故障使用OAuth 2.0在我的Facebook应用程序

Question

evertything正在运行在我的Facebook应用程序正常，直到我把它升级到的OAuth 2.0，和IM不确定是不是我做的一切权利。

的事情是，我已经取得的OAuth的对话工作，并在用户授权的应用程序，它使我的应用程序到iFrame，但我有我的$ _GETs麻烦[]，让我解释一下：

这里是我的index.php，这是我的主网页使用，而我只是包括（）在一个div一些文件调用的内容，这取决于$ _GET [“节”]：

$app_id = "xxx"; 
$application_secret = 'xxx'; 
    $canvas_page = "xxx"; 
    $auth_url = "http://www.facebook.com/dialog/oauth?client_id=".$app_id. "&redirect_uri=".urlencode($canvas_page)."&scope=publish_stream,offline_access"; 

//OAuth 2.0 

    function parse_signed_request($signed_request, $secret) { 

     list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

     // decode the data 
     $sig = base64_url_decode($encoded_sig); 
     $data = json_decode(base64_url_decode($payload), true); 

     if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') { 
      error_log('Unknown algorithm. Expected HMAC-SHA256'); 
      return null; 
     } 

     // check sig 
     $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true); 
     if ($sig !== $expected_sig) { 
      error_log('Bad Signed JSON signature!'); 
      return null; 
     } 

     return $data; 
    } 

    function base64_url_decode($input) { 
     return base64_decode(strtr($input, '-_', '+/')); 
    } 
// 
$data = parse_signed_request($_REQUEST["signed_request"],$application_secret); 

    if (empty($data["user_id"])) { 
      echo("<script> top.location.href='" . $auth_url . "'</script>"); 
    } else { 

    $_SESSION['on'] = 1; 
    include ('src/facebook.php'); 

    $files = array(); 
    $files['RE'] = 'xxx.php'; 
    $files['RC'] = 'yyy.php'; 
    $files['DP'] = 'zzz.php'; 

    $facebook = new Facebook(array(
     'appId' => $app_id, 
     'secret' => $application_secret, 
     'cookie' => true, 
     'perms' => 'publish_stream, offline_access', 
     )); 
    $_SESSION["access_token"] = $data["oauth_token"]; 
    $me = $facebook->api('/me?oauth_token='.$_SESSION["access_token"]); 

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml"> 
    <link rel="stylesheet" href="css/style.css" type="text/css"> 
    <head> 
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 
    <meta http-equiv="Content-Style-Type" content="text/css"> 
    <meta property="og:title" content="title" /> 
    <meta property="og:description" content="description" /> 
    <meta property="og:image" content="thumbnail_image" /> 
    </head> 
    <body> 
     <div class="wrapper"> 
      <?php include("inc/app_header.php");?> 
      <div class="content"> 
      <?php 
       if(isset($_GET['section'])) 
       { 
        $file_to_include = 'inc/'.$files[$_GET['section']]; 
       } 
       else 
       { 
        $file_to_include = 'inc/section_restaurantes.php'; 
       } 

       include($file_to_include); 
      ?> 
       <div class="content_bottom_space"></div> 
      </div> 
      <div class="footer"> 
      </div> 
     </div> 
    </body> 
    </html> 
    <?php } ?> 

和section_restaurantes的代码是：

<div class="section_restaurantes"> 
     <div class="restaurantes_container"> 
      <div class="restaurantes"><a href="index.php?section=DP"></a></div> 
      <div class="restaurantes"><a href="index.php?section=PH"></a></div> 
     </div> 
    </div> 

的事情是，当我在我所有的浏览器被重新加载这些div点击，该？代码= url参数改变两次，它再次section_restaurantes.php重新加载，而不是加载DP部分，我希望我是清楚的。

我想是因为它的重装两次我松开$ _GET [“节”]参数，然后将其加载默认的是“增量/ section_restaurantes.php”

我需要帮助，请，我试着在互联网上找到解决方案，但我什么也没找到

Answer 1

如果您使用的是PHP-SDK，那么您无需解析signed_request，因为它可以为您提供帮助。你只需要检索用户（getUser()），如果没有用户，重定向到登录URL（指example文件）。

这里是一个更好的代码：

<?php 
include ('src/facebook.php'); 
$app_id = "xxx"; 
$application_secret = 'xxx'; 
$canvas_page = "xxx"; 

$facebook = new Facebook(array(
    'appId' => $app_id, 
    'secret' => $application_secret 
)); 

$user = $facebook->getUser(); 
if(!$user) { 
    $loginUrl = $facebook->getLoginUrl(array(
     'redirect_uri' => $canvas_page, 
     'scope' => 'publish_stream,offline_access' 
    )); 
    echo("<script> top.location.href='" . $loginUrl . "'</script>"); 
    exit; 
} 

$_SESSION['on'] = 1; 
$files = array(); 
$files['RE'] = 'xxx.php'; 
$files['RC'] = 'yyy.php'; 
$files['DP'] = 'zzz.php'; 
try { 
    $me = $facebook->api('/me'); 
} catch (FacebookApiException $e) { 
    error_log($e); 
    $user = null; 
} 
?> 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml"> 
<link rel="stylesheet" href="css/style.css" type="text/css"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 
<meta http-equiv="Content-Style-Type" content="text/css"> 
<meta property="og:title" content="title" /> 
<meta property="og:description" content="description" /> 
<meta property="og:image" content="thumbnail_image" /> 
</head> 
<body> 
    <div class="wrapper"> 
     <?php include("inc/app_header.php");?> 
     <div class="content"> 
     <?php 
      if(isset($_GET['section'])) 
      { 
       $file_to_include = 'inc/'.$files[$_GET['section']]; 
      } 
      else 
      { 
       $file_to_include = 'inc/section_restaurantes.php'; 
      } 

      include($file_to_include); 
     ?> 
      <div class="content_bottom_space"></div> 
     </div> 
     <div class="footer"> 
     </div> 
    </div> 
</body> 
</html> 

现在您的餐厅部分，我会链接到父文档：

<div class="section_restaurantes"> 
    <div class="restaurantes_container"> 
     <div class="restaurantes"><a href="<?php echo $canvas_page; ?>?section=DP" target="_top"></a></div> 
     <div class="restaurantes"><a href="<?php echo $canvas_page; ?>?section=PH" target="_top"></a></div> 
    </div> 
</div> 

假设你$canvas_page是预期的目标。