CodingForums.com

CodingForums.com (http://www.codingforums.com/index.php)
-   PHP (http://www.codingforums.com/forumdisplay.php?f=6)
-   -   Facebook connect logout (http://www.codingforums.com/showthread.php?t=284034)

shaunthomson 12-12-2012 03:23 PM
Facebook connect logout
 
Gidday guys

Just about implemented the php version of Facebook connect, and have a question re logging a user out when the site is set up for users that have logged in with or without FB.

My method:

1. Non-FB users log in, and get a session var set when successful. Same thing with FB users - it's just that their FB id gets checked in mysql, not a username and pass like non-FB users.

2. Member-only pages now contain a logout url up the top - logout.php - this page basically kills any session data, and then redirects the user to the homepage...
Code:
session_start();
session_regenerate_id();
$_SESSION = array();
session_destroy();
header('Location: https://www.mysite.com/index.php');
Just getting my head around the correct way to set up logging out now that FB connect is in the mix.

I have the Facebook logout url for an example session, which is...
Code:
https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long_***_number...
Should I do it this way...?

1. Is a user logs in with FB, also set a session var to flag that they have done this eg
Code:
$_SESSION['fb'] = true;
whereas normal member logins are
Code:
$_SESSION['fb'] = false;
2. do something like this on the logout.php page...
Code:
session_start();
session_regenerate_id();
$_SESSION = array();
session_destroy();

if($_SESSION['fb'])
{

    header('Location: https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long_***_number...');

//goes to faccebook, logs user out of app, then redirects to the url I set up in my facebok connect code, which is my homepage
}
else
{
    header('Location: https://www.mysite.com/index.php');
}
Is this the general idea (before I go chasing my tail)?

Thanks for your time and help.

ps - just one more question re the facebook connect php code (the one you include on your login page) - do I need to include that on all my must-be-logged-in-to-see pages, or would just checking the session var that gets set when a successful login occurs be fine be fine (what I already have in place for the site)? I'm guessing you only need the include FB code on pages where you might need to access FB permitted stuff, like posting to a user's timeline etc


All times are GMT +1. The time now is 11:32 PM.

Powered by vBulletin®
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.