我有Facebook SDK問題。我不斷收到以下錯誤:Facebook SDK CSRF錯誤
CSRF state token does not match one provided
我沒有任何RewriteRule規則,因爲它之前建議過,所以這不是問題。 我改變了引用代碼()函數來,才能知道問題出在哪裏如下:
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
$add = "";
if ($this->state == null)
$add .= " State is null";
if (!isset($_REQUEST['state']))
$add .= " State is not set";
if ($this->state !== $_REQUEST['state'])
$add .= " States are not that same";
self::errorLog('CSRF state token does not match one provided. problem:' . $add);
return false;
}
}
return false;
}
後,我重新運行登錄腳本,現在我得到以下錯誤:
CSRF state token does not match one provided. problem: State is null States are not that same
有沒有人知道如何解決這個問題?
protected function getCode() {
$server_info = array_merge($_GET, $_POST, $_COOKIE);
if (isset($server_info['code'])) {
if ($this->state !== null &&
isset($server_info['state']) &&
$this->state === $server_info['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $server_info['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
的代碼只是結合了$ _GET,$ _ POST和$ _COOKIE數組與如何使用工作$ _REQUEST到PHP 5.3.0之前:
感謝
你是怎麼用facebook api的? – datasage 2013-02-28 16:49:48
你在哪裏/如何在該方法之外設置'$ this-> state'? – CBroe 2013-02-28 16:51:54
@CBroe,當我獲得登錄URL時,它應該在Facebook API中自動設置。檢查第579行:https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php – 2013-02-28 17:36:10