Facebook PHP getUser() returns 0


13651 views 4th April 2014


Recently upgraded my DigitalOcean droplet's PHP to version 5.4.2 and couple of days later I started getting complaints from the users that Facebook sign up no longer worked.

Strange. I did not touch any of the existing CodeIgniter (PHP) codes and why suddenly Facebook sign up no longer works ? After diff-ing around here and there, only then I realized that I've upgraded the PHP version from 5.3.x to 5.4.2.

The problem was that PHP 5.4.x makes a few changes to the php.ini file and this causes the Facebook PHP SDK to break. After authenticating the user, it will just display the current page but with an extra ?code=XXXXXXX parameter appended at the back of the URL.
Further investigation shows that $facebook->getUser() function will return 0 and thus break the existing code if-statement.
Facebook PHP SDK relies on $_REQUEST from the server and because of the breaking changes in PHP 5.4.x, it no longer worked the way it supposed to be.

To fix this problem, change the Facebook SDK getCode() function in base_facebook.php file.

from 


<?php
 
protected function getCode() {
 if (isset($_REQUEST['code'])) {
  if ($this->state !== null &&
  isset($_REQUEST['state']) &&
 $this->state === $_REQUEST['state']) {
 
 // CSRF state has done its job, so clear it
 $this->state = null;
 $this->clearPersistentData('state');
 return $_REQUEST['code'];
 } 
 else
 {
 self::errorLog('CSRF state token does not match one provided.');
 return false;
 }
 }
  return false;
}
?>


to 


<?php
 
protected function getCode() {
 $server_info = array_merge($_POST, $_GET, $_COOKIE);
 
 if (isset($server_info['code'])) {
  if ($this->state !== null &&
 isset($server_info['state']) &&
 $this->state === $server_info['state']) {
 
 // CSRF state has done its job, so clear it
 $this->state = null;
  $this->clearPersistentData('state');
 return $server_info['code'];
 } else {
  self::errorLog('CSRF state token does not match one provided.');
  return false;
  }
}
 
 return false;
}
?>


The new code replaced $_REQUEST with a combined array of $_POST, $GET and $_COOKIE. This new changes worked and getUser() function no longer returns 0.





By Adam Ng

IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.


Advertisement

Tutorials

+11k Golang : Removes punctuation or defined delimiter from the user's input


+5.3k Golang : Convert lines of string into list for delete and insert operation


+7k Golang : Fibonacci number generator examples


+15.4k Golang : Get query string value on a POST request


+7.1k Web : How to see your website from different countries?


+9.2k Golang : Gonum standard normal random numbers example


+4.6k Java : Generate multiplication table example


+52k Golang : How to get time in milliseconds?


+5.7k Golang : Frobnicate or tweaking a string example


+12.3k Golang : calculate elapsed run time


+10.3k Golang : Text file editor (accept input from screen and save to file)


+10.7k Golang : Select region of interest with mouse click and crop from image