Sunday, March 6, 2022

[FIXED] CakePHP session lost in Safari and IE between pages on Facebook

      , , , ,      No comments   

Issue

I'm developing a Facebook app on CakePHP framework and I'm trying to do one simple thing:

// get user
$user = $this->Facebook->api('/me');

// store the user id into session
$this->Session->write('User.id', $user['id']);

But as soon as I change page the session is lost in Safari and I cannot get the id from the session no matter what.

I have found numerous solutions here and on other forums tried them all, but I haven't managed to solve this problem. Nothing works for me or I have been doing it wrong... Anyone managed to found a working solution for this?

Any help would be really appreciated, thnx.


Solution

I have found a solution. The problem is Safari cookie policy, user has to change to allow all cookies in their Safari settings.

But I have figured out that if I first reload the page outside the facebook iframe and set the session there, the session remains the same even inside the facebook iframe.

So I created another controller action just to start a new session and store its id inside the session for later use:

public function safari_session_hack()
{
    $app_url = "app_url"; // the full url of your app on facebook
    session_start();
    $this->Session->write('Session.id', session_id());
    die(header("Location:" . $app_url)); // redirect back to the FB app
}

Then on my FB app landing page I have this code:

// Session fix for Safari
if (!$this->Session->read('Session.id') && strpos($_SERVER['HTTP_USER_AGENT'], 'Safari')) {
    echo '<script>top.location.href="' . Router::fullbaseUrl() . Router::url(array('controller' => 'main', 'action' => 'safari_session_hack')) . '"</script>';
    die;
}

All it does is it checks if the session id is not set and if the browser is Safari. Then it redirects to the safari_session_hack() action, starts the session on the outside page, saves its id inside the session and redirects back to the page.

Now everything works fine and the session is not being lost or destroyed between pages, so you can do user login and other stuff that requires session data inside your FB app.



Answered By - J.T.

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...