How to log out of facebook

Question

I have the following script which will allow a user to login to my website using their facebook account, request the appropriate permissions, and if accepted, it will post a message on a wall:

<?php
    require 'facebook.php';

    $facebook = new Facebook(array(
        'appId'  => 'removed for security reasons',
    'secret' => 'removed for security reasons',
        'cookie' => true,
    ));

    $session = $facebook->getSession();

    if ($session) {

        if (isset($_GET[id])) {
            $post = $facebook->api("/" . $_GET['id'] . "/feed", "POST",  array('message' => 'Hello!'));
            echo 'A message has been posted on your friends wall';

        } else {

            $friends = $facebook->api('/me/friends');

            foreach ($friends as $key=>$value) {
                echo 'You have ' . count($value) . ' friends<br />';

                foreach ($value as $fkey=>$fvalue) {
                    echo 'friend id = ' . $fvalue[id] . ' - friend name = ' . $fvalue[name] . ' - <a href="/stage0.php?id=' . $fvalue[id] . '">post message</a><br />';
                }
            }
        }

    } else {

        $loginUrl = $facebook->getLoginUrl(array(
            'req_perms' => 'publish_stream',
            'next' => 'http://'.$_SERVER['SERVER_NAME'].'/stage0.php',
            'cancel_url' => 'http://'.$_SERVER['SERVER_NAME'].'/cancel.php',
        ));

        header('Location: '.$loginUrl);
    }
?>

I then have the following script to log the user out:

<?php
    error_reporting( E_ALL | E_STRICT );
    ini_set('display_errors', 1);
?>

<?php
    session_start();
?>

<html>
    <head>
        <title></title>

        <?php
            $_SESSION = array(); 
            session_destroy();
        ?>

        <meta http-equiv="refresh" content="0;index.php">
    </head>

    <body>
        <h1>logout</h1>
    </body>
</html>

This clears the sessions I created, but it does not log them out of facebook at all. How do I clear the sessions I create and also log them out of facebook?

Answer 1

Use this as your logout URL:

<a href="?action=logout">Logout</a>

And this for your code:

if(isset($_GET['action']) && $_GET['action'] === 'logout'){
    $facebook->destroySession();
}

This will log the user out of the app, rather than facebook itself, logging out of facebook altogether, which is not recommended, as it will distress some users, add this to your session where if($session) { is

$logoutUrl = $facebook->getLogoutUrl();

then for your logout URL, use:

<a href="' . $logoutUrl . '">Logout</a>

Answer 2

/* Use access token i.e. $_SESSION['facebookAccessToken']*/

function logoutUser($sessionKey)
{
    include_once 'facebook.php';
    $facebook = new Facebook( array('appId'=>FACEBOOK_APP_ID , 'secret'=>FACEBOOK_APP_SEC , 'cookie' => true));
    $logoutUrl = $facebook->getLogoutUrl(array('next' => BASE_URL , 'session_key' => $sessionKey));
    return $logoutUrl;
}

$access_array = explode('|' , $_SESSION['facebookAccessToken']);

$sessionKey = $access_array[1];

$redirectUrl = logoutUser($sessionKey);

header('Location: '.$redirectUrl );

Answer 3

Recommended way to log out a user from both your application and Facebook, is to call the logout feature of the javascript SDK.

<a href="/auth/logout" onclick="FB.logout();">logout</a>

check : http://developers.facebook.com/docs/reference/javascript/FB.logout/

Answer 4

Facebook Oauth Logout