm told to log in again. Please help.
Here's my code:
<?php
// include function files for this application
require_once('bookmark_fns.php');
session_start();
//create short variable names
if (!isset($_POST['username'])) {
//if not isset -> set with dummy value
$_POST['username'] = " ";
}
$username = $_POST['username'];
if (!isset($_POST['passwd'])) {
//if not isset -> set with dummy value
$_POST['passwd'] = " ";
}
$passwd = $_POST['passwd'];
if ($username && $passwd) {
// they have just tried logging in
try {
login($username, $passwd);
// if they are in the database register the user id
$_SESSION['valid_user'] = $username;
}
catch(Exception $e) {
// unsuccessful login
do_html_header('Problem:');
echo 'You could not be logged in.<br>
You must be logged in to view this page.';
do_html_url('login.php', 'Login');
do_html_footer();
exit;
}
}
do_html_header('Home');
check_valid_user();
// get the bookmarks this user has saved
if ($url_array = get_user_urls($_SESSION['valid_user'])) {
display_user_urls($url_array);
}
// give menu of options
display_user_menu();
do_html_footer();
?>
I tried using this member.php code but it doesn't work the way I want it to. Please help me get the book example to work properly and log me in right after registration
Hello guys i have a sight i have built in xampp it works well that is it can log in to the dashboard without hustle and create session and the user can afterwards log out. but after I launched the site the user cannot log it the site is just not responding. the log in screen is on i tried changing the script and all i get is just a white page, if i put the right script it redirects to the same login page. my host uses linux cpanel and thats the terminal i am using. mind you the site works fine connects well to the db and it even pulls the users available in the db but they issue is in the back end. here is the code i am using..
<?php
/* Main page with two forms: sign up and log in */
require '../config/config.php';
session_start();
?>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
if (isset($_POST['login'])) { //user logging in
require '../sessions/login.php';
}
elseif (isset($_POST['register'])) { //user registering
require '../sessions/register.php';
}
}
?>
<?php
// Check if form submitted with method="post"
if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
if (isset($_POST['reset'])) {
$email = $mysqli->escape_string($_POST['email']);
$result = $mysqli->query("SELECT * FROM staff WHERE email='$email'");
if ( $result->num_rows == 0 ) // User doesn't exist
{
header("location: index.php?msg=".urlencode("User with this email does not exist!"));
}
else { // User exists (num_rows != 0)
$user = $result->fetch_assoc(); // $user becomes array with user data
$email = $user['email'];
$hash = $user['hash'];
$first_name = $user['first_name'];
// Send registration confirmation link (reset.php)
$to = $email;
$subject = 'Password Reset Link (site )';
$message_body = '
Hello '.$first_name.',
You have requested password reset!
Please click this link to reset your password:
http://sitename/reset.php?email='.$email.'&hash='.$hash;
mail($to, $subject, $message_body);
header("location: reset.php?msg=".urlencode("<p>Please check your email <span>$email</span>"
. " for a confirmation link to complete your password reset!</p>"));
}
}
}
?>
this is the login script
// Escape email to protect against SQL injections
$email = $mysqli->escape_string($_POST['email']);
$result = $mysqli->query("SELECT * FROM staff WHERE email='$email'");
if ( $result->num_rows == 0 ){ // User doesn't exist
header("location: index.php?msg=".urlencode("User with that email doesn't exist!"));
}
else { // User exists
$user = $result->fetch_assoc();
if ( password_verify($_POST['password'], $user['password']) ) {
$_SESSION['email'] = $user['email'];
$_SESSION['f_name'] = $user['f_name'];
$_SESSION['l_name'] = $user['l_name'];
$_SESSION['image'] = $user['image'];
$_SESSION['id'] = $user['id'];
$_SESSION['active'] = $user['active'];
// This is how we'll know the user is logged in
$_SESSION['logged_in'] = true;
header("location: home.php");
}
else {
header("location: ../index.php?msg=".urlencode('You have entered wrong password, try again!'));
}
}
?>
If anyone have a clue ?
White Screen Of Death:
If you're seeing a blank page (and view-source is empty), make sure your php.ini contains error_reporting = -1 and display_errors = On (only recommended for development). Putting: at the top of your script might have no effect if your script fails to compile such as in the case of PARSE errors.
Your error will now appear on the page. However, that's not great for a live production system.
