I am building a facebook app currently it is in sandbox mode. My code :-
index.php
<?php
ob_start();
#session_start();
require 'facebook.php';
include_once('config.php');
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => SECRET_KEY,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
if (!empty($user_profile )) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
//echo '->'.$username;exit;
$uid = $user_profile['id'];
$email = $user_profile['email'];
#session_start();
//$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = 'facebook';
header("Location: home.php");
?>
<?php
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
header("Location: " . $login_url);
}
?>
Here I am checking if the user is login or not if it is a logged in user then redirect to home,php else to login page of facebook.
but when i run my app on facebook it throws error on console :-
Refused to display document because display forbidden by X-Frame-Options because it set 'X-Frame-Options' to 'DENY'
Also I tried this solution but it wont work
You can not display the login dialog within any kind of frames – that’s an anti-phishing measure, the user is supposed to be always able to verify that the login dialog they are shown is indeed from facebook.com, and not a fake loaded from any other site.
You have to redirect to it in the top window instance. This can not be done server-side, so you have to use JavaScript:
<script>top.location.href = "…";</script>
Instead of header redirect use JS redirect as
<script>top.location.href="THE URL"</script>
Related
I am trying to login with google api for php and then redirect the user to the dashboard.php but suddenly this error occurred during the redirection
my files:
the callback file that is responsible for tokens and redirection to dashboard.php
<?php
session_start();
require_once("../gog.php");
if (isset($_SESSION['access_token']))
$gClient->setAccessToken($_SESSION['access_token']);
else if (isset($_GET['code'])) {
$token = $gClient->fetchAccessTokenWithAuthCode($_GET['code']);
$_SESSION['access_token'] = $token;
} else {
header('Location:../index.php');
exit();
}
$oAuth = new Google_Service_Oauth2($gClient);
$userData = $oAuth->userinfo_v2_me->get();
header('Location:../client/dashboard.php');
exit();
?>
the gog.php which includes the settings (i deleted the values)
<?php
require_once "vendor/autoload.php";
$gClient = new Google_Client();
$gClient->setClientId("");
$gClient->setClientSecret("");
$gClient->setApplicationName("");
$gClient->setRedirectUri("");
$gClient->addScope("");
$loginURL = $gClient->createAuthUrl();
?>
the index php where it testes wether or not the user is signed in with google account or email pwd
<?php
require_once("includes/config.php");
require_once("gog.php");
require_once("includes/classes/Account.php");
$account=new Account($con);
if(isset($_SESSION["clientLoggedIn"]) || isset($_SESSION['access_token']) ){
header('location:client/dashboard.php');
exit();
}
?>
the config.php file included which has the database setting to connect
<?php
ob_start();
session_start();
try{
$con= new PDO("mysql:dbname=cinecad;host=localhost","root","");
$con->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_WARNING);
}catch(PDOException $e){
exit("Connexion failed:".$e->getMessage());
}
?>
and the finally the dashbaord.php
<?php
session_start();
if(!isset($_SESSION["clientLoggedIn"])||!isset($_SESSION['access_token'])){
header("Location:../index.php");
}
?>
Based on #Alon Eitan comment the answer was
$_SESSION["clientLoggedIn"] = true
Why my facebook log in code not ask user for permission ?
Normally facebook lo ing on other website. when user log in with facebook on first time. It's will show ask permission box. But my facebook login code not show ask permission box. (still log in success)
How can i do for show ask permission box
<?php
include("connect.php");
session_start();
ob_start();
define('APP_ID', 'xxxxxxxxxxxxxxx'); // Your Facebook Application ID goes in here
define('APP_SECRET', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); // Your Facebook Application Secret goes in here
define('LOGIN_PAGE_URL', 'https://www.example.com/'); // The URL to your login page ending with a slash goes in here. Example: https://www.vasplus.info/demos/login_with_fb/
include 'vpb_fb/facebook.php';
//Facebook Application Details
$facebook_application_info = new Facebook(array('appId' => APP_ID, 'secret' => APP_SECRET));
//Get Facebook user id
$vpb_get_user = $facebook_application_info->getUser();
/**************************************************************************************************
* This script is brought to you by Vasplus Programming Blog by whom all copyrights are reserved.
* Website: www.vasplus.info
* Email: vasplusblog#gmail.com or info#vasplus.info
* Do not remove this information from the top of this page please.
***************************************************************************************************/
//Be sure that the user id is not an empty field before you can proceed
if ($vpb_get_user && !empty($vpb_get_user))
{
try { $vpb_fetch_data = $facebook_application_info->api('/me'); } // This user is authenticated therefore, proceed
catch (FacebookApiException $ex)
{
error_log($ex);
$vpb_get_user = null;
}
//Be sure user data from Facebook is not empty
if (!empty( $vpb_fetch_data ))
{
$uid = $vpb_fetch_data['id'];
$first_name = $vpb_fetch_data['first_name'];
$last_name = $vpb_fetch_data['last_name'];
$full_name = $vpb_fetch_data['name'];
$user_name = $vpb_fetch_data['username'];
$email = $vpb_fetch_data['email'];
$gender = $vpb_fetch_data['gender'];
$birthday = $vpb_fetch_data['birthday'];
$location = $vpb_fetch_data['location'];
$bio = $vpb_fetch_data['bio'];
$vpb_fb_logout = array('next' => LOGIN_PAGE_URL.'logout.php');
$logout_url = $facebook_application_info->getLogoutUrl($vpb_fb_logout);
$_SESSION['complete_logout'] = $logout_url;
// Be sure that the most important user info are in place then proceed
if(!empty($uid))
{
$_SESSION['Username'] = $username_user;
$_SESSION['admin'] = '0';
}
else
{
// There was an error therefore, take the user back to the login page
header('location: index.php?facebook_error=1'); // If the user denies the application access to his or her account
}
}
else
{
// There was an error therefore, take the user back to the login page
header('location: index.php?facebook_error=2'); // If something go wrong
}
}
else
{
// There was an error therefore, take the user to login via Facebook again with permission info
$vpb_login_url = $facebook_application_info->getLoginUrl(array('scope' => 'email, user_birthday, user_location, user_photos', 'redirect_uri' => LOGIN_PAGE_URL.'facebook_redirect_to_index.php'));
header("location: " . $vpb_login_url);
}
?>
I'm trying to get Name and Email information about the user that connects to my site with Facebook Login.
I've looked in this article and i've made the written step:
facebook api email permissions
Then i went to my Application section in my profile and i've made a call to the Graph API specifying my email address too, then i went back to my website and i've made a login:
My name and my email address were displayed.
But if another user goes to the same webpage and makes the login, only his/her name is being displayed and not his/her email address.
Here i attach you the code that i'm using to
include ('php-sdk/facebook.php');
$config = array();
$config['appId'] = FB_APP_ID;
$config['secret'] = FB_APP_SECRET;
$config['fileUpload'] = false;
$config['cookie'] = true;
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
if ($user_id) {
try {
$user_profile = $facebook->api('/me','GET');
echo "Name: " . $user_profile["name"];
echo "Email: " . $user_profile["email"];
$logout_url = $facebook->destroySession();
echo 'Effettua il logout';
} catch (FacebookApiException $e) { // try
$login_url = $facebook->getLoginUrl(array('scope'=>'email'));
echo 'Please login.';
error_log($e->getType());
error_log($e->getMessage());
} /*catch*/
} else {
$login_url = $facebook->getLoginUrl();
echo 'Please login.';
}
Which points am i missing?
Thanks a lot
<?php
require_once('facebook.php');
$config = array(
'appId' => 'xxxxx',
'secret' => 'xxxxx',
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
?>
<html>
<head></head>
<body>
<?php
if($user_id) {
try {
$user_profile = $facebook->api('/me','GET');
echo "Name: " . $user_profile['name'];
} catch(FacebookApiException $e) {
$login_url = $facebook->getLoginUrl();
echo 'Please login.';
echo "1";
error_log($e->getType());
error_log($e->getMessage());
}
} else {
$login_url = $facebook->getLoginUrl();
echo 'Please login.';
echo "2";
}
?>
</body>
</html>
When I go to the mysite.com/fbconect.php, it is a white page with a link LOGIN. When i click login, it is going to the facebook page login. After I Logged In, i go back to mysite.com/fbconect.php then It displays, Login link again with Echoed "1". The URL of mysite.com became mysite.com/fbconect.php?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. What is wrong in my code?
