So I've been up all night trying to figure this out (literally). But Im stumped. What I want to do is, simply, to save access tokens for future use and to allow users to not have to "Allow" the app each time. When I use the access tokens in "done.php" that I stored and retrieved, the "GET" action works but the "POST" doesnt.
addblogs.php (This script, ran right after registration, snags the access tokens and stores them... right now it isn't salted, but it will be)
include('functions.php');
require_once('tumblroauth/tumblroauth.php');
require_once('config.php');
session_start();
sec_session_start();
$tumblrblog = $_SESSION['tumblrblog'];
$connection = new TumblrOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
if (200 == $connection->http_code) {
$at = implode(",",$access_token);
$insert_stmt = $mysqli->prepare("INSERT INTO tumblogs (tumblrblog, access_token) VALUES ( ?, ?)");
$insert_stmt->bind_param('ss', $tumblrblog, $at);
$insert_stmt->execute();
print_r ($access_token);
} else {
header('Location: ./clearsessions.php');
}
done.php (Retreive and Use the saved access tokens)
include('functions.php');
session_start();
sec_session_start();
require_once('tumblroauth/tumblroauth.php');
require_once('config.php');
$tumblrblog = $_SESSION['tumblrblog'];
$stmt = $mysqli->prepare('SELECT access_token FROM `tumblogs` WHERE tumblrblog=? LIMIT 1');
$stmt->bind_param("s", $tumblrblog);
$stmt->execute();
$stmt->bind_result($at);
$stmt->fetch();
$access_token = explode(",", $at);
$connection = new TumblrOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['0'], $access_token['1']);
print_r($access_token['0']);
$hostname = "$tumblrblog.tumblr.com";
$connection = new TumblrOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['0'], $access_token['1']);
$userinfo = $connection->get('http://api.tumblr.com/v2/user/info');
print_r($userinfo);
$pic_path = "dir/$tumblrblog/good/icon.png";
$pic = file_get_contents($pic_path);
$connection->post('api.tumblr.com/v2/blog/$hostname/post', array('type' => 'text', 'body' => 'this is a test of Tumbloadr v2'));
Thank you all for taking a look!
Brandon
In done.php I would verify that you're also retrieving the correct access token secret by printing $access_token[1] as well. Also, I would remove one of the $connections, theres no need to do it twice. To be a bit more dynamic, you can get the $hostname using this
$hostname = parse_url($blog->url,PHP_URL_HOST);
This clearly isn't a fix, but hopefully it helps a bit.
Why not serialize accessToken before inserting to database? I think it will be the correct way to store tokens in database. You can never know if the token contains "," chars then would your explode destroy the whole access token.
When I store tokens for Dropbox I had to serialize and unserialize when using it.
Related
I'm having issues with Twitter API and understanding OAuth in general. I'm able to make request to pull information from my account with ease. The problem I'm having is with other users who would be using "Sign In with Twitter". Even though I am able to get other user information after they sign in, I'm unable to make separate future request with their information on other .php pages (I am not trying to pull info from MySQL). I can only get their information one time on the original .php page after they sign in and the page has loaded.
I will post some code but my main concerns/questions are -- is it possible to save user access token information (and re-use) or will I be needing to have the user sign in every time and authenticate just to pull information from their account? I am having trouble understanding this. What information can I save to make a request in the future on behalf of a user with out having to have them log in every time?
Code example:
require "autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
define('CONSUMER_KEY', 'my consumer key');
define('CONSUMER_SECRET', 'secret');
define('OAUTH_CALLBACK', 'API/Twitter/Twitter.php');
$access_token = 'beep boop boop beep';
$access_token_secret = 'super secret';
session_start();
if (isset($_SESSION['oauth_token'])) {
$oauth_token = $_SESSION['oauth_token'];
echo "<div style='background-color:white; width:100%;'>";
echo $oauth_token; echo "</div>";
unset($_SESSION['oauth_token']);
$connection = new Abraham\TwitterOAuth\TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
$params = array("oauth_verifier" => $_GET['oauth_verifier'], 'oauth_token' => $_GET['oauth_token']);
$access_token = $connection->oauth('oauth/access_token', $params);
$connection = new Abraham\TwitterOAuth\TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$content = $connection->get('account/verify_credentials');
//Printing the profile data
//print_r($content);
$TimeLine = $connection->get("statuses/user_timeline", ["screen_name"=>$content->screen_name, "count"=>10]);
echo "<br><br><br>";
echo "<div style='width:100%; background-color:red; height:auto;'>";
print_r($connection);
echo "</div>";
//print_r($TimeLine);
} else {
$connection = new Abraham\TwitterOAuth\TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
$temporary_credentials = $connection->oauth('oauth/request_token', array("oauth_callback" => $callback));
$_SESSION['oauth_token'] = $temporary_credentials['oauth_token'];
$_SESSION['oauth_token_secret'] = $temporary_credentials['oauth_token_secret'];
$url = $connection->url('oauth/authenticate', array('oauth_token' => $temporary_credentials['oauth_token']));
}
What you need in order to maintain access to user information on behalf of them is the generated oAuth Token and oAuth Token Secret. In my particular case listed above, the steps should be
$connection = new Abraham\TwitterOAuth\TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, USER_oAuth_TOKEN, USER_oAuth_TOKEN_SECRET);
$content = $connection->get('account/verify_credentials');
You will need your own application CONSUMER_KEY and CONSUMER_SECRET. When someone signs in with Twitter, you have to save their oAuth Token and oAuth Token Secret. When you have this information (stored in a database), you can now make calls on behalf of the user for future request.
More into the specific problem I had listed above, I was not saving this information. I kept making new oAuth Tokens and Secrets.
I know that there are tons of similar questions, but NONE worked for me. I have an Oauth twitter system integrated into my website. I can get user's id, screen_name, etc. However, I don't know how to get user's profile photo in original size or full size. Please, if you're going to answer this question, don't copy and paste a bunch of document library from twitter, because that's Mandarin Chinese to me and I've already tried to do it with no success. I just need an url where I can replacethe user's id into one part of the url and then put that url as img's src to show it in html (obviously, I'd do so by executing an "echo" in the oAuth php file. Thanks beforehand.
My code:
<?php
if(!isset($_SESSION)){
session_start();
}
require 'autoload.php';
use Abraham\TwitterOAuth\TwitterOAuth;
define('CONSUMER_KEY', 'xxxxxxxxxxxxxxxxxxxxxxxxx'); // add your app consumer key between single quotes
define('CONSUMER_SECRET', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); // add your app consumer secret key between single quotes
define('OAUTH_CALLBACK', 'http://www.chapatelo.com.ar/chm/peticiones/callback.php'); // your app callback URL
if (!isset($_SESSION['access_token'])) {
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
$request_token = $connection->oauth('oauth/request_token', array('oauth_callback' => OAUTH_CALLBACK));
$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$url = $connection->url('oauth/authorize', array('oauth_token' => $request_token['oauth_token']));
header("Location: " . $url);
} else {
$access_token = $_SESSION['access_token'];
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$user = $connection->get("account/verify_credentials");
$_SESSION["id"] = $user->id;
$_SESSION["usuario"] = $user->screen_name;
$_SESSION["start"] = time();
$_SESSION["expire"] = $_SESSION["start"] + (3600 * 60);
echo '<img src="https://api.twitter.com/1/users/show.json?screen_name=' . $user->screen_name . '"/>'; //Of course, this echo doesn't show any image...
}
?>
Hi all i developed an application for posting tweet using PHp with twitter api 1.1. But that option is only working for me only. If any one authenticated and try to send tweet using that. It's posting tweet on my wall.
How to make this generalized for anyone.
YOUR_CONSUMER_KEY = 'xxxxxxxxxxxxxx';
YOUR_CONSUMER_SECRET = 'xxxx';
$twitteroauth = new TwitterOAuth(YOUR_CONSUMER_KEY, YOUR_CONSUMER_SECRET);
// Requesting authentication tokens, the parameter is the URL we will be redirected to
$request_token = $twitteroauth->getRequestToken('http://xxxx/xxxx/getTwitterData.php');
//print_r($request_token);
$twitteroauth = new TwitterOAuth(YOUR_CONSUMER_KEY, YOUR_CONSUMER_SECRET, $request_token['oauth_token'], $request_token['oauth_token_secret']);
$tmessage = $_POST['message'];
$content = $twitteroauth->post('statuses/update', array('status' => $tmessage));
it's posting tweets on your wall because you're using access token and secret of the app, or you're the authenticated user. You need to log in the user you want to post for, get their access token and secret, then use consumer key, secret, user access token and user access secret to post on their behalf.
