[twitter-dev] Re: Stop playing around with Source parameters
HTML does not make the order of attributes significant, so it's not a good idea to rely on a specific order. Sounds like you want to strip out markup, so you should already be running a whitelist of acceptable attributes, and not let through the the rest. For example, you wouldn't want to let through any inline event handler attributes, or inline styles. This approach will help solve the issue you are having, as well as giving you a starting point for consuming HTML safely. Here's some guidance on doing that: http://diveintomark.org/archives/2003/06/12/how_to_consume_rss_safely On Sat, Aug 22, 2009 at 5:17 AM, TCIticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Re: /statuses/destroy error erroneously?
Calling /statuses/destroy (on a valid status ID) seems to return a 400 error with a Bad request. We could not delete that status for some reason.. ... but the status is successfully deleted. Bug? Seeing this also. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Eeny, Meeny, Jelly Beanie, the spirits are about to speak! -- Bullwinkle ---
[twitter-dev] I can't use OAuth and I want to apply source(from[myApp])
I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web app want to show from [myApp], the only way is to use OAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com to use OAuth. So I can't use OAuth. The only way to login is use HTTP Basic, as the result, statuses post from Twitese just show from web. So I want to apply a source for my Twitese, is that possible?
[twitter-dev] Re: Stop playing around with Source parameters
On Sat, Aug 22, 2009 at 1:17 AM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a Or, maybe, you can try using this regex: /a.*? href=(.*?).*?(.*?)\/a/ and let them do whatever they want. -- Gonzalo. PS: My english sucks, sorry about that.
[twitter-dev] Re: Stop playing around with Source parameters
Ummm... strip_tags()'s? On Fri, Aug 21, 2009 at 9:17 PM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Re: /statuses/destroy error erroneously?
Please file a ticket: http://code.google.com/p/twitter-api/issues/ Thanks, -Chad On Sat, Aug 22, 2009 at 3:32 AM, Cameron Kaiserspec...@floodgap.com wrote: Calling /statuses/destroy (on a valid status ID) seems to return a 400 error with a Bad request. We could not delete that status for some reason.. ... but the status is successfully deleted. Bug? Seeing this also. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Eeny, Meeny, Jelly Beanie, the spirits are about to speak! -- Bullwinkle ---
[twitter-dev] Re: Stop playing around with Source parameters
Crazily enough, not everyone writes in PHP. ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera) On Sat, Aug 22, 2009 at 3:28 AM, Joel Strellnerj...@twitturly.com wrote: Ummm... strip_tags()'s? On Fri, Aug 21, 2009 at 9:17 PM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Re: heavy throttling by search.twitter.com API from GAE application
not sure about GAE, but for AWS, you can request for a static IP, it costs some $, but it's the only way to work with Twitter API if rate limit is an issue for you On Aug 21, 1:29 pm, BenHedrington b...@hedrington.com wrote: I agree GAE throttle on the Search API is not behaving as it has in the past, Can someone please look into this? -Ben Hedrington On Aug 21, 11:48 am, Jud jvale...@gmail.com wrote: I've got a python app running on Google App Engine (appspot hosted) that querieshttp://search.twitter.com/search.atom?q=forsimple queries (e.g. foo OR bar), and it's being severely throttled (e.g. can't get a successful request through (response 200 w/ data) more than a couple of times per _hour_). - I'm setting the UA string to something unique/identifiable (e.g. my company name) - I'm respecting the retry-after header coming back when I see a 503 (average retry-after duration is ~750) - GAE turns the IP address behind the app over ~ every 6 hours - app hits tries to hit search.twitter.com every 5 minutes. I've successfully polled the endpoint at much higher rates (in completely different IP address ranges) in the past, without issue. Unclear what's going on. Any suggestions would be greatly appreciated.
[twitter-dev] Re: how can I get user address using Twitter API?
Spam? Privacy? Call me crazy, I know! ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera) On Fri, Aug 21, 2009 at 10:25 PM, Bo Huangbohua...@gmail.com wrote: Is there any reason twitter doesn't support it? it is so weird. On Aug 21, 6:03 am, JDG ghil...@gmail.com wrote: no, on purpose. On Fri, Aug 21, 2009 at 01:08, Bo Huang bohua...@gmail.com wrote: Hi, I am trying to integrate Twitter OAuth with my website. Right now I can use this API (https://twitter.com/account/verify_credentials.xml) to get lots of profile information like user ID, screen name, but I didn't any info about the user email address. Is there any API to get email address? Thanks in advance. Bo -- Internets. Serious business.
[twitter-dev] Re: heavy throttling by search.twitter.com API from GAE application
On Sat, Aug 22, 2009 at 6:26 AM, Beierbeier...@gmail.com wrote: not sure about GAE, but for AWS, you can request for a static IP, it costs some $, but it's the only way to work with Twitter API if rate limit is an issue for you GAE has no such IP offering yet. Also, by its very nature, all activity on GAE is global -- which is why it's taking them a while to deliver SSL services as well. ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)
[twitter-dev] Re: Stop playing around with Source parameters
Use DOM functions in your language to parse it. Dont use Regex. Another Good solution is using libxml. But Html is not XML. So you may have to convert it. Thats why DOM is better. -- A K M Mokaddim http://talk.cmyweb.net http://twitter.com/shiplu Stop Top Posting !! বাংলিশ লেখার চাইতে বাংলা লেখা অনেক ভাল
[twitter-dev] Re: Stop playing around with Source parameters
Can you use DOM functions in most languages on mere HTML fragments? ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera) On Sat, Aug 22, 2009 at 7:38 AM, shiplushiplu@gmail.com wrote: Use DOM functions in your language to parse it. Dont use Regex. Another Good solution is using libxml. But Html is not XML. So you may have to convert it. Thats why DOM is better. -- A K M Mokaddim http://talk.cmyweb.net http://twitter.com/shiplu Stop Top Posting !! বাংলিশ লেখার চাইতে বাংলা লেখা অনেক ভাল
[twitter-dev] Re: how can I get user address using Twitter API?
