[twitter-dev] Twitter Update, 8/10 noon PST

[Naveen Ayyagari]

Just wanted to report that we are back up and running for the most  
part as well, BUT quite a number of our servers are still experiencing  
some BlackOut periods where twitter fails to respond and connections  
time out. They seem to last about 5-10 minutes each. We are running  
quite a few servers during this time to mitigate the issue propagating  
to our users, but it is a costly proposition to continue running this  
many servers for extended periods of time.


Here is a traceroute to twitter.com on one of the servers during the  
"Blackout" when it is not getting any response from twitter


traceroute to twitter.com (168.143.162.100), 30 hops max, 40 byte  
packets
 1  67-207-128-2.slicehost.net (67.207.128.2)  0.000 ms  0.000 ms   
0.000 ms
 2  209-20-79-2.slicehost.net (209.20.79.2)  0.000 ms  0.000 ms   
0.000 ms
 3  ge-6-10-193.car1.StLouis1.Level3.net (4.53.160.189)  0.000 ms   
0.000 ms  0.000 ms
 4  ae-11-11.car2.StLouis1.Level3.net (4.69.132.186)  0.000 ms  0.000  
ms  0.000 ms
 5  ae-4-4.ebr2.Chicago1.Level3.net (4.69.132.190)  7.999 ms  7.999  
ms  7.999 ms
 6  ae-2-54.edge3.Chicago3.Level3.net (4.68.101.116)  7.999 ms  
ae-2-52.edge3.Chicago3.Level3.net (4.68.101.52)  7.999 ms  
ae-2-54.edge3.Chicago3.Level3.net (4.68.101.116)  7.999 ms

 7  4.68.63.198 (4.68.63.198)  7.999 ms  7.999 ms  8.000 ms
 8  ae-1.r21.chcgil09.us.bb.gin.ntt.net (129.250.3.8)  8.000 ms   
8.000 ms  8.000 ms
 9  as-5.r20.snjsca04.us.bb.gin.ntt.net (129.250.3.77)  51.996 ms   
51.996 ms  51.996 ms
10  xe-1-3.r02.mlpsca01.us.bb.gin.ntt.net (129.250.5.61)  55.995 ms   
55.995 ms  55.995 ms
11  mg-1.c00.mlpsca01.us.da.verio.net (129.250.24.202)  55.995 ms   
55.995 ms  59.995 ms

12  128.121.150.245 (128.121.150.245)  55.995 ms  51.995 ms  51.995 ms
13  128.121.150.245 (128.121.150.245)  51.996 ms !X * *



On Aug 10, 2009, at 2:57 PM, Ryan Sarver wrote:

Wanted to send out a status update and let everyone know where the  
situation stands as of today at noon.


- Most developers are reporting being back in operation as of noon  
on Sunday
- We have changed our defenses to make sure API developers are  
better supported. As such the system has more general strain on it  
and thus will produce some more 502/503 errors. If you see them, you  
should do a geometric back off instead of just sending a new request.

- OAuth should be fully operational
- If you continue to have unexpected errors, please produce a packet  
trace so we can help debug and define the issue.


I will continue to give periodic updates throughout the day as we  
know more, but as most apps are back in action the updates will be  
more based on new news. Please continue to let us know of any  
unexpected issues you may have.


Thanks again for your continued patience and support.

Best, Ryan

[twitter-dev] Re: Following Churn: Specific guidance needed

[TFT Media]

Come on.

For its auto-follow, tweetlater.com specifically states: "[w]e have
limits in place to ensure that your daily following remains well
within the limits imposed by Twitter."  So you are presumably touching
the rate limit then going back -1, -2, -3, or whatever.  How is that
different than determining the more nebulous unfollow limit and then
unfollowing up to that?  I don't see the difference.

Look, the fact is that either auto-unfollow OR auto-follow can be
spammy OR not spammy.  If I set up a rule to automatically unfollow
anyone who tweets a particular spam word, or an obscenity, etc, is
that "churn"?  Of course not.  But if I setup an auto-follow to, say,
follow everyone, up to the follow limit, who tweets "#followfriday",
is that not churn?  Probably it is.  After all, the churn factor
consists of BOTH mass-follow AND mass-unfollow, not just one.

It's specious to categorically state that all auto-unfollow is
"churn".  That's just not so, particularly in the emerging world where
spammers setup seemingly legit accounts for days/weeks before
resorting to spam.  If anything, auto-unfollow seems LESS spammy than
auto-follow.

(As for reading one's tweet stream, I'm not sure how you are doing
that with the 12,000+ people that you are following!)

On Aug 10, 8:04 pm, Dewald Pretorius  wrote:
> On Aug 10, 8:15 pm, Cameron Kaiser  wrote:
>
> > As soon as you do that, the naughties will set up their software to do just
> > that, -1, to keep them just under the limit.
>
> Amen.
>
> Besides, I wish people would realize that Twitter is actually about
> what you can learn from the people you follow. It is not about what
> you can blast out over the megaphone to those who follow you.
>
> At least, that is how I understand the power and the original
> intention behind Twitter.
>
> Have you read your own tweet stream today?
>
> Dewald

[twitter-dev] Re: Twitter Update, 8/10 noon PST

[Chris Babcock]

On Mon, 10 Aug 2009 22:01:16 -0700 (PDT)
hansamann  wrote:

> Can someone post a link to some online resources explaining more about
> geometric back-offs? Did a search, did not find a whole lot.

Retry intervals grow in a geometric progression:

http://en.wikipedia.org/wiki/Geometric_progression

A start value of 1 second that doubles on each subsequent retry is
common, as are caps on the length of time to continue attempts. 

Chris Babcock

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[TFT Media]

I believe sometimes the IP address can be user-based, even for white-
listed IPs.  E.G., if the user himself has a whitelisted IP.

On Aug 10, 7:57 pm, Dewald Pretorius  wrote:
> Jim,
>
> I don't know exactly what you're looking at and how you get to that
> answer.
>
> My system is making thousands of GET calls per hour, and I can see how
> X-RateLimit-Remaining is decrementing regardless of which Twitter user
> credentials are used.
>
> So, on my side I am seeing solid evidence that the rate limit is per
> IP address only and not per user.
>
> Dewald
>
> On Aug 10, 11:26 pm, "jim.renkel"  wrote:
>
> > Hmmm! We seem to have conflicting evidence here!
>
> > I just (again) verified that twxlate.com is getting 20k requests per
> > hour per user.
>
> > How long ago was it that Alex and other API team members made the
> > recommendation that you mentioned? Is it possible that twitter changed
> > policy since then?
>
> > Either way, I agree that we now need a very clear affirmation from
> > twitter as to the policy.
>
> > I sure hope I don't have to eat my words! :-)
>
> > Jim
>
> > On Aug 10, 9:08 pm, Dewald Pretorius  wrote:
>
> > > On Aug 10, 11:02 pm, "jim.renkel"  wrote:
>
> > > > My logic is now: "Ifratelimiting is not peruser, then all users of
> > > > anIPaddress will share one pool of20krequests per hour. If a site
> > > > has a 1,000 users at one time, then eachuserwill get an average of
> > > > 20 requests per hour. This is clearly not enough to do much useful.
>
> > > Jim,
>
> > > That is why Alex and other API team members have recommended in the
> > > past that you get and use additional white-listedIPaddresses, when
> > > 20,000 requests per hour perIPaddress is not sufficient to service
> > > youruserbase.
>
> > > At TweetLater I employ several white-listedIPaddresses to cover the
> > > needs of my users.
>
> > > Dewald

[twitter-dev] Re: Twitter Update, 8/10 noon PST

[hansamann]

Can someone post a link to some online resources explaining more about
geometric back-offs? Did a search, did not find a whole lot.

Thx
Sven

On Aug 10, 7:18 pm, "jim.renkel"  wrote:
> Yup, when you do back-offs, ya can't do them deterministically, ya
> gotta do them for a random amount, generally uniformly distributed
> between some upper and lower bounds.
>
> It's the bounds that increase geometrically or exponentially, up to
> some limit, but the each back-off should be random between the bounds.
>
> If the back-offs are not randomized, its leads to synchronicity, as
> you noted.
>
> BTW, all standardized back-offs of which I am aware specify randomized
> back-off.
>
> Jim Renkel
>
> On Aug 10, 7:54 pm, Michael Chang  wrote:
>
> > On Mon, Aug 10, 2009 at 3:36 PM, Dewald Pretorius  wrote:
>
> > > On Aug 10, 3:57 pm, Ryan Sarver  wrote:
> > > > As such the system has more general strain on it and thus will
> > > > produce some more 502/503 errors. If you see them, you should do a
> > > geometric
> > > > back off instead of just sending a new request.
>
> > > Ryan,
>
> > > What starting value and what common ratio of a geometric back off
> > > would you recommend?
>
> > One issue with back off (geometric or otherwise) is that if everyone uses
> > the same values; it won't work.
>
> > Think about it -- let's say 10 000 users all access the system
> > simultaneously and all of them get 502/503 errors. Then let's say they all
> > wait five seconds before retrying. Once those five seconds are up; they will
> > all simultaneously accesss the site again, and likely again get the same
> > 502/503 errors. This causes them all to back off again, say, for 25 seconds.
> > Then they will all again contact the server again, at the same time, and so
> > on and so forth until either they all give up, or until the end of time,
> > whichever comes first.
>
> > (Yes, this is a simplified example, but it should get the point across. In
> > practice, at least a few users might get through every time, and eventually,
> > yes, everyone would get served if they are patient enough. But if everyone
> > uses different back-off values, then the traffic becomes somewhat more even,
> > and thus the servers can cope with the load more easily.)
>
> > --
> > Thanks,
>
> > Michael Chang
>
> > I may not be able to open heavily-formatted Word, Powerpoint, or Excel
> > documents. Send at your own risk.

[twitter-dev] Re: Rate Limit on Unfollows?

[IDOLpeeps]

Doug,

Can you specify what constitutes a PATTERN of following and
unfollowing (in terms of the number of follows/unfollows per day, the
nature of the accounts unfollowed such as whether they follow back or
not, etc.)?  I am aware of accounts that were suspended for
"restarting" by removing all their friends the day after following a
bunch of people, but which behavior was hardly a pattern.

Thanks

[twitter-dev] Re: Following Churn: Specific guidance needed

[IDOLpeeps]

> As soon as you do that, the naughties will set up their software to do just
> that, -1, to keep them just under the limit.

That would be fine since anything under the limit is, by definition,
not "naughty".

A fundamental principal of well ordered societies is having
transparent rules.  Imagine the US Code (law) was not published and
citizens didn't know what specifically was legal and illegal.  What
kind of society would we be living in?  Communist USSR?  Iran?  North
Korea?

Lots of community members and developers are leaving Twitter because
of what appears to them to be arbitrary suspension of accounts they've
invested considerable time and good citizenship developing only to
have them removed without notice and oppty to remedy.

[twitter-dev] Re: using oauth - difference between authorize and authenticate URLs?

[Chris Babcock]

On Mon, 10 Aug 2009 08:02:33 -0700 (PDT)
sasha  wrote:

> All in all, I agree with Chris - ideally, access and authentication
> should be very distinct.  Twitter Oauth is still a step in the right
> direction vs. basic HTTP auth, but would be nice to have a strictly
> authentication-based call that wouldn't require user to grant the
> consumer any kind of access to personal data.
> 
> It would be nice to have someone from the team to weigh in here to
> understand their rationale for this kind of implementation of
> authentication - is it an issue of resource constraints or is it
> something else?

Twitter is only implementing the OAuth spec. It just happens that the
OAuth folks decided that OAuth authentication would be allowing the
Consumer (app) to authenticate *as* the user rather than simply
authenticating to the consumer that s/he *is* the user. I'll fall back
to asking for the user to click on a link in a DM to demonstrate the
ownership of a Twitter account.

Coincidentally, a decision "not to fix" regarding upgrading read tokens
to read/write tokens makes sense in this context. There's no sense
burning LOCs on a corner case when there's a work around. If your
application changes from read to read/write then see if a change from
authorize tokens to authenticate tokens works.

Chris Babcock

[twitter-dev] Re: Following Churn: Specific guidance needed

[whoiskb]

what is troublesome about your post is that you highlight the possible
favoritism that Twitter has.  Could you provide some details on the
number of followers your friends unfollowed when they got suspended,
and what method they used to do the unfollow?  It looks like Scoble
unfollowed 106,000 people, and I would imagine your friends did less,
so it would be good to know why the rules seem inconsistent for famous
people.  That is what I would like clarification on from Twitter.

