CODEWITHSUNDEEP
phpfacebook
Dustin
Dustin

Reputation: 4459

Facebook PHP API - redirect user when they deny permission

I have a Facebook app in my page's tab. When a user goes to it they are asked for permission to access their basic profile data and friends list. If a user clicks "cancel" on the permissions dialog they are redirected back to my app. It creates an infinite loop, which Facebook detects and displays a message that the app is not conforming to Facebook policies. I learned that the redirect_uri is the same whether or not the user accepts or denies permissions. I am looking for a way to detect that a user has denied (clicked "cancel") and redirect them somewhere else to avoid the infinite loop. I'm trying to make sense of Facebook's documentation but its just all over the place :(

Here is some of my code...

$loginUrl   = $facebook->getLoginUrl(array(
"redirect_uri"=>"https://www.facebook.com/pages/".$truepageid."/".$truepageid."?sk=app_xxxxxxxxxxxx"

if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    //you should use error_log($e); instead of printing the info on browser
    d($e);  // d is a debug function defined at the end of this file
    $user = null;

  }
}

if (!$user) {
    echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
    exit;
}

Upvotes: 2

Views: 2192

Answers (1)

Philipp
Philipp

Reputation: 15639

You should get a the error_reason GET-Param in the return uri containing some info like 'user_denied' which you could query to prevent the infinite Loop

if (isset($_GET['error_reason']) && $_GET['error_reason'] == 'user_denied') {
    // dont redirect to login page
}
else
{
    // redirect to fb-login
}

Upvotes: 2

Related Questions