dongshen7407 2012-03-28 20:32
浏览 153
已采纳

Facebook要求权限和身份验证

I am currently making a facebook app and am having some problems with permissions. I need permission from each user to use there location and there friends locations. The code I have has worked in the past but recently seems to have stopped working. Assume my app_id and app_namespace are declared. All that happens is I am redirected to the dialog_url in the if(empty($code)) block, but to my knowledge $code should not be empty. Any help would be greatly appreciated. Thanks.

require_once('sdk/src/facebook.php');
 require_once('AppInfo.php');
 require_once('utils.php');
 require_once('connection.php');

 $facebook = new Facebook(array(
'appId' => AppInfo::appID(),
'secret' => AppInfo::appSecret(),
 ));

 $user_id = $facebook->getUser();
       if(user has ran the app before)
    {


        mysql_close($connection);

        session_start();

        $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
        $dialog_url = "http://www.facebook.com/dialog/oauth?client_id"
        . $app_id . "&redirect_uri=" . urlencode($my_url2) . "&state="
        . $_SESSION['state'];

        echo("<script> top.location.href='" . $dialog_url . "'</script>");

    }
    else
    {

        mysql_close($connection);

        session_start();
        $code = $_REQUEST["code"];

        if(empty($code)) {
            $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
            $dialog_url = "http://www.facebook.com/dialog/oauth?client_id"
            . $app_id . "&redirect_uri=" . urlencode($my_url) . "&scope= user_location, friends_location, offline_access" . "&state="
            . $_SESSION['state'];

            echo("<script> top.location.href='" . $dialog_url . "'</script>");
        }

        if($_REQUEST['state'] == $_SESSION['state']) {
            $token_url = "https://graph.facebook.com/oauth/access_token?"
            . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
            . "&client_secret=" . $app_secret . "&code=" . $code;

            $response = @file_get_contents($token_url);
            $params = null;
            parse_str($response, $params);

            $graph_url = "https://graph.facebook.com/me?access_token"
            . $params['access_token'];

            $user = json_decode(file_get_contents($graph_url));
            echo("Hello " . $user->name);
        }
        else
        {
            echo("The state does not match. You may be a victim of CSRF.");
        }
    }
  • 写回答

1条回答 默认 最新

  • dongyuling0312 2012-03-29 21:44
    关注

    Seems too simple, but you have spaces in your oauth url that you've assigned to $dialog_url?

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效