On Aug 10, 4:12 pm, IDOLpeeps 
wrote:
> Twitter recently started suspending accounts which bulk unfollow those
> who don't follow back for Terms of Service Violation 
> (see:http://groups.google.com/group/twitter-development-talk/browse_thread...).
> This policy has it's supporters and detractors. What it does not yet
> have is specific guidance describing the specific limitations on bulk
> unfollowing which, when not done for "following churn", has it's
> legitimate purposes.
>
> Heretofore several utility applications provided a bulk unfollow
> function to end users (most commonly as a method of recruiting
> followers by following people in the hope they'd follow back and then
> unfollowing those who didn't) and some "real" twitter users (ie, not
> spammers) used this method to building their followers.  As there are
> still bona fide rreasons for bulk unfollowing friends, it would be
> extremely helpulf if Twitter can provide more clear guidance about
> what type of bulk unfollowing exactly will flag an account for
> suspension?
>
> For example, does unfollowing several hundred friends whether they are
> following an account or not constitute the type of bulk unfollowing
> that will get an account suspended?  Popular blogger Robert Scoble
> just had a script unfollow ALL his friends (http://scobleizer.com/
> 2009/08/05/you-are-so-unfollowed/) successfully, yet a friend of mine
> unfollowed all his friends and his account was suspended later that
> same day.  And another friend used a third party unfollow script to
> get her friends number below the 2,000 limit and her account was
> suspended.
>
> What are the specific rules regarding the type, quantity, and timing
> of bulk unfollowing that will result in account suspension?  It's very
> difficult to manage twitter accounts with the specter of seemingly
> arbitrary account suspensions looming without having more specific
> guidance on how TOS are interpreted.

[twitter-dev] Re: Following Churn: Specific guidance needed

[Dewald Pretorius]

On Aug 10, 8:15 pm, Cameron Kaiser  wrote:
> As soon as you do that, the naughties will set up their software to do just
> that, -1, to keep them just under the limit.

Amen.

Besides, I wish people would realize that Twitter is actually about
what you can learn from the people you follow. It is not about what
you can blast out over the megaphone to those who follow you.

At least, that is how I understand the power and the original
intention behind Twitter.

Have you read your own tweet stream today?

Dewald

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[Dewald Pretorius]

Jim,

I don't know exactly what you're looking at and how you get to that
answer.

My system is making thousands of GET calls per hour, and I can see how
X-RateLimit-Remaining is decrementing regardless of which Twitter user
credentials are used.

So, on my side I am seeing solid evidence that the rate limit is per
IP address only and not per user.

Dewald

On Aug 10, 11:26 pm, "jim.renkel"  wrote:
> Hmmm! We seem to have conflicting evidence here!
>
> I just (again) verified that twxlate.com is getting 20k requests per
> hour per user.
>
> How long ago was it that Alex and other API team members made the
> recommendation that you mentioned? Is it possible that twitter changed
> policy since then?
>
> Either way, I agree that we now need a very clear affirmation from
> twitter as to the policy.
>
> I sure hope I don't have to eat my words! :-)
>
> Jim
>
> On Aug 10, 9:08 pm, Dewald Pretorius  wrote:
>
> > On Aug 10, 11:02 pm, "jim.renkel"  wrote:
>
> > > My logic is now: "Ifratelimiting is not peruser, then all users of
> > > anIPaddress will share one pool of20krequests per hour. If a site
> > > has a 1,000 users at one time, then eachuserwill get an average of
> > > 20 requests per hour. This is clearly not enough to do much useful.
>
> > Jim,
>
> > That is why Alex and other API team members have recommended in the
> > past that you get and use additional white-listedIPaddresses, when
> > 20,000 requests per hour perIPaddress is not sufficient to service
> > youruserbase.
>
> > At TweetLater I employ several white-listedIPaddresses to cover the
> > needs of my users.
>
> > Dewald

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[jim.renkel]

Hmmm! We seem to have conflicting evidence here!

I just (again) verified that twxlate.com is getting 20k requests per
hour per user.

How long ago was it that Alex and other API team members made the
recommendation that you mentioned? Is it possible that twitter changed
policy since then?

Either way, I agree that we now need a very clear affirmation from
twitter as to the policy.

I sure hope I don't have to eat my words! :-)

Jim

On Aug 10, 9:08 pm, Dewald Pretorius  wrote:
> On Aug 10, 11:02 pm, "jim.renkel"  wrote:
>
> > My logic is now: "Ifratelimiting is not peruser, then all users of
> > anIPaddress will share one pool of20krequests per hour. If a site
> > has a 1,000 users at one time, then eachuserwill get an average of
> > 20 requests per hour. This is clearly not enough to do much useful.
>
> Jim,
>
> That is why Alex and other API team members have recommended in the
> past that you get and use additional white-listedIPaddresses, when
> 20,000 requests per hour perIPaddress is not sufficient to service
> youruserbase.
>
> At TweetLater I employ several white-listedIPaddresses to cover the
> needs of my users.
>
> Dewald

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[Dewald Pretorius]

If you're coding in PHP then it is extremely easy to switch IP
addresses in your scripts. You simply set the IP address from where
the call is made with CURLOPT_INTERFACE, provided that your different
IP addresses are on the same server.

There are two ways you can control your 20,000 per hour rate limit:

a) You can segment your GETs and do, for example, all /users/ calls
from one IP address, all /friends/ and /followers/ from another IP
address, etc. No need to worry about POSTs because they don't count
against your rate limit.

b) You can examine the X-RateLimit-Remaining header of each call, and
dynamically switch your scripts over to the next IP address as soon as
that number approaches zero.

Dewald

[twitter-dev] Re: Twitter Update, 8/10 noon PST

[jim.renkel]

Yup, when you do back-offs, ya can't do them deterministically, ya
gotta do them for a random amount, generally uniformly distributed
between some upper and lower bounds.

It's the bounds that increase geometrically or exponentially, up to
some limit, but the each back-off should be random between the bounds.

If the back-offs are not randomized, its leads to synchronicity, as
you noted.

BTW, all standardized back-offs of which I am aware specify randomized
back-off.

Jim Renkel

On Aug 10, 7:54 pm, Michael Chang  wrote:
> On Mon, Aug 10, 2009 at 3:36 PM, Dewald Pretorius  wrote:
>
> > On Aug 10, 3:57 pm, Ryan Sarver  wrote:
> > > As such the system has more general strain on it and thus will
> > > produce some more 502/503 errors. If you see them, you should do a
> > geometric
> > > back off instead of just sending a new request.
>
> > Ryan,
>
> > What starting value and what common ratio of a geometric back off
> > would you recommend?
>
> One issue with back off (geometric or otherwise) is that if everyone uses
> the same values; it won't work.
>
> Think about it -- let's say 10 000 users all access the system
> simultaneously and all of them get 502/503 errors. Then let's say they all
> wait five seconds before retrying. Once those five seconds are up; they will
> all simultaneously accesss the site again, and likely again get the same
> 502/503 errors. This causes them all to back off again, say, for 25 seconds.
> Then they will all again contact the server again, at the same time, and so
> on and so forth until either they all give up, or until the end of time,
> whichever comes first.
>
> (Yes, this is a simplified example, but it should get the point across. In
> practice, at least a few users might get through every time, and eventually,
> yes, everyone would get served if they are patient enough. But if everyone
> uses different back-off values, then the traffic becomes somewhat more even,
> and thus the servers can cope with the load more easily.)
>
> --
> Thanks,
>
> Michael Chang
>
> I may not be able to open heavily-formatted Word, Powerpoint, or Excel
> documents. Send at your own risk.

[twitter-dev] Re: Invalid / used nonce

[Chris Babcock]

On Mon, 10 Aug 2009 04:14:43 -0700 (PDT)
graceawalker  wrote:

> I am calling and getting the whole way up to getting the access token
> just fine in my app (one im writing myself in c#), but when i try and
> call the update status URL im getting an 'Invalid/used nonce' error in
> my response data. Im not sure why this is, im calling the update
> method in the exact same way that i called request token apart from
> the new 'status' parameter in the query string. I call 'verify
> credentials' with my access token to ensure that it is working and it
> sends me back all of the correct data, but it is erroring when trying
> to update my status. Is there any obvious solution to this, or am i
> not supposed to be signing and organising the parameters in the same
> way that i did before? Im really stuck here guys and need help!

Right, the nonce is a "number used once". Its purpose is to prevent
replay attacks. If you use the same nonce for more than one call to the
API then you *should* be getting an error.

Chris

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[Dewald Pretorius]

On Aug 10, 11:02 pm, "jim.renkel"  wrote:
> My logic is now: "If rate limiting is not per user, then all users of
> an IP address will share one pool of 20k requests per hour. If a site
> has a 1,000 users at one time, then each user will get an average of
> 20 requests per hour. This is clearly not enough to do much useful.

Jim,

That is why Alex and other API team members have recommended in the
past that you get and use additional white-listed IP addresses, when
20,000 requests per hour per IP address is not sufficient to service
your user base.

At TweetLater I employ several white-listed IP addresses to cover the
needs of my users.

Dewald

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[jim.renkel]

Dewald,

Respectfully, I must (now) disagree that rate limiting should not be
per user, i.e., that it *SHOULD* be per user based.

When my site, twxlate.com, was white-listed and I saw how the white-
listing worked, namely that for authenticated requests each user of
each white-listed IP address gets 20k requests per hour, I didn't
think this was right. My logic was: "By white-listing my IP address,
twitter has in effect white-listed each user of it."

I reported this as what I thought was a defect (http://code.google.com/
p/twitter-api/issues/detail?id=617). In the follow up discussion,
twitter folk have twice said, "Nope, working as intended."

Based on discussions of the issue and elsewhere, I must now agree that
this is operating as it should, i.e., per user based.

My logic is now: "If rate limiting is not per user, then all users of
an IP address will share one pool of 20k requests per hour. If a site
has a 1,000 users at one time, then each user will get an average of
20 requests per hour. This is clearly not enough to do much useful.
Therefore, rate limiting must be per user based."

Currently, each user of a white-listed IP address get 20k requests per
hour (You can verify this at twxlate.com: the site reports your rate
limit after you sign in.). That may be too many, maybe they should
only get, say, 150 requests per hour (Unless the user is also white-
listed.), but whatever the number is, it has to be per user based.

Twitter may have revised the rate limit policy or reduced the 20k
number as part of dealing with the DOS attack. I don't see it at
twxlate.com, but maybe other sites do. I hope, and expect, that
twitter will revert to its former policy if, in fact, they have
recently changed it.

Or at least not change it for twxlate.com, since I just made a big
announcement that this is an advantage of using my site! :-)

Jim Renkel

On Aug 10, 7:21 am, Dewald Pretorius  wrote:
> The API is currently counting down X-RateLimit-Remaining using the
> logic of20krequests per hour perIP, not peruserperIP.
>
> That makes sense and I believe it is how it should work.
>
> Dewald
>
> On Aug 10, 2:17 am, Bob Fishel  wrote:
>
> > Since we have a lot of devs monitoring this now I'd like to bring back
> > the discussion that we were having before this whole mess started.
>
> > Is the intention of Twitter to allow (for whitelistedIP's)20k
> > requests per hour perUSERor20krequests per hour perIP.
>
> > I don't want to seem to be beating a dead horse and Chad has confirmed
> > this but it still seems like there's quite a bit on contention.
>
> > Thanks
>
> > -Bob

[twitter-dev] Re: Twitter Update, 8/10 noon PST

[Michael Chang]

On Mon, Aug 10, 2009 at 3:36 PM, Dewald Pretorius  wrote:

>
> On Aug 10, 3:57 pm, Ryan Sarver  wrote:
> > As such the system has more general strain on it and thus will
> > produce some more 502/503 errors. If you see them, you should do a
> geometric
> > back off instead of just sending a new request.
>
> Ryan,
>
> What starting value and what common ratio of a geometric back off
> would you recommend?
>
>
One issue with back off (geometric or otherwise) is that if everyone uses
the same values; it won't work.

Think about it -- let's say 10 000 users all access the system
simultaneously and all of them get 502/503 errors. Then let's say they all
wait five seconds before retrying. Once those five seconds are up; they will
all simultaneously accesss the site again, and likely again get the same
502/503 errors. This causes them all to back off again, say, for 25 seconds.
Then they will all again contact the server again, at the same time, and so
on and so forth until either they all give up, or until the end of time,
whichever comes first.

(Yes, this is a simplified example, but it should get the point across. In
practice, at least a few users might get through every time, and eventually,
yes, everyone would get served if they are patient enough. But if everyone
uses different back-off values, then the traffic becomes somewhat more even,
and thus the servers can cope with the load more easily.)

-- 
Thanks,

Michael Chang

I may not be able to open heavily-formatted Word, Powerpoint, or Excel
documents. Send at your own risk.

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[chinaski007]

Yes, I am also having x-ratelimit not show up after I have received
"OK: 200" errors.

I believe this is due to timeout issues.

Specifically, I often find that I am returned partial JSON (lack of
closing syntax) without the ratelimit header, e.g.:

'_rc' => 200,
'_headers' => bless( {
'connection' => 'close',
'cache-control' => 'max-age=60, must-revalidate, max-age=300',
'status' => '200 OK',
'date' => 'Mon, 10 Aug 2009 23:47:29 GMT',
'vary' => 'Accept-Encoding',
'client-peer' => '168.143.162.123:80',
'age' => '0',
'client-date' => 'Mon, 10 Aug 2009 23:47:21 GMT',
'x-died' => 'read failed: Connection reset by peer at /usr/local/lib/
perl5/site_perl/5.8.8/LWP/Protocol/http.pm line 382.',
'content-type' => 'application/json; charset=utf-8',
'x-cache-svr' => 'c091.twitter.com',
'server' => 'hi',
'x-timeline-cache-hit' => 'Miss',
'x-served-by' => 'c091.twitter.com',
'client-response-num' => 1,
'content-length' => '43452',
'client-aborted' => 'die',
'via' => '1.1 varnish',
'x-cache' => 'MISS',
'x-served-from' => 'b032',
'expires' => 'Mon, 10 Aug 2009 23:52:28 GMT'
}, 'HTTP::Headers' ),
'_msg' => 'OK',



On Aug 10, 11:40 am, Ryan Sarver  wrote:
> Thanks Dewald. Generally speaking if you see a 502/503 you should do a
> geometric back off instead of just immediately re-requesting.
> Is anyone else seeing the X-RateLimit header not showing up some times?
>
> Thanks, Ryan
>
> On Mon, Aug 10, 2009 at 8:35 AM, Dewald Pretorius  wrote:
>
> > Ryan,
>
> > The 502s don't really bother me. It just slows me down a bit. My
> > Twitter lib automatically retries a request that 502'd.
>
> > The 200 OK responses that come back with the X-RateLimit headers
> > missing happen on all kinds of requests, both GETs and POSTs (more on
> > GETs as far as I can tell), and as far as I can see there is no
> > pattern. One request would return headers, and the very next request
> > to the same API method would not return the headers. Are these perhaps
> > requests have have been 302'd? I can't really check because cURL is
> > following the redirects on GETs.
>
> > Dewald
>
> > On Aug 10, 12:19 pm, Ryan Sarver  wrote:
> > > Can you all provide full packet dumps of the issues you are seeing? That
> > > will help us debug the type of request you are making and what the full
> > > response looks like.
> > > Thanks, Ryan
>
> > > On Mon, Aug 10, 2009 at 8:15 AM, Duane Roelands <
> > duane.roela...@gmail.com>wrote:
>
> > > > My users are seeing these as well.
>
> > > > On Aug 10, 10:22 am, Dewald Pretorius  wrote:
> > > > > Just to let you guys know that 502 Bad Gateway responses are coming
> > > > > thick and fast this morning (Monday).
>
> > > > > Dewald
>
>

[twitter-dev] Re: Following Churn: Specific guidance needed

[Cameron Kaiser]

> What are the specific rules regarding the type, quantity, and timing
> of bulk unfollowing that will result in account suspension?  It's very
> difficult to manage twitter accounts with the specter of seemingly
> arbitrary account suspensions looming without having more specific
> guidance on how TOS are interpreted.

As soon as you do that, the naughties will set up their software to do just
that, -1, to keep them just under the limit.

-- 
 personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com
-- You're never too old to become younger. -- Mae West 

[twitter-dev] Re: very long user id?

[Chad Etzel]

Interesting.  Can you please create an issue at:
http://code.google.com/p/twitter-api/issues/list

so we can track this?

Thanks,
-Chad

On Mon, Aug 10, 2009 at 4:59 PM, Haewoon wrote:
>
> Hi,
>
> For a last month, I collected followers of social graph API (http://
> apiwiki.twitter.com/Twitter-REST-API-Method:-followers%C2%A0ids).
> By examining a log file, I faced a very long user id.
> I found that these ids seldom appear and not consistently appear for
> even the same user.
>
> For example, in followings of users who having a large number of
> followers, CNN Breaking News (cnnbrk, 428333) and Padmasree
> (Padmasree, 15076390),
> I got a 3321571954804188093, 3321455406571630747, 3321455406573170176,
> 3321455406573170176 (for CNN), and 1742356692092190983 (for
> Padmasree).
>
> I searched development forum about this problem.
> I found some paging issues, but not related this problem.
>
> I used JSON as return type, and below was a response of a followers of
> CNN..
> The below list includes 3321571954804188093
>
> [24021913,24021094,24021377,23417952,24021659,21310988,10455172,24002374,22490539,19322281,24016413,23439946,2377761,24021332,24020991,24021528,20967015,12925952,24021872,24021148,24021684,18245633,24021895,19275273,24021960,20003342,24020145,18978334,24021631,24021693,22949064,24021511,24021771,23904532,24010639,24021480,24021596,21611439,24021097,16465210,23377694,23951697,19971856,15498810,24020483,24021324,24021477,24019163,23340344,24021437,23978688,24012983,17282007,24021454,17224706,24020266,24021247,17520275,19256627,23268304,24014901,24020423,24009013,24021067,24020984,24020346,24019494,24018612,24021160,24021034,15922366,23761799,24019967,24021117,24015065,23945473,22824302,24021013,24019309,24020788,24020863,806204,24020942,19470324,15698788,24018994,24020744,24020756,24020618,24017584,24020729,22540962,24020005,20397849,23953121,24020368,24020241,24020360,24015769,18120463,24015027,24020019,24013236,23938054,24020213,17377102,24017877,24019442,24020362,2399,24019835,16987364,24020375,24015586,24020382,24020443,14114613,24020296,24019965,8039962,24019834,24012402,24019091,24020216,24007848,24004925,21258329,24019027,24020134,24020030,24018138,18248854,24018541,24020098,19275917,15207668,24019485,24020104,23382714,3001131,24001059,23069068,18102028,24019270,24019685,24020036,23975653,23617234,24016678,24019896,24019516,24019819,20491560,24019671,23990453,24019672,23997125,16289998,24019845,24019680,17923843,24019053,23920434,24019644,24019551,24019721,20006448,24019663,16482230,24019459,24000277,24017946,24019667,18775035,21452433,24019368,24019447,24019689,24019656,24019453,23982643,24019595,24019652,23966533,24019360,24018626,20004716,24012139,23814768,14046322,24019428,24018903,19461416,24018996,23360854,24019376,24016409,24019433,23539785,23967223,24019514,24016300,20519446,24019292,24014076,24005255,23980727,20473384,17781252,17544710,24019290,24011060,24011741,24018543,22040568,24019145,24019152,24019217,24019206,24005575,24018930,16267259,24017791,24019094,14248778,24018353,24018999,15431665,24018769,24019051,24019115,15067648,24018352,19396613,23806943,24015906,22074519,1984,24018192,24018943,24018025,24018690,24018472,23987301,24015724,15919557,17215390,19371819,24018850,23667842,15628251,23992466,24018750,17564639,24018778,24018434,24018720,5968302,24018330,21928450,14940453,15623854,13720572,24018532,24012810,19677427,24016042,24016477,23887004,18558019,14225230,24018003,24017287,24017949,23986435,24017292,20664627,23133633,24016481,24018199,24014518,24006761,24018020,23995701,24018006,14175796,15331219,24018198,24017193,24013658,24018047,24018072,21620454,24012761,24017545,24016168,24017519,24017362,14630724,24017770,24017796,23645448,24005663,24016376,21544110,21911731,14114083,24015877,24016526,24011958,19572868,23810779,17977238,21908587,24017878,23884546,24017649,24015462,24017646,24017291,24016060,24014844,24014538,23954759,24017165,24017372,24007387,18042005,21733002,24009198,24016508,17365705,24017435,19307505,24005538,17466416,24017313,24017207,21453585,18808431,24016130,24017111,24017192,9037672,24008689,24017329,7261622,24017299,23761916,14237811,24016725,24015990,24016830,17126053,24016287,24016993,24017004,24017129,24016970,20769678,24015384,22071755,20806715,24016426,24013398,21912570,24017097,24017079,14066010,21773591,24016432,24016663,24016420,16069675,14353454,24016647,19427295,23974574,16704798,24008239,24015528,24016296,24015972,23364251,24012180,24016690,24016250,5819712,24016366,24016542,24016479,20194880,16928082,22762139,24016367,14415346,17130922,24003179,24004957,24016450,23808648,24016201,24016248,24015966,24016435,24014905,24015971,24016346,21947541,24016395,16711375,23977582,22161364,24005802,24014734,24015937,24016083,24016075,16632209,23659002,24011704,24011894,24014976,24015795,24015731,24013481,24016196,24014509,24005241,23736122,16136825,24001259,24015831,22741475,24013173,22545990,24016062,24010222,24016069,24015875,24008301,240

[twitter-dev] very long user id?

[Haewoon]

Hi,

For a last month, I collected followers of social graph API (http://
apiwiki.twitter.com/Twitter-REST-API-Method:-followers%C2%A0ids).
By examining a log file, I faced a very long user id.
I found that these ids seldom appear and not consistently appear for
even the same user.

For example, in followings of users who having a large number of
followers, CNN Breaking News (cnnbrk, 428333) and Padmasree
(Padmasree, 15076390),
I got a 3321571954804188093, 3321455406571630747, 3321455406573170176,
3321455406573170176 (for CNN), and 1742356692092190983 (for
Padmasree).

I searched development forum about this problem.
I found some paging issues, but not related this problem.

I used JSON as return type, and below was a response of a followers of
CNN..
The below list includes 3321571954804188093

