# STEP 2: Exchange the code that we have for an access token $data = array(); $data['get'] = array( 'client_id' => $client_id, 'client_secret' => $client_secret, 'code' => $_GET['code'], 'redirect_uri' => $callbackURL, ); $response = xhttp::fetch('https://graph.facebook.com/oauth/access_token', $data); if($response['successful']) { $data = xhttp::toQueryArray($response['body']); $_SESSION['access_token'] = $data['access_token']; $_SESSION['loggedin'] = true; $data = array(); $data['get'] = array( 'access_token' => $_SESSION['access_token'], 'fields' => 'id,name,accounts' ); $response = xhttp::fetch('https://graph.facebook.com/me', $data); if($response['successful']) { $_SESSION['user'] = json_decode($response['body'], true); $_SESSION['user']['access_token'] = $_SESSION['access_token']; } else {