php 在用户注销时从我的应用程序中删除 Facebook 会话 cookie
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4265844/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Delete facebook session cookie from my application on users logout
提问by brpaz
I am working in an application which is using facebook connect to log in the users using their facebook account.
我在一个应用程序中工作,该应用程序使用 facebook 连接来使用他们的 facebook 帐户登录用户。
Everything works fine except in the following case:
除以下情况外,一切正常:
- User logged out from my website and facebook.
- User try to login again in my app.
- 用户从我的网站和 Facebook 注销。
- 用户尝试在我的应用程序中再次登录。
In this case when the facebook connect popup opens in says "error in the application".
在这种情况下,当 facebook 连接弹出窗口打开时说“应用程序中的错误”。
I found that the reason is that the old fbs cookie is not being removed on users logout. I have added the code to delete the cookie on logout of my app but the cookie isn't deleted.
我发现原因是旧的 fbs cookie 在用户注销时没有被删除。我已经添加了在我的应用程序注销时删除 cookie 的代码,但 cookie 没有被删除。
Here is my code (using Symfony framework.)
这是我的代码(使用 Symfony 框架。)
$fbCookie = 'fbs_'.sfConfig::get('app_facebook_application_id');
$cookie = $request->getCookie($fbCookie);
if(!is_null($cookie)){
setCookie($fbCookie," ", time()-3600);
}
This doesn't work. The cookie remains the same. The setCookie function returns "1" as expected.
这不起作用。cookie 保持不变。setCookie 函数按预期返回“1”。
What can be the problem?
可能是什么问题?
回答by tgriesser
I'm pretty sure I had trouble with this too... you need to make sure that you kill the Facebook session right after you delete the cookie, otherwise it will just pop back up... here's an example
我很确定我也遇到了这个问题……您需要确保在删除 cookie 后立即终止 Facebook 会话,否则它会重新弹出……这是一个示例
// Assuming that $facebook is your facebook object populated with your settings
$facebook = new Facebook(array(
'appId' => FB_APPID,
'secret' => FB_APPSECRET,
'cookie' => true));
$fb_key = 'fbs_'.sfConfig::get('app_facebook_application_id');
set_cookie($fb_key, '', '', '', '/', '');
$facebook->setSession(NULL);
回答by Sabrina Leggett
In the current version of the Facebook SDK you need to use
在当前版本的 Facebook SDK 中,您需要使用
$fb_key = 'fbsr_'.$facebookConfig['app_id'];
setcookie($fb_key, '', time()-3600);
$facebook->destroySession();
I tried clearing out the cookies and the session manually, and it still didn't work for some reason (see Facebook PHP: After user logs out of facebook, they can't login to my app with another user). Using the above solution was what worked in the end.
我尝试手动清除 cookie 和会话,但由于某种原因仍然无法正常工作(请参阅Facebook PHP:用户注销 facebook 后,他们无法与其他用户一起登录我的应用程序)。使用上述解决方案最终奏效。
回答by pouyanghasemi
Make sure to use the following code:
确保使用以下代码:
$params = array( 'next' => 'https://yourUrl/logout' );
$data['logoutUrl'] = $this->facebook->getLogoutUrl($params);
to redirect the page to a logout controller or a page and then kill the sessions on that page.
将页面重定向到注销控制器或页面,然后终止该页面上的会话。
回答by Daniel C
I had the same problem and neither of the solutions i came up in the web worked for me. Then suddenly another app with the same code worked fine, so i checked the advanced settings in the app and it worked when i changed: OAuth 2.0 for Canvas ENABLED, Timezone-less events ENABLED and Upgrade to Requests 2.0 ENABLED
我遇到了同样的问题,我在网络上提出的任何解决方案都不适合我。然后突然另一个具有相同代码的应用程序工作正常,所以我检查了应用程序中的高级设置,当我更改时它工作正常:OAuth 2.0 for Canvas ENABLED、Timezoneless events ENABLED 和 Upgrade to Requests 2.0 ENABLED
Hope it helps
希望能帮助到你
回答by Naama Katiee
I had the same problem and tried all the above, but then I suspected that the cookies names are not what I'm expecting them to be and indeed! So I just printed my cookies and check carefully which of them I want to remove:
我遇到了同样的问题并尝试了上述所有方法,但后来我怀疑 cookie 名称不是我期望的名称,而且确实如此!所以我只是打印了我的 cookie 并仔细检查我想删除哪些:
//print the cookies just to make sure what is the exact name of the cookie
foreach ($_COOKIE as $key => $value) {
print $key . "=" . $value . "</br>";
}
//delete
if (isset($_COOKIE['fbsr_' . $app_id])) {
setcookie('fbsr_' . $app_id, $_COOKIE['fbsr_' . $app_id], time() - 3600, "/");
setcookie('PHPSESSID', $_COOKIE['PHPSESSID'], time() - 3600, "/");
unset($_COOKIE['fbsr_' . $app_id]);
unset($_COOKIE['PHPSESSID']);
}
This php script should run after calling to FB.logoutin your js part:
这个 php 脚本应该FB.logout在你的 js 部分调用后运行:
function logout() {
FB.init({appId: '[your app id]', status: true, cookie: true,xfbml: true});
var flag = confirm("logout from your facebook account as well");
if (flag) {
FB.logout(function(response) { window.location='logout.php' });
}
}
回答by Phil Hymanson
<?php
// include the Facebook SDK
include_once 'src/facebook.php';
// Define crutial perams
define( 'APPID', '' );
define( 'SECRET', '' );
define( 'URL', 'http://fb.domain.co.uk' );
// shake my hand!
