php Facebook API - 用户注销后会话仍然存在
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4511570/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Facebook API - Session still exists after user logout
提问by flochtililoch
I am using Facebook php-sdk in my iframe facebook app to get user login status. Right after I sign out using facebook Account > Log out link, the session is not destroyed yet. I must wait a few minutes before old session expires, then my app will again get the correct login status.
我在 iframe facebook 应用程序中使用 Facebook php-sdk 来获取用户登录状态。在我使用 facebook 帐户 > 注销链接注销后,会话尚未销毁。我必须在旧会话过期前等待几分钟,然后我的应用程序将再次获得正确的登录状态。
I expect the facebook to kill itself and the session when user signs out. How do I manually kill the session?
我希望 facebook 会在用户退出时杀死自己和会话。如何手动终止会话?
Here is my code:
这是我的代码:
$initParams = array(
'appId' => $conf['app_id'],
'secret' => $conf['secret_api_key'],
'cookie' => TRUE,
);
$fb = new Facebook($initParams);
$fb->getSession(); // will return a session object eventhough user signed out!
SOLVED:
解决了:
calling $fb->api('/me')will destroy the session if user has previously logged out.
I've changed my code as following:
$fb->api('/me')如果用户先前已注销,则调用将破坏会话。我已经改变了我的代码如下:
if ($session)
{
try
{
$fbuid = $fb->getUser();
$me = $fb->api('/me');
}
catch(FacebookApiException $e){}
}
If the API call is unsuccessful, $sessionwill be set to NULL. Very weird behavior, I don't explain everything that is going on here but it solved my problem of having residual session object not being updated via getSession()method.
如果 API 调用不成功,$session将被设置为 NULL。非常奇怪的行为,我没有解释这里发生的一切,但它解决了我的问题,即没有通过getSession()方法更新剩余的会话对象。
回答by Henson
I'm using $fb->getUser() and what I did was almost identical with yours.
我正在使用 $fb->getUser() 并且我所做的与您的几乎相同。
if ($fb->getUser())
{
try
{
$me = $fb->api('/me');
}
catch(FacebookApiException $e){
**$fb->destroySession();**
}
}
I found that using only API to check whether FB is logged out or not sometimes is inconsistent, but with destroySession(), the session will surely be destroyed.
我发现只用API来检查FB是否登出有时是不一致的,但是使用destroySession(),会话肯定会被销毁。
回答by tireof_fbscripting
if you are using the javascript FB.INIT calls on the login page, then set status to false from true.
如果您在登录页面上使用 javascript FB.INIT 调用,则将 status 从 true 设置为 false。
details about the status attribute : http://developers.facebook.com/docs/reference/javascript/FB.init/
有关状态属性的详细信息:http: //developers.facebook.com/docs/reference/javascript/FB.init/
回答by SubstanceMX
Try finding the formatData function somewhere at LoginWindow (AS3) and find this line:
尝试在 LoginWindow (AS3) 的某处找到 formatData 函数并找到这一行:
vars.redirect_uri = FacebookURLDefaults.LOGIN_SUCCESS_URL
Change the value for http://www.facebook.com/and logout from that html page when logged in.
http://www.facebook.com/登录时更改该html 页面的值并从该页面注销。
This is a temporarysolution to logout if you are developer, not the end user.
如果您是开发人员而非最终用户,这是注销的临时解决方案。
回答by Kup
The only way I've managed to solve this problem was by clearing the session using the signed request to check the user id:
我设法解决此问题的唯一方法是使用签名请求清除会话以检查用户 ID:
$facebook = Membership::getFacebookApp();
$signed_request = $facebook->getSignedRequest();
if(isset($_SESSION['facebook_id']) && $signed_request['user_id'] != (int)$_SESSION['facebook_id']){
$_SESSION = array();
}
回答by Oswald
Facebook should disassociate the session from the account that the session belonged to. You can use Facebook::getUser() to check whether this was done:
Facebook 应该将会话与会话所属的帐户解除关联。您可以使用 Facebook::getUser() 来检查是否已完成:
if ($fb->getUser() === null) {
// User logged out
} else {
// User logged in
}
回答by haha
Try $facebook->setSession(null)or using javascript <a href="/logout/" onclick="FB.logout();">Logout</a>
尝试$facebook->setSession(null)或使用 javascript<a href="/logout/" onclick="FB.logout();">Logout</a>
回答by SubstanceMX
Logout does not work any way you do.
注销不会以任何方式工作。
Try posting this link in your browser, after you log in to facebook.
登录 Facebook 后,尝试在浏览器中发布此链接。
https://www.facebook.com/logout.php
https://www.facebook.com/logout.php
What happen? it takes you to your facebook. No logout at all.
发生什么事?它带你到你的脸书。根本没有注销。
What ever you do, check the function (depends on your API) handleLogout and check the output. In my case, it returns the entire facebook html page.
无论您做什么,请检查函数(取决于您的 API)handleLogout 并检查输出。就我而言,它返回整个 facebook html 页面。
