Facebook PHP getUser() returns 0


12145 views 4th April 2014


Recently upgraded my DigitalOcean droplet's PHP to version 5.4.2 and couple of days later I started getting complaints from the users that Facebook sign up no longer worked.

Strange. I did not touch any of the existing CodeIgniter (PHP) codes and why suddenly Facebook sign up no longer works ? After diff-ing around here and there, only then I realized that I've upgraded the PHP version from 5.3.x to 5.4.2.

The problem was that PHP 5.4.x makes a few changes to the php.ini file and this causes the Facebook PHP SDK to break. After authenticating the user, it will just display the current page but with an extra ?code=XXXXXXX parameter appended at the back of the URL.
Further investigation shows that $facebook->getUser() function will return 0 and thus break the existing code if-statement.
Facebook PHP SDK relies on $_REQUEST from the server and because of the breaking changes in PHP 5.4.x, it no longer worked the way it supposed to be.

To fix this problem, change the Facebook SDK getCode() function in base_facebook.php file.

from 


<?php
 
protected function getCode() {
 if (isset($_REQUEST['code'])) {
  if ($this->state !== null &&
  isset($_REQUEST['state']) &&
 $this->state === $_REQUEST['state']) {
 
 // CSRF state has done its job, so clear it
 $this->state = null;
 $this->clearPersistentData('state');
 return $_REQUEST['code'];
 } 
 else
 {
 self::errorLog('CSRF state token does not match one provided.');
 return false;
 }
 }
  return false;
}
?>


to 


<?php
 
protected function getCode() {
 $server_info = array_merge($_POST, $_GET, $_COOKIE);
 
 if (isset($server_info['code'])) {
  if ($this->state !== null &&
 isset($server_info['state']) &&
 $this->state === $server_info['state']) {
 
 // CSRF state has done its job, so clear it
 $this->state = null;
  $this->clearPersistentData('state');
 return $server_info['code'];
 } else {
  self::errorLog('CSRF state token does not match one provided.');
  return false;
  }
}
 
 return false;
}
?>


The new code replaced $_REQUEST with a combined array of $_POST, $GET and $_COOKIE. This new changes worked and getUser() function no longer returns 0.





By Adam Ng

IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.


Advertisement

Tutorials

+20.5k Golang : Match strings by wildcard patterns with filepath.Match() function


+18.2k Golang : Compare floating-point numbers


+6.8k Golang : Scan files for certain pattern and rename part of the files


+8.9k Golang : Use regular expression to get all upper case or lower case characters example


+19.8k Golang : How to get time zone and load different time zone?


+6.3k Golang : Getting Echo framework StartAutoTLS to work


+16.4k Golang : Read data from config file and assign to variables


+7k Golang : Randomize letters from a string example


+18.4k Golang : How to get time from unix nano example


+40.8k Golang : Get hardware information such as disk, memory and CPU usage


+13.5k Golang : Rename directory


+6k Golang : Get environment variable