I am trying to integrate Twitter OAuth with my website. Right now I can use this API (https://twitter.com/account/verify_credentials.xml) to get lots of profile information like user ID, screen name, but I didn't any info about the user email address. Is there any API to get email address? Thanks in advance. Is there any reason twitter doesn't support it? it is so weird. App User: Morning, Mail Server: Morning. App User: What have you got? Mail Server: Well, there's egg and bacon, egg sausage and bacon Egg and spam Egg, bacon and spam Egg, bacon, sausage and spam Spam, bacon, sausage and spam Spam, egg, spam, spam, bacon and spam Spam, sausage, spam, spam, spam, bacon, spam tomato and spam Spam, spam, spam, egg and spam Spam, spam, spam, spam, spam, spam, baked beans, spam, spam, spam and spam. (Developers: Spam! Spam! Spam! Spam! Lovely Spam! Lovely Spam!) Or Lobster Thermidor aux crevettes with a mornay sauce served in a provencale manner with shallots and aubergines garnished with truffle pate, brandy and a fried egg on top and spam. Email User: Have you got anything without spam? Mail Server: Well, the spam, eggs, sausage and spam That's not got much spam in it Email User: I don't want any spam! App User: Why can't she have eggs, bacon, spam and sausage? Email User: That's got spam in it! App User: Hasn't got much spam in it as spam, eggs, sausage and spam has it? (Developers: Spam! Spam! Spam!...) Email User: Could you do me eggs, bacon, spam and sausage without the spam, then? Mail Server: Iiiich!! Email User: What do you mean 'Iich'? I don't like spam! (Developers: Lovely spam! Wonderful spam!) Mail Server (to Developers): Shut up! (Developers: Lovely spam! Wonderful spam!) Mail Server: Shut Up! Bloody Developers! You can't have egg, bacon, spam and sausage without the spam. Email User: I don't like spam! App User: Shush dear, don't have a fuss. I'll have your spam. I love it, I'm having spam, spam, spam, spam, spam, spam, spam, baked beans, spam, spam, spam, and spam! (Developers: Spam! Spam! Spam! Spam! Lovely spam! Wonderful spam!) Mail Server: Shut Up!! Baked beans are off. App User: Well, could I have her spam instead of the baked beans then? Mail Server: You mean spam, spam, spam, spam, spam, spam, spam, spam, spam, spam, spam, spam and spam? Developers (intervening): Spam! Spam! Spam! Spam! Lovely spam! Wonderful spam! Spam spa-a-a-a-a-am spam spa-a-a-a-a-am spam. Lovely spam! Lovely spam! Lovely spam! Lovely spam! Spam spam spam spam! Chris Babcock
[twitter-dev] Re: how can I get user address using Twitter API?
I am trying to integrate Twitter OAuth with my website. Right now I can use this API (https://twitter.com/account/verify_credentials.xml) to get lots of profile information like user ID, screen name, but I didn't any info about the user email address. Is there any API to get email address? Thanks in advance. Is there any reason twitter doesn't support it? it is so weird. Levity aside, even if the user grants you rights to do everything else possible with his or her Twitter account, that does not absolve Twitter of the right and the responsibility to maintain the privacy of the email address used on the account. There is also the next logical stop after getting an address via the API, which is changing it via the API. Why not allow that too? Well, maybe because it would make using OAuth as insecure as using basic with 3rd party services. Being able to change the email address on an account that offers password recovery services is the same as being able to change the password and lock out the original user. Identifying the email account used to register for a service is not only a Spam concern, but it is also a step towards being able to hi-jack the account. Instead of needing to crack one password to access the account, a hacker can choose one of two. Also, most email users don't control their own mail infrastructure, so passwords shared across acounts and the lack of implementation of secure protocols for services means that doubling the number of services exposed to attack more than doubles the chances of an attack being successful. I'm not saying that Twitter is a secure service, but that publishing the email address given by the user for the service - even to those who provide some credentials or level of trust for the account - presents an additional level of trust that cannot be safely implied from the initial delegation. Chris Babcock
[twitter-dev] Re: how can I get user address using Twitter API?
On 8/22/09 5:49 AM, Andrew Badera wrote: Spam? Privacy? Call me crazy, I know! So, who wants to form a data mining startup that crawls websites for follow me on twitter links to people's twitter IDs, then correlates that to contact email addresses for the site ... Easy revenue model: sell lookups from email - twitter ID and twitter ID - email. Could this ever violate Twitter's ToS? In theory, you could build such a service without ever accessing twitter.com - just crawl blogs and tumblr and posterous and other such sites where folks advertise their twitter IDs, then try to identify contact email address for the site owner. Clearly, there's demand for such a service - would people pay for this data? -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: I can't use OAuth and I want to apply source(from[myApp])
you could speak with a proxy outside of china, which could do the OAuth for you On Fri, Aug 21, 2009 at 23:40, bang bang...@gmail.com wrote: I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web app want to show from [myApp], the only way is to use OAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com to use OAuth. So I can't use OAuth. The only way to login is use HTTP Basic, as the result, statuses post from Twitese just show from web. So I want to apply a source for my Twitese, is that possible? -- Internets. Serious business.
[twitter-dev] Re: Stop playing around with Source parameters
technically as long as it's well formed, any fragment can be valid XML in the eyes of DOM (sounds like an Italian mobster there). I mean sure, you couldn't feed it a href=foohi but you could feed it a href=foohi/a On Sat, Aug 22, 2009 at 06:27, Andrew Badera and...@badera.us wrote: Can you use DOM functions in most languages on mere HTML fragments? ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera)http://www.google.com/search?q=%28andrew+badera%29+OR+%28andy+badera%29 On Sat, Aug 22, 2009 at 7:38 AM, shiplushiplu@gmail.com wrote: Use DOM functions in your language to parse it. Dont use Regex. Another Good solution is using libxml. But Html is not XML. So you may have to convert it. Thats why DOM is better. -- A K M Mokaddim http://talk.cmyweb.net http://twitter.com/shiplu Stop Top Posting !! বাংলিশ লেখার চাইতে বাংলা লেখা অনেক ভাল -- Internets. Serious business.
[twitter-dev] Re: how can I get user address using Twitter API?
surely you're joking. PLEASE tell me you're joking, because my skin is crawling. On Sat, Aug 22, 2009 at 08:01, Dossy Shiobara do...@panoptic.com wrote: On 8/22/09 5:49 AM, Andrew Badera wrote: Spam? Privacy? Call me crazy, I know! So, who wants to form a data mining startup that crawls websites for follow me on twitter links to people's twitter IDs, then correlates that to contact email addresses for the site ... Easy revenue model: sell lookups from email - twitter ID and twitter ID - email. Could this ever violate Twitter's ToS? In theory, you could build such a service without ever accessing twitter.com - just crawl blogs and tumblr and posterous and other such sites where folks advertise their twitter IDs, then try to identify contact email address for the site owner. Clearly, there's demand for such a service - would people pay for this data? -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- Internets. Serious business.
[twitter-dev] Re: how can I get user address using Twitter API?
On Sat, 22 Aug 2009 10:01:08 -0400 Dossy Shiobara do...@panoptic.com wrote: Easy revenue model: sell lookups from email - twitter ID and twitter ID - email. That's a fair response to an earlier thread about looking up the Twitter ID by email address. The message to which you were responding had to do with verify credentials. It's was a fair question as the implications are for more subtle. Here's the real threat model... Provide a service that uses your OAuth key and logs the response to verify credentials calls. You obtain valid email addresses and names that people actually use to self-identify. If you use, misuse, abuse or resell these to third parties, it is traced back to Twitter - not you - and you have a very high quality list of names and email addresses that can help your spam mailing score well on some features of some content filters - including the human eye. What makes it work is that, as far as the user knows, your service never asked for an email address. Chris Babcock
[twitter-dev] Re: how can I get user address using Twitter API?
