CSRF状态令牌与提供的令牌不匹配

时间:2012-08-11 06:26:17

标签: facebook facebook-graph-api csrf

使用此代码获取服务器错误日志..此代码仅向我提供了81位朋友,但我的朋友列表中有87位朋友..

给我一​​个建议.. 

 <?php

     require_once('facebook-php-sdk/src/facebook.php');

     $config = array('appId' => 'Your app id','secret' => 'Your app secret',);     

      $facebook = new Facebook($config);

      $user_id = $facebook->getUser();

        if($user_id) {

          // We have a user ID, so probably a logged in user.
          // If not, we'll get an exception, which we handle below.
                try {
                $access_token = $facebook->getAccessToken();




                $usrFrnd_data = array();
                $offset = 0;
                $limit = 5000;  

                //fetch events from Facebook API


                $user  = null;      

                $c = curl_init();
                curl_setopt($c, CURLOPT_URL, "https://graph.facebook.com/me/friends/?limit=$limit&offset=$offset&access_token=".$access_token);
                curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
                curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
                curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
                $user = json_decode(curl_exec($c));
                curl_close($c);
                $tmpVar = object2Array($user);
                $usrFrnd_data = array_merge($usrFrnd_data, $tmpVar["data"]);

                //loop through pages to return all results

                while(array_key_exists("next", $tmpVar["paging"])) {

                    $offset += $limit;
                    $c = curl_init();
                    curl_setopt($c, CURLOPT_URL, "https://graph.facebook.com/me/friends/?limit=$limit&offset=$offset&access_token=".$access_token);
                    curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
                    curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
                    $user = json_decode(curl_exec($c));
                    curl_close($c);

                    $tmpVar = object2Array($user);
                    // make sure we do not merge with an empty array
                    if (count($tmpVar["data"]) > 0){
                        $usrFrnd_data = array_merge($usrFrnd_data, $tmpVar["data"]);
                    } else {
                        // if the user entry is empty, we have reached the end, exit the while loop
                        break;
                    }
                }

                echo "<pre>";
                print_r($usrFrnd_data);

            }catch(FacebookApiException $e) {
                // If the user is logged out, you can have a 
                // user ID even though the access token is invalid.
                // In this case, we'll get an exception, so we'll
                // just ask the user to login again here.
                $login_url = $facebook->getLoginUrl(); 
                echo 'Please <a href="' . $login_url . '">login.</a>';
                error_log($e->getType());
                error_log($e->getMessage());
            }   
        } else {
          // No user, so print a link for the user to login
          $login_url = $facebook->getLoginUrl();
          echo 'Please <a href="' . $login_url . '">login.</a>';
        }

        function object2Array($d){
            if (is_object($d)){
                $d = get_object_vars($d);
            }

            if (is_array($d))
            {
                return array_map(__FUNCTION__, $d);
            }
            else
            { 
                return $d;
            }
        }   
      ?>

1 个答案:

答案 0 :(得分:1)

不确定这会有所帮助。

我认为您需要向用户询问扩展权限,以便首先在getloginurl()进程中获取好友数据。通常Facebook会在正常许可的情况下为您提供基本信息。

相关问题
最新问题