CODEWITHSUNDEEP
phpfacebookcookiesauthenticationlogout
rakcode
rakcode

Reputation: 2296

Logout with Facebook PHP SDK v5

I'm using Facebook SDK v5 and I can login with this script, while logging in I created a cookie and if I try to logout by clearing that cookie is not possible!

this is my Login Script

<?php
require_once __DIR__ . '/src/Facebook/autoload.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/fbloging/helper/helper.php';
$fb = new Facebook\Facebook([
'app_id' => '__MY_APP_ID__',
'app_secret' => '__MY_APP_SECRET__',
'default_graph_version' => 'v2.5'
]);

$helper = $fb->getJavaScriptHelper();

try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
}

if (isset($accessToken)) {
$fb->setDefaultAccessToken($accessToken);

try {

$requestProfile = $fb->get("/me?fields=name,email,id,picture.width(800).height(800),cover.width(300).height(175)");
$profile = $requestProfile->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
}


$query = "SELECT * FROM `users` WHERE `user_id`='".$profile['id']."' AND `email`='".$profile['email']."'";
$result = $db->query($query);
$fr = mysqli_fetch_assoc($result);
if(mysqli_num_rows($result)>0){
if($fr['profile']==1){
set_user_cookie($profile['name'],$profile['id'],$profile['picture']['url'],$profile['email'],$profile['cover']['source']);
header('location: ../home.php');
}else{
set_user_cookie($profile['name'],$profile['id'],$profile['picture']['url'],$profile['email'],$profile['cover']['source']);
header('location: ../complete-profile.php');
}

}else{
$name = $profile['name'];
$id = $profile['id'];
$email = $profile['email'];
$result = $db->query("INSERT INTO `users`(`user_id`, `email`, `user_name`) VALUES ('$id','$email','$name')");
if($result){
set_user_cookie($name,$id,$profile['picture']['url'],$email,$profile['cover']['source']);
header('location: ../complete-profile.php');
}else{
echo 'Something Went Wrong';
}
}

// setcookie('user',$profile['name']."~".$profile['id']."~".$profile['picture']['url']."~".$profile['email'], time()+3600+2,"/");
// header('location: ../');
exit;
} else {
echo "Unauthorized access!!!";
exit;
}

This is function to set COOKIE

helper.php

// Set cookie
function set_user_cookie($name, $id, $pro, $email,$cover){
$string=$name."~".$id."~".$pro."~".$email."~".$cover;
setcookie('udet',$string, time()+3600*2*24,"/");
}

I'm using Cookie to store some user data to display that details when they are logged in in a file. I needed user can access that page when that COOKIE is set like this

complete-profile.php

require_once 'helper/helper.php';
if (isset($_COOKIE['udet'])) {
$user = explode("~",$_COOKIE['udet']);
$name =  $user[0];
$id = $user[1];
$pic = $user[2];
$email = $user[3];
$cover = $user[4];
}else{
header('Location : index.php');
}

and I set a link to logout, in that logout file I just deleting that cookie like this

logout.php

<?php
unset($_COOKIE['udet']);
header('Location: index.php')
?>

but after deleting also I can access those user data and that facebook account is not logged out!

I searched for this answer but I didn't find any proper answer on the web!

I need to logout the user when they click logout URL (Logout URL access logout.php)

please help me

Upvotes: 0

Views: 1576

Answers (1)

Andrew Larsen
Andrew Larsen

Reputation: 1267

A year ago or so I tried to achieve the same thing as you.

But if I remember correctly this is not something you can control, as long as the user is logged in on facebook, he will be "logged in" on your page.

You can make them come to the login page, but facebook authentication will still recognize them since they are logged in at facebook.

I think there is a way to log them out completely but then they will be logged out from facebook as well, and I don't think thats gonna make you to popular.

EDIT: I took a look at the logout method in Facebook's JavaScript SDK, and I quote

The method FB.logout() logs the user out of your site and, in some cases, Facebook.

https://developers.facebook.com/docs/reference/javascript/FB.logout

Upvotes: 2

Related Questions