Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/search/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Facebook 通过javascript SDK检索的访问令牌在传递到php时似乎无效_Facebook_Facebook Javascript Sdk_Facebook Php Sdk - Fatal编程技术网
Fatal编程技术网
  • facebook/
  • Facebook 通过javascript SDK检索的访问令牌在传递到php时似乎无效

Facebook 通过javascript SDK检索的访问令牌在传递到php时似乎无效

facebook

Facebook 通过javascript SDK检索的访问令牌在传递到php时似乎无效,facebook,facebook-javascript-sdk,facebook-php-sdk,Facebook,Facebook Javascript Sdk,Facebook Php Sdk,我通过javascript SDK检索访问令牌,并通过windows.location将其传递给服务器: <script src='https://connect.facebook.net/en_US/all.js'></script> <!-- Load javascript facebook connector --> <script> FB.init({ appId : '<?=$app_id;?>

我通过javascript SDK检索访问令牌,并通过windows.location将其传递给服务器:

<script src='https://connect.facebook.net/en_US/all.js'></script>
<!-- Load javascript facebook connector -->
<script>
    FB.init({
            appId : '<?=$app_id;?>',
            status : true, // check login status
            cookie : true, // enable cookies to allow the server to access the session
            xfbml : true // parse XFBML
    });
</script>
<script type="text/javascript">
    function getToken(){
    FB.login(function(response) {
        if (response.authResponse) {
            var access_token = response.authResponse.accessToken;
            window.location="<?=$_SERVER['PHP_SELF'];?>?accessToken="+access_token;
        } else {
            return false;
        }
    }, {scope:'user_likes,friends_likes'});
}
</script>
我做错了什么?我确实获得了一个访问令牌,但它似乎无效?

您在实际请求中缺少
access\u令牌
,因为您只是将
access\u令牌
添加到URL中,而没有实际命名该参数。在将
$\u GET['accessToken']
添加到URL之前添加
access\u token=

让您的源代码具有可读性以发现这类内容真的很棒:

$query = <<<FQL
SELECT uid FROM page_fan WHERE page_id = {$page_id} AND uid IN (
  SELECT uid2 FROM friend WHERE uid1 = me()
)
FQL;
$fql_query_url = 'https://graph.facebook.com/fql?q=' . rawurlencode($query);
$fql_query_url .= '&access_token=' . rawurlencode($_GET['accessToken']);

$query=尝试在处对访问令牌进行lint,查看其是否有效。另外,不要将访问令牌作为GET参数传递;它可能会泄露给任何第三方站点,您可以从中包含内容,并且当我从它验证的GET参数(包括正确的权限)中删除访问令牌时,它可能会成为一个巨大的安全漏洞。但是FQL查询不返回值。。。当我使用同一个查询和通过graph API请求的访问令牌时,它正在工作。当应用程序运行时,我将通过POST传递访问令牌。我想这样就足够安全了?谢谢,问题解决了!我将在最后的脚本中使用一个帖子。

{
   "error": {
      "message": "An access token is required to request this resource.",
      "type": "OAuthException",
      "code": 104
   }
}



$query = <<<FQL
SELECT uid FROM page_fan WHERE page_id = {$page_id} AND uid IN (
  SELECT uid2 FROM friend WHERE uid1 = me()
)
FQL;
$fql_query_url = 'https://graph.facebook.com/fql?q=' . rawurlencode($query);
$fql_query_url .= '&access_token=' . rawurlencode($_GET['accessToken']);