I am developing a simple Facebook Canvas app using the latest PHP SDK (v4). The first page (index.php) displays the Facebook permissions pop-up (it only asks for the public profile and the email address) and then lets the user to enter certain data through a form. Some other user's data are retrieved from the API and stored in PHP session variables. After the form is submitted, the user is taken to a second page (thanks.php) where the session variables are saved in a database. The app is located in /facebook/email.
Here is my code. Part of it has been taken from https://www.webniraj.com/2014/05/01/facebook-api-php-sdk-updated-to-v4-0-0/.
<?php
session_start();
require_once( '../funciones.php' );
require_once '../facebook-php-sdk/autoload.php';
use Facebook\HttpClients\FacebookHttpable;
use Facebook\HttpClients\FacebookCurl;
use Facebook\HttpClients\FacebookCurlHttpClient;
use Facebook\Entities\AccessToken;
use Facebook\Entities\SignedRequest;
use Facebook\FacebookSession;
use Facebook\FacebookSignedRequestFromInputHelper;
use Facebook\FacebookCanvasLoginHelper;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookOtherException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\GraphUser;
use Facebook\GraphSessionInfo;
$yaparticipo = false;
$app_id = 'xxxxxxxxxxxxxxx';
$app_secret = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$app_namespace = 'xxxx';
$app_scope = 'email';
// Facebook APP keys
FacebookSession::setDefaultApplication($app_id,$app_secret);
// Helper for fb canvas authentication
$helper = new FacebookCanvasLoginHelper();
// see if $_SESSION exists
if (isset($_SESSION) && isset($_SESSION['fb_token']))
{
// create new fb session from saved fb_token
$session = new FacebookSession($_SESSION['fb_token']);
// validate the fb_token to make sure it's still valid
try
{
$session->validate();
}
catch (Exception $e)
{
// catch any exceptions
$session = null;
}
}
else
{
// no $_SESSION exists
try
{
// create fb session
$session = $helper->getSession();
}
catch(FacebookRequestException $ex)
{
// When Facebook returns an error
//print_r($ex);
$session = null;
}
catch(\Exception $ex)
{
// When validation fails or other local issues
//print_r($ex);
$session = null;
}
}
// check if 1 of the 2 methods above set $session
if (isset($session))
{
// Lets save fb_token for later authentication through saved $_SESSION
$_SESSION['fb_token'] = $session->getToken();
$request = new FacebookRequest($session, 'GET', '/me');
// retrieve some data and store it in session variables
?>
<!DOCTYPE html>
<html lang="es">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Facebook app</title>
<link href="../css/style.css" rel="stylesheet">
</head>
<body>
<!-- submit email form -->
</body>
</html>
<?php
}
else {
session_destroy();
$oauthJS = "window.top.location = 'https://www.facebook.com/dialog/oauth?client_id=$app_id&redirect_uri=https://apps.facebook.com/$app_namespace/&scope=$app_scope';";
echo "<script>" . $oauthJS . "</script>";
}
?>
For some reason, most of the times the app works well, but sometimes it gets stuck in an infinite loop when it should display the pop-up. The canvas remains blank and the browser seems to be in an eternal "loading" state.
According to Firebug, the redirection isn't working properly. Also, for some reason, the browser can't load an image from a Facebook domain. Look at the following screenshot:
http://i.stack.imgur.com/tl0G9.jpg
I've found many fixes all around the web (searching for facebook login php infinite loop), but nothing works. I hope someone can help me.