[24021913,24021094,24021377,23417952,24021659,21310988,10455172,24002374,22490539,19322281,24016413,23439946,2377761,24021332,24020991,24021528,20967015,12925952,24021872,24021148,24021684,18245633,24021895,19275273,24021960,20003342,24020145,18978334,24021631,24021693,22949064,24021511,24021771,23904532,24010639,24021480,24021596,21611439,24021097,16465210,23377694,23951697,19971856,15498810,24020483,24021324,24021477,24019163,23340344,24021437,23978688,24012983,17282007,24021454,17224706,24020266,24021247,17520275,19256627,23268304,24014901,24020423,24009013,24021067,24020984,24020346,24019494,24018612,24021160,24021034,15922366,23761799,24019967,24021117,24015065,23945473,22824302,24021013,24019309,24020788,24020863,806204,24020942,19470324,15698788,24018994,24020744,24020756,24020618,24017584,24020729,22540962,24020005,20397849,23953121,24020368,24020241,24020360,24015769,18120463,24015027,24020019,24013236,23938054,24020213,17377102,24017877,24019442,24020362,2399,24019835,16987364,24020375,24015586,24020382,24020443,14114613,24020296,24019965,8039962,24019834,24012402,24019091,24020216,24007848,24004925,21258329,24019027,24020134,24020030,24018138,18248854,24018541,24020098,19275917,15207668,24019485,24020104,23382714,3001131,24001059,23069068,18102028,24019270,24019685,24020036,23975653,23617234,24016678,24019896,24019516,24019819,20491560,24019671,23990453,24019672,23997125,16289998,24019845,24019680,17923843,24019053,23920434,24019644,24019551,24019721,20006448,24019663,16482230,24019459,24000277,24017946,24019667,18775035,21452433,24019368,24019447,24019689,24019656,24019453,23982643,24019595,24019652,23966533,24019360,24018626,20004716,24012139,23814768,14046322,24019428,24018903,19461416,24018996,23360854,24019376,24016409,24019433,23539785,23967223,24019514,24016300,20519446,24019292,24014076,24005255,23980727,20473384,17781252,17544710,24019290,24011060,24011741,24018543,22040568,24019145,24019152,24019217,24019206,24005575,24018930,16267259,24017791,24019094,14248778,24018353,24018999,15431665,24018769,24019051,24019115,15067648,24018352,19396613,23806943,24015906,22074519,1984,24018192,24018943,24018025,24018690,24018472,23987301,24015724,15919557,17215390,19371819,24018850,23667842,15628251,23992466,24018750,17564639,24018778,24018434,24018720,5968302,24018330,21928450,14940453,15623854,13720572,24018532,24012810,19677427,24016042,24016477,23887004,18558019,14225230,24018003,24017287,24017949,23986435,24017292,20664627,23133633,24016481,24018199,24014518,24006761,24018020,23995701,24018006,14175796,15331219,24018198,24017193,24013658,24018047,24018072,21620454,24012761,24017545,24016168,24017519,24017362,14630724,24017770,24017796,23645448,24005663,24016376,21544110,21911731,14114083,24015877,24016526,24011958,19572868,23810779,17977238,21908587,24017878,23884546,24017649,24015462,24017646,24017291,24016060,24014844,24014538,23954759,24017165,24017372,24007387,18042005,21733002,24009198,24016508,17365705,24017435,19307505,24005538,17466416,24017313,24017207,21453585,18808431,24016130,24017111,24017192,9037672,24008689,24017329,7261622,24017299,23761916,14237811,24016725,24015990,24016830,17126053,24016287,24016993,24017004,24017129,24016970,20769678,24015384,22071755,20806715,24016426,24013398,21912570,24017097,24017079,14066010,21773591,24016432,24016663,24016420,16069675,14353454,24016647,19427295,23974574,16704798,24008239,24015528,24016296,24015972,23364251,24012180,24016690,24016250,5819712,24016366,24016542,24016479,20194880,16928082,22762139,24016367,14415346,17130922,24003179,24004957,24016450,23808648,24016201,24016248,24015966,24016435,24014905,24015971,24016346,21947541,24016395,16711375,23977582,22161364,24005802,24014734,24015937,24016083,24016075,16632209,23659002,24011704,24011894,24014976,24015795,24015731,24013481,24016196,24014509,24005241,23736122,16136825,24001259,24015831,22741475,24013173,22545990,24016062,24010222,24016069,24015875,24008301,24015603,14414773,14939416,24010598,24015881,24015934,17216743,23390991,22691873,19256840,23640711,21872534,17942454,24015579,24015282,24015359,21976308,24015677,24015308,15753813,23894205,24015749,24014606,24015147,24015534,240154

[twitter-dev] Following Churn: Specific guidance needed

[IDOLpeeps]

Twitter recently started suspending accounts which bulk unfollow those
who don't follow back for Terms of Service Violation (see:
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/1aeb1f40ff665f78/955da80afd36ca4d?lnk=gst&q=follower+churn#955da80afd36ca4d).
This policy has it's supporters and detractors. What it does not yet
have is specific guidance describing the specific limitations on bulk
unfollowing which, when not done for "following churn", has it's
legitimate purposes.

Heretofore several utility applications provided a bulk unfollow
function to end users (most commonly as a method of recruiting
followers by following people in the hope they'd follow back and then
unfollowing those who didn't) and some "real" twitter users (ie, not
spammers) used this method to building their followers.  As there are
still bona fide rreasons for bulk unfollowing friends, it would be
extremely helpulf if Twitter can provide more clear guidance about
what type of bulk unfollowing exactly will flag an account for
suspension?

For example, does unfollowing several hundred friends whether they are
following an account or not constitute the type of bulk unfollowing
that will get an account suspended?  Popular blogger Robert Scoble
just had a script unfollow ALL his friends (http://scobleizer.com/
2009/08/05/you-are-so-unfollowed/) successfully, yet a friend of mine
unfollowed all his friends and his account was suspended later that
same day.  And another friend used a third party unfollow script to
get her friends number below the 2,000 limit and her account was
suspended.

What are the specific rules regarding the type, quantity, and timing
of bulk unfollowing that will result in account suspension?  It's very
difficult to manage twitter accounts with the specter of seemingly
arbitrary account suspensions looming without having more specific
guidance on how TOS are interpreted.

[twitter-dev] OAuth vs. Basic authentication strictly on iPhone

[Bradley S. O'Hearne]

All,

I don't want to kick this subject to death, as there was a lengthy  
thread on general OAuth vs. Basic auth -- I want to restrict this  
question strictly to the scope of iPhone apps. Having pored over the  
OAuth vs. Basic authentication process, I have a question, given the  
following assumptions:


- The iPhone app is communicating directly with Twitter, i.e. not  
through some third-party means.


- The iPhone app requires authentication at the beginning of each  
application runtime (i.e. each time the app is run the user has to  
type in their password).


- The password is cached only in memory, for the life of that specific  
runtime (i.e. when the user quits the app, the password is released).


- The password is NEVER persisted anywhere, i.e. never stored to disk.

- All network communication with Twitter takes place over HTTPS.

If all of those things are true in an iPhone app, how is OAuth  
superior in any way to basic authentication from a security  
standpoint? Furthermore, given having to introduce a foreign UI  
element and extra authentication steps over the web, could OAuth even  
be considered inferior when evaluated as a whole as an authentication  
means for the iPhone, when app branding, integration, and ease of use  
are considered?


Mind you, the purpose of this post is not in any way to incite a  
religious war or stir the pot, it is to definitively establish the  
true pros and cons of each authentication means within the specific  
use case of the iPhone only. Many of the other OAuth / Basic auth  
threads are somewhat overridden with personally charged statements  
that I'd rather ignore them.


Anyway, your constructive views are most appreciated.

Regards,

Brad

[twitter-dev] Re: Twitter Update, 8/10 noon PST

[Dewald Pretorius]

On Aug 10, 3:57 pm, Ryan Sarver  wrote:
> As such the system has more general strain on it and thus will
> produce some more 502/503 errors. If you see them, you should do a geometric
> back off instead of just sending a new request.

Ryan,

What starting value and what common ratio of a geometric back off
would you recommend?

Dewald

[twitter-dev] Re: using oauth - difference between authorize and authenticate URLs?

[Abraham Williams]

2009/8/10 sasha 

> Here is my follow up question - if my user have been previously
> authenticated, and I now have the access token and secret, why would I
> use the "authenticate" call vs. just using the "view credentials"
> call?  In other words, by using "view credentials" I am just making
> sure that the access token is still valid, and I am effectively
> accomplishing the same thing.
>

Account/verify_credentials should be used to test access tokens no matter
which endpoint you use.

Oauth/authenticate works just like oauth/authorize in that it is used in the
process to get access tokens. It just skips a few steps.

-- 
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
Project | http://fireeagle.labs.poseurtech.com
This email is: [ ] blogable [x] ask first [ ] private.
Sent from Fairbanks, Alaska, United States

[twitter-dev] Twitter Update, 8/10 noon PST

[Ryan Sarver]

Wanted to send out a status update and let everyone know where the situation
stands as of today at noon.
- Most developers are reporting being back in operation as of noon on Sunday
- We have changed our defenses to make sure API developers are better
supported. As such the system has more general strain on it and thus will
produce some more 502/503 errors. If you see them, you should do a geometric
back off instead of just sending a new request.
- OAuth should be fully operational
- If you continue to have unexpected errors, please produce a packet trace
so we can help debug and define the issue.

I will continue to give periodic updates throughout the day as we know more,
but as most apps are back in action the updates will be more based on new
news. Please continue to let us know of any unexpected issues you may have.

Thanks again for your continued patience and support.

Best, Ryan

[twitter-dev] terrible! my statuses lose! from 3000+ to 84

[bang]

I began to use twitter one year ago. I have been posted statuses no
less than 3000, but today I found my statuses count become 84! Then I
go to twitter homepage to see my statuses, I can only see 84
statuses. why does this happend? Can I have my missing statuses
again?

[twitter-dev] Re: Invalid / used nonce

[Rob O'Brien]

I'm getting the same response. All weekend, I chalked it up to being an
issue during recovery of the systems, but I'm still seeing it this morning
on 100% of my calls. It was working before the attack.

401:Authentication credentials were missing or incorrect.  
/followers/ids.xml Invalid / used nonce


Rob O'Brien
Web Application Developer & Consultant
r...@zepoid.com
  
  
 

-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of graceawalker
Sent: Monday, August 10, 2009 6:15 AM
To: Twitter Development Talk
Subject: [twitter-dev] Invalid / used nonce


I am calling and getting the whole way up to getting the access token
just fine in my app (one im writing myself in c#), but when i try and
call the update status URL im getting an 'Invalid/used nonce' error in
my response data. Im not sure why this is, im calling the update
method in the exact same way that i called request token apart from
the new 'status' parameter in the query string. I call 'verify
credentials' with my access token to ensure that it is working and it
sends me back all of the correct data, but it is erroring when trying
to update my status. Is there any obvious solution to this, or am i
not supposed to be signing and organising the parameters in the same
way that i did before? Im really stuck here guys and need help!

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Ryan Sarver]

Thanks Dewald. Generally speaking if you see a 502/503 you should do a
geometric back off instead of just immediately re-requesting.
Is anyone else seeing the X-RateLimit header not showing up some times?

Thanks, Ryan

On Mon, Aug 10, 2009 at 8:35 AM, Dewald Pretorius  wrote:

>
> Ryan,
>
> The 502s don't really bother me. It just slows me down a bit. My
> Twitter lib automatically retries a request that 502'd.
>
> The 200 OK responses that come back with the X-RateLimit headers
> missing happen on all kinds of requests, both GETs and POSTs (more on
> GETs as far as I can tell), and as far as I can see there is no
> pattern. One request would return headers, and the very next request
> to the same API method would not return the headers. Are these perhaps
> requests have have been 302'd? I can't really check because cURL is
> following the redirects on GETs.
>
> Dewald
>
> On Aug 10, 12:19 pm, Ryan Sarver  wrote:
> > Can you all provide full packet dumps of the issues you are seeing? That
> > will help us debug the type of request you are making and what the full
> > response looks like.
> > Thanks, Ryan
> >
> > On Mon, Aug 10, 2009 at 8:15 AM, Duane Roelands <
> duane.roela...@gmail.com>wrote:
> >
> >
> >
> > > My users are seeing these as well.
> >
> > > On Aug 10, 10:22 am, Dewald Pretorius  wrote:
> > > > Just to let you guys know that 502 Bad Gateway responses are coming
> > > > thick and fast this morning (Monday).
> >
> > > > Dewald
>

[twitter-dev] External API Team App Test Site

[Dewald Pretorius]

Does the API team have a "test third-party app", from where you can
experience and test the API from a consumer's perspective?

If not, I think it may be helpful to you to have something like that.
You don't need to run it at full stress all the time.

When you roll out a mod to the API, or at times like these, you can
run tests and do detail logging. That will enable you to detect and
fix issues long before we start yelling at you.

Dewald

[twitter-dev] TwitterLand - Ruby wrapper for many Twitter-related APIs

[Wynn Netherland]

I'd like to thank those of you who have released your own APIs for the
apps you've built on top of Twitter. If you're using Ruby, we've
bundled up our wrappers for many of them into a new gem called
TwitterLand. Please check it out and let us know if you'd like to see
new APIs added or fork us on GitHub and contribute.

http://www.rubyinside.com/twitterland-5-twitter-data-apis-in-a-single-gem-2215.html

Thanks,

Wynn Netherland
// @pengwynn

[twitter-dev] Tweepy -- python library

[Josh Roesslein]

Hello twitter developers:

Just posting here to announce a library for python I have been putting
together.
It supports pretty much the entire twitter API's endpoints. This includes
the search
and streaming APIs. The library also works fine with OAuth authentication.

I have the library hosted here: http://gitorious.org/tweepy
or if you are on Github: http://github.com/joshthecoder/tweepy

If you are searching for a python library for twitter check it out.
If you have any questions ask here or on twe...@googegroups.com

Also if someone with write permission on the api wiki could list my library
under the python category I would much appreciate it.

Thank you for your time and hope you enjoy this library and find it useful.

Josh

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Dewald Pretorius]

Ryan,

The 502s don't really bother me. It just slows me down a bit. My
Twitter lib automatically retries a request that 502'd.