On Sat, Aug 22, 2009 at 10:01 AM, Dossy Shiobarado...@panoptic.com wrote: On 8/22/09 5:49 AM, Andrew Badera wrote: Spam? Privacy? Call me crazy, I know! So, who wants to form a data mining startup that crawls websites for follow me on twitter links to people's twitter IDs, then correlates that to contact email addresses for the site ... Easy revenue model: sell lookups from email - twitter ID and twitter ID - email. Could this ever violate Twitter's ToS? In theory, you could build such a service without ever accessing twitter.com - just crawl blogs and tumblr and posterous and other such sites where folks advertise their twitter IDs, then try to identify contact email address for the site owner. Clearly, there's demand for such a service - would people pay for this data? Hopefully most of us use Spam Poison and/or CAPTCHAs to conceal or obscure contact addresses on our site :) --ab
[twitter-dev] Re: Stop playing around with Source parameters
Wouldn't str_replace('rel=nofollow', '', $href_from_twitter) work just as well? Dewald On Aug 22, 1:54 am, Gonzalo Larralde gonzalolarra...@gmail.com wrote: On Sat, Aug 22, 2009 at 1:17 AM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a Or, maybe, you can try using this regex: /a.*? href=(.*?).*?(.*?)\/a/ and let them do whatever they want. -- Gonzalo. PS: My english sucks, sorry about that.
[twitter-dev] Re: Stop playing around with Source parameters
Thanks to all for your suggestions on how to parse, remove nofollows or extract the URL, but that's not the bottomline of my message. There are some source parameters that are posting automated crap constantly, and since I run a trending engine I continuously exclude these tweets. Yes I can parse and str replace and even base myself only on the URL, but the 2 side effects are that my processing time increase (a simple string compare vs a regex) - which becomes significant as I increase the volume I intend to process, and that the URL's themselves can easily change to workaround these filters. I will keep my simple compare - the sites are not that many and the processing toll of regex'ing this does not merit it - but I would appreciate some word from Twitter when the source parameter is being changed, or else some sourceid that is stable. R On Aug 21, 10:17 pm, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Re: Stop playing around with Source parameters
Hi All, We did not intend for the nofollow string to be included in API results. It is on our list to fix. In the meantime you will need to parse around it. Thanks, -Chad On Sat, Aug 22, 2009 at 11:20 AM, Costa Ricaticoconid...@gmail.com wrote: Thanks to all for your suggestions on how to parse, remove nofollows or extract the URL, but that's not the bottomline of my message. There are some source parameters that are posting automated crap constantly, and since I run a trending engine I continuously exclude these tweets. Yes I can parse and str replace and even base myself only on the URL, but the 2 side effects are that my processing time increase (a simple string compare vs a regex) - which becomes significant as I increase the volume I intend to process, and that the URL's themselves can easily change to workaround these filters. I will keep my simple compare - the sites are not that many and the processing toll of regex'ing this does not merit it - but I would appreciate some word from Twitter when the source parameter is being changed, or else some sourceid that is stable. R On Aug 21, 10:17 pm, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Re: I can't use OAuth and I want to apply source(from[myApp])
Well even with a proxy the users of the app would still need to access twitter.com. Unless twitter makes an exception here I don't see any other way of setting a custom source. It's a shame china is blocking twitter, but I'd imagine they would probably end up blocking your site soon if it became popular. Best of luck. On Sat, Aug 22, 2009 at 9:10 AM, JDG ghil...@gmail.com wrote: you could speak with a proxy outside of china, which could do the OAuth for you On Fri, Aug 21, 2009 at 23:40, bang bang...@gmail.com wrote: I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web app want to show from [myApp], the only way is to use OAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com to use OAuth. So I can't use OAuth. The only way to login is use HTTP Basic, as the result, statuses post from Twitese just show from web. So I want to apply a source for my Twitese, is that possible? -- Internets. Serious business. -- Josh
[twitter-dev] Trying to display JSON object
I am using the Twitter API and have the following JSON object returned after a search query. print_r($json) is: [code] $contents = file_get_contents(http://search.twitter.com/search.json? lang=enrpp=5q=MyNetwork); $json = json_decode($contents); echo print_r($json); [/code] outputs: [code] stdClass Object ( [results] = Array ( [0] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = xxjillbabexx13 [id] = 3463574532 [from_user_id] = 32993629 [iso_language_code] = en [source] = a href=http://twitter.com/;web/a [profile_image_url] = http://a3.twimg.com/profile_images/367795893/jillian_09_009_normal.jpg [created_at] = Sat, 22 Aug 2009 01:53:19 + ) [1] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = lizolee13 [id] = 3463565385 [from_user_id] = 19569029 [iso_language_code] = en [source] = a href=http://www.atebits.com/; rel=nofollowTweetie/ a [profile_image_url] = http://s.twimg.com/a/1250203207/images/default_profile_normal.png [created_at] = Sat, 22 Aug 2009 01:52:48 + ) [2] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wrestling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = 2xtreme4u [id] = 3463561766 [from_user_id] = 16055999 [iso_language_code] = en [source] = a href=http://twitter.com/;web/a [profile_image_url] = http://a3.twimg.com/profile_images/334787385/me_lookin_bad_normal.jpg [created_at] = Sat, 22 Aug 2009 01:52:36 + ) [3] = stdClass Object ( [text] = RT @MATTHARDYBRAND: Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! [to_user_id] = [from_user] = chelseajeann [id] = 3463351893 [from_user_id] = 31634310 [iso_language_code] = en [source] = a href=http://twitterfon.net/; rel=nofollowTwitterFon/a [profile_image_url] = http://a3.twimg.com/profile_images/263229989/4155_82394743094_528598094_1790754_4065507_n_normal.jpg [created_at] = Sat, 22 Aug 2009 01:40:32 + ) [4] = stdClass Object ( [text] = HardyShowsYuk: Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! RT This [to_user_id] = [from_user] = esquire2385 [id] = 3463289960 [from_user_id] = 24079682 [iso_language_code] = en [source] = a href=http://help.twitter.com/ index.php?pg=kb.pageid=75 rel=nofollowtxt/a [profile_image_url] = http://a1.twimg.com/profile_images/265742378/m_ade11887c36e4b7085a52c26f15f7a5c_normal.jpg [created_at] = Sat, 22 Aug 2009 01:36:57 + ) ) [since_id] = 3319527376 [max_id] = 3463574532 [refresh_url] = ? since_id=3463574532q=MyNetwork [results_per_page] = 5 [next_page] = ?page=2max_id=3463574532rpp=5〈=enq=MyNetwork [warning] = adjusted since_id to 3319527376 (2009-08-15 01:00:00 UTC), requested since_id was older than allowed -- since_id removed for pagination. [completed_in] = 0.021453 [page] = 1 [query] = MyNetwork ) [/code] so how do I display my JSON object using a for loop? [code] for( $counter = 0; $counter = 5; $counter++){ // what goes in here to display the text element from my JSON object? i want to display text for all 5 responses returned from my query } [/code] I have tried this: [php] for( $counter = 0; $counter = 5; $counter++){ echo $json-$counter-text; } [/php] When I use the above code I do not output anything. I get no errors either. The array is full of data because when I print_r($json) I get an array (I have pasted the results in the post above). Why is the array full of data elements but when I try to output each element in my for loop I get nothing in return?
