Home/ Questions/Q 6673549
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T03:38:24+00:00

I have a Facebook iframe app. As soon as the app authorisation is confirmed

  • 0

I have a Facebook iframe app. As soon as the app authorisation is confirmed I grab some data from the signed request an put it into session:

<?php
    session_start();
    $signed_request = $_REQUEST["signed_request"];
    list($encoded_sig, $payload) = explode('.', $signed_request, 2); 
    $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
    if(empty($data["user_id"])) {
        echo("<script> top.location.href='$auth_url'</script>");
        exit;
    }
    $_SESSION['fb_id'] = $data['user_id'];
?>

Simple, right? So now the user can interact with my app, and the final user action triggers an AJAX request. I’m using jQuery for this:

$.ajax({
    type:'POST',
    url:'include/handler.php',
    data:'name=value',
    success: function(msg) {
        alert("Success: "+msg);
    },
    error: function(msg) {
        alert("Fail: "+msg);    
    }
});

So then in handler.php, I need to use that previously saved session value, but the session is empty.

<?php
    session_start();
    echo $_SESSION['fb_id'];
?>

Obviously these code snippets are simplified, but can anyone explain this to me? I’ve got a feeling that I’m doing something stupid, but it’s been a long day.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Turns out that this is down to an issue with the shared hosting environment I was using. For whatever reason, requests originating from AJAX or Flash are handled with a unique session id. The fix was simply to move to a different hosting provider.

    • 0