I am trying to implement login with facebook in my website using PHP SDK 4.0.0. The login process works fine and and fetches facebook id, username, Name and Email. But the problem is with logout.
The code logs me out of the app but facebook session remains. After logout if I open www.facebook.com in another tab then facebook opens. i.e. It logs me out of the app but not from facebook. Can any one help me...
This is my index.php file
<?php
session_start();
if ($_SESSION['FBID']){ ?>
<img src="https://graph.facebook.com/<?php echo $_SESSION['FBID']; ?>/picture">
<?php
echo $_SESSION['USERNAME'];
echo $_SESSION['FBID'];
echo $_SESSION['FULLNAME'];
echo $_SESSION['EMAIL']; ?>
<div><a href="logout.php">Logout</a></div>
<?php } else {?>
<h1>Login with Facebook</h1>
<a href="fbconfig.php">Login with Facebook</a>
<?php } ?>
Here is my fbconfig file
<?php
session_start();
require_once 'autoload.php';
use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\Entities\AccessToken;
use Facebook\HttpClients\FacebookCurlHttpClient;
use Facebook\HttpClients\FacebookHttpable;
FacebookSession::setDefaultApplication( 'Your APP ID','Your APP Secret' );
$helper = new FacebookRedirectLoginHelper('http://example.com/fb/fbconfig.php' );
try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
} catch( Exception $ex ) {
}
if ( isset( $session ) ) {
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
$graphObject = $response->getGraphObject();
$fbid = $graphObject->getProperty('id');
$fbfullname = $graphObject->getProperty('name');
$femail = $graphObject->getProperty('email');
$_SESSION['FBID'] = $fbid;
$_SESSION['FULLNAME'] = $fbfullname;
$_SESSION['EMAIL'] = $femail;
header("Location: index.php");
} else {
$loginUrl = $helper->getLoginUrl();
header("Location: ".$loginUrl);
}
?>
And the logout.php file is
<?php
session_start();
session_unset();
$_SESSION['FBID'] = NULL;
$_SESSION['FULLNAME'] = NULL;
$_SESSION['EMAIL'] = NULL;
header("Location: index.php");
?>
I also tried adding session_destroy(); at the end in the logout.php
Where should I make changes for the logout to work
At last after several trial and error and I found that the script is made like that only. While logging in, it logs you in both the app and Facebook but while logging out it only logs you out of the app only and not Facebook.
That means the Facebook session still remains and you need to open Facebook and log our of it if you want to destroy the Facebook session.
I also found that the login with twitter and Gmail also works this way. They only logs you out of the app and not from site twitter and Gmail respectively...