麻烦注销Facebook连接站点并销毁会话 [英] Trouble logging out of a Facebook connect site and destroying sessions

问题描述

我似乎无法找到我正在建立的Facebook连接应用程序来登录用户（对不起，url仍然在开发中）。每次用户点击类别注销的链接时，以下JS运行似乎正常，甚至显示FB模态，表示用户已经注销。

<$ p $（$）$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ b FB.Connect.logout（function（）{
window.location = $（'。logout'）。attr（href）;
}）;
}）;
}）;

在达到上面的回调之后，JS将用户发送到退出页面，PHP再次强制删除的自定义会话，并确保FB会话被删除。然后，当用户点击退出链接时，用户将被发送回他们所在的页面。

  //删除我们的网站session 
 Auth :: logout（）; 
 
 
 
 / * FAIL 
 //将用户发送到FB注销页面，然后返回
 $ logout_url = $ this-> fb-> ; get_logout_url（site_url（$ return_to？base64_url_decode（$ return_to）：''））; 
 
 //清除任何存储状态
 $ this-> fb-> clear_cookie_state（）; 
 
 exit（header（Location：。$ logout_url））; 
 * / 
 
 
 
 // FAIL 
 // $ this-> fb-> logout（site_url（$ return_to？base64_url_decode还给） ： '' ） ）; 
 
 
 // FAIL 
 //删除用户（这是否需要..？）
 // $ this-> fb-> set_user（NULL，空值）; 
 
 
 //删除FB会话cookie（如果JS没有）
 $ this-> fb-> clear_cookie_state（）; 
 
 
 //重定向到精通页面
 redirect（（$ return_to？base64_url_decode（$ return_to）：''））; 
  

但是，这整个过程导致用户正确地回到他们所在的位置并仍然登录。第二次点击链接似乎做的窍门，删除会话。我已经监视firebug（w / firecookie）和PHP注销页面报告删除FB会话cookie - 但是下一页加载似乎仍然使用它们？！

如果有人知道如何完全<打击>破坏所有的脸书 ahem ...会话然后请说出来。

：编辑：
我甚至试过手动删除注销页面上的所有Cookie，但仍然失败

  if（$ _COOKIE）{
 
 foreach（$ _COOKIE as $ name => $ value）{
 
 //获取当前的cookie config 
 $ params = session_get_cookie_params（）; 
 
 //从全局变量中删除cookie 
 unset（$ _ COOKIE [$ name]）; 
 
 //删除user_agent上的cookie 
 setcookie（$ name，''，time（） -  43200，$ params ['path']，''，$ params ['secure ]）; 
} 
} 
  

解决方案

我的猜测是因为您正在启动Facebook api类，它会读取会话，并重新设置所有的Cookie，您的Javascript调用刚刚清除。

php facebook lib和FB js lib都使用相同的cookenames。
（所以你可以通过javascript登录，php lib也将被登录）。

有一个特定的功能，用于注销和一个URL的方式：

  FB.Connect.LogoutAndRedirect（url）; 
  

I can't seem to get a facebook connect app that I am building to log the user out (sorry no url as it's still in dev). Each time the user clicks a link with the class "logout" the following JS runs which seems to work and even shows the FB modal stating the user has been logged out.

$(document).ready(function(){
    $('.logout').click(function(){
        //Kill facebook Session
        FB.Connect.logout(function() {
            window.location = $('.logout').attr("href");
        });
    });
});

Upon reaching the callback above, the JS sends the user to the logout page where PHP again forces the removal of a custom session and insures that the FB session was removed. Then the user is sent back to the page they were on when they clicked the "logout" link.

//Remove our site session
Auth::logout();



/* FAIL
//Send user to FB logout page and then back here
$logout_url = $this->fb->get_logout_url( site_url( $return_to ? base64_url_decode($return_to) : '' ) );

// Clear any stored state
$this->fb->clear_cookie_state();

exit(header("Location: ". $logout_url));
*/



//FAIL
//$this->fb->logout( site_url( $return_to ? base64_url_decode($return_to) : '' ) );


//FAIL
//Remove user (is this needed..?)
//$this->fb->set_user(NULL, NULL);


//Remove the FB session cookies (in case the JS didn't)
$this->fb->clear_cookie_state();


// Redirect to privious page
redirect( ( $return_to ? base64_url_decode($return_to) : '') );

However, this whole process results in the user being right back where they were and still logged in. A second click on the link seems to do the trick and remove the session though. I have monitored firebug (w/firecookie) and the PHP logout page reports deleting the FB session cookies - yet the next page loaded seems to still use them?!

If anyone knows how to completely DESTROY ALL FACEBOOKS ahem... sessions then please speak up.

:EDIT: I have even tried to manually remove all cookies on the logout page and it still fails

if( $_COOKIE ) {

    foreach( $_COOKIE as $name => $value ) {

        //Get the current cookie config
        $params = session_get_cookie_params();

        // Delete the cookie from globals
        unset($_COOKIE[$name]);

        //Delete the cookie on the user_agent
        setcookie($name, '', time()-43200, $params['path'], '', $params['secure']);
    }
}

解决方案

My guess is that because you are starting the Facebook api classes it reads the session and sets all the cookies again your Javascript call just cleared.

The php facebook lib and the FB js lib both use the same cookienames. (so you can login through javascript and the php lib will be logged in as well).

There is a specific function for a log out and going to a URL by the way:

FB.Connect.LogoutAndRedirect(url); 

这篇关于麻烦注销Facebook连接站点并销毁会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！