The 200 OK responses that come back with the X-RateLimit headers
missing happen on all kinds of requests, both GETs and POSTs (more on
GETs as far as I can tell), and as far as I can see there is no
pattern. One request would return headers, and the very next request
to the same API method would not return the headers. Are these perhaps
requests have have been 302'd? I can't really check because cURL is
following the redirects on GETs.

Dewald

On Aug 10, 12:19 pm, Ryan Sarver  wrote:
> Can you all provide full packet dumps of the issues you are seeing? That
> will help us debug the type of request you are making and what the full
> response looks like.
> Thanks, Ryan
>
> On Mon, Aug 10, 2009 at 8:15 AM, Duane Roelands 
> wrote:
>
>
>
> > My users are seeing these as well.
>
> > On Aug 10, 10:22 am, Dewald Pretorius  wrote:
> > > Just to let you guys know that 502 Bad Gateway responses are coming
> > > thick and fast this morning (Monday).
>
> > > Dewald

[twitter-dev] Re: twitter Apis not working

[Ryan Sarver]

Duane,
I posted it in another thread, but can you please provide full packet dumps
of the issues you are seeing? Also, please provide more detail around what
API you are calling, how many times an hour and
the exact issue you are seeing.

Thanks, Ryan

On Mon, Aug 10, 2009 at 8:02 AM, Duane Roelands wrote:

>
> I'm still having API issues
>
> On Aug 10, 10:11 am, John Kalucki  wrote:
> > Sultan,
> >
> > All functionality should have been restored on Sunday before noon, but
> > various actions may be slow and sometimes time out.
> >
> > Have you read:
> http://groups.google.com/group/twitter-development-talk/browse_frm/th...
> > ?
> >
> > Please retest your app and send a...@twitter.com detailed information
> > about exactly what is failing, including your IP address.
> >
> > Thanks,
> > John Kaluckihttp://twitter.com/jkalucki
> > Services, Twitter Inc.
> >
> > On Aug 10, 5:13 am, Sultan Saadat  wrote:
> >
> >
> >
> > > i think the reprecussions of the DDOS attack on twitter are still
> > > prevailing. My application is still unable to access anything and i
> > > cannot register my new application. Some issue with api limit and the
> > > oauth module. The past 2 days have been frustrating for me. When will
> > > twitter fix all issues?
>

[twitter-dev] Re: using oauth - difference between authorize and authenticate URLs?

[sasha]

Abraham, thanks for a quick reply...

I see what you are saying...

Here is my follow up question - if my user have been previously
authenticated, and I now have the access token and secret, why would I
use the "authenticate" call vs. just using the "view credentials"
call?  In other words, by using "view credentials" I am just making
sure that the access token is still valid, and I am effectively
accomplishing the same thing.

All in all, I agree with Chris - ideally, access and authentication
should be very distinct.  Twitter Oauth is still a step in the right
direction vs. basic HTTP auth, but would be nice to have a strictly
authentication-based call that wouldn't require user to grant the
consumer any kind of access to personal data.

It would be nice to have someone from the team to weigh in here to
understand their rationale for this kind of implementation of
authentication - is it an issue of resource constraints or is it
something else?

Cheers

On Aug 10, 12:48 am, Abraham Williams <4bra...@gmail.com> wrote:
> The difference between authenticate and authorize is that if the user is
> already logged into Twitter and previously approved your application when
> hitting the authenticate URL they will bounce directly back to your
> application without seeing the allow prompt or any page from Twitter. With
> authorize they will always see the allow prompt.
>
> As for privileges. Those are controlled with the access (read) and
> access/update (read/write) that set your application for or pass to Twitter
> when getting request tokens. They act the same no matter which method you
> use.
>
> Abraham
>
> 2009/8/9 Chris Babcock 
>
>
>
>
>
>
>
> > > I looked through the API, the online discussion, and wrote test code
> > > to check both the authorize and authenticate methods.  I have not been
> > > able to find any difference between the two, apart from the request
> > > URL (and, perhaps, some differences in language between Twitter's
> > > authorize and authenticate pages).
>
> > > Are there any differences - or have the two URLs been implemented to
> > > logically separate standard Oauth from "Sign in with Twitter", but are
> > > otherwise identical?
>
> > > The reason I am asking is because I expected "authentication" to be
> > > just that - with no rights or privileges to read or write to user's
> > > Twitter account.  It appears that when I use "sign in with Twitter", I
> > > effectively gain the same level of privileges as I do via the standard
> > > Oauth authorize flow.
>
> > This was contrary to my expectations also, but it's in the OAuth specs,
> > "OAuth authentication is the process in which Users grant access to
> > their Protected Resources without sharing their credentials with the
> > Consumer." -http://oauth.net/core/1.0/#anchor9
>
> > I'm somewhat disappointed. "Access" is the definition of authorization,
> > not authentication. I would like to be able to differentiate between
> > "prove who you are" and "give me the means to impersonate you."
>
> > Chris Babcock
>
> --
> Abraham Williams | Community Evangelist |http://web608.org
> Hacker |http://abrah.am|http://twitter.com/abraham
> Project |http://fireeagle.labs.poseurtech.com
> This email is: [ ] blogable [x] ask first [ ] private.- Hide quoted text -
>
> - Show quoted text -

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Ryan Sarver]

Can you all provide full packet dumps of the issues you are seeing? That
will help us debug the type of request you are making and what the full
response looks like.
Thanks, Ryan

On Mon, Aug 10, 2009 at 8:15 AM, Duane Roelands wrote:

>
> My users are seeing these as well.
>
> On Aug 10, 10:22 am, Dewald Pretorius  wrote:
> > Just to let you guys know that 502 Bad Gateway responses are coming
> > thick and fast this morning (Monday).
> >
> > Dewald
>

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Duane Roelands]

My users are seeing these as well.

On Aug 10, 10:22 am, Dewald Pretorius  wrote:
> Just to let you guys know that 502 Bad Gateway responses are coming
> thick and fast this morning (Monday).
>
> Dewald

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[JDG]

you're obviously subscribed to the group. either you subscribed or someone
did for you. log in to groups.google.com and unsubscribe.

On Mon, Aug 10, 2009 at 08:59, timothy willan wrote:

> Hello Ryan I'm timothy not surwe why I'm receiving all twitter Development
> emails, let me know Thanks
>
> On Sun, Aug 9, 2009 at 3:13 PM, Ryan Sarver  wrote:
>
>> *Finally* have what we hope is good news for everyone. As of about 10
>> minutes ago we have been able to restore critical parts of API operation
>> that should have great affect on your apps. As such, most of your apps
>> should begin to function normally again. I have tested a few OAuth apps and
>> they seem to be working as expected.
>>
>> Please test your apps from their standard configs to see what results you
>> get and let us know. I am primarily interested in unexpected throttling and
>> issues with OAuth.
>>
>> I look forward to hearing the results and thanks again for your
>> assistance.
>>
>> Best, Ryan
>>
>
>
>
> --
> "The solution to building a strong country is to make its citizens
> strong...To make U.S. citizens strong you need to make them their own
> boss... in control of their own destiny... happy about life and the
> direction that life is taking them... that is what will make the U.S.
> citizens strong again. THAT is what built this country into the FREE nation
> that it is today{."Winning means being unafraid to lose."
> timothywil...@gmail.com
> Timothy Willan
> 2214 Ardenwood dr.
> Spring Hill Fl. 346109
> 352-585-1264
>
>
>


-- 
Internets. Serious business.

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Marco Kaiser]

most likely because you subscribed to the group

you can go to http://groups.google.com/group/twitter-development-talk/ to
manage your subscription status

Marco

2009/8/10 timothy willan 

> Hello Ryan I'm timothy not surwe why I'm receiving all twitter Development
> emails, let me know Thanks
>
> On Sun, Aug 9, 2009 at 3:13 PM, Ryan Sarver  wrote:
>
>> *Finally* have what we hope is good news for everyone. As of about 10
>> minutes ago we have been able to restore critical parts of API operation
>> that should have great affect on your apps. As such, most of your apps
>> should begin to function normally again. I have tested a few OAuth apps and
>> they seem to be working as expected.
>>
>> Please test your apps from their standard configs to see what results you
>> get and let us know. I am primarily interested in unexpected throttling and
>> issues with OAuth.
>>
>> I look forward to hearing the results and thanks again for your
>> assistance.
>>
>> Best, Ryan
>>
>
>
>
> --
> "The solution to building a strong country is to make its citizens
> strong...To make U.S. citizens strong you need to make them their own
> boss... in control of their own destiny... happy about life and the
> direction that life is taking them... that is what will make the U.S.
> citizens strong again. THAT is what built this country into the FREE nation
> that it is today{."Winning means being unafraid to lose."
> timothywil...@gmail.com
> Timothy Willan
> 2214 Ardenwood dr.
> Spring Hill Fl. 346109
> 352-585-1264
>
>
>

[twitter-dev] Re: twitter Apis not working

[Duane Roelands]

I'm still having API issues

On Aug 10, 10:11 am, John Kalucki  wrote:
> Sultan,
>
> All functionality should have been restored on Sunday before noon, but
> various actions may be slow and sometimes time out.
>
> Have you 
> read:http://groups.google.com/group/twitter-development-talk/browse_frm/th...
> ?
>
> Please retest your app and send a...@twitter.com detailed information
> about exactly what is failing, including your IP address.
>
> Thanks,
> John Kaluckihttp://twitter.com/jkalucki
> Services, Twitter Inc.
>
> On Aug 10, 5:13 am, Sultan Saadat  wrote:
>
>
>
> > i think the reprecussions of the DDOS attack on twitter are still
> > prevailing. My application is still unable to access anything and i
> > cannot register my new application. Some issue with api limit and the
> > oauth module. The past 2 days have been frustrating for me. When will
> > twitter fix all issues?

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[timothy willan]

Hello Ryan I'm timothy not surwe why I'm receiving all twitter Development
emails, let me know Thanks

On Sun, Aug 9, 2009 at 3:13 PM, Ryan Sarver  wrote:

> *Finally* have what we hope is good news for everyone. As of about 10
> minutes ago we have been able to restore critical parts of API operation
> that should have great affect on your apps. As such, most of your apps
> should begin to function normally again. I have tested a few OAuth apps and
> they seem to be working as expected.
>
> Please test your apps from their standard configs to see what results you
> get and let us know. I am primarily interested in unexpected throttling and
> issues with OAuth.
>
> I look forward to hearing the results and thanks again for your assistance.
>
> Best, Ryan
>



-- 
"The solution to building a strong country is to make its citizens
strong...To make U.S. citizens strong you need to make them their own
boss... in control of their own destiny... happy about life and the
direction that life is taking them... that is what will make the U.S.
citizens strong again. THAT is what built this country into the FREE nation
that it is today{."Winning means being unafraid to lose."
timothywil...@gmail.com
Timothy Willan
2214 Ardenwood dr.
Spring Hill Fl. 346109
352-585-1264

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[JV]

I am still getting

"HTTP Error 409: Conflict"

from the search API, once every 15mins on an average.

JV
On Aug 10, 12:13 am, Ryan Sarver  wrote:
> *Finally* have what we hope is good news for everyone. As of about 10
> minutes ago we have been able to restore critical parts of API operation
> that should have great affect on your apps. As such, most of your apps
> should begin to function normally again. I have tested a few OAuth apps and
> they seem to be working as expected.
>
> Please test your apps from their standard configs to see what results you
> get and let us know. I am primarily interested in unexpected throttling and
> issues with OAuth.
>
> I look forward to hearing the results and thanks again for your assistance.
>
> Best, Ryan

[twitter-dev] Twitter accented char and encoding

[Eagle1]

Hi there !

i'm trying to configure a twitter scheduled script and i having
problem to send accented char !
I know that i have to encode and utf8 encode before sending, and I do
it :
$status = urlencode(utf8_encode($status));

my request :
http://twitter.com/statuses/update
I'm using curl

The problem is that  it is sending well the encoded value, but it
appears encoded on twitter...

here my code :
public function update( $status, $url = NULL, $replying_to = false )
{
$status = urlencode(utf8_encode($status));
if( !in_array( $this->type, array( 'xml','json' ) ) )
return false;

$request = 'http://twitter.com/statuses/update.' . $this-
>type;

// If the status is more than 117 chars, it cut them
$status = $this->_cut($status);

// If a url is sent with the status, it go through a shorting 
url
service
if( $url )  $shorturl = $this->_shorturl($url);

$postargs = array( 'status' => urlencode(utf8_encode($status.
$shorturl)) );
if( $replying_to )
$postargs['in_reply_to_status_id'] = (int) $replying_to;

return $this->_objectify( $this->_process($request, $postargs) 
);
}

private function _process($url,$postargs=false)
{
$url = ( $this->suppress_response_code ) ? $url .
'&suppress_response_code=true' : $url;
$ch = curl_init($url);
if($postargs !== false)
{
curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS,$postargs);
}

if($this->_username !== false && $this->_password !== false)
curl_setopt($ch, CURLOPT_USERPWD, 
$this->_username.':'.$this-
>_password );

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_NOBODY, 0);
if( $this->debug ) :
curl_setopt($ch, CURLOPT_HEADER, true);
else :
curl_setopt($ch, CURLOPT_HEADER, false);
endif;
curl_setopt($ch, CURLOPT_USERAGENT, $this->user_agent);
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $this->headers);

$response = curl_exec($ch);

$this->responseInfo=curl_getinfo($ch);
curl_close($ch);


if( $this->debug ) :
$debug = preg_split("#\n\s*\n|\r\n\s*\r\n#m", $response);
echo'' . $debug[0] . ''; exit;
endif;

if( intval( $this->responseInfo['http_code'] ) == 200 )
return $response;
else
return false;
}

[twitter-dev] Re: Registering new applications should not be blocked

[Andrew Badera]

Timmy!


