How to log out user using facebook SDK?
I am using a facebook log in for my web site using facebook php sdk.
What I noticed is the logout link doesn't do anything. After I logout, the user can still navigate the site. Here is my code in facebook.php:
<?php
require 'src/facebook.php';
$facebook = new Facebook(array(
'appId' => '*************',
'secret' => '******************************',
));
$user = $facebook->getUser();
$loginUrl = $facebook->getLoginUrl();
echo "<a href='$loginUrl'>login</a>";
$logoutUrl = $facebook->getLogoutUrl();
echo $loginUrl;
if($user){
session_start() ;
$_SESSION['user_info'] = $user;
$_SESSION['user_pro']= $facebook->api('/me');
print_r($_SESSION);
}
else{
echo 'not logged in ';
}
echo "<a href='example.com/logout.php'>log out </a>"
?>
This code works fine on log in. The log out link should destroy the session. Here is the header of the page:
<?php
print_r($_SESSION) ;
header('example.com') ;
?>
The problem with my logout.php page is it doesn't detect the session at all. I don't know if this is a facebook api problem or my php problem.
How do you log the user out using the facebook SDK?
Answer
You can logout from your site as well as from facebook as follow by providing your site url to next parameter and destroying session
$token = $facebook->getAccessToken();
$url = 'https://www.facebook.com/logout.php?next=' . YOUR_SITE_URL .
'&access_token='.$token;
session_destroy();
header('Location: '.$url);
You also have to log them out of your website AND you have to prevent your website from automatically remembering your user and re-logging them in immediately.
Disable the code that auto-logs in your user and try to logout again. Destroying the session will not prevent your site from creating a brand new valid session for the remembered user.