Home/ Questions/Q 7030465
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T00:40:27+00:00

for some reason no matter what I do, this is always returning a valid

  • 0

for some reason no matter what I do, this is always returning a valid ID and Facebook information. To logout, I am using Facebook.Logout, redirecting to a page where I clear ALL cookies including “fbsr_” ones. I even logged out of Facebook manually and it is still returning a valid ID! This is for a Facebook Connect application. Here is my app code,

$uid = $facebook->getUser();

if ($uid) {
  try {
    $me = $facebook->api('/'+$uid);
  } catch (FacebookApiException $e) {
      echo $e;
    error_log($e);
    $uid = NULL;
  }
}

Then my PHP logout code,

$app_id="XXXX";
session_name('QEW');
session_start();
session_regenerate_id(true);
session_unset();
session_destroy();
$facebook->destroySession();
if (isset($_COOKIE['fbsr_' . $app_id])) 
{
      setcookie('fbsr_' . $app_id, $_COOKIE['fbsr_' . $app_id], time() - 3600, "/");
      setcookie('PHPSESSID', $_COOKIE['PHPSESSID'], time() - 3600, "/");

      unset($_COOKIE['fbsr_' . $app_id]);   
      unset($_COOKIE['PHPSESSID']);
}

EDIT
My Javascript code,

window.fbAsyncInit = function() {
    FB.init({ 
        appId:'XXX', cookie:true, 
        status:true, xfbml:true, oauth:true,
        channelURL:'~~.com/channel.html'
        });
};
(function() {
            var e = document.createElement('script'); e.async = true;
            e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
            e.async = true;
            document.getElementById('fb-root').appendChild(e);
          }());
function login(io)
{
    FB.getLoginStatus(function(response)
    {
        if(response.status == 'connected')
        {
            if(io==1)
            {
                FB.login(function(response) 
                {
                  if (response.authResponse) 
                  {
                     cU(response.authResponse.userID);
                  }
                },{scope:'email'});
            }
            else
            {
                FB.logout(function(response){});
                window.location="./logout.php";
            }
        }
        else
        {
            FB.login(function(response) 
            {
              if (response.authResponse) 
              {
                 cU(response.authResponse.userID);
              }
            },{scope:'email'});
        }
    });
}

Then after “logging out”, I go to another page that calls the first block of code again, and it just repopulates the cookies because it gets a valid user id back. how can I fix this? Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You delete cookie by php. After that on next request JS API restores it.

    The only and valid way to logout from facebook is to redirect user to logout url:

    echo $facebook->getLogoutUrl();

    or the same from the client JS API FB.logout();

    • 0