On Mon, Aug 10, 2009 at 10:41 AM, timothy willan wrote:

> Why am I getting this! Not sure it's for me
>
>
> On Mon, Aug 10, 2009 at 10:29 AM, John Kalucki  wrote:
>
>>
>> I don't work on the API team, and normally don't respond to REST API
>> questions, so please bear with any inaccuracies:
>>
>> I haven't heard anything about Twitter explicitly turning application
>> registration off. I believe that all parts of Twitter.com should be
>> working correctly -- albeit sometimes slowly or with timeouts or with
>> 503s... but everything should be working.
>>
>> I've escalated the app registration issue to the API team. I cannot
>> offer a response time as I don't know what any of the issues are or
>> what the priority would be for fixing this problem. It might be
>> helpful to have a detailed trace of a failure or two sent to
>> a...@twitter.com should a resource become available to look at this
>> issue.
>>
>> -John Kalucki
>> http://twitter.com/jkalucki
>> Services, Twitter Inc.
>>
>>
>
>
> --
> "The solution to building a strong country is to make its citizens
> strong...To make U.S. citizens strong you need to make them their own
> boss... in control of their own destiny... happy about life and the
> direction that life is taking them... that is what will make the U.S.
> citizens strong again. THAT is what built this country into the FREE nation
> that it is today{."Winning means being unafraid to lose."
> timothywil...@gmail.com
> Timothy Willan
> 2214 Ardenwood dr.
> Spring Hill Fl. 346109
> 352-585-1264
>
>
>

[twitter-dev] Re: [Feature Request] Hiding certain Hashtags

[Duane Roelands]

Since we're pimping our stuff... :)

Quitter is a quiet little Twitter client for Windows that provides
filtering.
- You can filter specific hashtags
- You can filter specific users (doesn't block - just hides their
tweets in Quitter)
- You can filter specific words

Conversely, you can also choose to -highlight- any tweet based on
hashtag, user, or word content as well.

Quitter is and will always be free.
http://www.GetQuitter.com

On Aug 10, 10:19 am, "Michael Paladino" 
wrote:
> You can always recommend your friends use the "Filter this column" feature
> of TweetDeck.  Not the best solution for your exact scenario, but at least
> it's something.
>
> You also may want to take a look at a product that my team recently
> developed called TidyTweet (http://tidytweet.com).  It allows extensive
> filtering of a search-based Twitter feed and provides the results as RSS,
> JSON, or a javascript/HTML widget for embedding on a website.  At this
> point, we have no way of tying into the individual user timeline, but we are
> working on an API that will hopefully allow other apps to tie into our
> functionality.  This may not be exactly what you're looking for, but I
> thought it was relevant enough to include in the discussion.
>
> Thanks.
> Michael Paladinohttp://tidytweet.com
>
>
>
> -Original Message-
> From: twitter-development-talk@googlegroups.com
>
> [mailto:twitter-development-t...@googlegroups.com] On Behalf Of georg mahr
> Sent: Sunday, August 09, 2009 9:19 AM
> To: Twitter Development Talk
> Subject: [twitter-dev] [Feature Request] Hiding certain Hashtags
>
> Hi,
>
> what do you guys think about a feature making it possible to hide
> certain hashtags?
>
> I came across this idea, when the new football season began. My
> followers split up into two groups: Those who like football and want
> to read about it and those who don't like football. I like to twitter
> about football but I'm afraid that some of my followers tend to
> unfollow me because my football noise is too much for them.
>
> I think it'd be a nice feature to set posts with certain hashtags to
> "hidden" or something like that.
>
> Just tell me your thoughts - is this nonsense, if so - why? Or does
> this already exist..
>
> best regards,
>
> @georgmahr

[twitter-dev] Re: Registering new applications should not be blocked

[timothy willan]

Why am I getting this! Not sure it's for me

On Mon, Aug 10, 2009 at 10:29 AM, John Kalucki  wrote:

>
> I don't work on the API team, and normally don't respond to REST API
> questions, so please bear with any inaccuracies:
>
> I haven't heard anything about Twitter explicitly turning application
> registration off. I believe that all parts of Twitter.com should be
> working correctly -- albeit sometimes slowly or with timeouts or with
> 503s... but everything should be working.
>
> I've escalated the app registration issue to the API team. I cannot
> offer a response time as I don't know what any of the issues are or
> what the priority would be for fixing this problem. It might be
> helpful to have a detailed trace of a failure or two sent to
> a...@twitter.com should a resource become available to look at this
> issue.
>
> -John Kalucki
> http://twitter.com/jkalucki
> Services, Twitter Inc.
>
>


-- 
"The solution to building a strong country is to make its citizens
strong...To make U.S. citizens strong you need to make them their own
boss... in control of their own destiny... happy about life and the
direction that life is taking them... that is what will make the U.S.
citizens strong again. THAT is what built this country into the FREE nation
that it is today{."Winning means being unafraid to lose."
timothywil...@gmail.com
Timothy Willan
2214 Ardenwood dr.
Spring Hill Fl. 346109
352-585-1264

[twitter-dev] Registering new applications should not be blocked

[John Kalucki]

I don't work on the API team, and normally don't respond to REST API
questions, so please bear with any inaccuracies:

I haven't heard anything about Twitter explicitly turning application
registration off. I believe that all parts of Twitter.com should be
working correctly -- albeit sometimes slowly or with timeouts or with
503s... but everything should be working.

I've escalated the app registration issue to the API team. I cannot
offer a response time as I don't know what any of the issues are or
what the priority would be for fixing this problem. It might be
helpful to have a detailed trace of a failure or two sent to
a...@twitter.com should a resource become available to look at this
issue.

-John Kalucki
http://twitter.com/jkalucki
Services, Twitter Inc.

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Dewald Pretorius]

Just to let you guys know that 502 Bad Gateway responses are coming
thick and fast this morning (Monday).

Dewald

[twitter-dev] Re: [Feature Request] Hiding certain Hashtags

[Michael Paladino]

You can always recommend your friends use the "Filter this column" feature
of TweetDeck.  Not the best solution for your exact scenario, but at least
it's something.

You also may want to take a look at a product that my team recently
developed called TidyTweet (http://tidytweet.com).  It allows extensive
filtering of a search-based Twitter feed and provides the results as RSS,
JSON, or a javascript/HTML widget for embedding on a website.  At this
point, we have no way of tying into the individual user timeline, but we are
working on an API that will hopefully allow other apps to tie into our
functionality.  This may not be exactly what you're looking for, but I
thought it was relevant enough to include in the discussion.

Thanks.
Michael Paladino
http://tidytweet.com


-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of georg mahr
Sent: Sunday, August 09, 2009 9:19 AM
To: Twitter Development Talk
Subject: [twitter-dev] [Feature Request] Hiding certain Hashtags


Hi,

what do you guys think about a feature making it possible to hide
certain hashtags?

I came across this idea, when the new football season began. My
followers split up into two groups: Those who like football and want
to read about it and those who don't like football. I like to twitter
about football but I'm afraid that some of my followers tend to
unfollow me because my football noise is too much for them.

I think it'd be a nice feature to set posts with certain hashtags to
"hidden" or something like that.

Just tell me your thoughts - is this nonsense, if so - why? Or does
this already exist..

best regards,

@georgmahr

[twitter-dev] Re: twitter Apis not working

[John Kalucki]

Sultan,

All functionality should have been restored on Sunday before noon, but
various actions may be slow and sometimes time out.

Have you read: 
http://groups.google.com/group/twitter-development-talk/browse_frm/thread/3ada5cc250fbe256
?

Please retest your app and send a...@twitter.com detailed information
about exactly what is failing, including your IP address.

Thanks,
John Kalucki
http://twitter.com/jkalucki
Services, Twitter Inc.

On Aug 10, 5:13 am, Sultan Saadat  wrote:
> i think the reprecussions of the DDOS attack on twitter are still
> prevailing. My application is still unable to access anything and i
> cannot register my new application. Some issue with api limit and the
> oauth module. The past 2 days have been frustrating for me. When will
> twitter fix all issues?

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Dewald Pretorius]

I am seeing tons of requests that return 200 OK plus the expected JSON
data, but the headers have no X-RateLimit entries.

Dewald

[twitter-dev] Re: iPhone oauth

[graceawalker]

take the URL that it is producing to request the access token in your
web client, put it into your internet explorer and paste the xml
returned into here...

On Aug 10, 1:31 pm, SaraZaidi  wrote:
> Yes, i am sending the oauth-verifier ... but still its of no help at
> all :(
>
> worried :(
> Sara
>
> On Aug 10, 4:18 pm, graceawalker  wrote:
>
>
>
> > what is the error that you are recieving when requesting your access
> > token? Are you sending the oauth_verifier parameter with that request
> > which should come back when the user authorises the app to access
> > their account.
>
> > On Aug 10, 7:41 am, SaraZaidi  wrote:
>
> > > While trying to post tweets from my iPhone app. i can do it easily by
> > > basic authentication, but for oauth, i donot get any access token no
> > > matter what.
> > > My flow is like this 
> > > Set the consumer key and secret
> > > Obtain request token
> > > Use this request token to obtain access token
> > > Obtain auth_req from twitter
> > > Post tweet.
>
> > >  Kindly help.
> > > Have been working on it for a long time, but nothing would help. Keep
> > > in mind that mine is not a Cocoa based application, so I cannot use
> > > MGTwitterEngine.
>
> > > Waiting ...
> > > Sara- Hide quoted text -
>
> - Show quoted text -

[twitter-dev] Re: iPhone oauth

[SaraZaidi]

Yes, i am sending the oauth-verifier ... but still its of no help at
all :(

worried :(
Sara



On Aug 10, 4:18 pm, graceawalker  wrote:
> what is the error that you are recieving when requesting your access
> token? Are you sending the oauth_verifier parameter with that request
> which should come back when the user authorises the app to access
> their account.
>
> On Aug 10, 7:41 am, SaraZaidi  wrote:
>
> > While trying to post tweets from my iPhone app. i can do it easily by
> > basic authentication, but for oauth, i donot get any access token no
> > matter what.
> > My flow is like this 
> > Set the consumer key and secret
> > Obtain request token
> > Use this request token to obtain access token
> > Obtain auth_req from twitter
> > Post tweet.
>
> >  Kindly help.
> > Have been working on it for a long time, but nothing would help. Keep
> > in mind that mine is not a Cocoa based application, so I cannot use
> > MGTwitterEngine.
>
> > Waiting ...
> > Sara

[twitter-dev] Re: iPhone oauth

[lorriane]

i just read somewhere this morning that twitter is temporarily
blocking new applications from registering because of the DDoS issue.
Maybe this is the reason you are not being granted accessToken.

i was facing the same problem, but cant help it

--cheers
Lorriane ~*


On Aug 10, 4:18 pm, graceawalker  wrote:
> what is the error that you are recieving when requesting your access
> token? Are you sending the oauth_verifier parameter with that request
> which should come back when the user authorises the app to access
> their account.
>
> On Aug 10, 7:41 am, SaraZaidi  wrote:
>
> > While trying to post tweets from my iPhone app. i can do it easily by
> > basic authentication, but for oauth, i donot get any access token no
> > matter what.
> > My flow is like this 
> > Set the consumer key and secret
> > Obtain request token
> > Use this request token to obtain access token
> > Obtain auth_req from twitter
> > Post tweet.
>
> >  Kindly help.
> > Have been working on it for a long time, but nothing would help. Keep
> > in mind that mine is not a Cocoa based application, so I cannot use
> > MGTwitterEngine.
>
> > Waiting ...
> > Sara

[twitter-dev] twitter Apis not working

[Sultan Saadat]

i think the reprecussions of the DDOS attack on twitter are still
prevailing. My application is still unable to access anything and i
cannot register my new application. Some issue with api limit and the
oauth module. The past 2 days have been frustrating for me. When will
twitter fix all issues?

