Login with Facebook using PHP


Nowadays people want easy step to login to your website,People do not like to fill registration form and then login. The shorter way to register is by social media. Login with facebook is popular and authentic way for registration and login system on the website. Facebook is one of the most popular social media network and most of the people use facebook. You can also use facebook login using PHP as login tool where user can login with facebook without sign up on your website.

In this tutorial, we have use latest Facebook API SDK library for login with PHP script.By using Facebook SDK we can easily integrate Facebook login and signup in our website. In this blog We implement user login and registration system with Facebook using PHP and store the user data into the MySQL database.

System Requirement:

  • PHP version should be 5.4 or greater
  • The mbstring extension should be enabled.


STEP 1: Create Facebook App

To access Facebook API, firstly you have to create Facebook App. Follow the below step to create Facebook App:

  • Go to the Facebook for Developers page and log in with your Facebook account.
  • Click the My Apps link at the top navigation bar and select Add New App.
  • Enter the Display Name and Contact Email.
  • Click on the Create App ID button.
  • Now, Navigate to the Settings » Basic page.
  • Enter App Domains and select the Category of your App.
  • Click on Save Changes.
  • Go to Product page by clicking the PRODUCTS(+) link at the left navigation menu panel.
  • Select Facebook Login to Set Up.
  • Select Web as the App platform.
  • Enter the Site URL and click to Save Button.
  • Go to Facebook Login » Settings page
  • In the Valid OAuth Redirect URIs field, enter the Redirect URL.
  • Click the Save Changes

Go to setting » Basic page and Copy or note the App ID and App Secret.

STEP 2: Get the Profile Link and Gender

To get the profile link and gender or you want to access user’s Facebook timeline link and gender, then you need to submit a request for user_link and user_gender permissions. How to submit Request follow below steps:

  • Go to the App Review » Permissions and Features page.
  • Request for user_link and user_gender permissions and submit the required information.

Once Your Request is submitted then wait for the review process is completed by Facebook.

STEP 3: Create Database Table

Now you have to create a database table where you store the User data. we are using table_name ‘users’. The table the basic fields in the MySQL database to hold the Facebook account information.

CREATE TABLE `users` (
 `oauth_provider` enum('facebook','google','twitter','') COLLATE utf8_unicode_ci NOT NULL DEFAULT '',
 `oauth_uid` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
 `first_name` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
 `last_name` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
 `email` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
 `gender` varchar(10) COLLATE utf8_unicode_ci DEFAULT NULL,
 `picture` varchar(200) COLLATE utf8_unicode_ci NOT NULL,
 `link` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
 `created` datetime NOT NULL,
 `modified` datetime NOT NULL,
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

Facebook SDK for PHP

The facebook-php-chart sdk/registry contains the most recent adaptation (v5) of Facebook SDK for PHP. You don’t have to download it independently, all the required files of Facebook PHP SDK v5 are included in our Facebook Login PHP source code

User Class (User.class.php)

The User class handles the database related activities (connect, insert, and update) using PHP and MySQL. It assists to connect, insert, and update Facebook account information in the users table.

