我有一个名为fbmain.php的文件,它可以处理所有facebook身份验证部分。我在index.php文件中有一个按钮,它将数据传递给a.php文件
这只是一个例子
//fbmain.php : do all facebook authentication parts
//index.php
<?php
include_once "fbmain.php";
?>
<form enctype="multipart/form-data" action="http://myserver/a/a.php" method="POST">
//Some codes
<input type="submit" value="Upload"/>
</form>
在a.php文件中,我必须再次包含fbmain.php,因为在这里我做了一些api调用。
//a.php
<?php
include_once "fbmain.php";
//some codes
try{
$me = $facebook->api('/me?access_token='. $token);
print_r($me);
} catch(FacebookApiException $e){
echo "Error:" .$e;
}
?>
这个应用程序在firefox浏览器中工作正常但在IE中不起作用(当用户点击“上传”按钮将用户重定向到主机Canvas Callback URL时)。
我尝试将波纹管代码放在每个文件的顶部(fbmain.php,index.php,a.php)。但它仍然不起作用?
首先我尝试了这个
header('P3P: CP=HONK');
ob_start();
然后我尝试了这个
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
ob_start();
但是在IE中没有任何作用。
任何人都可以帮助我吗?
// fbmain.php文件
<?php
//header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
header('P3P: CP="CAO PSA OUR"');
ob_start();
//facebook application
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['api' ] = "MY_API_KEY";
$fbconfig['secret'] = "MY_APP_SECRET";
//set application urls here
$fbconfig['baseUrl'] = "http://MYSERVER/uploader/index.php"; //http://thinkdiff.net/demo/newfbconnect1/iframe;
$fbconfig['appBaseUrl'] = "http://apps.facebook.com/approne"; //http://apps.facebook.com/thinkdiffdemo;
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_photos'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
//Has a loading problem
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
答案 0 :(得分:1)
在用户会话没有持久化服务器端之前,我遇到了与IE类似的问题。为了解决这个问题,我为包含signed_request的IE表单添加了一个隐藏字段。
<input type='hidden' name='signed_request' value='VALID_SIGNED_REQUEST' />
但是此解决方案应该与code参数一起使用,或者通过传递授权令牌然后使用它来还原用户会话服务器端。您也可以尝试维护自己的会话cookie。
我看到你正在使用PHP SDK的pre v3。所以你应该尝试添加隐藏字段:
<input type='hidden' name='session' value='<?php echo json_encode($session); ?>' />