Hi i made a code that connects with facebook and register the user, then it makes the user login , everything works very nice.. When they login i set
$_SESSION['id']
My guess was, if this was unset the user will be logout from my site, and it wont be "autoreconnected"..
Because previously it was like a loop, everytime i logout, it login again using the facebook connect even if the user havent clic again "login with facebook"...
EDIT: I change a condition and know is not "looping" i CAN logout of the site..
But the Session , is not unset!, why, just the cookies are set to '' but ,=( session is not unset
Here is my code
the head
<?php
//
// uses the PHP SDK. Download from https://github.com/facebook/php-sdk
include("facebook-php-sdk-master/src/facebook.php");
//
// from the facebook app page
define('YOUR_APP_ID', '');
define('YOUR_APP_SECRET', '');
//
// new facebook object to interact with facebook
$facebook = new Facebook(array(
'appId' => YOUR_APP_ID,
'secret' => YOUR_APP_SECRET,
));
//
// if user is logged in on facebook and already gave permissions
// to your app, get his data:
$userId = $facebook->getUser();
?>
The body
<?php
echo $_SESSION['id'];
if ($userId) {
//
// already logged? show some data
$userInfo = $facebook->api('/' + $userId);
if (isset($userInfo['email']) || isset($_SESSION['id']))
{ include "facebookregister.php"; } else { echo "no hay permisos de facebook"; }
} else {
//
// use javaascript api to open dialogue and perform
// the facebook connect process by inserting the fb:login-button
?>
<div id="fb-root"></div>
<fb:login-button scope='email,user_birthday'></fb:login-button>
<?php
}
?>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : <?=YOUR_APP_ID?>,
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.Event.subscribe('auth.login', function(response) {
// ------------------------------------------------------
// This is the callback if everything is ok
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
</script>
facebookregister.php
<?PHP
echo "<p>YOU ARE: <strong>". $userInfo['name'] ."</strong><br/>";
echo "Your birth date is: ".$userInfo['birthday']."</p>";
echo "Your mail is: ".$userInfo['email']."</p>";
echo "Your mail is: ".$userInfo['username']."</p>";
//$name = $userInfo['name'];
$first_name = $userInfo['first_name'];
$last_name = $userInfo['last_name'];
$birthday = $userInfo['birthday'];
$username_fb = $userInfo['username'];
$email = $userInfo['email'];
$gender = $userInfo['gender'];
$status = 1;
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
$db= DAL::get_instance();
//select all rows from our users table where the emails match
$count=$db->read_single_column("select count(id) from ".TABLE_PREFIX."users where email=? and status=1", array($email));
echo "Aqui".$count;
//if the number of matchs is 1
if($count == 1){
//the email address supplied is taken so just login user
$res=$db->execute_query("select * from ".TABLE_PREFIX."users where email=?",array($email));
$v=$res->fetch_assoc();
$username=$v['username'];
$password=$v['password'];
$this->set_variable('username',$username);
$this->set_variable('password',$password);
$query="select id from ".TABLE_PREFIX."users where username=? and password=?";
$res=$db->execute_query($query,array($username,$password));
$value2=$res->fetch_assoc();
$id=$value2['id'];
$orig_password=$db->read_single_column("select password from ".TABLE_PREFIX."users where username=? and status=1", array($username));
if($password == $orig_password)
{
$t=time();
$sql="update ".TABLE_PREFIX."users set last_login_time=? where id=?";
$res=$db->execute_query($sql,array($t,$id));
$srv_nms=BASE;
$srv_nms=str_replace("http://","",$srv_nms);
$srv_nms=str_replace("https://","",$srv_nms);
$srv_nms=str_replace("www.","",$srv_nms);
$srv_pats=$srv_nms;
$srv_nms_arr=explode("/",$srv_nms);
$srv_nms=$srv_nms_arr[0];
$srv_pats=str_replace($srv_nms."/","",$srv_pats);
setcookie(COOKIE_LOGINID,$id,0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_USERNAME,$username,0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_PASSWORD,$orig_password,0,"/".$srv_pats,$srv_nms);