[twitter-dev] dm / follow handling
Hi, I'd appreciate any opinions regarding a dilemma about handling a DM where you don't know if the correct relationship exists. Since a DM isn't rate limited it effectively tells me for 'free' whether the target user is following the source user by raising an exception if the correct relationship doesn't exist. So if you're sending a DM anyhow it would seem better to just try the DM first, then handle the exception if it comes in, rather than make a rate limited call to check the relationship details first. While this seems like a sensible option for the app logic, i'm not so sure if it's sensible with regard to the app's relationship with twitter. It could be percevied to be less responsible, and perhaps after a while DM calls to non-followed users will red-flag the account with twitter? Or maybe, conversely, its been cunningly designed for just this scenario. Any opinions/experience with this? Thanks in advance, Ben
[twitter-dev] Re: Stop playing around with Source parameters
Hehehe... your regex isn't much better! /a\s+(.*?\s+)?href=[']?(.+?)[']?(\s+.*?)?(.+?)\/a/is On Aug 21, 9:54 pm, Gonzalo Larralde gonzalolarra...@gmail.com wrote: On Sat, Aug 22, 2009 at 1:17 AM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a Or, maybe, you can try using this regex: /a.*? href=(.*?).*?(.*?)\/a/ and let them do whatever they want. -- Gonzalo. PS: My english sucks, sorry about that.
[twitter-dev] Can I DM via the API with username and password?
I need my app to be able to send a direct message to a registered users - so I know their username and the password they use to log in. Do I need them to manually authorise this first (using oAuth) or can I avoid this? For reference (and for my sins) the app is developed in c#.net :) Thanks
[twitter-dev] Re: Developer Preview: Geolocation API
Hi Ryan, Thank-you for the fast response. That makes sense, thanks a lot for clarifying. Wow, this is a really exciting feature. Best Regards, Ben On 21 Aug 2009, at 17:44, Ryan Sarver wrote: Ben, Currently we geocode your user.location data to get an idea of where you are. That gets attached to each tweet as it comes in, but its not usually a representation of where you were when you actually sent the tweet. The new functionality will allow you to geotag the actual update without modifying the user.location field. When it comes to search, we'll use both and give priority to the tweet-level geotag. Make sense? Best, Ryan On Fri, Aug 21, 2009 at 4:06 AM, Ben Eliottben.apperr...@googlemail.com wrote: Hi, Please could you advise on the differences between this and the current location based searching facility? Is the current location search based on the users location in their settings whilst this is a exact location for each tweet? Thanks, Ben On 20 Aug 2009, at 21:46, Ryan Sarver wrote: We wanted to give you all a heads up on a cool new feature that is coming soon - Geolocation. The Geolocation API will give us the ability to attach geographic metadata to tweets to provide additional context with your update. Along with the option to tag updates, we will be able to search for nearby tweets and view the geo metadata in user timelines. The additional context allows for us to deliver more meaningful and localized experiences to users. We are also really excited about a unique facet of this release in that it will be API-only initially. This means that Twitter.com won't surface the functionality and we look forward to seeing the new and interesting experiences that will grow out of the ecosystem. As part of our Geolocation efforts we will soon be publishing Geolocation Best Pracitices to guide everyone through issues like security and privacy as well as discussing some ideal experiences for users. Topics will include things like storage of location data, what to do with a user's historical data, how to present the concept of geotagging and more. The guide will create a framework from which we can address the challenges that come about when dealing with something as sensitive as someone's location while hopefully allowing everyone enough creative freedom to create their own experiences around it. It is important to note that the feature is going to be strictly opt- in. It will be disabled until a user chooses to switch it on. We will provide a read-only attribute geo_enabled on the user object so an app can detect if the user has it disabled and let them know if they need to turn it on before using a geolocation feature. While we can't provide an exact date for launch, you should plan on having a few weeks of development time before the new API is officially launched. With that being said, lets get to it... Example: Geotagging a Tweet --- curl -d lat=37.780467long=-122.396762status=I have arrived -u user:pass http://twitter.com/statuses/update.xml; ?xml version=1.0 encoding=UTF-8? status created_atTue Apr 07 22:52:51 + 2009/created_at ... geo xmlns:georss=http://www.georss.org/georss; georss:point37.780467 -122.396762/georss:point /geo user id1401881/id nameDoug Williams/name ... geo_enabledtrue/geo_enabled ... /user /status We have also updated the wiki to reflect what the API will look like when it launches, so check it out and let us know if you have any questions: http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses%C2%A0update http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0verify_credentials We'll also be in our recently announced IRC channel (#twitterapi on irc.freenode.net) if you want to discuss the announcement with the team. Ryan PM, Platform Team http://twitter.com/rsarver
[twitter-dev] Re: heavy throttling by search.twitter.com API from GAE application
Hello Chad, Can you confirm that this is not the case for AWS elastic IPs which had been previously whitelisted by Twitter? Thanks, Darren On Aug 21, 4:35 pm, Chad Etzel jazzyc...@gmail.com wrote: Hello, I have replied to Jud off-list, but for everyone's benefit we'd like to reiterate that AWS and GAE are shared resources and therefore share the rate limit across applications. A dedicated IP and unique UA will guarantee the maximum API limits. There are several cheap and reliable VPS hosting services available which can provide a dedicated IP address and full control over the server. Thanks, -Chad On Fri, Aug 21, 2009 at 12:48 PM, Judjvale...@gmail.com wrote: I've got a python app running on Google App Engine (appspot hosted) that querieshttp://search.twitter.com/search.atom?q=for simple queries (e.g. foo OR bar), and it's being severely throttled (e.g. can't get a successful request through (response 200 w/ data) more than a couple of times per _hour_). - I'm setting the UA string to something unique/identifiable (e.g. my company name) - I'm respecting the retry-after header coming back when I see a 503 (average retry-after duration is ~750) - GAE turns the IP address behind the app over ~ every 6 hours - app hits tries to hit search.twitter.com every 5 minutes. I've successfully polled the endpoint at much higher rates (in completely different IP address ranges) in the past, without issue. Unclear what's going on. Any suggestions would be greatly appreciated.
[twitter-dev] Re: New problem with JSON search API on 32-bit OS?
