I have a website where you can login with Facebook. I login to my website, all well and good. But after going on www.facebook.com and log out, when I get back on the website and give refresh, the app works perfectly as if I logged in to Facebook. I tried all sorts of conditions, such as:
$user_profile = $facebook->api('/me');
if($user_profile !== $_SESSION['id']) {
header( 'Location: logout.php' ) ;
}
but nothing works, how can I send it to the logout page if the user is not logged on facebook?
Here is my code:
<?php
// Application Configurations
$app_id = "xxxxxxxxxxxxxxxx";
$app_secret = "xxxxxxxxxxxxxxx";
$site_url = "xxxxxxxxxxxxxxx";
try {
include_once "src/facebook.php";
}
catch(Exception $e){
error_log($e);
}
// Create our application instance
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true,
));
// Get User ID
$user = $facebook->getUser();
$user_profile = null;
// Get the current access token
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
// print_r($user);
if ($session) {
echo "este";
} else {
echo "nu este";
}
if(!isset($_SESSION['id']))
{
if($user){
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
// Get logout URL
$logoutUrl = $facebook->getLogoutUrl();
try{
//Connecting to the database. You would need to make the required changes in the common.php file
//In the common.php file you would need to add your Hostname, username, password and database name!
mysqlc();
$id = $user_profile['id'];
$name = $user_profile['name'];
$email = $user_profile['email'];
$gender = $user_profile['gender'];
$bio = $user_profile['bio'];
$query = sprintf("SELECT * FROM newmember WHERE id = %s", $id);
$results = mysql_query($query) or die('tubRandom - Query failed: ' . mysql_error() . "<br />\n$sql");
if(mysql_num_rows($results) == 0)
{
$query_two = sprintf("INSERT INTO newmember values(%s,%s,%s,%s,%s,'yes')", $id, $name, $email, $gender, $bio);
$insert_query_two = mysql_query($query_two) or die('tubRandom - Query failed: ' . mysql_error() . "<br />\n$sql");
$_SESSION['id'] = $user_profile['id'];
} else {
$rows = mysql_fetch_array($results);
$_SESSION['id'] = $user_profile['id'];
}
}
catch(FacebookApiException $e){
error_log($e);
$user = NULL;
}
} else {
// Get login URL
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'read_stream, publish_stream, email, user_about_me, user_website, user_work_history, user_relationships, user_religion_politics, user_relationships, user_likes, user_location, user_relationship_details, user_hometown, user_education_history',
'redirect_uri' => $site_url,
));
}
} else {
$user_profile = $facebook->api('/me');
echo $user_profile['name'] . $user_profile . $user_profile['id'] . $_SESSION['id'];
//header( 'Location: logout.php' ) ;
}
?>
Sorry if it is a dummy question, I am a girl. :D
Well, first of all I don't see why you have to make a note of your gender. Anyway, have a look at the FB.getLoginStatus function.
You can check it through $facebook->getUser(); which returns the Facebook User ID of the current user, or 0 if there is no logged-in user... ;) ;) :P
Related
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs. The above error shown in while i press login with
facebook
in valid outh http://www.example.com/the78/login-facebook.php
and all the process in my side is handle on the same url.
<?php
require 'facebook/facebook.php';
require 'fbconfig.php';
require 'functions.php';
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => APP_SECRET,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
if (!empty($user_profile )) {
die('we are in ');
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
$uid = $user_profile['id'];
$email = $user_profile['email'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username,$email,$twitter_otoken,$twitter_otoken_secret);
if(!empty($userdata)){
session_start();
$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $userdata['username'];
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
echo ("<script>location.href='users/home.php'</script>");
}
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
// header("Location: " . $login_url);
echo ("<script>location.href='$login_url'</script>");
}
?>
This is the facebook url which shows error
https://www.facebook.com/dialog/oauth?client_id=1575902869377664&redirect_uri=http%3A%2F%2Fexample.com%2Fthe78%2Flogin-facebook.php&state=f80b87f59baa9ca6ec69733e55b227f0&scope=email
My email id is not stored in database. I want to store details of Facebook user in my database. Actually, I have login page in which, user can also login with Facebook but problem is that i get all details except email. I need store the email id also in database.Please help me.any help is appreciate.
here is my code...
<?php
require 'facebook/facebook.php';
require 'config/fbconfig.php';
require 'config/functions.php';
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => APP_SECRET,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
}catch (FacebookApiException $e){
error_log($e);
$user = null;
}
if(!empty($user_profile )){
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
$uid = $user_profile['id'];
echo $email = $user_profile['email'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username,$email,$twitter_otoken,$twitter_otoken_secret);
if(!empty($userdata)){
session_start();
$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $userdata['username'];
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
header("Location: home.php");
}
}else{
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
}else{
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
header("Location: " . $login_url);
}
It is just a suggestion.
Sometimes If user will not give permission access his email id in Facebook. at that time you will not get email id of that user.
So in that scenario you can store user email as 'userid#facebook.com'.
userid is also unique in facebook for every user. So you will get unique email id for every user.
Replace the below line :
$user_profile = $facebook->api('/me');
with the following code:
$user_profile = $facebook->api('/me?fields=id,name,first_name,last_name,gender,locale,timezone,email');
I am using facebook api for using login functionality of facebook on my website. But there is a problem with it, it does not redirected to my website after login. It redirects to facebook home page. I don't know why it happens. My code is below:
This file name is logign_facebook.php
<?php
require 'facebook/facebook.php';
require 'config/fbconfig.php';
require 'config/functions.php';
$facebook = new Facebook(array(
'app_id' => APP_ID,
'app_seceret' => APP_SECRET,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
if (!empty($user_profile )) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
$uid = $user_profile['id'];
$email = $user_profile['email'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username,$email,$twitter_otoken,$twitter_otoken_secret);
if(!empty($userdata)){
session_start();
$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $userdata['username'];
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
header("Location: home.php");
}
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
header("Location: " . $login_url);
}
?>
Please help me to fix this issue.
Thanks
Facebook needs to know the URL to redirect back to when the user has logged in.
You can pass this through the the getLoginUrl() function in the PHP SDK as below:
$login_url = $facebook->getLoginUrl(array(
'redirect_uri' => 'http://yoururlhere.com/logign_facebook.php',
'scope' => array('email')
));
A full list of parameters for this function can be seen at https://developers.facebook.com/docs/reference/php/facebook-getLoginUrl.
Another solution:
https://developers.facebook.com/apps/
Apps>>[app_name]>>basic
And scroll down to the "Website with Facebook Login"
Enter your desired URL in the textfield.
Here is the code of API calls and login through Facebook.
The problem is that when it redirects to Facebook, it does not sign in.
What part of my code is wrong and how can I fix it?
require 'facebook/facebook.php';
require 'config/fbconfig.php';
require 'config/functions.php';
$url = $_REQUEST['lasturl'];
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => APP_SECRET,
'cookie' => true
));
$session = $facebook->getSession();
if (!empty($session)) {
# Active session, let's try getting the user id (getUser()) and user info (api->('/me'))
try {
$uid = $facebook->getUser();
$user = $facebook->api('/me');
} catch (Exception $e) {
}
if (!empty($user)) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
// echo '<pre>';
//print_r($user);
// echo '</pre><br/>';
$username = $user['name'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username);
if(!empty($userdata)){
session_start();
$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $userdata['username'];
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
header("Location: ".$url);
}
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl();
header("Location: " . $login_url);
}
Actually the code is fine and getting the login credential should work fine. But the problem is here.
if (!empty($user))
I think you should put this first before getting the user info with the API call. If the function getUser returns an ID then you don't need to get the current session just to get the user info.
Try below code : $session = $facebook->getSession(); don't work
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => APP_SECRET,
'cookie' => true
));
$uid = $facebook->getUser();
if ($uid) {
# Active session, let's try getting the user id (getUser()) and user info (api->('/me'))
try {
$user = $facebook->api('/me');
} catch (Exception $e) {
}
if ($uid) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
// echo '<pre>';
//print_r($user);
// echo '</pre><br/>';
$username = $user['name'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username);
if(!empty($userdata)){
session_start();
$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $userdata['username'];
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
header("Location: ".$url);
}
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl();
header("Location: " . $login_url);
}
I'm totally new to PHP and MySQL but I'm implementing the Facebook PHP SDK in my website. Everything works fine so far but i'm struggling to add the user data to my database (MySQL). Everything I have is a number instead of the username and oauth_uid (I get the number 5 for both fields). This is the code:
<?php
define('db_user','myUserName');
define('db_password','myPassword');
define('db_host','myHost');
define('db_name','myDbName');
// Connect to MySQL
$dbc = #mysql_connect (db_host, db_user, db_password) OR die ('Could not connect to MySQL: ' . mysql_error() );
// Select the correct database
mysql_select_db (db_name) OR die ('Could not select the database: ' . mysql_error() );
require 'lib/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'MYAPPID',
'secret' => 'MYSECRET',
'cookie' => true));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$fbuid = $facebook->getUser();
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}else{
header('Location: index.php');
}
$query = mysql_query("SELECT * FROM users WHERE oauth_provider = 'facebook' AND oauth_uid = ". $user['id']);
$result = mysql_fetch_array($query);
if(empty($result)){
$query = mysql_query("INSERT INTO users (oauth_provider, oauth_uid, username) VALUES ('facebook', {$user['id']}, '{$user['name']}')");
$query = msyql_query("SELECT * FROM users WHERE id = " . mysql_insert_id());
$result = mysql_fetch_array($query);
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$paramsout = array('next'=>'http://www.mywebsite.com/test/logout.php');
$logoutUrl = $facebook->getLogoutUrl($paramsout);
}
?>
The above page is called user_page.php and it's where the user is redirected to after the login. I tried to move the "database" code to index.php (where the user does the login) but every effort so far has been unsuccessful. This is the code for index.php:
require 'lib/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'MYAPPID',
'secret' => 'MYSECRET',
'cookie' => true));
// Get User ID
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$fbuid = $facebook->getUser();
$user_profile = $facebook->api('/me');
header('Location: user_page.php');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl(Array('scope'=> 'user_interests,user_activities,user_education_history,user_likes,user_about_me, user_birthday, user_groups, user_hometown, user_work_history, email',
'redirect_uri' => 'http://www.mywebpage.com/test/user_page.php')
);
}
?>
UPDATE* PROBLEM FIXED ( $user_profile instead of just $user) :
$query = mysql_query("SELECT * FROM users WHERE oauth_provider = 'facebook' AND oauth_uid = ". $user_profile['id']);
$result = mysql_fetch_array($query);
if(empty($result)){
$query = mysql_query("INSERT INTO users (oauth_provider, oauth_uid, username) VALUES ('facebook', {$user_profile['id']}, '{$user_profile['name']}')");
$query = msyql_query("SELECT * FROM users WHERE id = " . mysql_insert_id());
$result = mysql_fetch_array($query);
}
The Facebook user's data in your code is stored under $user_profile and not $user.