I'm developing a PHP/MYSQL powered system, and have facebook, twitter and normal login.
Each user DB record has 'type' assigned to it, which defines how they logged in, but here's where I run into a logical problem,
I record their email, username in the DB once they log into my website.
Now let's say they access the site through a different laptop and click 'login with facebook', how do I make sure that they are the same person? As you can change email and username on facebook. Do I record their user id from facebook or?
Any help would be apreciated