That is helpful to know. So possibly this is isolated to the PHP json_decode() functionality. In my case, I get the following JSON decoded string from twitter (happens to be empty result set): {results:[],since_id:3448308315,max_id: 3450048057,refresh_url:? since_id=3450048057q=text,results_per_page:10,completed_in: 0.034427,page:1,query:text} but following its processing by json_decode the since_id and max_id parameters are not decoded properly: stdClass Object ( [results] = Array ( ) [since_id] = -846658981 [max_id] = -844919239 [refresh_url] = ?since_id=3450048057q=text [results_per_page] = 10 [completed_in] = 0.034427 [page] = 1 [query] = text ) My current solution is to force the encoded return string to change as follows prior to json_decode: since_id:3448308315,max_id:3450048057 ^ ^ ^ ^ But this is not a great fix. JSJ On Aug 21, 11:37 am, Cameron Kaiser spec...@floodgap.com wrote: Recently my twitter search API code stopped working properly (using search.json). After tracking down the issue here is what I think is going on: - Recently, the status/message IDs returned by the search API began exceeding the maximum positive integer allowed on 32-bit OS platforms (2,147,483,647). For example, in a recent API call I am getting message IDs such as 3,448,308,315. - The twitter API returns these within the JSON string using integer encoding. From PHP, when I decode the return JSON string using json_decode on 32-bit Windows, I end up with ID values such as -958,581,221 rather than 3,xxx,xxx,xxx. I think this is PHP's problem. Perl doesn't have it; it sees this tweet as ID 3 451 486 259, not a negative one relative to 2 147 483 647, and this is on a very old Perl to boot. This is the actual dump from TTYtter's internal hash: [{'text','@mom2twinsplus1 you\'re welcome. alas, browser options are thin for Mac OS 9, which is why we\'re working on it.','to_user_id',276359,'to_user','mom2twinsplus1','from_user','doctorlinguist','id',3451486259,'from_user_id',2769, As you can see, the ID is handled correctly. -- personal:http://www.cameronkaiser.com/-- Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com -- If I am not for myself, who will be for me? -- Pirkei Avot -
[twitter-dev] Re: OAuth - get_request_token - 401 Unauthorized - ruby gem
Worked like a charm! Thanks very much guys. On Aug 21, 3:30 pm, Hedley Robertson hedley.robert...@gmail.com wrote: Gonna chime in here with my obscure fix - check the system clock on the production server? On Fri, Aug 21, 2009 at 6:16 AM, srikanth reddy srikanth.yara...@gmail.comwrote: This might help http://groups.google.com/group/twitter-development-talk/browse_frm/th... On Fri, Aug 21, 2009 at 4:12 PM, themire julian.keenag...@gmail.comwrote: Hi, I've recently started to get 401 Unauthorized errors from twitter while trying to get a request token. I'm using the OAuth Ruby gem and making the request from irb as follows: OAuth::Consumer.new(our_secret, our_key,{ :site=http:// twitter.com }).get_request_token() I've made the request from several different machines and got a good request token back from twitter, but it seems to be giving the 401 errors only on our production server. This used to work fine on this machine until recently. Is there still currently ongoing problems with the twitter api in this regard? Thanks, Julian
[twitter-dev] Re: how can I get user address using Twitter API?
http://www.google.com/search?q=%22follow+me+on+twitter%22+gmail.com as an example... JDG wrote: surely you're joking. PLEASE tell me you're joking, because my skin is crawling. On Sat, Aug 22, 2009 at 08:01, Dossy Shiobara do...@panoptic.com mailto:do...@panoptic.com wrote: On 8/22/09 5:49 AM, Andrew Badera wrote: Spam? Privacy? Call me crazy, I know! So, who wants to form a data mining startup that crawls websites for follow me on twitter links to people's twitter IDs, then correlates that to contact email addresses for the site ... Easy revenue model: sell lookups from email - twitter ID and twitter ID - email. Could this ever violate Twitter's ToS? In theory, you could build such a service without ever accessing twitter.com http://twitter.com - just crawl blogs and tumblr and posterous and other such sites where folks advertise their twitter IDs, then try to identify contact email address for the site owner. Clearly, there's demand for such a service - would people pay for this data? -- Dossy Shiobara | do...@panoptic.com mailto:do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- Internets. Serious business.
[twitter-dev] How you are notified of whitelisting status
We applied for whitelisting this past weekend and haven't heard a peep, or a tweet. How long does it usually take and how are you notified? Thanks!
[twitter-dev] Re: statuses/followers stops returning results after page 101
It's not working for me too, but it worked a few hours ago. Looks like bug. On Aug 22, 2:11 am, yonnage yonn...@gmail.com wrote: Trying to quickly get follower information (screen name, bio, etc). Using statuses/followers but after page 101 it no longer returns results. I believe this used to go far past page 101 in the past. I don't believe the docs say that there is a limitation on pages.. is this a bug?
[twitter-dev] API Version of /friend_requests?
Is there an API version of http://twitter.com/friend_requests ? I want to be able to pre-authorize people to follow me so that I don't have to manually check my email and visit that page every once in a while. Thanks, Kyle Mulka http://twitter.com/mulka http://twilk.com
[twitter-dev] Re: oAuth consumer keys, tokens...how sensitive are those keys?
There was some discussion of this at http://groups.google.com/group/twitter-development-talk/browse_thread/thread/972b23136fdf9ed8/80d6e999d9dedced?hl=en An attacker who knows your consumer key and consumer secret can create an application that imitates yours. But they can't impersonate a user unless they have that user's access token and token secret. On Aug 19, 10:26 am, Andriy Ivanov tigrus...@gmail.com wrote: I've written Desktop app that usesoAuthto communicate with twitter. All the keys/tokens/pin I save in Settings file in my project (.NET). Is it safe to do so or what is the better approach to save this kind of data? What if all the tokens get in hand of evil, they can impersonate the user using the tokens, right? Why won't tokens expire with Twitter? I am knew to internet protocols, so any help would be appreciated. Thanks!
[twitter-dev] Re: Can't get friends/followers list after page 101
having the same issue.. no results after page 101 On Jul 22, 4:48 pm, atifzshaikh atif.zsha...@gmail.com wrote: Seems to be working now, I guess it was a temporary thing. Would help if I knew what caused it :) thanks. On Jul 22, 3:55 pm, atifzshaikh atif.zsha...@gmail.com wrote: Hi, I have been trying to get the friends/followers list using the REST API but I always get an empty users node after page 101. The GET request URL looks like this: http://www.twitter.com/statuses/followers.xml?screen_name=barackobama... I get the same result regardless of type, XML or JSON, and it happens when retrieving the friends list as well. All my requests are authenticated using OAuth, but even if I use the web browser to make an unauthenticated request and the put the above URL in I get the same result. At first I thought it was a rate limit issue but the IP address I am making the requests from is white listed and when I made the request I checked my rate limit and it was more than 10k at the time. We all know Barack Obama has more than 101 pages of followers so it can't be the last page. Any help or advice will be appreciated. Thanks
[twitter-dev] Re: I can't use OAuth and I want to apply source(from[myApp])
yes, I can access twitter.com with proxy, but the users of Twitese couldn't access, that's the problem. One of the most useful feature of Twitese is made Chinese people use Twitter without proxy On Aug 22, 10:10 pm, JDG ghil...@gmail.com wrote: you could speak with a proxy outside of china, which could do the OAuth for you On Fri, Aug 21, 2009 at 23:40, bang bang...@gmail.com wrote: I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web app want to show from [myApp], the only way is to use OAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com to use OAuth. So I can't use OAuth. The only way to login is use HTTP Basic, as the result, statuses post from Twitese just show from web. So I want to apply a source for my Twitese, is that possible? -- Internets. Serious business.
