0

我无法在 facebook 上的服务器端登录流程中为 SESSION 变量分配任何值。谁能告诉我错误是什么?

我曾经收到 Headders 已通过并且无法设置会话变量的错误。因此,我在页面开头设置了启动输出缓冲,并在分配了最后一个会话变量后刷新缓冲区。由于 $_SESSION['state'] 和 $_SESSION['access_token'] 具有空值,因此分配似乎不起作用

   <?php ob_start(); session_start();
    $app_id = "XXXXXXXXXXXXXXXXXXXX";
    $app_secret = "XXXXXXXXXXXXXXXXXXXXXXXXXX";
    $my_url = "http://mydomain.com".$_SERVER['PHP_SELF'];

    $code = $_REQUEST["code"];

    if(empty($code)) 
    {

    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); // CSRF protection

    $dialog_url = "https://www.facebook.com/dialog/oauth?client_id=".$app_id 
."&redirect_uri=".urlencode($my_url)."&state=".$_SESSION['state']."&scope=user_birthday,user_about_me,user_location,user_photos,friends_photos,email,user_website,friends_website,read_friendlists,publish_stream";

    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    ob_end_flush();

    }


   if ($_GET['state'] === $_SESSION['state']) //Ignoring CSRF protection for the moment 
//    since I am unable to assign SESSION variables any value, I actually have this as 
  //  if(200>150)/*
  {


    $token_url = "https://graph.facebook.com/oauth/access_token?"."client_id=".$app_id ."&redirect_uri=" . urlencode($my_url). "&client_secret=".$app_secret."&code=".$code;

    $response = file_get_contents($token_url);

    $params = null;

    parse_str($response, $params);

    $_SESSION["access_ token"] = $params['access_token'];

    ob_end_flush(); // Session Varibale assigned, we can now flush output

    $graph_url = "https://graph.facebook.com/me?access_token=".$params['access_token'] ;

    $user = json_decode(file_get_contents($graph_url), true); 
    }


echo $params['access_token']."is the access token <BR> </BR>"; //this works fine, outputs Access token

echo $_SESSION['access_token']." is the access token" ; //Session Variables are not assigned value since $_SESSION['access_token'] is null

    ?>
4

0 回答 0