SDK Error The "state" param from the URL and session do not match

Question

I am use this code from Facebook

https://developers.facebook.com/docs/php/gettingstarted/5.0.0

But now its show Facebook SDK returned an error: Cross-site request forgery validation failed. The "state" param from the URL and session do not match.

I cant understand whats wrong

my login callback page code

session_start();
require_once __DIR__ . '/facebook-php-sdk-v4-5.0-dev/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
  'app_id' => 'xxxx',
  'app_secret' => 'xxxxxxxx',
  'default_graph_version' => 'v2.2',
  ]);

$helper = $fb->getRedirectLoginHelper();


try {
  $accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  // When Graph returns an error
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  // When validation fails or other local issues
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}

if (isset($accessToken)) {
  // Logged in!
  $_SESSION['facebook_access_token'] = (string) $accessToken;

  // Now you can redirect to another page and use the
  // access token from $_SESSION['facebook_access_token']

  $_SESSION['facebook_access_token'];
}

Answer 1

Insert this code after: $helper = $fb->getRedirectLoginHelper();

$_SESSION['FBRLH_state']=$_GET['state'];

and it will work or for more detail visit facebook login apps

Answer 2

You are likely not accessing your server using the domain registered to the app. Are you running your webserver on localhost? If so, edit your /etc/hosts file to include something like

127.0.0.1 local.<yourdomain>.com

and then go to local..com and that should take care of it