Facebook Authentication logout - can not logout from FB

Question

I know there are so many posts about issues like this, but I can not find solution for myself.

In SimpleMachines forum (SMF) I integrated Login via Facebook, and it works fine.

On the other side, I can not force system to log me out from Facebook together with SMF logout action.

I tried, to:

$facebook->destroySession();
redirect end user to https://www.facebook.com/logout.php?... with appropriate params
tried also to use setcookie('fbs_'.$facebook->getAppId(),

... etc, but still end user is logged into Facebook.

Can you please give me some advice hot to do that?

UPDATE: Here is how my code looks now, after changes suggested by CBroe:

    require_once("facebook.php");

    $config = array();
    $config['appId'] = '1XXXXXXXXXXXX50';
    $config['secret'] = '6XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2';
    $config['fileUpload'] = false;
    $facebook = new Facebook($config);
    $user = $facebook->getUser();

    $logoutUrl = $facebook->getLogoutUrl();
    //session_destroy();
$facebook->destroySession();
    header('location:https://www.facebook.com/logout.php?access_token='.$config['appId'].'&confirm=1&next=www.mydomain.com');

score 0 · Accepted Answer · edited Jun 20 '20 at 09:12

0

I tried, to:

$facebook->destroySession();

redirect end user to https://www.facebook.com/logout.php?... with appropriate params

After destroying the session, you do not have an active user access token set in your Facebook class instance any more – but this is needed to build a working logout URL.

So try reversing these steps – build logout URL first, then destroy the session, and then redirect to the logout URL.

edited Jun 20 '20 at 09:12

Community

1
1

answered Sep 24 '12 at 08:34

CBroe

91,630
14
92
150

CBroe, can you take a look at my code, I added it in updated part of my primary post – user198003 Sep 24 '12 at 08:56
PHP’s `session_destroy` and the method `Facebook::destroySession` do different things – and i don’t see the latter any more in your code. – CBroe Sep 24 '12 at 11:28
Tnx, but still the same (plese check my primary post). More, it takes me now to my FB account page. – user198003 Sep 24 '12 at 11:37
Despite the calling methond to destroy sessions, I noticed that Facebook related cookies are whole time "alive". Guessing that there is a problem with my getLogoutUrl()... Tried to echo result, and it seems to be ok..... Any help? – user198003 Sep 25 '12 at 23:57
Try sending the user to the logout URL first – and then, when they come back to your app (the redirect_uri), destroy both the Facebook session and your PHP session. – CBroe Sep 27 '12 at 08:19
Tnx, but how to destroy FB session? I tried with session_destroy(); but session is still there. Also tried to delete FB cookies, but they are still there. – user198003 Sep 27 '12 at 11:17
Like in my code above? Tried that, but session is still there. – user198003 Sep 27 '12 at 18:13
1

No – _after_ the browser is redirected to your app, after processing the logout URL. – CBroe Sep 28 '12 at 11:29

Facebook Authentication logout - can not logout from FB

1 Answers1