不明白 facebook connect 与 PHP 中丢失会话和其他奇怪的会话问题
真的很简单吗?要连接到 Facebook,您可以这样做:
$facebook = new Facebook(array(
'appId' => 'YOUR_APP_ID',
'secret' => 'YOUR_APP_SECRET',
));
然后您可以这样做吗?
$fbSession = $facebook->getSession();
但它有时无效,其他时候我成功了。真的很努力地了解这里发生了什么。
然后还有另一个问题,如果我确实使其有效,有时当我尝试使用 fbSession 中的 access_token 时,我会收到此错误:“会话密钥无效或不再有效”。
顺便说一句 - 我交替使用 2 个 Facebook 帐户 - 出于开发和测试目的,不确定交替使用它们是否会让我感到毛骨悚然。我在 FB 应用程序集成中发生了这种情况,我使用的是 IFRAME。
有人可以详细解释一下这里到底发生了什么吗?这种行为是不可预测的,我很难解决和理解问题。
really simply right? to connect to Facebook, you do this:
$facebook = new Facebook(array(
'appId' => 'YOUR_APP_ID',
'secret' => 'YOUR_APP_SECRET',
));
and then you can do this right?
$fbSession = $facebook->getSession();
But its sometimes invalid and other times i am successful. Really trying hard to understand whats going on here.
And then there's this another problem, If i did get it valid, sometimes i will get this error: "session key invalid or no longer valid" when i try to use the access_token from the fbSession.
On the side note - i am using 2 facebook account alternatively - for development and testing purpose, not sure if alternately using them is giving me these creeps. AND this is happening to me on the FB App integration, im using an IFRAME.
Can someone please explain in details what's really going on here? the behavior is not predictable and its hard for me to troubleshoot and understand the problem.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
仅仅因为您创建了新的 Facebook...并不意味着您可以调用 getSession 并期望返回会话。必须设置 $_REQUEST 或 $_COOKIE,因为 getSession 用它来确定要返回的内容。如果使用会话信息设置了其中一个并且它不是明显无效的,您将获得返回的有效会话。
getSession 中永远不会发出网络请求,因此不能保证返回仍然有效的会话。保证返回客户端仍然认为有效的会话(如果可用)。当您尝试使用它时,您只会发现它无效。因此出现“会话密钥无效”错误。
一个简单的例子是,如果您使用两个浏览器登录一个帐户,然后在其中一个浏览器上注销,那么您实际上在两个浏览器上都已注销,但另一个浏览器在您尝试发出请求之前并不知道。因此,在后一种浏览器上,将返回看似有效的会话,但当您尝试发出请求时,该会话将失败。
另外我相信您使用的是过时版本的 php sdk。
Just because you do new Facebook... does not mean you can call getSession and expect a session back. Either $_REQUEST or $_COOKIE has to be set as that is what getSession uses to figure out what to return. If either is set with the session info and it is not obviously invalid, you will get a valid session returned.
A network request is never made in getSession so it is not guaranteed to return a still valid session. It is guaranteed to return a session the client still thinks is valid, if available. You will only find out it's not valid when you try to use it. Hence the "session key invalid" error.
A simple example is if you log into an account with two browsers, and then log out on one, you are actually logged out on both browsers, but the other one has no idea until you try to make a request. Thus on the latter browser, a seemingly valid session will be returned but will fail when you try to make a request.
Also I believe you are using an outdated version of the php sdk.