How to log out user using facebook SDK?
Solution 1
You can logout from your site as well as from facebook as follow by providing your site url to next parameter and destroying session
$token = $facebook->getAccessToken();
$url = 'https://www.facebook.com/logout.php?next=' . YOUR_SITE_URL .
'&access_token='.$token;
session_destroy();
header('Location: '.$url);
You also have to log them out of your website AND you have to prevent your website from automatically remembering your user and re-logging them in immediately.
Disable the code that auto-logs in your user and try to logout again. Destroying the session will not prevent your site from creating a brand new valid session for the remembered user.
Solution 2
Here is the PHP logout code for my website that logs a user in and out with facebook. You don't have to destroy the session to logout the user, all you technically have to do is signal to your own website that this particular session may not be used to let the user in.
logout.php:
<?php
require_once("facebook-php-sdk-6c82b3f/src/facebook.php");
$config = array();
$config['appId'] = '2911111111146';
$config['secret'] = 'a6eaaaaaaaaaaaaaaaaaaaaaaaaaad1a';
$config['fileUpload'] = false;
$facebook = new Facebook($config);
$logouturl = $facebook->getLogoutUrl();
$_SESSION['user_facebook_email'] = "";
$_SESSION['ask_user_to_login'] = true;
header("Location: showquestions.php");
?>
index.php:
<?php
require_once("facebook-php-sdk-6c82b3f/src/facebook.php");
$config = array();
$config['appId'] = '2911111111146';
$config['secret'] = 'a6eaaaaaaaaaaaaaaaaaaaaaaaaaad1a';
$config['fileUpload'] = false;
$facebook = new Facebook($config);
$userId = $facebook->getUser();
if ($_SESSION['ask_user_to_login'] == true || $userId == 0){
$loginUrl = $facebook->getLoginUrl();
$_SESSION['ask_user_to_login'] = false;
echo "<button type='button' onClick=\"window.location='$loginUrl'\">" .
"<img src='picture.gif' alt='Login with facebook'/>" .
"</button>";
exit;
}
else
{
$userInfo = $facebook->api('/' + $userId);
session_cache_expire (150000); //set the cache expire to 15000 minutes
$_SESSION['user_facebook_email'] = $userInfo['email'];
$_SESSION['facebook'] = $facebook;
header("Location: showquestions.php");
}
$userInfo = $facebook->api('/' + $userId);
echo "Welcome" . $userInfo['email'];
?>
login.php:
<?php
session_start();
if (isset($_SESSION['user_facebook_email']) !== true ||
$_SESSION['user_facebook_email'] == "")
{
header("Location: index.php");
exit;
}
?>
Then in every php file you want to prevent access without a logged-in user, put this at the top:
<?php
require("log2.php");
?>
With this code, the user is logged in automatically, and if they invoke the logout code, the site will not let them in until they login again.
Related videos on Youtube
Comments
-
Mina Gabriel over 4 years
I am using a
facebook
log in for my web site usingfacebook php sdk
.What I noticed is the
logout
link doesn't do anything. After I logout, the user can still navigate the site. Here is my code infacebook.php
:<?php require 'src/facebook.php'; $facebook = new Facebook(array( 'appId' => '*************', 'secret' => '******************************', )); $user = $facebook->getUser(); $loginUrl = $facebook->getLoginUrl(); echo "<a href='$loginUrl'>login</a>"; $logoutUrl = $facebook->getLogoutUrl(); echo $loginUrl; if($user){ session_start() ; $_SESSION['user_info'] = $user; $_SESSION['user_pro']= $facebook->api('/me'); print_r($_SESSION); } else{ echo 'not logged in '; } echo "<a href='example.com/logout.php'>log out </a>" ?>
This
code
works fine on log in. The log out link should destroy the session. Here is the header of the page:<?php print_r($_SESSION) ; header('example.com') ; ?>
The problem with my
logout.php
page is it doesn't detect the session at all. I don't know if this is afacebook api
problem or myphp
problem.How do you log the user out using the facebook SDK?
-
Kode Plus almost 12 yearsUsers can logout from facebook... they can't logout from your site.
-
Mina Gabriel almost 12 yearsthey can if you destroy the session
-
-
Mina Gabriel almost 12 yearsi tried
session_destroy()
and it never works , i do what i wrote in my answer , hopefully on the long run it doesn't do any breaks -
Rudi Visser almost 12 years@MinaGabriel Damn idiots, I +1'd your question for balance since you still haven't resolved it.
-
Francesco Mangia about 11 yearsThis works for me. What happened in my case was the URL that
getLogoutUrl()
was producing hadaccess_token=0
. So I followed the example above manually adding the access token using$facebook->getAccessToken();
. But I'm just wondering why thegetLogoutUrl()
function couldn't add it, and used zero instead. Any ideas? -
1owk3y about 9 yearswp_redirect doesn't work outside of Wordpress. Use
header("Location: $logout"); exit;
-
Michael Lynch over 7 yearsThis worked for me. It logs me out of Facebook and destroys the session for my app. Why isn't this documented anywhere? Is this still the "official" solution?