I\'ve been searching for hours for the solution to this problem but can\'t find one that works for me. When i click \"Logout\" on my site the user information is still visible a
I remember this was a huge pain in one of my apps. It seems that finally what seemed to work was:
jQuery(function() {
/* ... */
FB.logout();
window.location = 'some url';
});
I should be about the same without jQuery (just run FB.logout() at page load). AFAIR I just could not get this to work on the server-side in PHP. Hope it helps :).
I was able do logout the user from my app using:
$facebook->destroySession();
The
$facebook->getLogoutUrl();
makes the user be logged out from facebook, not from your app.
Doing it with PHP SDK is really easy, the documentation is just really awfull. You do not need to redirect to Facebook. You just have to clear the session that the Facebook class sets, there is a function for that in the Facebook base class called destroySession(). Here I'm doing it on a get.
require_once('libs/facebook.php');
$facebook = new Facebook(array(
'appId' => '1121111110112',
'secret' => 'bcfsaasaaaaaa2b7adsae3a4dd5'
));
if(isset($_GET['action']) && $_GET['action'] === 'logout'){
$facebook->destroySession();
}
The $facebook->getLogoutUrl() logs the user out of Facebook.
Because I still have PHP 5.3 at my CentOS 6.7 server in year 2016 and don't want to take the hassle of upgrading the PHP version - I still use the old facebookarchive/facebook-php-sdk instead of the newer facebook/facebook-php-sdk-v4 library.
And here is how I handle the logout in my app:
<?php
require_once('facebook-php-sdk-3.2.3/src/facebook.php');
const TITLE = 'My amazing app';
const REDIRECT = 'https://example.com/myapp/';
#Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYPEER] = false;
#Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYHOST] = 2;
$client = new Facebook(array(
'appId' => REPLACE_ME,
'secret' => REPLACE_ME,
));
if (isset($_REQUEST['logout'])) {
$client->destroySession();
header('Location: ' . REDIRECT);
exit(0);
}
if ($client->getUser()) {
try {
$me = $client->api('/me?fields=id,first_name,gender');
$body = '<PRE>' . print_r($me, TRUE) . '</PRE>';
} catch (FacebookApiException $ex) {
error_log($ex);
$body = '<PRE>' . htmlspecialchars($e->getMessage()) . '</PRE>';
}
} else {
$body = sprintf('<P><A HREF="%s">Login</A></P>', $client->getLoginUrl());
}
?>
<!DOCTYPE HTML>
<HTML>
<HEAD>
<TITLE><?= TITLE ?></TITLE>
</HEAD>
<BODY>
<?= $body ?>
<P><A HREF="<?= REDIRECT ?>?logout">Logout</A></P>
</BODY>
</HTML>
Do not forget to -
https://example.com/myapp/
at the same placeTo answer directly to your question
... I don't know where logout is gotten from or where it is defined?
When you create your logout url, add additional parameter 'logout'
$logoutUrl = $facebook->getLogoutUrl(array(
'next'=>'http://yourdomain.com/facebook-test-search.php?logout=yes'
));
Then in your script, you clear session and cookies when isset($_GET['logout'])
Here is how I logout using the latest PHP-SDK:
login.php
require_once("php-sdk/facebook.php");
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'xxx',
'secret' => 'xxx',
));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$logout_params = array('next'=>'http://www.pittsburghpartycentral.com/logout.php');
$logoutUrl = $facebook->getLogoutUrl($logout_params);
} else {
$login_params = array(
'scope' => 'email',
'display' => 'popup'
);
$loginUrl = $facebook->getLoginUrl($login_params);
}
// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');
?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<title>php-sdk</title>
<style>
body {
font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
}
h1 a {
text-decoration: none;
color: #3b5998;
}
h1 a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>php-sdk</h1>
<?php if ($user): ?>
<a href="<?php echo $logoutUrl; ?>">Logout (<?php echo $user_profile[first_name]; ?>)</a>
<?php else: ?>
<div>
Login using OAuth 2.0 handled by the PHP SDK:
<a href="<?php echo $loginUrl; ?>" onclick="javascript:void window.open('<?php echo $loginUrl; ?>','fb_popup','width=600,height=300,toolbar=0,menubar=0,location=0,status=0,scrollbars=0,resizable=0,left=0,top=0');return false;">Login with Facebook</a>
</div>
<?php endif ?>
<h3>PHP Session</h3>
<pre><?php print_r($_SESSION); ?></pre>
<?php if ($user): ?>
<h3>You</h3>
<img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
<h3>Your User Object (/me)</h3>
<pre><?php print_r($user_profile); ?></pre>
<?php else: ?>
<strong><em>You are not Connected.</em></strong>
<?php endif ?>
<h3>Public profile of Naitik</h3>
<img src="https://graph.facebook.com/naitik/picture">
<?php echo $naitik['name']; ?>
</body>
</html>
logout.php
<?php
session_start(); //start session
$_SESSION = array(); //clear session array
session_destroy(); //destroy session
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Log Out</title>
</head>
<body>
<p>You have successfully logged out!</p>
<p>Return to the <a href="connect.php">connect</a> page</p>
</body>
</html>