php 如何使用facebook SDK注销用户?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11483594/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to log out user using facebook SDK?
提问by Mina Gabriel
I am using a facebooklog in for my web site using facebook php sdk.
我正在使用facebook我的网站登录facebook php sdk。
What I noticed is the logoutlink doesn't do anything. After I logout, the user can still navigate the site. Here is my code in facebook.php:
我注意到的是logout链接没有做任何事情。在我注销后,用户仍然可以浏览该站点。这是我的代码facebook.php:
<?php
require 'src/facebook.php';
$facebook = new Facebook(array(
'appId' => '*************',
'secret' => '******************************',
));
$user = $facebook->getUser();
$loginUrl = $facebook->getLoginUrl();
echo "<a href='$loginUrl'>login</a>";
$logoutUrl = $facebook->getLogoutUrl();
echo $loginUrl;
if($user){
session_start() ;
$_SESSION['user_info'] = $user;
$_SESSION['user_pro']= $facebook->api('/me');
print_r($_SESSION);
}
else{
echo 'not logged in ';
}
echo "<a href='example.com/logout.php'>log out </a>"
?>
This codeworks fine on log in. The log out link should destroy the session. Here is the header of the page:
这code在登录时工作正常。注销链接应该会破坏会话。这是页面的标题:
<?php
print_r($_SESSION) ;
header('example.com') ;
?>
The problem with my logout.phppage is it doesn't detect the session at all. I don't know if this is a facebook apiproblem or my phpproblem.
我的logout.php页面的问题是它根本没有检测到会话。我不知道这是facebook api我的问题还是我的php问题。
How do you log the user out using the facebook SDK?
您如何使用 facebook SDK 注销用户?
回答by Needhi Agrawal
You can logout from your site as well as from facebook as follow by providing your site url to next parameter and destroying session
您可以通过将您的网站 url 提供给下一个参数并销毁会话来从您的网站和 Facebook 注销,如下所示
$token = $facebook->getAccessToken();
$url = 'https://www.facebook.com/logout.php?next=' . YOUR_SITE_URL .
'&access_token='.$token;
session_destroy();
header('Location: '.$url);
You also have to log them out of your website AND you have to prevent your website from automatically remembering your user and re-logging them in immediately.
您还必须将他们从您的网站注销,并且您必须防止您的网站自动记住您的用户并立即重新登录。
Disable the code that auto-logs in your user and try to logout again. Destroying the session will not prevent your site from creating a brand new valid session for the remembered user.
禁用自动登录用户的代码并尝试再次注销。销毁会话不会阻止您的站点为记住的用户创建全新的有效会话。
回答by Eric Leschinski
Here is the PHP logout code for my website that logs a user in and out with facebook. You don't have to destroy the session to logout the user, all you technically have to do is signal to your own website that this particular session may not be used to let the user in.
这是我的网站的 PHP 注销代码,用于让用户使用 facebook 登录和注销。您不必销毁会话来注销用户,从技术上讲,您所要做的就是向您自己的网站发出信号,表明该特定会话可能不会用于让用户进入。
logout.php:
登出.php:
<?php
require_once("facebook-php-sdk-6c82b3f/src/facebook.php");
$config = array();
$config['appId'] = '2911111111146';
$config['secret'] = 'a6eaaaaaaaaaaaaaaaaaaaaaaaaaad1a';
$config['fileUpload'] = false;
$facebook = new Facebook($config);
$logouturl = $facebook->getLogoutUrl();
$_SESSION['user_facebook_email'] = "";
$_SESSION['ask_user_to_login'] = true;
header("Location: showquestions.php");
?>
index.php:
索引.php:
<?php
require_once("facebook-php-sdk-6c82b3f/src/facebook.php");
$config = array();
$config['appId'] = '2911111111146';
$config['secret'] = 'a6eaaaaaaaaaaaaaaaaaaaaaaaaaad1a';
$config['fileUpload'] = false;
$facebook = new Facebook($config);
$userId = $facebook->getUser();
if ($_SESSION['ask_user_to_login'] == true || $userId == 0){
$loginUrl = $facebook->getLoginUrl();
$_SESSION['ask_user_to_login'] = false;
echo "<button type='button' onClick=\"window.location='$loginUrl'\">" .
"<img src='picture.gif' alt='Login with facebook'/>" .
"</button>";
exit;
}
else
{
$userInfo = $facebook->api('/' + $userId);
session_cache_expire (150000); //set the cache expire to 15000 minutes
$_SESSION['user_facebook_email'] = $userInfo['email'];
$_SESSION['facebook'] = $facebook;
header("Location: showquestions.php");
}
$userInfo = $facebook->api('/' + $userId);
echo "Welcome" . $userInfo['email'];
?>
login.php:
登录.php:
<?php
session_start();
if (isset($_SESSION['user_facebook_email']) !== true ||
$_SESSION['user_facebook_email'] == "")
{
header("Location: index.php");
exit;
}
?>
Then in every php file you want to prevent access without a logged-in user, put this at the top:
然后在每个要防止没有登录用户的情况下访问的 php 文件中,将其放在顶部:
<?php
require("log2.php");
?>
With this code, the user is logged in automatically, and if they invoke the logout code, the site will not let them in until they login again.
使用此代码,用户将自动登录,如果他们调用注销代码,则站点将不会让他们进入,直到他们再次登录。
回答by Rudi Visser
You need to call session_start()on all pages where sessions will be used.
您需要调用session_start()将使用会话的所有页面。
To log somebody out of the session (ie. clear it) you can use session_destroy().
要将某人从会话中注销(即清除它),您可以使用session_destroy().
Finally, header('example.com');won't actually do anything, are you intending to perform a redirection? If so, you should use `header('Location: http://example.com/');
最后,header('example.com');实际上不会做任何事情,您是否打算执行重定向?如果是这样,您应该使用 `header('Location: http://example.com/');
EDIT: Sorry I hadn't read this properly, what is the second code snippet? Is that your logout.php page?
编辑:对不起,我没有正确阅读这个,第二个代码片段是什么?那是您的 logout.php 页面吗?
As far as I'm aware with the Facebook API, when you're calling getLogoutUrl(), that is where you should send your users when they click the link, and not your own logout.php.
就我所知的 Facebook API 而言,当您调用 时getLogoutUrl(),您应该在用户单击链接时将其发送给用户,而不是您自己的logout.php.
回答by Nicola Peluchetti
Logging out users from facebook can be difficult. This works for me
从 Facebook 注销用户可能很困难。这对我有用
// Get an instance of the Facebook class
$facebook = $this->facebook_instance_factory();
// Destroy the session so that no Facebook data is held
$facebook->destroySession();
$logout = $facebook->getLogoutUrl();
$facebook->setAccessToken('');
// Redirect the user to the logout url, facebook will redirect him to our page
wp_redirect( $logout );
回答by Mina Gabriel
ANSWER
回答
$_SESSION['fb_(your_APP_ID)_access_token'] = '' ;
when log in a session is initialized , it seems that if we set any of these sessionvariable to null it breaks the log in function , and ask the user to log in again
当登录会话被初始化时,似乎如果我们将这些session变量中的任何一个设置为空,它就会破坏登录功能,并要求用户重新登录。
