CSRF state token does not match one provided FB PHP SDK 3.1.1 Oauth 2.0

Question

My server logs show a \"CSRF state token does not match one provided\" error which seems to happen for almost every user. However, the users are created and/or authenticated

Answer 1

if you use .htaccess mod rewrite redirects on your page, use the [QSA] (Query String Append) at the end of the lines to preserve the GET variables, or else you lost the $code variable, which is required to the facebook login