Frank,
That thread was concerning a security issue from Facebook, that JFBConnect was never affected by. The 3.x series uses the OAuth 1.x protocol. Though I was a bit confused at the beginning of that thread (we were in a rush to determine what was going on), I tried to make it clear in the post below that we'd be moving to OAuth2.0 when it was available (which, at the time, was required by Facebook on September 1st, but was subsequently moved back to October 1st).
www.sourcecoast.com/forums/jfbconnect/jf...open-auth?p=2#p10262
Facebook finally released the updated PHP & Javascript libraries at the end of August, and we implemented it in our 4.0 release in early September.
The move to 4.0 was specifically to delineate that it uses the new methods, and is compatible with the change requirement.
In our most recent newsletters and 4.0 release blog posts, we made this very clear. Hopefully, you're following one of these, but both are linked below.
JFBConnect v4.0 Now Available (Newsletter, Sept 16)
JFBConnect 4.0 release post
We auto-subscribe all of our subscribers to the newsletter just because we send out important updates like this, so you would have had to opt-out at some point if you didn't receive it.
Hope that explains the situation. We'll definitely be monitoring things closely tomorrow with the 3.x series as we really don't know what Facebook will do with user's trying to login through the old scheme.. hopefully, there will be a good grace period where they send out notices to admins.. but you never know.
Thanks,
Alex