[twitter-dev] Re: Rate limits: 20k -> 150 - known issue

[lorriane]

i've been trying to post tweet from my client application, but it wont
allow access. The access tokens are always returned null. Somewhere
this morning, i read that Twitter no more allows registering new
applications, maybe this has something to do with the DDoS.
Whatever, my application is stuck, and cant proceed with my work until
this is done.

--Worried
Lorraine ~*




On Aug 10, 7:09 am, Michael Chang  wrote:
> On Sun, Aug 9, 2009 at 5:23 PM, Eric  wrote:
>
> > Any idea when the limit will be increased to 20,000? I'm sure myself
> > as well as other sites are suffering a bit because of the limitation
> > of API calls.
>
> Please read the history of the mailing list. There *IS NO ETA* on anything;
> it merely depends on whether the people who are "spamming" (i.e. DoSing)
> twitter ever decide to go away or not.
>
> As has been said before, you can help by throttling your program based on
> what twitter's services tell you to throttle to. Provided that your app
> behaves, your app's limit may be increased when there is capacity for the
> system to handle it.
>
> You have my sympathies, but at least it's not your site which is being
> DoS-ed, so do please have consideration for the time and hard work of the
> staff at twitter.
>
> --
> Thanks,
>
> Michael Chang

[twitter-dev] Re: Rate limits: 20k -> 150 - known issue

[Sultan Saadat]

I think the twitter service is still down due to the DDOS attacks. Its
not allowing to register new applications. I am trying to make my
application work for the past 2 days now and without any success.
Fails during authentication. Some issue with the oauth module.


On Aug 10, 3:23 am, Eric  wrote:
> Any idea when the limit will be increased to 20,000? I'm sure myself
> as well as other sites are suffering a bit because of the limitation
> of API calls.
>
> On Aug 7, 4:54 pm, Chad Etzel  wrote:
>
>
>
> > Hi Paul (and everyone),
>
> > Thanks for your appreciation and your comments.
>
> > On a personal note: I started my support role this week, which is
> > supposed to be part-time. Well, as you can imagine that went out the
> > window. I have all but abandoned my other work-related
> > responsibilities for the past two days in order to help with the API
> > communications with Twitter.
>
> > As you noted, when your site goes down you get a lot of email.
> > Likewise, there is an amazing flood of emails coming into Twitter (not
> > counting this dev-list) all asking similar questions and demanding
> > answers. This has created a DDoS on the API Support team's time, in a
> > manner of speaking :)
>
> > I think Ryan did a good job communicating what we do and don't know in
> > his email this morning, and we have tried to communicate things when
> > we can.
>
> > During the course of this DDoS, the attackers have changed tactics and
> > so our Ops team have had to change their tactics in defense of the
> > attack. This is happening so often that we don't want to communicate
> > something out to the community that will be nullified by the next
> > move. Our opinion is, that would create more thrashing and frustration
> > from the community. We have been trying to communicate workarounds and
> > information that has become permanent or stable as a way to deal with
> > the attacks.
>
> > As Peter noted, we have nothing new to share at the moment, except to
> > say that this thing is still ongoing, and we're having to ride it out
> > with you guys. We certainly know that the 3rd party apps make Twitter
> > great (I've had to tweak code on my personal apps as well), and we
> > don't want to alienate you.  Unfortunately we don't have an ETA on
> > resolving all of the problems because we don't have an ETA on the DDoS
> > :)
>
> > We will continue to post updates as we can.  Again, we know this sucks
> > for you guys, and we really do appreciate everyone being patient with
> > us.
>
> > Thanks,
> > -Chad
>
> > On Fri, Aug 7, 2009 at 7:16 PM, Paul Kinlan wrote:
>
> > > Hi Chad,
>
> > > I think we all appreciate the pressure you are under and the flak that you
> > > are taking for events outside your control, and we all wish we could help
> > > more.
>
> > > But for an open communications company that is postioning itself as the
> > > future platform for messaging - there has been so little communication and
> > > feedback to the developers in your community that it is simply shocking.
>
> > > Little things such as statements that we as developers can use to pass to
> > > our users with regards to issues currently affecting the service would 
> > > help
> > > immensly.  I have spent my Friday night responding to over 150 emails 
> > > asking
> > > why twollo is down - all I can say is I think it is related to current
> > > events and Twitter aren't telling us anything. This doesn't inspire
> > > confidence in users of my service and of twitters'
>
> > > The situation is reminisent to theoauthsituation the other month. Next to
> > > no communication at all.
>
> > > We all love your service and want to build on top of it and help it grow 
> > > and
> > > our own services too.
>
> > > From my own, probably selfish point of view the app engine is completly
> > > blocked at the moment and as far as I can tell we have no indication if it
> > > is up yet - I can't tell correctly as I am in bed writing this.
>
> > > Paul
>
> > > On 7 Aug 2009, at 21:09, Chad Etzel  wrote:
>
> > >> Hello all,
>
> > >> We have been flooded with emails asking why whitelisted IPs have been
> > >> reduced from the 20k rate-limit down to the normal 150 rate-limit.
> > >> This is a known issue and we are working as hard as we can on
> > >> resolving it. We thank you for your patience as we are dealing with
> > >> everything going on with the DDoS.
>
> > >> Thanks,
> > >> -Chad- Hide quoted text -
>
> - Show quoted text -

[twitter-dev] Re: Rate limit question (again/followup) 20k user or ip?

[Dewald Pretorius]

The API is currently counting down X-RateLimit-Remaining using the
logic of 20k requests per hour per IP, not per user per IP.

That makes sense and I believe it is how it should work.

Dewald

On Aug 10, 2:17 am, Bob Fishel  wrote:
> Since we have a lot of devs monitoring this now I'd like to bring back
> the discussion that we were having before this whole mess started.
>
> Is the intention of Twitter to allow (for whitelisted IP's) 20k
> requests per hour per USER or 20k requests per hour per IP.
>
> I don't want to seem to be beating a dead horse and Chad has confirmed
> this but it still seems like there's quite a bit on contention.
>
> Thanks
>
> -Bob

[twitter-dev] Re: Quick poll: Can anyone do anything on twitter.com?

[matsudolegend]

i basically have the same problem with ff 3.5 but it was working a
week or so ago. i have to logon via safari but i use firefox
predominantly so its a bit of a pain.

please tell me somebody is on it

[twitter-dev] Invalid / used nonce

[graceawalker]

I am calling and getting the whole way up to getting the access token
just fine in my app (one im writing myself in c#), but when i try and
call the update status URL im getting an 'Invalid/used nonce' error in
my response data. Im not sure why this is, im calling the update
method in the exact same way that i called request token apart from
the new 'status' parameter in the query string. I call 'verify
credentials' with my access token to ensure that it is working and it
sends me back all of the correct data, but it is erroring when trying
to update my status. Is there any obvious solution to this, or am i
not supposed to be signing and organising the parameters in the same
way that i did before? Im really stuck here guys and need help!

[twitter-dev] Re: iPhone oauth

[graceawalker]

what is the error that you are recieving when requesting your access
token? Are you sending the oauth_verifier parameter with that request
which should come back when the user authorises the app to access
their account.

On Aug 10, 7:41 am, SaraZaidi  wrote:
> While trying to post tweets from my iPhone app. i can do it easily by
> basic authentication, but for oauth, i donot get any access token no
> matter what.
> My flow is like this 
> Set the consumer key and secret
> Obtain request token
> Use this request token to obtain access token
> Obtain auth_req from twitter
> Post tweet.
>
>  Kindly help.
> Have been working on it for a long time, but nothing would help. Keep
> in mind that mine is not a Cocoa based application, so I cannot use
> MGTwitterEngine.
>
> Waiting ...
> Sara

[twitter-dev] Re: Twitter Update, 8/9 10am PST

[JV]

I am using the search API,
-- getting 409 conflict, once in a while.
-- getting "no json could be decoded" sometimes, I guess thats coz of
the HTML in response error.

JV

On Aug 9, 10:34 pm, Ryan Sarver  wrote:
> I wanted to send an update to everyone who is monitoring this thread and
> keep you abreast of where we stand.
> First of all, the attack is still on going. We continue to work with our
> service provider and the other companies who are being attacked to resolve
> the issue as best we can. But it is continuing and as Chad stated, we are
> thus going to have continued and varied issues with access to the Twitter
> APIs.
>
> Second, we have been monitoring every email and Chad and John have done a
> great job responding to the threads where we have new information to add or
> where we can clarify. As Chad stated in his last email there are known
> issues that we are continuing to work on. We are trying to provide updates
> when we have new information, but sadly there isn't a lot new to report.
> Please know that we can't respond to each and every thread as our teams
> time, in your best interest, should be put towards getting you all back
> online as soon as possible. Please help each other answer questions if
> someone already knows the answer. I will continue to give ongoing updates
> every 5-6 hours throughout the day even if nothing has changed so that you
> know we are still focused on it.
>
> To be clear we have a large group of people working on this throughout the
> weekend and our developer ecosystem is incredibly important to us. Please
> believe us that this hurts us as much as it hurts you and we want to get you
> back online as soon as possible. We are endlessly appreciative for the hard
> work that each of you put into your applications and supporting Twitter
> users and we want those services to be online and back to normal.
>
> With that being said, this attack is continuing, almost 3 days later, and we
> need to continue to do all that we can to defend it. Have faith that we have
> the best people on it both at Twitter and at our partner's companies.
>
> With all of the emails flying around, its hard for us to track exactly what
> issues are still remaining so I wanted to try to capture them here and have
> you confirm or update me if new issues have cropped up or if others are
> passed. So please let me know which of the following issues you are still
> having or if there are any I missed:
>
> 1. OAuth rarely works - I tried a number of your apps and it seems to work 1
> out of 6-7 times. As a note, it worked better with Safari, but not every
> time.
> 2. 302 redirect
> 3. General request timeouts
> 4. HTML in responses
> 5. Unexpected rate limiting / blacklisting
>
> So again, thank you for your patience and know that we are hard at work to
> get you guys back up and running.
>
> Best, Ryan

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Jesse Stay]

Sorry (it's early and I'm tired), not timeouts - it's only allowing 150
requests per hour again.
Jesse

On Mon, Aug 10, 2009 at 4:47 AM, Jesse Stay  wrote:

> I just started getting timeouts again. (the verify_credentials issue I
> mentioned before never got fixed either)
> Jesse
>
>
> On Mon, Aug 10, 2009 at 1:54 AM, Vignesh wrote:
>
>>
>> 25% of my requests are still getting timed out..is there any rate
>> limit in place?
>>
>> On Aug 9, 9:11 pm, Patrick  wrote:
>> > I am still having problems logging in using Basic Authentication.
>> >
>> > Because I don't use OAuth I cannot give you feedback on that. Sorry.
>> >
>> > kozen
>> >
>> > On Aug 10, 3:13 am, Ryan Sarver  wrote:
>> >
>> > > *Finally* have what we hope is good news for everyone. As of about 10
>> > > minutes ago we have been able to restore critical parts of API
>> operation
>> > > that should have great affect on your apps. As such, most of your apps
>> > > should begin to function normally again. I have tested a few OAuth
>> apps and
>> > > they seem to be working as expected.
>> >
>> > > Please test your apps from their standard configs to see what results
>> you
>> > > get and let us know. I am primarily interested in unexpected
>> throttling and
>> > > issues with OAuth.
>> >
>> > > I look forward to hearing the results and thanks again for your
>> assistance.
>> >
>> > > Best, Ryan
>>
>
>

[twitter-dev] Re: Twitter Update, 8/9 noon PST

[Jesse Stay]

I just started getting timeouts again. (the verify_credentials issue I
mentioned before never got fixed either)
Jesse

On Mon, Aug 10, 2009 at 1:54 AM, Vignesh  wrote:

>
> 25% of my requests are still getting timed out..is there any rate
> limit in place?
>
> On Aug 9, 9:11 pm, Patrick  wrote:
> > I am still having problems logging in using Basic Authentication.
> >
> > Because I don't use OAuth I cannot give you feedback on that. Sorry.
> >
> > kozen
> >
> > On Aug 10, 3:13 am, Ryan Sarver  wrote:
> >
> > > *Finally* have what we hope is good news for everyone. As of about 10
> > > minutes ago we have been able to restore critical parts of API
> operation
> > > that should have great affect on your apps. As such, most of your apps
> > > should begin to function normally again. I have tested a few OAuth apps
> and
> > > they seem to be working as expected.
> >
> > > Please test your apps from their standard configs to see what results
> you
> > > get and let us know. I am primarily interested in unexpected throttling
> and
> > > issues with OAuth.
> >
> > > I look forward to hearing the results and thanks again for your
> assistance.
> >
> > > Best, Ryan
>

[twitter-dev] My Twitter doesn't work still...

