Facebook PHP SDK clear session data?

1
votes

I want people to be able to remove my app from their facebook-account from my app.

This is easily done with:

$fb->api('/'.$fbUid.'/permissions','DELETE');

The problem is that if the user loads another page on my website the facebook php sdk still seem to think that the user is "logged in". I think this is because the facebook php sdk (v 3.1.1) stores user data in sessions.

Is there a good way of clearing these sessions? (i mean a best practice way, of course i could loop through the sessions and delete all beginning with "fb_").

There is a $fb->clearAllPersistentData() but it's protected.

Or will i actually have to redirect the user to the logoutUrl to do this?

EDIT: Redirecting to logoutUrl doesn't make any difference, i still have the sessions variables.

1
facebookfacebook-graph-apifacebook-php-sdk

1 Answers

4
votes

You can use session_destroy() but this will destroy all the session data, including any your own apps may be using.

Another solution is to extend the class and expose the protected method via your own wrapper function.

However I agree that this is slightly broken and I have a few fixes that I'll push to the sdk this week.