如何在Facebook登录重定向后清除URL .. PHP

时间:2014-12-04 00:44:46

标签: php facebook facebook-graph-api

我正在我的页面上创建用户登录,并选择使用Facebook使用PHP SDK登录。我遇到的问题是Facebook离开我的网站,获得用户和Facebook的许可,然后回到我的网站。一切正常,因为它应该,但令牌的Facebook会创建存储在URL,如www。############ /帐号/ register.php?代码= AQDEN90jFQLsDPS5UEXOWCBItXfs5uVbKDs2AfZmV5d7nIHTNy6IXUXtDX-BJMxh6wlsC6-QoOzxnGCLqD_lG4Ui0HF5eUwLP15fUrAgwrwDLHcmRUKrvIcgHOOxr61u6E8me1EV7-VAHiRXG- d-U7qi8fWS7fYpU5OOjGctdzoOvx9Vl35NpXbbALq&安培;状态= 5659508109f2207707c8# =

如果用户在被重定向后刷新该页面,它会将整个内容搞砸,因为它再次重新提交令牌,这会引发php facebook错误并结束代码链。

我的代码如下。

//1.Use app id,secret and redirect url
 $app_id = '###################';
 $app_secret = '#########';
 $redirect_url='http://#####account/register.php';

 //2.Initialize application, create helper object and get fb sess
 FacebookSession::setDefaultApplication($app_id,$app_secret);
 $helper = new FacebookRedirectLoginHelper($redirect_url);
 $sess = $helper->getSessionFromRedirect();

     //check if facebook session exists
if(isset($_SESSION['fb_token'])){
    $sess = new FacebookSession($_SESSION['fb_token']);
}
    //logout
$logout = 'http:/########/includes/fblogin/lib/Facebook/FbLogout.php';
//3. if fb sess exists echo name 
    if(isset($sess)){
                //store the token in the php session
    $_SESSION['fb_token']=$sess->getToken();
        //create request object,execute and capture response
    $request = new FacebookRequest($sess, 'GET', '/me');
    // from response get graph object
    $response = $request->execute();
    $graph = $response->getGraphObject(GraphUser::className());
    $name = $graph->getName();
    $id = $graph->getId();
    $image = 'https://graph.facebook.com/'.$id.'/picture';
    $email = $graph->getProperty('email');
    echo "hi $name <br>";
    echo "your email is $email <br><Br>";
    echo "<img style='width: 50px; border-radius: 4px;' src='$image' /><br><br>";
    echo "<a href='".$logout."'>Logout</a>";
}else{
    //else echo login
    echo '<a href='.$helper->getLoginUrl().'>Login with facebook</a>';
}

那么,如何在从facebook返回时将请求令牌存储在$ sess变量中,然后清除该URL以便用户无法使用该URL中的该字符串进行刷新?

1 个答案:

答案 0 :(得分:0)

得到了!!简单的PHP解决方案...... 

 if (!empty($_GET)){
    $_SESSION['got'] = $_GET;
    header("Location: http://##############/account/register.php");
}
else{
    if (!empty($_SESSION['got'])){
        $_GET = $_SESSION['got'];
        unset($_SESSION['got']);
    }
相关问题
最新问题