 * User Class 
 * This class is used for database related (connect, insert, and update) operations 
 * @author    Developerguidance.com 
 * @url        http://www.developerguidance.com 
class User { 
    private $dbHost     = DB_HOST; 
    private $dbUsername = DB_USERNAME; 
    private $dbPassword = DB_PASSWORD; 
    private $dbName     = DB_NAME; 
    private $userTbl    = DB_USER_TBL; 
    function __construct(){ 
            // Connect to the database 
            $conn = new mysqli($this->dbHost, $this->dbUsername, $this->dbPassword, $this->dbName); 
                die("Failed to connect with MySQL: " . $conn->connect_error); 
                $this->db = $conn; 
    function checkUser($data = array()){ 
            // Check whether the user already exists in the database 
            $checkQuery = "SELECT * FROM ".$this->userTbl." WHERE oauth_provider = '".$data['oauth_provider']."' AND oauth_uid = '".$data['oauth_uid']."'"; 
            $checkResult = $this->db->query($checkQuery); 
            // Add modified time to the data array 
                $data['modified'] = date("Y-m-d H:i:s"); 
            if($checkResult->num_rows > 0){ 
                // Prepare column and value format 
                $colvalSet = ''; 
                $i = 0; 
                foreach($data as $key=>$val){ 
                    $pre = ($i > 0)?', ':''; 
                    $colvalSet .= $pre.$key."='".$this->db->real_escape_string($val)."'"; 
                $whereSql = " WHERE oauth_provider = '".$data['oauth_provider']."' AND oauth_uid = '".$data['oauth_uid']."'"; 
                // Update user data in the database 
                $query = "UPDATE ".$this->userTbl." SET ".$colvalSet.$whereSql; 
                $update = $this->db->query($query); 
                // Add created time to the data array 
                    $data['created'] = date("Y-m-d H:i:s"); 
                // Prepare column and value format 
                $columns = $values = ''; 
                $i = 0; 
                foreach($data as $key=>$val){ 
                    $pre = ($i > 0)?', ':''; 
                    $columns .= $pre.$key; 
                    $values  .= $pre."'".$this->db->real_escape_string($val)."'"; 
                // Insert user data in the database 
                $query = "INSERT INTO ".$this->userTbl." (".$columns.") VALUES (".$values.")"; 
                $insert = $this->db->query($query); 
            // Get user data from the database 
            $result = $this->db->query($checkQuery); 
            $userData = $result->fetch_assoc(); 
        // Return user data 
        return !empty($userData)?$userData:false; 

Site Settings and API Configuration (config.php)

the database settings and Facebook API configuration constant variables are defined in the config.php file.
Database Constants:

DB_HOST – Specify the database host.
DB_USERNAME – Specify the database username.
DB_PASSWORD – Specify the database password.
DB_NAME – Specify the database name.
DB_USER_TBL – Specify the table name where the user’s account data will be stored.
Facebook API Constants:

FB_APP_ID – Specify the Facebook App ID.
FB_APP_SECRET – Specify the Facebook App Secret.
FB_REDIRECT_URL – Specify the Callback URL.

Call Facebook API:

The PHP SDK library is used to connect with Facebook API and working with OAuth client.

 * Basic Site Settings and API Configuration

// Database configuration
define('DB_HOST', 'MySQL_Database_Host');
define('DB_USERNAME', 'MySQL_Database_Username');
define('DB_PASSWORD', 'MySQL_Database_Password');
define('DB_NAME', 'MySQL_Database_Name');
define('DB_USER_TBL', 'users');

// Facebook API configuration
define('FB_APP_ID', 'Insert_Facebook_App_ID');
define('FB_APP_SECRET', 'Insert_Facebook_App_Secret');
define('FB_REDIRECT_URL', 'Callback_URL');

// Start session

// Include the autoloader provided in the SDK
require_once __DIR__ . '/facebook-php-graph-sdk/autoload.php';

// Include required libraries
use Facebook\Facebook;
use Facebook\Exceptions\FacebookResponseException;
use Facebook\Exceptions\FacebookSDKException;

// Call Facebook API
$fb = new Facebook(array(
    'app_id' => FB_APP_ID,
    'app_secret' => FB_APP_SECRET,
    'default_graph_version' => 'v3.2',

// Get redirect login helper
$helper = $fb->getRedirectLoginHelper();

// Try to get access token
try {
        $accessToken = $_SESSION['facebook_access_token'];
          $accessToken = $helper->getAccessToken();
} catch(FacebookResponseException $e) {
     echo 'Graph returned an error: ' . $e->getMessage();
} catch(FacebookSDKException $e) {
    echo 'Facebook SDK returned an error: ' . $e->getMessage();

Login & Get Facebook Account Data (index.php)

// Include configuration file
require_once 'config.php';

// Include User class
require_once 'User.class.php';

