I have a file named fbmain.php which do all facebook authentication parts. And I have a button in index.php file which passes data to a.php file
This is just an example
//fbmain.php : do all facebook authentication parts
//index.php
<?php
include_once "fbmain.php";
?>
<form enctype="multipart/form-data" action="http://myserver/a/a.php" method="POST">
//Some codes
<input type="submit" value="Upload"/>
</form>
In a.php file I have to include fbmain.php again since here I do some api call.
//a.php
<?php
include_once "fbmain.php";
//some codes
try{
$me = $facebook->api('/me?access_token='. $token);
print_r($me);
} catch(FacebookApiException $e){
echo "Error:" .$e;
}
?>
THis app works fine in firefox browser but doesnt work in IE(When the user click ‘Upload button it redirect user to the host Canvas Callback URL’).
I tried placing bellow codes at the top of in each and every file(fbmain.php, index.php, a.php). But it still doesn’t work?
First I tried this
header('P3P: CP=HONK');
ob_start();
Then I tried this
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
ob_start();
But nothing works in IE.
Can anyone please help me?
//fbmain.php file
<?php
//header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
header('P3P: CP="CAO PSA OUR"');
ob_start();
//facebook application
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['api' ] = "MY_API_KEY";
$fbconfig['secret'] = "MY_APP_SECRET";
//set application urls here
$fbconfig['baseUrl'] = "http://MYSERVER/uploader/index.php"; //http://thinkdiff.net/demo/newfbconnect1/iframe;
$fbconfig['appBaseUrl'] = "http://apps.facebook.com/approne"; //http://apps.facebook.com/thinkdiffdemo;
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_photos'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
//Has a loading problem
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
I came across a similar issue with IE before where the user session was not persisting server side. To get around it I added a hidden field to forms served to IE containing the
signed_request.But this solution should work with the
codeparameter or by passing the authorisation token and then using it to restore the users session server side. You can also try maintaining your own session cookie.I see you are using the pre v3 of the PHP SDK. So you should try adding the hidden field: