facebook - $_SESSION['fb_id'] 在 facebook 连接后重定向到子域 uri 时丢失

Question

我有几个子域网站，我希望每个都连接到 Facebook。

我已经为主域创建了我的 fb 应用程序，它适用于它。

在每个子域中，我使用此链接进行连接（由 ajax 调用编写）：

<?php
echo "<a href=\"https://graph.facebook.com/oauth/authorize?type=user_agent&client_id=myID
    &scope=email,publish_stream,status_update&redirect_uri=http://www.mydomain.com/fbConnect.php?ref=".$_SERVER['HTTP_REFERER']."\">
    Connect with Facebook
    </a>";
?>

我的 fbConnect.php

<?php
    header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'); // Hack IE for POST params...
    header("Cache-Control: no-cache");
    header("Pragma: no-cache");

    session_set_cookie_params(0, '/', '.mydomain.com', false); // If session is lost with subdomains...
    session_start();
    require('/home/....../facebook.php');

    $facebook = new Facebook(array(
    'appId' => 'myid',// changed for the example
    'secret' => 'mysecret', // same
    'cookie' => true,
    ));

    $user = null;

    $loginUrl=$facebook->getLoginUrl(
            array(
                  'canvas'    => 0,
                'scope'         => 'email,publish_stream,user_location'
            )
    );
    $logoutUrl  = $facebook->getLogoutUrl();

    $user=$facebook->getUser();

    if(!$user) echo "<script>top.location.href='".$login_url."'</script>";

    if ($user) {
        echo "Ok";
        $user_profile = $facebook->api('/me');  
        $userInfo = $facebook->api("/$user");
        $_SESSION['fb_id']=$userInfo['id'];
       // Some stuff...
       echo "<script type='text/javascript'>top.location.href = '".$_GET['ref']."';</script>";
    }
?>

范围、连接和重定向都在工作，但我无法$_SESSION['fb_id']在$_GET['ref']页面中返回……但是 session_id() 是一样的！

score 1 · Accepted Answer

最后，有一些错误：

1. 会议

他们没有跟随子域，所以诀窍是更改 php.ini 或添加ini_set("session.cookie_domain", ".myDomain.com");（感谢@Tommy Crush）

2.redirect_uri

就我而言，似乎不可能在redirect_uri=http://www.myDomain.com?var1=123&var2=456...

3.API使用

我不得不阅读 GRAPH API 的新初学者面板，我对更改的数量感到惊讶......

我最终使用了以下内容：

在每个子域中

// Simple link to the connection page
echo "<a href=\"http://wwww.myDomain.com/fbConnect.php\">Connect with FB</a>";
// Record the current page whitch called this ajax
$_SESSION['connexion_ref']=$_SERVER['HTTP_REFERER'];

我的新 fbConnect.php

ini_set("session.cookie_domain", ".myDomain.com");
session_start();

$app_id = "myappid";
$app_secret = "myappsecret";
$my_url = "http://www.mydomain.com/fbConnect.php";


$code = $_REQUEST["code"];

if(empty($code)) {
 $_SESSION['state'] = md5(uniqid(rand(), TRUE)); // CSRF protection
 $dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" 
   . $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
   . $_SESSION['state']. "&scope=email,publish_stream,status_update,offline_access";

 echo("<script> top.location.href='" . $dialog_url . "'</script>");
}

if($_SESSION['state'] && ($_SESSION['state'] === $_REQUEST['state'])) 
{
    $token_url = "https://graph.facebook.com/oauth/access_token?"
     . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
     . "&client_secret=" . $app_secret . "&code=" . $code;

    $response = file_get_contents($token_url);
    $params = null;
    parse_str($response, $params);


    $_SESSION['access_token'] = $params['access_token'];

    $graph_url = "https://graph.facebook.com/me?access_token=" 
     . $params['access_token'];

    $user = json_decode(file_get_contents($graph_url));
    //var_dump($user);


    $_SESSION['id_fb']=$user->id;
   // Some stuff
    // Then redirect to the subdomain page of connection
   echo "<script type=\"text/javascript\">top.location.href =\"".$_SESSION['connexion_ref']."\";</script>";
}

现在它就像一个魅力。

facebook - $_SESSION['fb_id'] 在 facebook 连接后重定向到子域 uri 时丢失

1 回答 1

Related

Reference