我有Facebook SDK问题。我不断收到以下错误:Facebook SDK CSRF错误
CSRF state token does not match one provided
我没有任何RewriteRule规则,因为它之前建议过,所以这不是问题。 我改变了引用代码()函数来,才能知道问题出在哪里如下:
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
$add = "";
if ($this->state == null)
$add .= " State is null";
if (!isset($_REQUEST['state']))
$add .= " State is not set";
if ($this->state !== $_REQUEST['state'])
$add .= " States are not that same";
self::errorLog('CSRF state token does not match one provided. problem:' . $add);
return false;
}
}
return false;
}
后,我重新运行登录脚本,现在我得到以下错误:
CSRF state token does not match one provided. problem: State is null States are not that same
有没有人知道如何解决这个问题?
protected function getCode() {
$server_info = array_merge($_GET, $_POST, $_COOKIE);
if (isset($server_info['code'])) {
if ($this->state !== null &&
isset($server_info['state']) &&
$this->state === $server_info['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $server_info['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
的代码只是结合了$ _GET,$ _ POST和$ _COOKIE数组与如何使用工作$ _REQUEST到PHP 5.3.0之前:
感谢
你是怎么用facebook api的? – datasage 2013-02-28 16:49:48
你在哪里/如何在该方法之外设置'$ this-> state'? – CBroe 2013-02-28 16:51:54
@CBroe,当我获得登录URL时,它应该在Facebook API中自动设置。检查第579行:https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php – 2013-02-28 17:36:10