I have a website where you can login with Facebook. I login to my website, all well and good. But after going on www.facebook.com and log out, when I get back on the website and give refresh, the app works perfectly as if I logged in to Facebook. I tried all sorts of conditions, such as:
$user_profile = $facebook->api('/me');
if($user_profile !== $_SESSION['id']) {
header( 'Location: logout.php' ) ;
}
but nothing works, how can I send it to the logout page if the user is not logged on facebook?
Here is my code:
<?php
// Application Configurations
$app_id = "xxxxxxxxxxxxxxxx";
$app_secret = "xxxxxxxxxxxxxxx";
$site_url = "xxxxxxxxxxxxxxx";
try {
include_once "src/facebook.php";
}
catch(Exception $e){
error_log($e);
}
// Create our application instance
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true,
));
// Get User ID
$user = $facebook->getUser();
$user_profile = null;
// Get the current access token
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
// print_r($user);
if ($session) {
echo "este";
} else {
echo "nu este";
}
if(!isset($_SESSION['id']))
{
if($user){
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
// Get logout URL
$logoutUrl = $facebook->getLogoutUrl();
try{
//Connecting to the database. You would need to make the required changes in the common.php file
//In the common.php file you would need to add your Hostname, username, password and database name!
mysqlc();
$id = $user_profile['id'];
$name = $user_profile['name'];
$email = $user_profile['email'];
$gender = $user_profile['gender'];
$bio = $user_profile['bio'];
$query = sprintf("SELECT * FROM newmember WHERE id = %s", $id);
$results = mysql_query($query) or die('tubRandom - Query failed: ' . mysql_error() . "<br />
$sql");
if(mysql_num_rows($results) == 0)
{
$query_two = sprintf("INSERT INTO newmember values(%s,%s,%s,%s,%s,'yes')", $id, $name, $email, $gender, $bio);
$insert_query_two = mysql_query($query_two) or die('tubRandom - Query failed: ' . mysql_error() . "<br />
$sql");
$_SESSION['id'] = $user_profile['id'];
} else {
$rows = mysql_fetch_array($results);
$_SESSION['id'] = $user_profile['id'];
}
}
catch(FacebookApiException $e){
error_log($e);
$user = NULL;
}
} else {
// Get login URL
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'read_stream, publish_stream, email, user_about_me, user_website, user_work_history, user_relationships, user_religion_politics, user_relationships, user_likes, user_location, user_relationship_details, user_hometown, user_education_history',
'redirect_uri' => $site_url,
));
}
} else {
$user_profile = $facebook->api('/me');
echo $user_profile['name'] . $user_profile . $user_profile['id'] . $_SESSION['id'];
//header( 'Location: logout.php' ) ;
}
?>
Sorry if it is a dummy question, I am a girl. :D