CodingForums.com - View Single Post

shaunthomson · 12-12-2012, 03:23 PM

Gidday guys

Just about implemented the php version of Facebook connect, and have a question re logging a user out when the site is set up for users that have logged in with or without FB.

My method:

1. Non-FB users log in, and get a session var set when successful. Same thing with FB users - it's just that their FB id gets checked in mysql, not a username and pass like non-FB users.

2. Member-only pages now contain a logout url up the top - logout.php - this page basically kills any session data, and then redirects the user to the homepage...

Code:

session_start();
session_regenerate_id();
$_SESSION = array();
session_destroy();
header('Location: https://www.mysite.com/index.php');

Just getting my head around the correct way to set up logging out now that FB connect is in the mix.

I have the Facebook logout url for an example session, which is...

Code:

https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long_***_number...

Should I do it this way...?

1. Is a user logs in with FB, also set a session var to flag that they have done this eg

Code:

$_SESSION['fb'] = true;

whereas normal member logins are

Code:

$_SESSION['fb'] = false;

2. do something like this on the logout.php page...

Code:

session_start();
session_regenerate_id();
$_SESSION = array();
session_destroy();

if($_SESSION['fb'])
{

    header('Location: https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long_***_number...');

//goes to faccebook, logs user out of app, then redirects to the url I set up in my facebok connect code, which is my homepage
}
else
{
    header('Location: https://www.mysite.com/index.php');
}

Is this the general idea (before I go chasing my tail)?

Thanks for your time and help.

ps - just one more question re the facebook connect php code (the one you include on your login page) - do I need to include that on all my must-be-logged-in-to-see pages, or would just checking the session var that gets set when a successful login occurs be fine be fine (what I already have in place for the site)? I'm guessing you only need the include FB code on pages where you might need to access FB permitted stuff, like posting to a user's timeline etc

12-12-2012, 03:23 PM	PM User \| #1
shaunthomson New Coder Join Date: May 2012 Posts: 89 Thanks: 51 Thanked 0 Times in 0 Posts	Facebook connect logout Gidday guys Just about implemented the php version of Facebook connect, and have a question re logging a user out when the site is set up for users that have logged in with or without FB. My method: 1. Non-FB users log in, and get a session var set when successful. Same thing with FB users - it's just that their FB id gets checked in mysql, not a username and pass like non-FB users. 2. Member-only pages now contain a logout url up the top - logout.php - this page basically kills any session data, and then redirects the user to the homepage... Code: session_start(); session_regenerate_id(); $_SESSION = array(); session_destroy(); header('Location: https://www.mysite.com/index.php'); Just getting my head around the correct way to set up logging out now that FB connect is in the mix. I have the Facebook logout url for an example session, which is... Code: https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long_*_number... Should I do it this way...? 1. Is a user logs in with FB, also set a session var to flag that they have done this eg Code: $_SESSION['fb'] = true; whereas normal member logins are Code: $_SESSION['fb'] = false; 2. do something like this on the logout.php page... Code: session_start(); session_regenerate_id(); $_SESSION = array(); session_destroy(); if($_SESSION['fb']) { header('Location: https://www.facebook.com/logout.php?next=https%3A%2F%2Fwww.mysite.com%2Fr%2Fmy_facebook_login_logic.php&access_token=AAAEZ...big_long__number...'); //goes to faccebook, logs user out of app, then redirects to the url I set up in my facebok connect code, which is my homepage } else { header('Location: https://www.mysite.com/index.php'); } Is this the general idea (before I go chasing my tail)? Thanks for your time and help. ps - just one more question re the facebook connect php code (the one you include on your login page) - do I need to include that on all my must-be-logged-in-to-see pages, or would just checking the session var that gets set when a successful login occurs be fine be fine (what I already have in place for the site)? I'm guessing you only need the include FB code on pages where you might need to access FB permitted stuff, like posting to a user's timeline etc Last edited by shaunthomson; 12-12-2012 at 03:38 PM..*