0

I have a problem..

I try wrote program like as facebook page tab app. I must use session for remember signed_request.

But issue is that Safari do not remember session.

Program is:

$facebook = new Facebook($config);
      if (isset($_REQUEST['signed_request'])) {
            $encoded_sig = null;
            $payload = null;
            list($encoded_sig, $payload) = explode('.', $_REQUEST['signed_request'], 2);
            $sig = base64_decode(strtr($encoded_sig, '-_', '+/'));
            $signed_request = json_decode(base64_decode(strtr($payload, '-_', '+/'), true),true);
            $op=True;
        }else {
            $op=False;
        }

if($op)
{
  $_SESSION['liked']=$signed_request['page']['liked'];
  $_SESSION['admin']=$signed_request['page']['admin'];

}else{
  $url="PAGEAPP URL";
  echo("<script> top.location.href='" . $url . "'</script>");
  exit();
}
Veronika Blahoslavová
  • 57
  • 1
  • 1
  • 8

1 Answers1

0

Safari does not allow cross domain cookies.

As the main page is of the domain Facebook.com and your iframe domain differs, Safari will not process cookies inside the iFrame.

Although there are workarounds for other browsers, and at one point there was a workaround for Safari, it seems Apple closed this loophole.

http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/

Setting cross-domain cookies in Safari

Although I can't see your full code & scenario, I would suggest you avoid using sessions, and always query the Facebook API to check for the 'liked' & 'admin' flags. If a user's admin privileges were revoked, or a user disliked the page, then your SESSION variables would become out of sync (unless you are constantly updating your SESSION variables).

Check if a user liked the page: How to check if current facebook user like a page using PHP SDK?

Check if a user is an admin: How to get if a user is admin of a page (isAdmin) using the Facebook Graph API?

Community
  • 1
  • 1
fuzzysearch
  • 846
  • 9
  • 15