$facebook = new Facebook( array( 'appId' => APPID, 'secret' => SECRET, 'fileUpload' => true ) );
// if we are being visited by someone trying to logout, lets me sure they get logged out!
if( isset( $_GET['logged_out'] ) ) {
setcookie( "PHPSESSID", "", (time()-3600) );
header( "location: " . URL );
exit();
}
// lets try to get the users id
$user_id = $facebook->getUser();
// try to get their access token
$access_token = $facebook->getAccessToken();
// if we have an id
if($user_id) {
// from the offset, we're good to go...
$logged_in = true;
echo "<h1>Logged in</h1>";
$params = array( 'next' => URL . '?logged_out' );
$return .= '<br /><a href="' . $facebook->getLogoutUrl($params) . '">logout</a>';
}else{
// login man!
$login_url = $facebook->getLoginUrl(
array(
'scope' => 'read_stream, publish_stream, manage_pages, photo_upload',
'next' => URL . '?logged_in'
)
);
$return .= 'Please <a href="' . $login_url . '">login.</a>';
}
echo $return
?>
回答by Patrick
As you said ;) it's about the cookie your local script sets, not one on Facebook.com, so your question is legit.
正如您所说;) 这是关于您本地脚本设置的 cookie,而不是 Facebook.com 上的 cookie,所以您的问题是合法的。
I run into the same issue here. The PHPSDK does not give you the possibility to delete the cookie. So either you have to run the whole session without cookie:
我在这里遇到了同样的问题。PHPSDK 不允许您删除 cookie。所以要么你必须在没有 cookie 的情况下运行整个会话:
$facebook = new Facebook(array(
'appId' => FB_APPID,
'secret' => FB_APPSECRET,
'cookie' => false,
));
or you redirect the user to the logout URL at facebook:
或者您将用户重定向到 facebook 上的注销 URL:
header('Location: ' . $facebook->getLogoutUrl(array('next'=>URL_AFTER_LOGOUT))');
The only problem seems to be that the user is logged out from Facebook too.
唯一的问题似乎是用户也从 Facebook 注销。
If you can use Javascript try this:
如果您可以使用 Javascript,请尝试以下操作:
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({appId: '<?php echo FB_APPID;?>', status: true, cookie: true, xfbml: true});
FB.Event.subscribe('auth.logout', function(response) {
window.location.href='YOUR_LOCAL_LOGOUTSCRIPT';
});
</script>
回答by Pascal Klein
For some reason you can't delete the cookie, even though you obviously have permission to read it (because you had to read the access_token).
出于某种原因,您无法删除 cookie,即使您显然有权读取它(因为您必须读取 access_token)。
But anyhow: This issue just comes up on localhost. On your Server you shouldn't run into the issue! The cookie also doesn't get deleted on your server, but it is not recognized as a valid access_token, when you try to login again.
但无论如何:这个问题只是出现在本地主机上。在您的服务器上,您不应该遇到这个问题!该 cookie 也不会在您的服务器上被删除,但当您再次尝试登录时,它不会被识别为有效的 access_token。
回答by wom
I was having trouble with this too, and contrary to Efazati's answer, my trouble was with cookies set on my own domain by the Facebook php api library. The thing that I was overlooking was when deleting the cookie, using the exact domain and path that the cookie was set with. This is the line that successfully deleted the cookie for me.
我也遇到了这个问题,与 Efazati 的回答相反,我的问题在于 Facebook php api 库在我自己的域上设置了 cookie。我忽略的是删除cookie时,使用cookie设置的确切域和路径。这是为我成功删除cookie的行。
setcookie("fbs_" . $app_id, '', time()-3600, "/", ".mydomain.com");
tgriesser's comment was also helpful.
tgriesser 的评论也很有帮助。
