Sign in to Twitter with a swirl

Question

Sign in to Twitter with a swirl

I am trying to login to twitter with php + curl, but I think that something is wrong with my request, because I get this as an answer:

Something is technically wrong.
Thank you for noticing - we are going to fix it and return it normally.

The PHP code I'm using is:

<?php $ch = curl_init($sTarget); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $sPost); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_COOKIESESSION, true); curl_setopt($ch, CURLOPT_COOKIEJAR, $_CKS); curl_setopt($ch, CURLOPT_COOKIEFILE, $_CKS); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: multipart/form-data")); curl_setopt($ch, CURLOPT_REFERER, "https://twitter.com"); ?>

$ sPost is as follows:

Session [username_or_email] = user & session [password] = password & Remember_Me = 1 & scribe_log = & redirect_after_login = & authenticity_token = 6e706165609354bd7a92a99cf94e09140ea86c6f

First, the code retrieves the fields of the login form so that the message variables have the correct values (authentication token). I just tried everything, and yes, I know there is an api for this, but I’ll better learn how to do it manually for training.

Thanks in advance.

+6

php curl twitter

Justan00b May 08 '13 at 12:10

source share

2 answers

I noticed two things:

1) Try URL encode POST data

for example: Session% 5Busername_or_email% 5D = user & session% 5Bpassword% 5D = password ...

instead: session [username_or_email] = user & session [password] = password ...

2) twitter has a hidden field called authenticity_token in the login form. It is associated with the session. So you cannot use static authenticity_token, first you have to read the login form and use the authenticity_token field.

Hope this helps.

+2

g000ze May 08 '13 at 14:48

source share

g000ze · Accepted Answer · 2013-05-09T08:29:23+0000

CURLOPT_COOKIESESSION is used to indicate a new session. This is not what you want, since you need to send the session cookie to the second post.

I got a twitter login to work with this code:

 <?php # First call gets hidden form field authenticity_token # and session cookie $ch = curl_init(); $sTarget = "https://twitter.com/"; curl_setopt($ch, CURLOPT_URL, $sTarget); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookie.txt"); curl_setopt($ch, CURLOPT_REFERER, "https://twitter.com/"); $html = curl_exec($ch); # parse authenticity_token out of html response preg_match('/<input type="hidden" value="([a-zA-Z0-9]*)" name="authenticity_token"\/>/', $html, $match); $authenticity_token = $match[1]; $username = " your@email.com "; $password = "password"; # set post data $sPost = "session[username_or_email]=$username&session[password]=$password&return_to_ssl=true&scribe_log=&redirect_after_login=%2F&authenticity_token=$authenticity_token"; # second call is a post and performs login $sTarget = "https://twitter.com/sessions"; curl_setopt($ch, CURLOPT_URL, $sTarget); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $sPost); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/x-www-form-urlencoded")); # display server response curl_exec($ch); curl_close($ch); ?>

PS: Sorry for not reading the message correctly for the first time.

Sign in to Twitter with a swirl

More articles: