0
我已經完成了我的Facebook應用程序並且它可以工作,但是當用戶第一次使用應用程序時,我將它們重定向到http://apps.facebook.com/myapp/,如facebook文檔中給出的。php - 在facebook應用程序中刪除「code」param應用程序URL
$app_id = "123456789";
$canvas_page = "http://apps.facebook.com/myapp/";
$auth_url = "http://www.facebook.com/dialog/oauth?client_id=".$app_id."&redirect_uri=".urlencode($canvas_page)."&scope=email,publish_stream";
$signed_request = $_REQUEST["signed_request"];
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
if(empty($data["user_id"])){
echo("<script> top.location.href='" . $auth_url . "'</script>");
} else {
echo "Welcome User: " . $data["user_id"]."<br/>";
// UPDATE CODE START
// below code from facebook docs
$app_secret = "asdfghjkl1234567890qwerty";
$my_url = "http://apps.facebook.com/myapp/";
session_start();
$code = $_REQUEST["code"];
if(empty($code)) {
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
. $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
if($_REQUEST['state'] == $_SESSION['state']) {
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token="
. $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
echo("Hello " . $user->name);
} else {
echo("The state does not match. You may be a victim of CSRF.");
}
// UPDATE CODE END
}
die();
的問題是,在瀏覽器URL看起來類似以下內容:
http://apps.facebook.com/myapp/?code=saydyab7da976dgas976gdas6gdas6gd06asgd86ags0d6g...etc
什麼是「代碼」參數,它爲什麼存在?如何擺脫它?
問候