Php Facebook SDK错误:跨站点请求伪造验证失败。所需参数";“国家”;从持久性数据中丢失
我最近升级到了facebook SDK的最新版本,用户登录时出现问题。我生成的登录链接很好,但是当facebook使用令牌将用户发送回我的站点时,我得到以下错误: fb sdk错误:跨站点请求伪造验证失败。持久数据中缺少必需的参数“状态” 我试着解决一些问题。我打印了会话数据和GET请求中的所有内容。我看到GET有一个状态参数,会话数据有一个FBRLH_状态参数。它们都有相同的值。那么它是如何告诉我参数丢失的呢 我尝试了一些我在其他问题上看到的建议(例如,开始课程),但似乎没有任何效果 任何帮助都将不胜感激!我正在使用php-graph-sdk-5.5。下面是我的facebook connect文件Php Facebook SDK错误:跨站点请求伪造验证失败。所需参数";“国家”;从持久性数据中丢失,php,facebook,facebook-graph-api,facebook-php-sdk,Php,Facebook,Facebook Graph Api,Facebook Php Sdk,我最近升级到了facebook SDK的最新版本,用户登录时出现问题。我生成的登录链接很好,但是当facebook使用令牌将用户发送回我的站点时,我得到以下错误: fb sdk错误:跨站点请求伪造验证失败。持久数据中缺少必需的参数“状态” 我试着解决一些问题。我打印了会话数据和GET请求中的所有内容。我看到GET有一个状态参数,会话数据有一个FBRLH_状态参数。它们都有相同的值。那么它是如何告诉我参数丢失的呢 我尝试了一些我在其他问题上看到的建议(例如,开始课程),但似乎没有任何效果 任何帮助
if(!class_exists('facebook')){
class facebook{
private $db = null;
private $fb = null;
private $token = null;
private $DEV = null;
private $sdk_error = null;
private $api_error = null;
private $verbose = false;
private $graph_user = null;
private $db_helper = null;
private $errors = null;
public function __construct($db,
$fb_id = FB_APP_ID,
$fb_secret = FB_APP_SECRET,
$fb_version = FB_DEFAULT_GRAPH_VERSION){
if($this->verbose) echo '<pre>';
if($this->verbose) echo 'starting construction'.PHP_EOL;
$this->db = $db;
if(!$this->fb){
$this->log[] = 'no connect found. building..'.PHP_EOL;
$this->fb = new Facebook\Facebook(array(
'app_id' => $fb_id,
'app_secret' => $fb_secret,
'default_graph_version' => $fb_version));
if(!$this->fb){
die('facebook initialization failure');
}
$this->log[] = 'finished building new connection'.PHP_EOL;
}
}
public function get_login_url($callback_uri, $permissions = ['email','user_birthday']){
global $_DEV,$_config;
$helper = $this->fb->getRedirectLoginHelper();
$callback_host = ($_DEV ? $_config['dev_domain'] : $_config['live_domain']);
$callback_url = 'https://'.$callback_host.$callback_uri;
return $helper->getLoginUrl($callback_url, $permissions);
}
public function catch_token(){
if($this->token){
$this->log[] = 'already have token.'.PHP_EOL;
return $this->token;
} else if(!$this->fb){
$this->log[] = $this->error[] = 'no facebook connection in catch token()';
}
$this->log[] = 'starting catch token routine.'.PHP_EOL;
//$_SESSION['state']=$_GET['state'];
echo '<pre>' . var_export($_SESSION, true) . '</pre>';
echo '<BR><BR><pre>' . var_export($_GET, true) . '</pre>';
$helper = $this->fb->getRedirectLoginHelper();
$this->token = $helper->getAccessToken();
$this->log[] = 'caught token: '.$this->token;
$string_token = $this->token.PHP_EOL;
//die($string_token);
try {
$helper = $this->fb->getRedirectLoginHelper();
$this->token = $helper->getAccessToken();
$this->log[] = 'caught token: '.$this->token;
$string_token = $this->token.PHP_EOL;
return $this->user_flush();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
$this->log[] = $this->errors[] = 'fb api error: ' . $e->getMessage();
return null;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
$this->log[] = $this->errors[] = 'fb sdk error: ' . $e->getMessage();
return null;
} catch(Exception $e){
$this->log[] = $this->errors[] = 'unknown error: '.$e->getMessage();
return null;
}
}
public function get_token(){
$this->log[] = 'get token called.'.PHP_EOL;
if($this->token){
$this->log[] = 'token found in object'.PHP_EOL;
//echo '<pre>';
//die(debug_print_backtrace());
return $this->token;
} else {
$this->log[] = $this->errors[] = 'token not found in object.'.PHP_EOL;
return null;
}
}
public function get_user($override = false){
$fields = array(
'first_name',
'last_name',
'email',
'id',
'picture',
'birthday',
'gender',);
$fields = implode(',',$fields);
if($this->graph_user === null){
if($this->fb && $this->get_token()){
try {
// Returns a Facebook\FacebookResponse object
$resp_url = '/me?fields='.$fields.'&debug=all';
$this->log[] = $resp_url;
$response = $this->fb->get($resp_url, $this->get_token());
$this->graph_user = $response->getGraphUser();
return $this->graph_user;
}
catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
$this->api_error = 'fb api error: ' . $e->getMessage();
$this->errors[] = $this->api_error;
return null;
}
catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
$this->sdk_error = 'fb sdk error: ' . $e->getMessage();
$this->errors[] = $this->sdk_error;
return null;
}
} else {
$this->sdk_error = "get_user(): fb connection or token not set. are you logged in?";
$this->errors[] = $this->sdk_error;
//echo '<pre>';
//debug_print_backtrace();
//die('token: '.$this->token);
return null;
}
} else {
$this->sdk_error = "get_user(): graph_user already set";
$this->errors[] = $this->sdk_error;
return $this->graph_user;
}
}
public function get_user_first_name(){
return $this->get_user()['first_name'];
}
public function get_user_last_name(){
return $this->get_user()['last_name'];
}
public function get_user_id(){
return $this->get_user()['id'];
}
public function get_user_email(){
return $this->get_user()['email'];
}
public function get_user_picture(){
return $this->get_user()['picture']['url'];
}
public function get_user_birthday(){
return $this->get_user()['birthday'];
}
public function user_flush(){
//this is the command function.
// runs the basic functionality of this class
// by adding this user to the database if they're not there
// and logging them in if they are.
$this->graph_user = $this->get_user();
//$this->log['graph_user_at_user_flush'] = $this->graph_user;
$this->build_user();
$this->log['GRAPH_USER'] = $this->get_user();
$this->log['user_input_array@user_flush'] = $this->user_input;
if($return = $this->user->fb_register()){
//die(print_r(debug_backtrace(),true));
//$this->log['success return'] = '. '.$return;
return $return;
} else {
//die('<pre>'.print_r(debug_backtrace(),true));
$this->log['fb_register_fail'] = array('fb_register() (also login) failed.',$this->user->get_errors());
return null;
}
}
public function build_user(){
$this->user_input['first_name'] = $this->get_user_first_name();
//$this->user_input['last_name'] = $this->get_user_last_name();
$this->user_input['facebook_id'] = $this->get_user_id();
$this->user_input['email'] = $this->get_user_email();
$this->user_input['image_url'] = $this->get_user_picture();
$this->user_input['birthday'] = $this->get_user_birthday();
if($this->verbose)
print_r($this->user_input);
$this->user = new user($this->user_input,$this->db);
}
public function logout(){
unset($_SESSION['fb_id']);
unset($this->token);
unset($this->fb);
}
public function get_errors(){
return array_unique($this->errors);
}
public function get_log(){
return array_unique($this->log);
}
}
}
//finally, create the connection.
if(!isset($fb))
$fb = new facebook($db);
如果(!class_存在('facebook')){
班级facebook{
私有$db=null;
private$fb=null;
私有$token=null;
私有$DEV=null;
private$sdk_error=null;
private$api_error=null;
private$verbose=false;
private$graph\u user=null;
私有$db_helper=null;
private$errors=null;
公共功能结构($db,
$fb_id=fb_应用程序_id,
$fb\u secret=fb\u APP\u secret,
$fb\U版本=fb\U默认值\U图形\U版本){
如果($this->verbose)回显“”;
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
如果($this->verbose)回显“开始构建”。PHP\u EOL;
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
$this->db=$db;
如果(!$this->fb){
$this->log[]=“未找到连接。正在构建..”。PHP\u EOL;
$this->fb=new Facebook\Facebook(数组)(
'app_id'=>$fb_id,
“app_secret”=>$fb_secret,
“默认图形版本”=>$fb\U版本);
如果(!$this->fb){
die(“facebook初始化失败”);
}
$this->log[]=“已完成构建新连接”。PHP\u EOL;
}
}
公共函数get_login_url($callback_uri,$permissions=['email','user_birth'])){
全局$\u DEV,$\u config;
$helper=$this->fb->getRedirectLoginHelper();
$callback\u host=($\u DEV?$\u config['DEV\u domain']:$\u config['live\u domain']);
$callback\u url='https://'。$callback\u host.$callback\u uri;
返回$helper->getLoginUrl($callback\u url,$permissions);
}
公共函数catch_token(){
如果($this->token){
$this->log[]=“已经有令牌了。”.PHP\u EOL;
返回$this->token;
}否则如果(!$this->fb){
$this->log[]=$this->error[]='catch token()中没有facebook连接';
}
$this->log[]=“正在启动捕获令牌例程。”.PHP\u EOL;
//$\会话['state']=$\获取['state'];
回显“”。var\u导出($\u会话,true)。“”;
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
echo“
”.var\u导出($\u GET,true)。“”;
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
http://example.com/fb-callback.php
AND ALSO
http://www.example.com/fb-callback.php
$helper=$this->fb->getRedirectLoginHelper();
$this->token=$helper->getAccessToken();
$this->log[]=“捕获的令牌:”。$this->token;
$string\u token=$this->token.PHP\u EOL;
//模具($string_-token);
试一试{
$helper=$this->fb->getRedirectLoginHelper();
$this->token=$helper->getAccessToken();
$this->log[]=“捕获的令牌:”。$this->token;
$string\u token=$this->token.PHP\u EOL;
返回$this->user_flush();
}捕获(Facebook\Exceptions\FacebookResponseException$e){
//当图形返回错误时
$this->log[]=$this->errors[]='fb api error:'。$e->getMessage();
返回null;
}捕获(Facebook\Exceptions\FacebookSDKException$e){
//验证失败或其他本地问题时
$this->log[]=$this->errors[]='fb sdk error:'。$e->getMessage();
返回null;
}捕获(例外$e){
$this->log[]=$this->errors[]='unknown error:'。$e->getMessage();
返回null;
}
}
公共函数get_token(){
$this->log[]=“调用获取令牌”。.PHP\u EOL;
如果($this->token){
$this->log[]=“在对象中找到标记”。PHP\u EOL;
//回声';
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
$redirectURL = "http://".$_SERVER['SERVER_NAME']."/fb-callback.php";
$permissions = ['email'];
$fLoginURL = $helper->getLoginUrl($redirectURL, $permissions);
//模具(debug_print_backtrace());
返回$this->token;
}否则{
$this->log[]=$this->errors[]='在对象中找不到令牌。'.PHP\u EOL;
返回null;
}
}
公共函数get\u user($override=false){
$fields=数组(
“名字”,
“姓”,
“电子邮件”,
“id”,
“图片”,
“生日”,
"性别",;
$fields=内爆(“,”,$fields);
if($this->graph\u user===null){
如果($this->fb&&$this->get_token()){
试一试{
//返回Facebook\FacebookResponse对象
$resp_url='/me?fields='.$fields.&debug=all';
$this->log[]=$resp_url;
$response=$this->fb->get($resp_url,$this->get_token());
$this->graph_user=$response->getGraphUser();
返回$this->graph\u用户;
}
捕获(Facebook\Exceptions\FacebookResponseException$e){
//当图形返回错误时
$this->api\u错误