[twitter-dev] Re: Stop playing around with Source parameters
Ha ha. Php does have a regex parser. This should not matter if coded correctly. Twitter did announce they would be messing around last week. -- Scott Iphone says hello. On Aug 22, 2009, at 3:07 AM, Andrew Badera and...@badera.us wrote: Crazily enough, not everyone writes in PHP. ∞ Andy Badera ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me: http://www.google.com/search?q=(andrew+badera)+OR+(andy+badera ) On Sat, Aug 22, 2009 at 3:28 AM, Joel Strellnerj...@twitturly.com wrote: Ummm... strip_tags()'s? On Fri, Aug 21, 2009 at 9:17 PM, TCI ticoconid...@gmail.com wrote: Recently you added nofollow's, and now you moved the nofollow after the href. Some of us filter these out and you changing them is only making it more complicated. Please make up your mind and stop changing these... a href=http://fun140.com/;Fun140/a a rel=nofollow href=http://fun140.com/;Fun140/a a href=http://fun140.com/; rel=nofollowFun140/a
[twitter-dev] Profile Image upload
I have noticed that when I upload a profile image via the api, I get a URL like this returned: http://s3.amazonaws.com/twitter_production/profile_images/yankee_no... which is a broken image Error CodeNoSuchKey/Code MessageThe specified key does not exist./Message Keyprofile_images/yankee_normal.jpg/Key RequestId3E6396CC4AA23107/RequestId - HostId 0O9ff2opYWAhBjQ56sUZs0fGmnS/SuU5fzFm+VQUoESxwfjGybPbbJWAUimMZDLA /HostId /Error However, using the web interface, I get a url like this: http://s3.amazonaws.com/twitter_production/profile_images/323768124... which is a valid image. Why does the api not return the 323768124 piece of the url?
[twitter-dev] Re: Trying to display JSON object
Hi TrixJo, Try this: [code] for( $counter = 0; $counter = 5; $counter++){ echo $json-results[$counter]-text; } [/code] -Chad On Sat, Aug 22, 2009 at 7:26 AM, TrixJotri...@gmail.com wrote: I am using the Twitter API and have the following JSON object returned after a search query. print_r($json) is: [code] $contents = file_get_contents(http://search.twitter.com/search.json? lang=enrpp=5q=MyNetwork); $json = json_decode($contents); echo print_r($json); [/code] outputs: [code] stdClass Object ( [results] = Array ( [0] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = xxjillbabexx13 [id] = 3463574532 [from_user_id] = 32993629 [iso_language_code] = en [source] = a href=http://twitter.com/;web/a [profile_image_url] = http://a3.twimg.com/profile_images/367795893/jillian_09_009_normal.jpg [created_at] = Sat, 22 Aug 2009 01:53:19 + ) [1] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = lizolee13 [id] = 3463565385 [from_user_id] = 19569029 [iso_language_code] = en [source] = a href=http://www.atebits.com/; rel=nofollowTweetie/ a [profile_image_url] = http://s.twimg.com/a/1250203207/images/default_profile_normal.png [created_at] = Sat, 22 Aug 2009 01:52:48 + ) [2] = stdClass Object ( [text] = Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wrestling show on TV! Please Re-Tweet this! [to_user_id] = [from_user] = 2xtreme4u [id] = 3463561766 [from_user_id] = 16055999 [iso_language_code] = en [source] = a href=http://twitter.com/;web/a [profile_image_url] = http://a3.twimg.com/profile_images/334787385/me_lookin_bad_normal.jpg [created_at] = Sat, 22 Aug 2009 01:52:36 + ) [3] = stdClass Object ( [text] = RT @MATTHARDYBRAND: Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! [to_user_id] = [from_user] = chelseajeann [id] = 3463351893 [from_user_id] = 31634310 [iso_language_code] = en [source] = a href=http://twitterfon.net/; rel=nofollowTwitterFon/a [profile_image_url] = http://a3.twimg.com/profile_images/263229989/4155_82394743094_528598094_1790754_4065507_n_normal.jpg [created_at] = Sat, 22 Aug 2009 01:40:32 + ) [4] = stdClass Object ( [text] = HardyShowsYuk: Tune into Smackdown on MyNetwork right now catch a Matt Jeff Hardy heavy edition of the best wretling show on TV! RT This [to_user_id] = [from_user] = esquire2385 [id] = 3463289960 [from_user_id] = 24079682 [iso_language_code] = en [source] = a href=http://help.twitter.com/ index.php?pg=kb.pageid=75 rel=nofollowtxt/a [profile_image_url] = http://a1.twimg.com/profile_images/265742378/m_ade11887c36e4b7085a52c26f15f7a5c_normal.jpg [created_at] = Sat, 22 Aug 2009 01:36:57 + ) ) [since_id] = 3319527376 [max_id] = 3463574532 [refresh_url] = ? since_id=3463574532q=MyNetwork [results_per_page] = 5 [next_page] = ?page=2max_id=3463574532rpp=5〈=enq=MyNetwork [warning] = adjusted since_id to 3319527376 (2009-08-15 01:00:00 UTC), requested since_id was older than allowed -- since_id removed for pagination. [completed_in] = 0.021453 [page] = 1 [query] = MyNetwork ) [/code] so how do I display my JSON object using a for loop? [code] for( $counter = 0; $counter = 5; $counter++){ // what goes in here to display the text element from my JSON object? i want to display text for all 5 responses returned from my query } [/code] I have tried this: [php] for( $counter = 0; $counter = 5; $counter++){ echo $json-$counter-text; } [/php] When I use the above code I do not output anything. I get no errors either. The array is full of data because when I print_r($json) I get an array (I have pasted the results in the post above). Why is the array full of data elements but when I try to output each element in my for loop I get nothing in return?
[twitter-dev] Re: Can I DM via the API with username and password?
On Fri, 21 Aug 2009 06:43:21 -0700 (PDT) mchid markchid...@gmail.com wrote: I need my app to be able to send a direct message to a registered users - so I know their username and the password they use to log in. Do I need them to manually authorise this first (using oAuth) or can I avoid this? I think I understand you. You only need to verify that your user is the account holder for a given Twitter account. You do not need to perform any actions with their account. You want to implement a feature similar to email verification where the user clicks on a link or replies to a message in order to prove that they own that account - in this case the Twitter account rather than an email account. The only problem with this for Twitter is that the user has to be following you in order to get your direct message. The situation is analogous to an email user who's mail acount requires that you be whitelisted first. For reference (and for my sins) the app is developed in c#.net :) Say 10 Hail, Bills and give $400 to the wealthy. Chris Babcock
[twitter-dev] Re: New problem with JSON search API on 32-bit OS?
