开发者

facebook authentication / login trouble

问答 作者:

I have setup facebook authentication using php and it goes something like this first getting the authorization here :

https://graph.facebook.com/oauth/authorize?client_id=<?= $facebook_app_id ?>&redirect_uri=http://www.example.com/facebook/oauth/&scope=user_about_me,publish_stream

then getting the access Token here :

$url = "https://graph.facebook.com/oauth/access_token?client_id=".$facebook_app_id."&redirect_uri=http://www.example.com/facebook/oauth/&client_secret=".$facebook_secret."&code=".$code;"

function get_string_between($string, $start, $end){ 
    $string = " ".$string; 
    $ini = strpos($string,$start); 
    if ($ini开发者_运维技巧 == 0) return ""; 
    $ini += strlen($start); 
    $len = strpos($string,$end,$ini) - $ini; 
    return substr($string,$ini,$len); 
} 


$access_token = get_string_between(file_get_contents($url), "access_token=", "&expires=");

then getting user info :

$facebook_user = file_get_contents('https://graph.facebook.com/me?access_token='.$access_token);

$facebook_id = json_decode($facebook_user)->id;
$first_name = json_decode($facebook_user)->first_name;
$last_name = json_decode($facebook_user)->last_name;

this is pretty ugly ( in my opinion ) but it works....how ever....the user is still not logged in...because i did not create or retrieve any session variables to confirm that the user is logged in to facebook...

which means that after getting the authentication done the use still has to login ....

first: is there a better way using php to do what i did above ? second: how do i set/ get session variable / cookies that ensure that the user doesnt have to click login

thanks for your help

Well to answer you're first question "Is there a better way using php to do what I did above?"

Essentially I fell that comes to a matter of opinion as there are soooo many options. It's what you feel comfortable with and what purpose you have for your application.

Personally, (I say this not to pressure you but to offer an option) I use the javascript login, it's from facebook, it's a beautifully crafter script that's clean, fast etc etc that can be found here (it's at this stage I apologize if my info is outdated as I've just noted this very second that facebook have updated that page lol!) the good part is that it saves the auth token as a variable (which you can change to a session if you wish) and that's done essentially as you just tack that onto the end of most urls like you have shown.

(although looking through the new updated website the code looks a tad more 'complex' in it's layout so don't be afraid to ask ask for help and i'll give you the original code)

Question 2: how do you get/ set session varibles... Well there are many things and ways etc etc... however I'll keep the basic/simple version and add notes that you should file away in your mind for more advanced options. Firstly, at the start of any page with a session varible in it you should start with

session_start();

and then when you want to add a session varible it's a matter of simply

$_SESSION['session_variable_name'] = $variable;

(yes I know you're suppose to do the whole foo and bar thing but they annoy me :D ). And that's it! If you want to "log-out" you can

session_destroy();

and it'll stop carrying the session details. Now session notes:

  • Unless stated otherwise, sessions are usually saved on your server as files! This could breach any privacy statements you have made!

  • Sessions often do not survive across subdomains (www.website.com -> website.com) and it's not really advised to $_POST the data. Furthermore, some people experience problems going from http:// to https:// with session data.

  • Sessions do not last forever, they essentially leave the session ID in a cookie on the client browser for later reference.

  • When you have multiple servers for traffic weight distribution you can again lose the session as it is not passed across servers. You can save them in a location that all servers can access or have a server that caters for sessions like memcache.

And I think that's the most you'll ever need to know about sessions :P

I hope that helped!

Jon

继续阅读:facebookphp

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9