My page to log the user in using JS SDK:
<? header('P3P: CP="NOI ADM DEV PSAi NAV OUR STP IND DEM"');?>
<?php
session_start();
?>
<!DOCTYPE html>
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
</head>
<body>
<div id="fb-root"></div>
<script>
if(!window.console){ window.console = {log: function(){} }; }
window.fbAsyncInit = function()
{
FB.init({
appId : 'xxx',
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
};
(function() {
var e = document.createElement('script');
e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
e.async = true;
document.getElementById('fb-root').appendChild(e);
}());
function fbLogin() {
FB.login(function (response) {
if (response.authResponse) {
FB.api('/me', function (response) {
window.location = "tester.php";
});
} else {
fbLogin();
}
}
, {perms:'user_birthday, user_location'});
}
</script>
<INPUT TYPE="BUTTON" ONCLICK="fbLogin()" value="login">
The page the user is redirected to on login (tester.php):
<? header('P3P: CP="NOI ADM DEV PSAi NAV OUR STP IND DEM"'); ?>
<?php
session_start();
$fbconfig['appid' ] = "xxx";
$fbconfig['secret'] = "xxx";
$user = null;
try{
include_once "facebook.php";
}
catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
$user = $facebook->getUser();
if($user){
$access_token = $facebook->getAccessToken();
}
else
{
echo "no logged user";
}
echo $user;
echo $access_token;
?>
<pre>
<?php print_r($_COOKIE);
print_r($_SESSION); ?>
</pre>
I've noticed that the access token is not set the first time the user gets redirected to tester.php. It just returns "appID|appSecret". Note that the user ís returned correctly. Hitting refresh updates the access_token to a valid one.
When I add a little delay before the redirect (setTimeout(function() {window.location = "tester.php";},1250);
) everything is OK and I get a valid access token. I'm not to keen on implementing the delay, since there's no way of telling how long the delay should be. Is this a known bug?
Info: this problem only happens the first time the user visits the app. Once the users authorized the app previously, it works fine.