For the best error logging experience, set error_reporting to -1, turn display_errors off, and set a custom error_log. Then in the terminal, type tail -f /path/to/error_log. Your notices, warnings and errors will now scroll past in real time, without distorting your web page's display.
Developing Hybrid App I know it is possible to use php session. Anyone know how it works? I would like to display all the info of the user logged-in on their home page like, fullname, contact no., address, etc.
The login: (login.html) This is the code with ajax:
function handleData(responseData) {
var response = JSON.parse(responseData);
var access = response.user_access;
if (access == "real") {
alert("Welcome");
location.href = "home.html"; //should redirect and auto display all the info.
} else {
alert("Your username and password didn\'t match.");
}
}
So the login page send request to the server to log-in.
Now the server side(PHP) code.
if(isset($_POST['input_email']) && isset($_POST['input_password'])){
$post = $_POST;
array_walk_recursive($post, 'clean');
//SQL query here- check if email/password match
$using = 'real';
}
if($user['user_status'] == 'active'){
$_SESSION['user_id'] = $user['user_id'];
$_SESSION['user_email'] = $user['user_email'];
$_SESSION['user_fullname'] = $user['user_fullname'];
}else{
$using = 'notmatch';
}
Declare variable for session:
$user_fullname = $_SESSION['user_fullname'];
$user_id = $_SESSION['user_id'];
$user_email = $_SESSION['user_email'];
$result_array = array( user_id => $user_id, user_fullname => $user_fullname, user_email => $user_email, user_access => $loggedinusing);
echo json_encode($result_array);
}
Login was working well and redirected to the home page when login credentials are right. My home.html for now don't have any code. I need for now is to display the user info in home page with PHP session. I don't know where to start.
I've finally got the courage to make a user login system after who knows how long of putting it off. My only problem is that when I submit the login form it reloads the page and it says that I am logged in, great.
However if I reload the page or go to another page and come back to the original page it forces me to login again. Can anyone help with this? I have a session_start() in the base file that is included in all other page files before the database connection.
I then have the following code for my user login side of things, which as I said, works the first time around, but after that any other interaction will essentially log me out. Any help with this?
The user page which logs you in and creates the session...
Please note that this isn't a live environment so security is being put on the bench for now. However I am aware I will need some security measures in place in the future though.
// Check if the user is logged in or not
if((!empty($_SESSION['loggedin'])) && (!empty($_SESSION['username']))) {
$loggedin = true; // The user IS logged in
} else {
if(isset($_POST['login'])) {
// The login form has been submitted
if((empty($_POST['username'])) || (empty($_POST['password']))) {
// If either username or password fields are blank
$loginfail = true; // If the user could not be logged in
if(empty($_POST['username'])) { $nousername = true; }
if(empty($_POST['password'])) { $nopassword = true; }
} else {
// Username and password field were filled in okay
$username = $_POST['username'];
$password = $_POST['password'];
$checklogin = mysqli_query($sql, "SELECT * FROM users WHERE username = '$username' AND password = '$password'") or die($checklogin . "<br/>" . mysqli_error($sql));
if(mysqli_num_rows($checklogin) == 1) {
// If the login details match up, log them in
$loggedin = true; // The user IS NOT logged in
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = 1;
} else {
// If the login details don't match up, don't login
$loginfail = true; // If the user could not be logged in
}
}
}
}
Thanks!
I am building a facebook app currently it is in sandbox mode. My code :-
index.php
<?php
ob_start();
#session_start();
require 'facebook.php';
include_once('config.php');
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => SECRET_KEY,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
if (!empty($user_profile )) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
//echo '->'.$username;exit;
$uid = $user_profile['id'];
$email = $user_profile['email'];
#session_start();
//$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = 'facebook';
header("Location: home.php");
?>
<?php
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
header("Location: " . $login_url);
}
?>
Here I am checking if the user is login or not if it is a logged in user then redirect to home,php else to login page of facebook.
but when i run my app on facebook it throws error on console :-
Refused to display document because display forbidden by X-Frame-Options because it set 'X-Frame-Options' to 'DENY'
Also I tried this solution but it wont work
You can not display the login dialog within any kind of frames – that’s an anti-phishing measure, the user is supposed to be always able to verify that the login dialog they are shown is indeed from facebook.com, and not a fake loaded from any other site.
You have to redirect to it in the top window instance. This can not be done server-side, so you have to use JavaScript:
<script>top.location.href = "…";</script>
Instead of header redirect use JS redirect as
<script>top.location.href="THE URL"</script>