Fixing Facebook’s PHP SDK logout

If you request the “offline_access” permission when using the Facebook PHP SDK (and sometimes even without it), it makes the default logout functionality not work very well.  To fix this, here’s what worked for me:

  1. Change your logout url:
    $logoutUrl = $facebook->getLogoutUrl(array( 'next' => ($fbconfig['baseurl'].'logout.php') ));
  2. On your logout.php page, add the following code:
    setcookie('fbs_'.$facebook->getAppId(), '', time()-100, '/', 'domain.com');
    session_destroy();
    header('Location: /');

This should correctly logout your users.

34 thoughts on “Fixing Facebook’s PHP SDK logout

  1. i want that user must go through fb login everytime….but above solution not work fine for me!.
    Any idea what should I do?

  2. hi, you didn’t tell that we had to include the facebook js to the logout.php page! It wouldn’t work for me until I included it.

    eg

    require ‘scripts/facebook.php’;

    // Create our Application instance (replace this with your appId and secret).
    $facebook = new Facebook(array(
    ‘appId’ => ‘xxxxxxxxxxxxxx’,
    ‘secret’ => ‘xxxxxxxxxxxxxxxxxxxxxxxxx’,
    ));

    setcookie(‘fbs_’.$facebook->getAppId(), ”, time()-100, ‘/’, ‘http://www.repjesus.com’);
    session_destroy();
    header(‘Location: /’);

  3. Thank you very much!!!!You just save my life today. I was getting lots of errors and then I found this. Problem solved.
    Thanks again!!!!

  4. Hi,
    It is quite strange. I tried to logout user with official method: $facebook->getLogoutUrl(); It creates a link which looks good (https, token, etc.). It redirects to facebook logout.php than back to my page but the session remains same: FB.getLoginStatus: connected.
    Now with your solution I can’t create the Cookie. I can create other Cookies e.g.: setcookie(“TestCookie”, ‘blah blah’); but after the redirection your Cookie not exists in the Console. :(
    Do you have any idea?

  5. Thank you. I was stuck for an hr finding solution to logout. Even the fb docs dont have a good explanation.

  6. It’s just a value in the “fbconfig” array that I set up to hold the values related to the API. It’s not necessary, just a convenience to make the code more organized. You can just type in your site’s domain name.

  7. Code is still not working.
    On logout page

    require_once ‘facebook.php’;
    $facebook = new Facebook(array(
    ‘appId’ => ’470714283006560′,
    ‘secret’ => ’44c5257398f976dc7f74781ab846df91′,
    ‘cookie’ => true,
    ));
    setcookie(‘fbs_’.$facebook->getAppId(), ”, time()-100, ‘/’, ‘yourgiftguy.com’);
    session_destroy();
    header(‘Location: http://yourgiftguy.com/new_dail16.5/index.php‘);

  8. Facebook logout is now working.

    I am using codeignter with facebook php sdk 3.2.3

    $CI = & get_instance();
    $CI->config->load(“facebook”,TRUE);
    $config = $CI->config->item(‘facebook’);
    $this->load->library(‘Facebook’, $config);
    $myurl = site_url(‘user/mainLogout’);
    $token= $this->facebook->getAccessToken();

    $params = array(‘next’ => $myurl,’access_token’=>$token);
    $logoutUrl=$this->facebook->getLogoutUrl($params);
    ?>

    <a href="”>Logout

    In mainLogout() function

    $SessionArray = array(
    ‘user_id’ => ”,
    ‘user_email’ => ”,
    ‘role’ => ”
    );
    $this->session->unset_userdata($SessionArray);
    $this->session->sess_destroy();
    setcookie(‘PHPSESSID’, ”, time()-3600, “/”);
    setcookie (“fbss_XXXXXXXXXXX”, “”, time() – 3600);
    setcookie (“fbs_205733472943681″, “”, time() – 3600);

    session_destroy();
    redirect(site_url(”));

  9. You just have to change $facebook->getLogoutUrl(); for $facebook->destroySession(); This will logout the user.

Leave a Reply