php - facebook redirect
481
I have a problem when using facebook authentication.
<?php
$user = null;
try{
include_once "fb/facebook.php";
}
catch(Exception $o){
error_log($o);
}
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true
));
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'publish_stream,email',
//'redirect_uri' => 'https://www.facebook.com/pages/MediaEngine/304221192963546?id=304221192963546&sk=app_143090482526977'
));
$user = $facebook->getUser();
if($user){
try{
$user_profile = $facebook->api('/me');
$permissions = $facebook->api('/me/permissions');
}catch(FacebookException $e){
}
}else{
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
}
?>
When the user accepted the app, it will redirect user to tab page(http://apps4you.hu), user wont stay on facebook, but only 1st time will do that if the user close and come back to app on facebook(already authenticated) it works fine in iframe. If I use the redirect_uri => my_app , it will redirect and redirect and redirect but never will work the app, the browser just loading and loanding but nothing happends. I spent days to fix this problem but I could not find any solution. Any idea whats wrong?
Answer
Solution:
Change $loginUrl as below and try:
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); // CSRF protection $loginUrl _url = "https://www.facebook.com/dialog/oauth?client_id=" . APP_ID . "&redirect_uri=" . urlencode($next) . "&state=" . $_SESSION['state'] . "&scope=".$permissions;