How do correctly authorise a Facebook App

Question

I am creating a basic Facebook app, and when a user without permission visits the app, they are redirected to the authorisation page. However, the page doesn't display, and I see the following error.

This content cannot be displayed in a frame

Opening it in a new window then shows the authorisation page for my app. Clicking 'Go to App' then takes me to the App, but in it's own window, away from Facebook. Going back to FB and reloding the App page now works.

Stranger yet, when I am logged out and go to my app page, I get a Facebook 404 page (4oh4.php).

I'm guessing that I am doing this wrong somehow, so can anyone see anything obvious wrong with my script? Thanks.

To see what is happening - http://apps.facebook.com/dyne_drewett_news/

 'my-app-ID', // Entered correctly in actual script
    'secret' => 'me-app-secret', // Entered correctly in actual script
    'cookies' => 'true',
));

// Get the app User ID
$user = $facebook->getUser();

if($user) :
    try{       // If the user has been authenticated then proceed
        $user_profile = $facebook->api('/me');
    } catch (FacebookApiException $e){
        error_log($e);     
        $user = null;
    }
endif;

// If the user is authenticated then generate the variable for the logout URL
if($user) :
    $logoutUrl = $facebook->getLogoutUrl();
?>



getLoginUrl();
    header('Location: '.$loginUrl);
endif;
?>

Lix · Accepted Answer

Because you are working in an iframe, you'll have to execute JavaScript redirects. Only that way will you be able to redirect the top most frame -

echo "";
exit();

This is the only way to do complete redirects within a Facebook application. Any other redirect (with PHP for example) will only redirect the user within the iframe...

How do correctly authorise a Facebook App

Answers (1)

Related Questions