Hi JSJ, What version of PHP are you using? I know there was a fix in json_decode that went into the latest version (at least for 64 bit version). There is a thread discussing a similar workaround here: http://www.sitepoint.com/forums/showthread.php?t=628346 -Chad On Fri, Aug 21, 2009 at 12:00 PM, JSJjimstj...@gmail.com wrote: That is helpful to know. So possibly this is isolated to the PHP json_decode() functionality. In my case, I get the following JSON decoded string from twitter (happens to be empty result set): {results:[],since_id:3448308315,max_id: 3450048057,refresh_url:? since_id=3450048057q=text,results_per_page:10,completed_in: 0.034427,page:1,query:text} but following its processing by json_decode the since_id and max_id parameters are not decoded properly: stdClass Object ( [results] = Array ( ) [since_id] = -846658981 [max_id] = -844919239 [refresh_url] = ?since_id=3450048057q=text [results_per_page] = 10 [completed_in] = 0.034427 [page] = 1 [query] = text ) My current solution is to force the encoded return string to change as follows prior to json_decode: since_id:3448308315,max_id:3450048057 ^ ^ ^ ^ But this is not a great fix. JSJ On Aug 21, 11:37 am, Cameron Kaiser spec...@floodgap.com wrote: Recently my twitter search API code stopped working properly (using search.json). After tracking down the issue here is what I think is going on: - Recently, the status/message IDs returned by the search API began exceeding the maximum positive integer allowed on 32-bit OS platforms (2,147,483,647). For example, in a recent API call I am getting message IDs such as 3,448,308,315. - The twitter API returns these within the JSON string using integer encoding. From PHP, when I decode the return JSON string using json_decode on 32-bit Windows, I end up with ID values such as -958,581,221 rather than 3,xxx,xxx,xxx. I think this is PHP's problem. Perl doesn't have it; it sees this tweet as ID 3 451 486 259, not a negative one relative to 2 147 483 647, and this is on a very old Perl to boot. This is the actual dump from TTYtter's internal hash: [{'text','@mom2twinsplus1 you\'re welcome. alas, browser options are thin for Mac OS 9, which is why we\'re working on it.','to_user_id',276359,'to_user','mom2twinsplus1','from_user','doctorlinguist','id',3451486259,'from_user_id',2769, As you can see, the ID is handled correctly. -- personal:http://www.cameronkaiser.com/-- Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com -- If I am not for myself, who will be for me? -- Pirkei Avot -
[twitter-dev] Re: How you are notified of whitelisting status
You get notification in the form of a DM to the account you applied for whitelisting with. In my experience it takes anything from 2 days to over a week, depending on how much DDoS Twitter is under at the time. On Aug 21, 5:40 pm, Neicole neic...@trustneicole.com wrote: We applied for whitelisting this past weekend and haven't heard a peep, or a tweet. How long does it usually take and how are you notified? Thanks!
[twitter-dev] Re: oAuth consumer keys, tokens...how sensitive are those keys?
On Aug 19, 10:26 am, Andriy Ivanov tigrus...@gmail.com wrote: I've written Desktop app that usesoAuthto communicate with twitter. All the keys/tokens/pin I save in Settings file in my project (.NET). Is it safe to do so or what is the better approach to save this kind of data? What if all the tokens get in hand of evil, they can impersonate the user using the tokens, right? Why won't tokens expire with Twitter? I am knew to internet protocols, so any help would be appreciated. Thanks! There was some discussion of this at http://groups.google.com/group/twitter-development-talk/browse_thread/thread/972b23136fdf9ed8/80d6e999d9dedced?hl=en An attacker who knows your consumer key and consumer secret can create an application that imitates yours. But they can't impersonate a user unless they have that user's access token and token secret. Right, that takes a social engineering exploit to complete. After obtaining the consumer's keys, the malicious user needs to employ it to impersonate your application so that he can trick your legitimate user into authorizing a new token to replace the existing one. OAuth is written with the implicit understanding that the consumer application lives on a server. In the absence of some scheme for bulk key assignments, distributing your key and secret with the application is the only alternative to running all traffic for your app through your own server. Chris
[twitter-dev] Re: API Version of /friend_requests?
Is there an API version of http://twitter.com/friend_requests ? I want to be able to pre-authorize people to follow me so that I don't have to manually check my email and visit that page every once in a while. Not necessary. Users can follow you without authorization. Chris Babcock
[twitter-dev] Re: /statuses/destroy error erroneously?
Aha, looks like there already is one: http://code.google.com/p/twitter-api/issues/detail?id=949colspec=ID%20Stars%20Type%20Status%20Priority%20Owner%20Summary%20Opened%20Modified%20Component On Aug 22, 3:34 am, Chad Etzel jazzyc...@gmail.com wrote: Please file a ticket:http://code.google.com/p/twitter-api/issues/ Thanks, -Chad On Sat, Aug 22, 2009 at 3:32 AM, Cameron Kaiserspec...@floodgap.com wrote: Calling /statuses/destroy (on a valid status ID) seems to return a 400 error with a Bad request. We could not delete that status for some reason.. ... but the status is successfully deleted. Bug? Seeing this also. -- personal:http://www.cameronkaiser.com/-- Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com -- Eeny, Meeny, Jelly Beanie, the spirits are about to speak! -- Bullwinkle ---
[twitter-dev] Re: Stop playing around with Source parameters
On Sat, Aug 22, 2009 at 5:18 AM, PJBpjbmancun...@gmail.com wrote: Hehehe... your regex isn't much better! /a\s+(.*?\s+)?href=[']?(.+?)[']?(\s+.*?)?(.+?)\/a/is On Aug 21, 9:54 pm, Gonzalo Larralde gonzalolarra...@gmail.com wrote: Or, maybe, you can try using this regex: /a.*? href=(.*?).*?(.*?)\/a/ and let them do whatever they want. KISS! You'll *never* get an area href= in that field :) rant {{{ /a\s+(.*?\s+)?href=[']?(.+?)[']?(\s+.*?)?(.+?)\/a\s*/is }}} Oh, look, now mine is better than yours! Jury, jury, come here now please! Which one is better? (?) /rant :P -- Gonzalo. PS: My english sucks, sorry about that.
[twitter-dev] oauth_callback in Authorization header for Request Tokens
HI, I've been working with the spring-security-oauth code (http://spring- security-oauth.codehaus.org/) to use it for signin with twitter and I've come across an issue where I get a 401 Unauthorized when the oauth_callback param is submitted in the Authorization header, but works when the rest of the OAuth parameters are in the header and oauth_callback is part of the POST content or query string. In either of the above scenarios the oauth_callback is being used in the signature base string to sign the request. I was just wondering if this is expected behaviour? Andrew
[twitter-dev] Re: Developer Preview: Geolocation API
Is there any possibility of a test site, with these API response changes, being made available before the changes are introduced to the real site? This would allow us to test our sites and applications against the test site and fix any bugs and bombs before users would otherwise experience them when the changes go live on the real site. My code is written very defensively and is generally OK with things like this, but the only real way to know for sure is to test it. This kind of testing is better done in a controlled environment than in the real live environment. It is not necessary that the test site accept geolocation updates, only that it return status elements with geo sub-elements, user elements with geo_enabled sub-elements, etc. The test site could even have a very small user database, it wouldn't need the entire live twitter database. Not would it need to support API requests that are POSTs, only GETs. Even if the test site is only available as little as 1 or 2 days before the real site goes live, given reasonable advance notice (1 week?) as to when the test site will be available, this could greatly smooth out the introduction of this really cool feature for all of us: twitter, twitter partners, and twitter users. Anything that could be done here would be greatly appreciated by me, and I believe the whole twitter development community. Comments expected and welcome. Jim Renkel On Aug 21, 11:25 pm, Raffi Krikorian ra...@twitter.com wrote: Hi Damon. Yup - we've started updating the docs. Generally, there will always be a geo in the status (it may just be empty, however, if there is no geolocated information attached), and there will always be a geo_enabled on every user which is a boolean representing whether the user has enabledgeolocationon his or her account. On Aug 21, 2009, at 6:46 PM, Damon Clinkscales sca...@pobox.com wrote: On Aug 20, 3:46 pm, Ryan Sarver rsar...@twitter.com wrote: We wanted to give you all a heads up on a cool new feature that is coming soon -Geolocation. We have also updated the wiki to reflect what theAPIwill look like when it launches, so check it out and let us know if you have any questions:http://apiwiki.twitter.com/Twitter-REST-API-Method%3A- statuses%C2%A0u...http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0ve ... Ryan, Very cool stuff. Looking forward to it. I'm assuming that you'll update the wiki (andAPIwhen it launches) such that everywhere a status element is returned, it will contain a geo element? Thanks, -damon
[twitter-dev] Re: New problem with JSON search API on 32-bit OS?