[Mariusz]

Great! But unfortunately my Twitter client doesn't work still. :( I
can't log in.

[twitter-dev] Re: Read/Write Access

[Abraham Williams]

I agree that this seems like a bug and added my thoughts to the issue
report.

Abraham

2009/8/9 Jeff Dairiki 

>
> On Sun, Aug 09, 2009 at 03:50:44PM -0700, David Cramer wrote:
> >
> > So short story I've been changing our application from Read to Read/
> > Write access, and I cannot get it working. I've checked and double
> > checked the app settings, and it asks for "read and update access" on
> > the authorize page. Once authorized, however, it continues to say
> > "Read-only application cannot POST".
>
> It seems that once an oauth token has been issued , twitter will/can
> not change its permission level.  If there is a valid read-only oauth
> token for a particular user, if you send the user to the authorize
> page requesting read/write access, you get back that existing token,
> with access rights unchanged (still read-only).
>
> The only way (that I've been able to figure out) to "upgrade" a user's
> access from read-only access to read/write is to have the user visit
> their "settings->connections" page, revoke access to your app, then go
> through the authentication process again.  Then you get back a new
> oauth token, and it will have the requested access level.
>
>
> I filed a ticket on this a month or so ago:
>
>  http://code.google.com/p/twitter-api/issues/detail?id=814
>
> The response was WontFix.   (Personally, I still maintain this is a bug.)
>
> Jeff
>



-- 
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
Project | http://fireeagle.labs.poseurtech.com
This email is: [ ] blogable [x] ask first [ ] private.
Sent from Fairbanks, Alaska, United States

[twitter-dev] Re: using oauth - difference between authorize and authenticate URLs?

[Abraham Williams]

The difference between authenticate and authorize is that if the user is
already logged into Twitter and previously approved your application when
hitting the authenticate URL they will bounce directly back to your
application without seeing the allow prompt or any page from Twitter. With
authorize they will always see the allow prompt.

As for privileges. Those are controlled with the access (read) and
access/update (read/write) that set your application for or pass to Twitter
when getting request tokens. They act the same no matter which method you
use.

Abraham

2009/8/9 Chris Babcock 

>
> > I looked through the API, the online discussion, and wrote test code
> > to check both the authorize and authenticate methods.  I have not been
> > able to find any difference between the two, apart from the request
> > URL (and, perhaps, some differences in language between Twitter's
> > authorize and authenticate pages).
> >
> > Are there any differences - or have the two URLs been implemented to
> > logically separate standard Oauth from "Sign in with Twitter", but are
> > otherwise identical?
> >
> > The reason I am asking is because I expected "authentication" to be
> > just that - with no rights or privileges to read or write to user's
> > Twitter account.  It appears that when I use "sign in with Twitter", I
> > effectively gain the same level of privileges as I do via the standard
> > Oauth authorize flow.
>
> This was contrary to my expectations also, but it's in the OAuth specs,
> "OAuth authentication is the process in which Users grant access to
> their Protected Resources without sharing their credentials with the
> Consumer." - http://oauth.net/core/1.0/#anchor9
>
> I'm somewhat disappointed. "Access" is the definition of authorization,
> not authentication. I would like to be able to differentiate between
> "prove who you are" and "give me the means to impersonate you."
>
> Chris Babcock
>



-- 
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
Project | http://fireeagle.labs.poseurtech.com
This email is: [ ] blogable [x] ask first [ ] private.

[twitter-dev] iPhone oauth

[SaraZaidi]

While trying to post tweets from my iPhone app. i can do it easily by
basic authentication, but for oauth, i donot get any access token no
matter what.
My flow is like this 
Set the consumer key and secret
Obtain request token
Use this request token to obtain access token
Obtain auth_req from twitter
Post tweet.


Kindly help.
Have been working on it for a long time, but nothing would help. Keep
in mind that mine is not a Cocoa based application, so I cannot use
MGTwitterEngine.

Waiting ...
Sara

[twitter-dev] Twitter-to-pdf project released- for multi user incremental tweet archivals

[hari sujathan]

hi All,
   here is the link - https://sourceforge.net/projects/twitter-to-pdf/

This does following:

1. incremental archival of user tweets(3200 at a time- due to
limitation set by twitter) into single/muliple HTMLs, Text and single
PDF per user.
2. round robin(based on last user tweet retrieved timestamp), fail
proof twitter archival(just a promise/claim)
3. manage hundreds of users' tweets by synchronizing it using
twitter.com web api.
4. can be run just monthly if user doesn't exceed 3,200 tweets per
month.


its just 3 java(30kb) files and remaining java jars downloaded packaged
(3 MB) after downloading from sites mentioned in LICENSE.txt
for java developers just one pom.xml may be necessary and remaining
will be downloaded from repositories..

Thank you,
Hari Sujathan

[twitter-dev] Re: using oauth - difference between authorize and authenticate URLs?

[Chris Babcock]

> I looked through the API, the online discussion, and wrote test code
> to check both the authorize and authenticate methods.  I have not been
> able to find any difference between the two, apart from the request
> URL (and, perhaps, some differences in language between Twitter's
> authorize and authenticate pages).
> 
> Are there any differences - or have the two URLs been implemented to
> logically separate standard Oauth from "Sign in with Twitter", but are
> otherwise identical?
> 
> The reason I am asking is because I expected "authentication" to be
> just that - with no rights or privileges to read or write to user's
> Twitter account.  It appears that when I use "sign in with Twitter", I
> effectively gain the same level of privileges as I do via the standard
> Oauth authorize flow.

This was contrary to my expectations also, but it's in the OAuth specs,
"OAuth authentication is the process in which Users grant access to
their Protected Resources without sharing their credentials with the
Consumer." - http://oauth.net/core/1.0/#anchor9

I'm somewhat disappointed. "Access" is the definition of authorization,
not authentication. I would like to be able to differentiate between
"prove who you are" and "give me the means to impersonate you."

Chris Babcock


signature.asc
Description: PGP signature

[twitter-dev] Re: track syntax

[Joel Strellner]

Tom,

Yes, that code works perfectly for me exactly as is.  You might want to
change the connect timeout from 10 to 30 seconds.

How long are you waiting before calling it quits?  It does take a few
seconds for /track to start sending your results.

-Joel


On Sun, Aug 9, 2009 at 8:17 PM, Tom Fitzgerald  wrote:

>
> I'm sorry Joel I keep getting a PHP timeout on the code you sent. I'll
> troubleshoot more and see if I can give you any more details (increase
> the maximum time, etc). Who knows, maybe its Twitter. Any other
> thoughts? I'll get back to you more with some detailed info. Are you
> able to get that exact code working on your server?
>
> On Aug 3, 2:12 pm, Joel Strellner  wrote:
> > Hi Tom,
> >
> > I am not sure about XML, since I use JSON - it has a much lower
> > over-the-wire data size, and its easier to parse.
> >
> > Let me know if the code works for you.
> >
> > -Joel
> >
> >
> >
> > On Mon, Aug 3, 2009 at 10:55 AM, Tom Fitzgerald 
> wrote:
> >
> > > I appreciate the reply Joel. I'll give it a try. I also tried just
> > > downloading from the stream api with the curl command line. However I
> > > kept getting 'malformed xml' errors. It was weird, each tweet would
> > > have the  > > thing with JSON format but it was a different error, still malformed.
> > > All I'm doing is
> >
> > > curlhttp://stream.twitter.com/spritzer.xml-uuser:pass
> >
> > >  is the exact line I get before
> > > every status. If I manually clean up the XML (or JSON) it works great.
> >
> > > On Aug 2, 7:10 pm, Joel Strellner  wrote:
> > > > Other than my username and password, this is an example that I know
> is
> > > > working:
> >
> > > >  > > > $count = 1;
> > > > $startparsing = false;
> >
> > > > $keyword_needles[] = 'twitter';
> > > > $keyword_needles[] = 'keyword2';
> > > > $keyword_needles[] = 'keyword3';
> > > > $keyword_needles[] = 'keyword4';
> >
> > > > // if your keywords have spaces, they must be urlencoded (twitter
> does
> > > > not support phrases, only the first keyword will be used, the space
> > > > character and after will be ignored)
> > > > foreach ($keyword_needles AS $i=>$needle) {
> > > > $keyword_needles[$i] = urlencode($needle);
> >
> > > > }
> >
> > > > $poststr = 'track=' . implode(',', $keyword_needles);
> > > > $fp = fsockopen("stream.twitter.com", 80, $errno, $errstr, 10);
> > > > if (!$fp) {
> > > > echo "$errstr ($errno)\n";
> >
> > > > } else {
> >
> > > > $out = "POST /track.json HTTP/1.1\r\n";
> > > > $out .= "Host: stream.twitter.com\r\n";
> > > > $out .= "User-Agent: YourUserAgent\r\n";
> > > > $out .= "Referer:http://yourdomain.com\r\n";;
> > > > $out .= "Content-Type: application/x-www-form-urlencoded\r\n";
> > > > $out .= "Authorization: Basic " . base64_encode
> > > > ("username:password")."\r\n";
> > > > $out .= "Content-length: " . strlen($poststr) . "\r\n";
> > > > $out .= "Connection: Close\r\n\r\n";
> > > > $out .= $poststr . "\r\n\r\n";
> >
> > > > fwrite($fp, $out);
> > > > while (!feof($fp)) {
> > > > $line = fgets($fp, 4096);
> > > > if ($startparsing) {
> > > > if (trim($line) != '') {
> > > > echo trim($line) . "\n";
> > > > $tweet_obj = json_decode(trim($line));
> > > > // do your stuff here
> > > > }
> > > > }
> > > > else {
> > > > // view the header lines: uncomment the below line
> > > > echo trim($line) . "\n";
> >
> > > > $header_arr[] = $line;
> > > > $headercount = count($header_arr)-1;
> >
> > > > if (trim($header_arr[$headercount]) == '') {
> > > > $startparsing = true;
> > > > $count = 1;
> > > > unset($header_arr, $headercount);
> > > > }
> > > > }
> > > > if (trim($line) != '') $count++;
> > > > }
> > > > fclose($fp);}
> >
> > > > ?>
> >
> > > > The only changes I made was to echo things out and I added a keyword
> > > > that I was sure would have volume - twitter.  It did take a little
> bit
> > > > of time to connect.  I am assuming that that is because of their
> > > > current load though, and not the script.
> >
> > > > On Aug 2, 2:25 am, Tom Fitzgerald  wrote:
> >
> > > > >Joel,
> >
> > > > > For some reason when I try your code I get a timeout error. Any
> > > > > suggestions? What you have is exactly what I'm looking for. It
> could
> > > > > really help me out a jam, thanks!
> >
> > > > > On Jul 27, 4:02 pm,JoelStrellner  wrote:
> >
> > > > > > Here is a working example of how to do /track:
> >
> > > > > > $count = 1;
> > > > > > $startparsing = false;
> >
> > > > > > $keyword_needles[] = 'keyword1';
> > > > > > $keyword_needles[] = 'keyword2';
> > > > > > $keyword_needles[] = 'keyword3';
> > > > > > $keyword_needles[] = 'keyword4';
> >
> > > > > > // if your keywords have spaces, they must be urlencoded (twitter
> > > does not
> > > > > > support