It's a bit unclear what you're trying to do, but here's a sample post action with Abraham William's library, which you're using:
require_once('twitteroauth.php');
$key = "***";
$secret = "***";
$token = "***";
$token_secret = "***";
$connection = new TwitterOAuth($key, $secret, $token, $token_secret);
$message = "whatever";
$status = $connection->post($message);
$response= $connection->http_code;
if($response !=200){
echo "ERROR";
}else{
echo "life is good";
}
I am currently trying to integreate twitter into a php web app that I am working on with OAuth.
I have an HTML page which provides a link to the twitter app authentication url which appears to be working fine and is showing the authentication screen.
Below is the code that calls the function.
if (!isset($_GET['oauth_token']))
{
//include("phpHandler/twitterLib/secret.php");
getTwitterURL($consumer_key, $consumer_secret);
}
The consumer_key and consumer_secret are included within a php file.
Below is the code that gets the twitter authorisation url.
function getTwitterUrl($consumer_key, $consumer_secret)
{
$twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
$url = $twitterObj->getAuthorizationUrl();
echo '<a class="linkButtons" href="'.$url.'">Add Twitter</a>';
}
This redirect back to the page fine and then I call the authentication method to retrieve info like twitter username. Below is the function that does the authentication
function authenticate($consumer_key, $consumer_secret)
{
require ("twitterLib/EpiCurl.php");
require ("twitterLib/EpiOAuth.php");
require ("twitterLib/EpiTwitter.php");
require ("twitterLib/secret.php");*/
$twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
$twitterObj->setToken($_GET['oauth_token']);
$token = $twitterObj->getAccessToken();
$twitterObj = new EpiTwitter($consumer_key, $consumer_secret);
$twitterObj->setToken($token->oauth_token, $token->oauth_token_secret);
$token = $twitterObj->getAccessToken();
$twitterObj->setToken($token->oauth_token, $token->oauth_token_secret);
$_SESSION['ot'] = $token->oauth_token;
$_SESSION['ots'] = $token->oauth_token_secret;
$twitterInfo= $twitterObj->get_accountVerify_credentials();
echo '<pre>';
print_r($twitterInfo->response);
}
The echo and print_r is to show the response return from twitter.
I am getting the following error printed out in the array
Array (
[error] => Invalid / expired Token
[request] => /account/verify_credentials.json )
How can I fix this error. I don't know why its invalid or expired, I have closed the browser and started again but get the same error appear.
Thanks for any help you can provide.
Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.
Many users trust an application to read their information but not necessarily change their name or post new statuses. Updating information via the Twitter API - be it name, location or adding a new status - requires and HTTP POST. We stuck with the same restriction when implementing this. Any API method that requires an HTTP POST is considered a write method and requires read & write access.
Whatever your storage system may be, you'll need to begin storing an oauth_token and oauth_token_secret (collectively, an "access token") for each user of your application. The oauth_token_secret should be stored securely. Remember, you'll be accessing these values for every authenticated request your application makes to the Twitter API, so store them in a way that will scale to your user base. When you're using OAuth, you should no longer be storing passwords for any of your users.
require '../tmhOAuth.php';
require '../tmhUtilities.php';
$tmhOAuth = new tmhOAuth(array(
'consumer_key' => 'YOUR_CONSUMER_KEY',
'consumer_secret' => 'YOUR_CONSUMER_SECRET',
'user_token' => 'AN_ACCESS_TOKEN',
'user_secret' => 'AN_ACCESS_TOKEN_SECRET',
));
// we're using a hardcoded image path here. You can easily replace this with an uploaded image-see images.php example)
// 'image = "#{$_FILES['image']['tmp_name']};type={$_FILES['image']['type']};filename={$_FILES['image']['name']}",
$image = "./dickvandyke.jpg';
$code = $tmhOAuth->request('POST', 'https://upload.twitter.com/1/statuses/update_with_media.json',
array(
'media[]' => "#{$image}",
'status' => "Don't slip up" // Don't give up..
),
true, // use auth
true // multipart
);
if ($code == 200) {
tmhUtilities::pr(json_decode($tmhOAuth->response['response']));
} else {
tmhUtilities::pr($tmhOAuth->response['response']);
}
I've managed to find the problem. I always creating two new EpiTwitter objects in the authenticate function.
I worked on new Twitter API. It is working fine for me with following code I did.
<?php
require "vendor/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
$consumer_key = "XXXXXXX";
$consumer_secret = "XXXXXXX";
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token= $connection->oauth('oauth/request_token', array('oauth_callback' => "http://callbackurlhere.com/callback.php"));
$url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
header('Location: '. $url);
?>
callback.php code below to obtain the permanent oauthToken and save it in database for further use:
<?php
require "vendor/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
// session_start();
if(isset($_REQUEST['oauth_verifier'])){
$oauth_access_token = $_REQUEST['oauth_token'];
$oauth_access_token_secret = $_REQUEST['oauth_verifier'];
$consumer_key = "XXXXXXXXXXXXXXXX";
$consumer_secret = "XXXXXXXXXXXXXXX";
$connection = new TwitterOAuth($consumer_key, $consumer_secret,$oauth_access_token , $oauth_access_token_secret );
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $oauth_access_token_secret));
var_dump($access_token); die("--success here--");// Obtain tokens and save it in database for further use.
}
?>
So I'm trying to post tweets of a user through my application. Whenever I freshly get the oauth_token and oauth_secret, I can post a tweet no problem, However, if I try to save them for later and then post a tweet, I get the error:
object(stdClass)#5 (2) {
["error"]=>
string(27) "Could not authenticate you."
["request"]=>
string(23) "/1/statuses/update.json"
}
Here is the script I use to get the tokens initially:
<?php
require("config.php");
require("twitterOAuth.php");
session_start();
if(!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret'])){
// We've got everything we need
} else {
// Something's missing, go back to square 1
//header('Location: new_index.php');
}
// TwitterOAuth instance, with two new parameters we got in twitter_login.php
$twitteroauth = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
// Let's request the access token
$oauth_token = $_SESSION['oauth_token'];
$oauth_secret = $_SESSION['oauth_token_secret'];
$access_token = $twitteroauth->getAccessToken($_GET['oauth_verifier']);
//post tweet
$result = $twitteroauth->post('statuses/update', array('status' => 'asd '));
// Save it in a session var
$_SESSION['access_token'] = $access_token;
// Let's get the user's info
$user_info = $twitteroauth->get('account/verify_credentials');
?>
And here is the script where I just try to tweet it using the tokens:
<?php
require("config.php");
require_once('twitterOAuth.php');
$oAuthToken = $argv[1];
$oAuthSecret = $argv[2];
$message = $argv[3];
$post_id = $argv[4];
// create a new instance
$tweet = new TwitterOAuth($consumerKey, $consumerSecret, "$oAuthToken", "$oAuthSecret");
//send a tweet
$result = $tweet->post('statuses/update', $message);//array('status' => "$message"));
$tweet_id = $result['id_str'];
?>
Any ideas? I could really use some help here. It worked fine last night and now all the sudden it's not working at all :/
Could the tokens expire and not work after they're not session variables?
/*Try this one it will work proper*/
session_start();
require("config.php");
require_once("twitterOAuth.php");
$access_token = $_SESSION['access_token'];//which you got from callback
/* Create a TwitterOauth object with consumer/user tokens. */
$tweet = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$tweet->post('direct_messages/new', array('text' => $messageBody, 'screen_name' => $screenName))
Try to use this code (in the second part of your code):
<?php
session_start();
require("config.php");
require_once("twitterOAuth.php");
$oAuthToken = $_SESSION['oauth_token'];
$oAuthSecret = $_SESSION['oauth_token_secret'];
and so on. Does this code work for you?