PHP doesn't support 64 bit integers. Thats the problem. Most of the other language doesnt have this problem. But PHP is used in most web sites. I suggest you use BIGINT as db column type. and when storing the id check if its a negetive number. If its negetive number, add the id (since_id, id, max_id) to 2^64 in database. insert into tbl1(max_id) values ( if($num0, pow(2,64)+$num, $num) ); something like that. -- A K M Mokaddim http://talk.cmyweb.net http://twitter.com/shiplu Stop Top Posting !! বাংলিশ লেখার চাইতে বাংলা লেখা অনেক ভাল
[twitter-dev] Re: I can't use OAuth and I want to apply source(from[myApp])
User would log in to Twitese, which would do all its work through a proxy (or set of proxies) based outside the US which would handle all the Twitter traffic -- you'd never actually have to access the twitter site. On Sat, Aug 22, 2009 at 09:14, bang bang...@gmail.com wrote: yes, I can access twitter.com with proxy, but the users of Twitese couldn't access, that's the problem. One of the most useful feature of Twitese is made Chinese people use Twitter without proxy On Aug 22, 10:10 pm, JDG ghil...@gmail.com wrote: you could speak with a proxy outside of china, which could do the OAuth for you On Fri, Aug 21, 2009 at 23:40, bang bang...@gmail.com wrote: I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web app want to show from [myApp], the only way is to use OAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com to use OAuth. So I can't use OAuth. The only way to login is use HTTP Basic, as the result, statuses post from Twitese just show from web. So I want to apply a source for my Twitese, is that possible? -- Internets. Serious business. -- Internets. Serious business.
[twitter-dev] Re: I can't use OAuth and I want to apply source(from[myApp]) [And more!!!]
I have a similar, perhaps broader, issue and a suggestion for a solution. My problem is that my site, http://twxlate.com, supports 40+ languages for its user interface, not just the two supported by twitter.com. By that I mean that the user interface is available in 40+ languages, not just that it can handle information obtained from twitter that could be in any one of the 40+ languages. The site currently supports Basic Authentication, with the prompts in one of the 40+ languages of the user's choosing. It works quite nicely, thank you, for user's that are comfortable in giving the site their user id and passwords. When I add support for OAuth, which I am doing, I can present the link to twitter's OAuth page in that language of the user's choosing. But the OAuth page itself is only available in two languages. This could result in a roadblock to users that are not fluent in either of those two languages using my site. Especially when twitter turns off Basic Authentication sometime in the (hopefully distant :-) ) future. My suggestion for a fix to this (and other related problems) is to add a method to the API that requires only Basic Authentication and that returns the same information as the OAuth callback (i.e., consumer secret) just as if the authenticated user had gone to the OAuth page and approved the application to access twitter on its behalf. My rational for this is as follows: if the user was comfortable, for whatever reason, with giving the information necessary to authenticate them (i.e, user id and password) to my site and twitter accepts it on a request by request basis with Basic Authentication now, why should they not continue to accept it in the future? If twitter wants to do away with Basic Authentication on a request by request basis and require OAuth preauthorization for API requests, why should they not accept a Basic Authorization bridge into OAuth for users that are comfortable, for whatever reason, with giving the necessary information to the application that will access twitter on their behalf? BTW, this solution would also solve the much discussed problems of client applications, especially mobile device applications, that have difficulty getting back and forth to the twitter OAuth page because of, e.g., limited device functionality. Comment welcome and definitely expected on this one! :-) Jim Renkel P.S.: How do users that aren't fluent in English or Japanese get twitter accounts in the first place? I'll leave a proposal for that to another day, another post. On Aug 22, 12:40 am, bang bang...@gmail.com wrote: I'm the builder of Twitese (http://twitese.appspot.com/), a chinese web client for Twitter. I know that if a new web appwantto show from [myApp], the only way is touseOAuth, but in china that's infeasible, because twitter has been block in china, chinese people can not access twitter.com touseOAuth. So Ican'tuseOAuth. The only way to login isuseHTTP Basic, as the result, statuses post from Twitese just show from web. So Iwanttoapplyasourcefor my Twitese, is that possible?
[twitter-dev] Re: API Version of /friend_requests?
I should have clarified. This account is private, so it has to approve all followers. -Kyle On Aug 22, 1:10 pm, Chris Babcock cbabc...@kolonelpanic.org wrote: Is there an API version ofhttp://twitter.com/friend_requests? I want to be able to pre-authorize people to follow me so that I don't have to manually check my email and visit that page every once in a while. Not necessary. Users can follow you without authorization. Chris Babcock
[twitter-dev] Number of OAuth implementations
I was looking for the answers on these two questions, but could not find any official (or unofficial) information: 1. How many sites implemented OAuth? 2. How many Twitter users logged in to a site using OAuth? Thanks in advance, --Eugene
[twitter-dev] How to get multiple profile_image_urls
I would like to get all the profile_image_urls from one api call based on the user ids provided, or simply just the ones that show up under Following of each twitter profile page. Is this possible? Thanks, Alexander
[twitter-dev] Re: how can I get user address using Twitter API?
Why email addresses equal money? I really can not see the value - Thanks Allan Zhang Send from iPhone On Aug 22, 2009, at 2:25 PM, Dossy Shiobara do...@panoptic.com wrote: On 8/22/09 10:47 AM, Andrew Badera wrote: Hopefully most of us use Spam Poison and/or CAPTCHAs to conceal or obscure contact addresses on our site :) Of the ~10M or so Twitter accounts, even if I could get 10% or 1M accounts associated back to valid email addresses, that's like printing your own money. Hell, even at 0.5% or 500K users/emails, that would be enough revenue to fund the hardware and development of a crawler and index farm. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: how can I get user address using Twitter API?
because degenerate spammers will buy lists of email addresses to market their crappy products. On Sat, Aug 22, 2009 at 15:41, Allan Zhang all...@gmail.com wrote: Why email addresses equal money? I really can not see the value - Thanks Allan Zhang Send from iPhone On Aug 22, 2009, at 2:25 PM, Dossy Shiobara do...@panoptic.com wrote: On 8/22/09 10:47 AM, Andrew Badera wrote: Hopefully most of us use Spam Poison and/or CAPTCHAs to conceal or obscure contact addresses on our site :) Of the ~10M or so Twitter accounts, even if I could get 10% or 1M accounts associated back to valid email addresses, that's like printing your own money. Hell, even at 0.5% or 500K users/emails, that would be enough revenue to fund the hardware and development of a crawler and index farm. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- Internets. Serious business.