Facebook 应用程序无法在 IE 中运行(重定向到主机 Canvas 回调 URL)
我有一个名为 fbmain.php 的文件,它负责所有 facebook 身份验证部分。我在 index.php 文件中有一个按钮,它将数据传递到 a.php 文件
这只是一个示例
//fbmain.php : do all facebook authentication parts
//index.php
<?php
include_once "fbmain.php";
?>
<form enctype="multipart/form-data" action="http://myserver/a/a.php" method="POST">
//Some codes
<input type="submit" value="Upload"/>
</form>
在 .php 文件中,我必须再次包含 fbmain.php,因为我在这里进行了一些 api 调用。
//a.php
<?php
include_once "fbmain.php";
//some codes
try{
$me = $facebook->api('/me?access_token='. $token);
print_r($me);
} catch(FacebookApiException $e){
echo "Error:" .$e;
}
?>
这个应用程序在 Firefox 浏览器中运行良好,但在 IE 中不起作用(当用户单击“上传按钮时,它将用户重定向到主机 Canvas 回调 URL”)。
我尝试将以下代码放置在每个以及每个文件(fbmain.php、index.php、a.php)。但还是不行?
首先我尝试了这个
header('P3P: CP=HONK');
ob_start();
然后我尝试了这个
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
ob_start();
但在 IE 中没有任何效果。
有人可以帮助我吗?
//fbmain.php文件
<?php
//header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
header('P3P: CP="CAO PSA OUR"');
ob_start();
//facebook application
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['api' ] = "MY_API_KEY";
$fbconfig['secret'] = "MY_APP_SECRET";
//set application urls here
$fbconfig['baseUrl'] = "http://MYSERVER/uploader/index.php"; //http://thinkdiff.net/demo/newfbconnect1/iframe;
$fbconfig['appBaseUrl'] = "http://apps.facebook.com/approne"; //http://apps.facebook.com/thinkdiffdemo;
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_photos'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
//Has a loading problem
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
I have a file named fbmain.php which do all facebook authentication parts. And I have a button in index.php file which passes data to a.php file
This is just an example
//fbmain.php : do all facebook authentication parts
//index.php
<?php
include_once "fbmain.php";
?>
<form enctype="multipart/form-data" action="http://myserver/a/a.php" method="POST">
//Some codes
<input type="submit" value="Upload"/>
</form>
In a.php file I have to include fbmain.php again since here I do some api call.
//a.php
<?php
include_once "fbmain.php";
//some codes
try{
$me = $facebook->api('/me?access_token='. $token);
print_r($me);
} catch(FacebookApiException $e){
echo "Error:" .$e;
}
?>
THis app works fine in firefox browser but doesnt work in IE(When the user click 'Upload button it redirect user to the host Canvas Callback URL').
I tried placing bellow codes at the top of in each and every file(fbmain.php, index.php, a.php). But it still doesn't work?
First I tried this
header('P3P: CP=HONK');
ob_start();
Then I tried this
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
ob_start();
But nothing works in IE.
Can anyone please help me?
//fbmain.php file
<?php
//header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
header('P3P: CP="CAO PSA OUR"');
ob_start();
//facebook application
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['api' ] = "MY_API_KEY";
$fbconfig['secret'] = "MY_APP_SECRET";
//set application urls here
$fbconfig['baseUrl'] = "http://MYSERVER/uploader/index.php"; //http://thinkdiff.net/demo/newfbconnect1/iframe;
$fbconfig['appBaseUrl'] = "http://apps.facebook.com/approne"; //http://apps.facebook.com/thinkdiffdemo;
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_photos'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
//Has a loading problem
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我之前在 IE 上遇到过类似的问题,用户会话没有在服务器端持久化。为了解决这个问题,我在提供给 IE 的包含
signed_request的表单中添加了一个隐藏字段。但此解决方案应该与
code参数一起使用,或者通过传递授权令牌,然后使用它来恢复用户会话服务器端。您还可以尝试维护自己的会话 cookie。我发现您正在使用 PHP SDK 的 pre v3 版本。所以你应该尝试添加隐藏字段:
I came across a similar issue with IE before where the user session was not persisting server side. To get around it I added a hidden field to forms served to IE containing the
signed_request.But this solution should work with the
codeparameter or by passing the authorisation token and then using it to restore the users session server side. You can also try maintaining your own session cookie.I see you are using the pre v3 of the PHP SDK. So you should try adding the hidden field: