{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 虎瘦雄心在 的问题《How to log out user using facebook SDK?》','https://www.manongdao.com/q-207771.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using a facebook log in for my web site using facebook php sdk.
What I noticed is the logout link doesn't do anything. After I logout, the user can still navigate the site. Here is my code in facebook.php:
<?php
require 'src/facebook.php';
$facebook = new Facebook(array(
'appId' => '*************',
'secret' => '******************************',
));
$user = $facebook->getUser();
$loginUrl = $facebook->getLoginUrl();
echo "<a href='$loginUrl'>login</a>";
$logoutUrl = $facebook->getLogoutUrl();
echo $loginUrl;
if($user){
session_start() ;
$_SESSION['user_info'] = $user;
$_SESSION['user_pro']= $facebook->api('/me');
print_r($_SESSION);
}
else{
echo 'not logged in ';
}
echo "<a href='example.com/logout.php'>log out </a>"
?>
This code works fine on log in. The log out link should destroy the session. Here is the header of the page:
<?php
print_r($_SESSION) ;
header('example.com') ;
?>
The problem with my logout.php page is it doesn't detect the session at all. I don't know if this is a facebook api problem or my php problem.
How do you log the user out using the facebook SDK?
ANSWER
when log in a session is initialized , it seems that if we set any of these
sessionvariable to null it breaks the log in function , and ask the user to log in againYou can logout from your site as well as from facebook as follow by providing your site url to next parameter and destroying session
You also have to log them out of your website AND you have to prevent your website from automatically remembering your user and re-logging them in immediately.
Disable the code that auto-logs in your user and try to logout again. Destroying the session will not prevent your site from creating a brand new valid session for the remembered user.
You need to call
session_start()on all pages where sessions will be used.To log somebody out of the session (ie. clear it) you can use
session_destroy().Finally,
header('example.com');won't actually do anything, are you intending to perform a redirection? If so, you should use `header('Location: http://example.com/');EDIT: Sorry I hadn't read this properly, what is the second code snippet? Is that your logout.php page?
As far as I'm aware with the Facebook API, when you're calling
getLogoutUrl(), that is where you should send your users when they click the link, and not your ownlogout.php.Here is the PHP logout code for my website that logs a user in and out with facebook. You don't have to destroy the session to logout the user, all you technically have to do is signal to your own website that this particular session may not be used to let the user in.
logout.php:
index.php:
login.php:
Then in every php file you want to prevent access without a logged-in user, put this at the top:
With this code, the user is logged in automatically, and if they invoke the logout code, the site will not let them in until they login again.
Logging out users from facebook can be difficult. This works for me