There is nothing wrong in your code.
Be sure:
The facebook user used for the test has authorized the app
This code just run into a PHP page deployed on the website specified in both:
Facebook Developers site -> App > YourApp > Basic -> App Domains
Facebook Developers site -> App > YourApp > Basic -> Website with Facebook Login
Maybe you are logged in with a user that has not already accepted your fb app.
In this case you will see "Please login.1"
If you'll see "Please login.2", sure you're code have caught and exception.
For example if your read this:
OAuthException
Error validating access token: User YYYYYYYY has not authorized application XXXXXXXXXXXXXXXX.
very likely your fb user have removed your app from his/her list.
Or if you see
Couldn't connect to host
This means the system you're working on most likely blocks outgoing connections.
If you want a test user that has already accepted your fb app, you can create one from Facebook Developers site go into "Apps > YourApp > Developer Roles"
In case you want get authorization from the user you can change your code:
<?php
require_once('facebook.php');
$config = array(
'appId' => 'xxxxx',
'secret' => 'yyyyyy',
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
?>
<html>
<head></head>
<body>
<?php
function render_login($facebook) {
$canvas_page = 'http://www.yoursite.com/';
// HERE YOU ASK THE USER TO ACCEPT YOUR APP AND SPECIFY THE PERMISSIONS NEEDED BY
$login_url = $facebook->getLoginUrl(array('scope'=>'email,user_photos,friends_photos', 'redirect_uri'=>$canvas_page));
echo 'Please login.';
}
if($user_id) {
try {
$user_profile = $facebook->api('/me','GET');
echo "Name: " . $user_profile['name'];
} catch(FacebookApiException $e) {
render_login($facebook);
echo "1";
error_log($e->getType());
error_log($e->getMessage());
}
} else {
render_login($facebook);
echo "2";
}
?>
</body>
</html>
Hope this helps.
I have a website in which I have the following files :-
index.php - homepage
f-login.php - page which redirects user to facebook to ask for permissions
add.php - which is given below - this page checks if the user is old or new. If the user is new, it redirects the page to username-choice.php or else it redirects the user to the main page after setting the required cookies.
username-choice.php - This page is for the NEW user to choose a username for himself. If the cookie - "tempuid" is set, it shows the correct page or else it shows an error page that "COOKIES ARE NOT ENABLED!"
The problem is that in the username-choice.php page the error message shows up. I cannot understand the problem. I have given my code for the add.php page. Please tell me what's wrong. Any help shall be appreciated.
The following is my add.php page :-
<?php
include "config.php"; /* contains mysqli_connect */
require "src/facebook.php"; /* for facebook login php-sdk */
include "app_details.php"; /* app-id and secret */
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);/* ERROR TO BE DISPLAYED */
$user = null;
}
}
$uid=$user_profile['id'];
$email=$user_profile['email'];
$fullname = $user_profile['name'];
$birthday = $user_profile['birthday'];
if($uid==null){
echo "Sanp! Something went wrong";
}
$n=0;
$result = mysqli_query($con,"SELECT * FROM Users
WHERE UID='$uid'");
/* TO CHECK IF THE USER IS NEW OR OLD*/
while($row = mysqli_fetch_array($result))
{
$n++;
$username=$row['Username'];
$ppic=$row['Ppic_url'];
}
if($n>0)
{
$expire=time()+60*60*24*30;
setcookie("name" , "$fullname", $expire);
setcookie("uid" , "$uid", $expire);
setcookie("logintype", "facebook", $expire);
setcookie("username", "$username", $expire);
setcookie("ppic", "$ppic", $expire);
header("Location: http://mysite.com");
exit;
}
else if($n==0)
{
$expire=time()+60*60*24*30*365;
setcookie("tempname", "$fullname", $expire);
setcookie("tempuid" , "$uid", $expire);
setcookie("tempemail", "$email", $expire);
setcookie("tempbday", "$birthday", $expire);
setcookie("tempppic", "$ppic", $expire);
header("Location: http://mysite.com/username-choice");
exit();
mysqli_close($con);
}
?>
This means that the program is going into the last if statement. Now, your webpage can display "COOKIES NOT ENABLED" only if the uid is null. So, according to me the $uid is null.