        // Put short-lived access token in session
        $_SESSION['facebook_access_token'] = (string) $accessToken;
          // OAuth 2.0 client handler helps to manage access tokens
        $oAuth2Client = $fb->getOAuth2Client();
        // Exchanges a short-lived access token for a long-lived one
        $longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
        $_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
        // Set default access token to be used in script
    // Redirect the user back to the same page if url has "code" parameter in query string
        header('Location: ./');
    // Getting user's profile info from Facebook
    try {
        $graphResponse = $fb->get('/me?fields=name,first_name,last_name,email,link,gender,picture');
        $fbUser = $graphResponse->getGraphUser();
    } catch(FacebookResponseException $e) {
        echo 'Graph returned an error: ' . $e->getMessage();
        // Redirect user back to app login page
        header("Location: ./");
    } catch(FacebookSDKException $e) {
        echo 'Facebook SDK returned an error: ' . $e->getMessage();
    // Initialize User class
    $user = new User();
    // Getting user's profile data
    $fbUserData = array();
    $fbUserData['oauth_uid']  = !empty($fbUser['id'])?$fbUser['id']:'';
    $fbUserData['first_name'] = !empty($fbUser['first_name'])?$fbUser['first_name']:'';
    $fbUserData['last_name']  = !empty($fbUser['last_name'])?$fbUser['last_name']:'';
    $fbUserData['email']      = !empty($fbUser['email'])?$fbUser['email']:'';
    $fbUserData['gender']     = !empty($fbUser['gender'])?$fbUser['gender']:'';
    $fbUserData['picture']    = !empty($fbUser['picture']['url'])?$fbUser['picture']['url']:'';
    $fbUserData['link']       = !empty($fbUser['link'])?$fbUser['link']:'';
    // Insert or update user data to the database
    $fbUserData['oauth_provider'] = 'facebook';
    $userData = $user->checkUser($fbUserData);
    // Storing user data in the session
    $_SESSION['userData'] = $userData;
    // Get logout url
    $logoutURL = $helper->getLogoutUrl($accessToken, FB_REDIRECT_URL.'logout.php');
    // Render Facebook profile data
        $output  = '<h2>Facebook Profile Details</h2>';
        $output .= '<div class="ac-data">';
        $output .= '<img src="'.$userData['picture'].'"/>';
        $output .= '<p><b>Facebook ID:</b> '.$userData['oauth_uid'].'</p>';
        $output .= '<p><b>Name:</b> '.$userData['first_name'].' '.$userData['last_name'].'</p>';
        $output .= '<p><b>Email:</b> '.$userData['email'].'</p>';
        $output .= '<p><b>Gender:</b> '.$userData['gender'].'</p>';
        $output .= '<p><b>Logged in with:</b> Facebook</p>';
        $output .= '<p><b>Profile Link:</b> <a href="'.$userData['link'].'" target="_blank">Click to visit Facebook page</a></p>';
        $output .= '<p><b>Logout from <a href="'.$logoutURL.'">Facebook</a></p>';
        $output .= '</div>';
        $output = '<h3 style="color:red">Some problem occurred, please try again.</h3>';
    // Get login url
    $permissions = ['email']; // Optional permissions
    $loginURL = $helper->getLoginUrl(FB_REDIRECT_URL, $permissions);
    // Render Facebook login button
    $output = '<a href="'.htmlspecialchars($loginURL).'"><img src="images/fb-login-btn.png"></a>';

<!DOCTYPE html>
<html lang="en-US">
<title>Login with Facebook using PHP by Developerguidance</title>
<meta charset="utf-8">
<div class="container">
    <div class="fb-box">
        <!-- Display login button / Facebook profile information -->
        <?php echo $output; ?>
Logout (logout.php)
If the user wishes to log out from their Facebook account, the logout.php file is loaded.

Remove access token and user data from the SESSION.
Redirect the user to the homepage.
// Include configuration file
require_once 'config.php';

// Remove access token from session

// Remove user data from session

// Redirect to the homepage

In this record, the Facebook API verification process is dealt with utilizing PHP.

  • If the user authenticates with their Facebook account, the following happens:
    • The profile information is retrieved from the Facebook account using Facebook Graph API.
    • The account data is inserted into the database using checkUser() function of User class.
    • The user’s account info is stored in the SESSION.
    • The Facebook profile details (Name, First name, Last name, Email, Gender, Picture, and Profile link) is displayed on the webpage.
    • Also, the Logout link is generated using getLogoutUrl() method of the login helper class.

In this tutorial, we’ve attempted to make Facebook Login execution speedier and easier. The model code incorporates Facebook Login with the Facebook SDK for PHP. You don’t have to add the SDK library documents independently, our source code contains every one of the necessary records with the SDK v5 for PHP. You just need to indicate some insignificant settings for adding login framework with Facebook to your site utilizing PHP.

Leave a reply