我有一个名为推荐书的社交网络,我使用Facebook和Google Plus登录按钮在用户第一次点击按钮时注册用户,并在第二次点击按钮时记录用户。有一天,我正在和一个女孩交谈并向她展示我的网站,我尝试使用facebook登录按钮在我的网站上注册她,系统将她登录到另一个用户的帐户,而不是注册她。现在我几乎可以肯定这是来自facebook的一个错误,使facebook系统返回来自另一个人的电子邮件,我想知道是否所有facebook登录按钮的问题都记录了错误帐户中的用户。所以我正在粘贴准确的代码,移动版本,我想问这个代码是否有任何问题,这是有效的,这可能使facebook系统从试图登录的用户返回另一个用户的电子邮件?这是一个问题,所有Facebook登录按钮记录用户在错误的帐户?
<script type="text/javascript">
<!--
$(document).ready(function(){
$(".SpinnerTR").hide();
});
function myTrim(x) {
return x.replace(/^\s+|\s+$/gm,'');
}
function setCookiesRB(id) {
var date = new Date();
date.setTime(date.getTime() + (365 * 24 * 60 * 60 * 1000));
var url = "http://localhost:8989/Login.jsp";
if(url.toLowerCase().indexOf("localhost:8989") >= 0) {
document.cookie = "IsRecommenderLogged=Yes; expires="+date.toGMTString()+"";
document.cookie = "RecommenderId="+id+"; expires="+date.toGMTString()+"";
} else {
document.cookie = "IsRecommenderLogged=Yes; expires="+date.toGMTString()+"; domain=recommendationbook.com;path=/";
document.cookie = "RecommenderId="+id+"; expires="+date.toGMTString()+"; domain=recommendationbook.com;path=/";
}
}
/*
*
* Facebook Login
*
*/
function statusChangeCallback(response) {
if(response.status === 'connected') {
$(document).ready(function(){
$(".GoogleFacebookButtons").hide();
$(".SpinnerTR").show();
});
register();
} else if(response.status === 'not_authorized') {
} else {
// The person is not logged into Facebook, so we're not sure if they are logged into this app or not.
}
}
function checkLoginState() {
FB.login( function(response) {
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
}, { scope: 'public_profile,email,user_birthday' } );
}
window.fbAsyncInit = function() {
FB.init({
appId : '1054429214574465',
cookie : true,
xfbml : true,
version : 'v2.2'
});
FB.getLoginStatus(function(response) {
// statusChangeCallback(response);
});
};
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
function register() {
FB.api('/me', function(response) {
var name = "";
var email = "";
var gender = "";
var locale = "";
var birthday = "";
if(typeof response.name != "undefined") {
name = ""+response.name+"";
}
if(typeof response.email != "undefined") {
email = ""+response.email+"";
}
if(typeof response.gender != "undefined") {
gender = ""+response.gender+"";
}
if(typeof response.birthday != "undefined") {
birthday = ""+response.birthday+"";
}
if(typeof response.locale != "undefined") {
locale = ""+ response.locale+"";
}
var posting = $.post("LoginFacebook.jsp", {name: name, email: email, gender: gender, locale: locale, birthday: birthday});
posting.done(function(data) {
setCookiesRB(""+myTrim(data)+"");
window.location.href = "http://recommendationbook.com/Recommender.jsp?id="+myTrim(data)+"";
});
});
}
//-->
</script><!DOCTYPE html>
<html lang="en-US">
<head>
<title>Recommendation Book</title>
<meta name="keywords" content="Recommendation Book Login" />
<meta name="description" content="Recommendation Book Login Page" />
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<body>
<div class="Geral">
<div class="Corpo">
<form method="post" id="Login" action="DoLogin.jsp" enctype="multipart/form-data">
<table>
<tbody>
<tr class="GoogleFacebookButtons"><td class="tdLeft">
<div style="width: 100%; text-align: center">
Facebook Login and Registration<br />
<a href="#" onclick="checkLoginState();"><img src="./img/static/FacebookButtonBig.PNG" border="0" alt=""></a>
</div>
</td></tr>
<tr class="SpinnerTR"><td>Wait... <div id="Spinner" class="Spinner" style="display: inline;"><img width="200" height="200" src="./img/static/ajax-loader-GoldenRod.gif" alt="" /></div></td></tr>
</tbody>
</table>
</form>
</div>
</div>
</body>
</html>
答案 0 :(得分:0)
我发现了错误。它就在我身边。如果用户成功登录,我认为facebook总是会返回一封电子邮件。但是登录facebook登录按钮的用户可以拒绝许可,然后facebook系统将返回垃圾或通用的Facebook电子邮件。我的一个用户注册了,因为我没有检查我把垃圾facebook放回电子邮件的地方,我没有注意到。后来,当我试图注册这个女孩时,我提到facebook系统返回了同样的垃圾,这就是为什么她登录了另一个女孩的帐户。要修复我在javascript中放置了以下条件:
var emailRegex = new RegExp("^([a-zA-Z0-9_.-]+)@([a-z0-9_.-]+)$");
if(!emailRegex.test(email) || email.toLowerCase().indexOf("facebook.com") >= 0) { }