What's the right way to parse the code when authenticating your app during a user login? I'm using PHP for my app.
The reason I'm asking is because I keep getting weird queries in MySQL whenever I try to do inserts into my database. The API calls are all working, but if I try to put in user details (name, email, access_token) then three or four other queries will also run after that with empty values, each in different rows. This only happens when I try to get the authentication code via $_REQUEST['code'] or $_SERVER['QUERY_STRING'] after the dialog url.
What's weird though is that I don't get any issues with MySQL at all if I simply try calling the same page with $code hard-coded to the right value. Obviously, I can't leave it like that since the authentication code is always changing, but it's weird because only then do my MySQL work normally. Has anyone else experienced this? Is the code response encoded in a different format maybe?
Any help would be greatly appreciated, here's my code:
$code = $_REQUEST['code'];
if (empty($code)) {
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id .
"&redirect_uri=" . urlencode($redirect) . "&scope=offline_access,email";
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
$response = urldecode($_SERVER['QUERY_STRING']);
$code = substr($response,5);
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($redirect) . "&client_secret=" .
$app_secret . "&code=" . $code;
$access_token = file_get_contents($token_url);
$user_url = "https://graph.facebook.com/me?" . $access_token;
$user = json_decode(file_get_contents($user_url));
$user_id = $user->id;
$email = $user->email;
// MYSQL insert queries into database