$_SESSION['user'] = $email;
$_SESSION['id'] = $id;
if(LoginHelper::validate_user_login()==0)
{
header("Location:index.php");
exit;
}
}
}else{
//finally, otherwise register there account
//time of register (unix)
$registerTime = date('U');
//make a code for our activation key
$code = md5($username).$registerTime;
$password = $randomString;
$password = md5($password);
//insert the row into the database
$res=$db->execute_query("INSERT INTO ".TABLE_PREFIX."users (`username`, `password`, `email`, `reg_time`, `status`, `fname`, `lname`) VALUES('".$username_fb."','".$password."','".$email."','".$registerTime."','".$status."','".$first_name."' ,'".$last_name."' )");
$row=$db->execute_query("SELECT username, password FROM ".TABLE_PREFIX."users WHERE email=".$email."");
$row_data=$row->fetch_assoc();
$username=$row_data['username'];
$password=$row_data['password'];
$this->set_variable('username',$username);
$this->set_variable('password',$password);
$query="select id from ".TABLE_PREFIX."users where username=? and password=?";
$res=$db->execute_query($query,array($username,$password));
$value2=$res->fetch_assoc();
$id=$value2['id'];
$orig_password=$db->read_single_column("select password from ".TABLE_PREFIX."users where username=? and status=1", array($username));
if(md5($password)== $orig_password)
{
$t=time();
$sql="update ".TABLE_PREFIX."users set last_login_time=? where id=?";
$res=$db->execute_query($sql,array($t,$id));
$srv_nms=BASE;
$srv_nms=str_replace("http://","",$srv_nms);
$srv_nms=str_replace("https://","",$srv_nms);
$srv_nms=str_replace("www.","",$srv_nms);
$srv_pats=$srv_nms;
$srv_nms_arr=explode("/",$srv_nms);
$srv_nms=$srv_nms_arr[0];
$srv_pats=str_replace($srv_nms."/","",$srv_pats);
setcookie(COOKIE_LOGINID,$id,0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_USERNAME,$username,0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_PASSWORD,$orig_password,0,"/".$srv_pats,$srv_nms);
$_SESSION['user'] = $email;
$_SESSION['id'] = $id;
//header("Location:".$this->make_url('user/home'));
//exit;
}
//send the email with an email containing the activation link to the supplied email address
mail($email, $username.' registration confirmation', "Thank you for registering to us ".$username.",
Here is your activation link. If the link doesn't work copy and paste it into your browser address bar.
http://www.yourwebsitehere.co.uk/activate.php?code=".$code, 'From: noreply@youwebsitehere.co.uk');
//display the success message
echo "<center>You have successfully registered, please visit you inbox to activate your account!</center>";
header("Location: index.php");
exit;
}
?>
THE MOST IMPORTANT. LOGOUT ACTION
function logout_action()
{
$srv_nms=BASE;
$srv_nms=str_replace("http://","",$srv_nms);
$srv_nms=str_replace("https://","",$srv_nms);
$srv_nms=str_replace("www.","",$srv_nms);
$srv_pats=$srv_nms;
$srv_nms_arr=explode("/",$srv_nms);
$srv_nms=$srv_nms_arr[0];
$srv_pats=str_replace($srv_nms."/","",$srv_pats);
setcookie(COOKIE_LOGINID,"",0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_USERNAME,"",0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_PASSWORD,"",0,"/".$srv_pats,$srv_nms);
unset($_SESSION['user']);
unset($_SESSION['id']);
unset($_SESSION['fb_540341239342331_code']);
unset($_SESSION['fb_540341239342331_access_token']);
unset($_SESSION['fb_540341239342331_user_id']);
header("Location: ".$this->make_url("user/login/l"));
die;
}
Session unset & destroy, tested but not working.. why?? Code
function logout_action()
{
$srv_nms=BASE;
$srv_nms=str_replace("http://","",$srv_nms);
$srv_nms=str_replace("https://","",$srv_nms);
$srv_nms=str_replace("www.","",$srv_nms);
$srv_pats=$srv_nms;
$srv_nms_arr=explode("/",$srv_nms);
$srv_nms=$srv_nms_arr[0];
$srv_pats=str_replace($srv_nms."/","",$srv_pats);
setcookie(COOKIE_LOGINID,"",0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_USERNAME,"",0,"/".$srv_pats,$srv_nms);
setcookie(COOKIE_PASSWORD,"",0,"/".$srv_pats,$srv_nms);
session_unset();
header("Location: ".$this->make_url("user/login/l"));
die;
}
