Quick Summary Twitter's secure API hides the contents of the tweets you are reading. But it doesn't hide the images of those you converse with. Raised as Issue 2175. A Bit More Detail Twitter has a secure (HTTPS) and insecure (HTTP) API. When calling the secure API, all the content of the returned message (tweets) are encrypted. Eavesdroppers only see the cipher-text - essentially garbage. However, within that cipher-text are links to insecure resources. For example, a user requesting…
Continue reading →
I contribute code to Dabr - a mobile twitter client. It's a great project to keep my hand in the world of PHP, APIs, SVN, and all the other tools that are essential to the modern online world. Dabr's strength for developers is two-fold Dead easy to install. Unzip the files, fill in your API key(s), upload, done. It's under an incredibly permissive Open Source MIT License. Essentially anyone can do anything with the code and they don't need to ask permission, nor contribute anything …
Continue reading →
I have twice been subject to some very inept blackmail over a posts I had made on twitter. The first time was after I called a particularly nasty company "twunts" over a dispute I'd had with them. I'll be the first to admit that it wasn't a particularly mature reaction - but I'm not sure it warranted taking a screenshot of the tweet, threatening to show it to the CEO of the company I worked for, then continually calling the company to complain about me. I was a private citizen, not tweeting …
Continue reading →
Why doesn't Twitter's OAuth let me specify the length of time a 3rd party has access to my account? Take a look at all the crap you've given access to your Twitter account. Are you ever going to use that "See how many of your friends like cheese" app again? No. Long time readers will know that I have some severe usability and security concerns with Twitter's OAuth implementation. See also my interview in The Register. Zach Holman has an entertaining and informative blog post about giving…
Continue reading →
I attended the Mobile Monday meeting "200,000 Apps - Where's Mine" last night. One thing that became clear is that apps don't do a very good job of promoting themselves. One crippling problems with most app stores is that there's no (easy) way to share an app with a friend. Here's some basic code for an Android app which will post the URL of your app to Twitter. Stick it in a button or menu item for easy sharing. String twitterUri = "http://m.twitter.com/?status="; String marketUri =…
Continue reading →
Looking for some Twitter API help. Bit of a geeky post, this... Pagination is the act of splitting data into logical pages. Suppose I had a list of item, numbered 0 - 99. If I want 20 items per page, it's trivial to see that pagination looks like: p1 = 0-19 p2 = 20-40 p3 = 41-61 p4 = 62-82 p5 = 83-99 If I wanted to start at, say, page 55 - pagination would look like: p1 = 55-75 p2 = 76-96 p3 = 97-99 Easy, right? So why am I telling you this? Twitter Timeline Imagine that those items …
Continue reading →
I am no longer confused! Here is a quick tutorial in how to post images to Twitpic and Twitter when using OAuth. I'm indebted to Steve Corona of Twitpic, for his help with this. You can see the full code on Dabr's Google Code page. First of all, you'll need to have enabled OAuth for your Twitter client. I use Abraham's excellent OAuth libraries for PHP. This tutorial assumes you already have OAuth working. I'll attempt to explain what I'm doing as I go along - but the code should be…
Continue reading →
Twitpic has implemented an OAuth API. No more having to hand out passwords to all and sundy. Only I'm too much of a dunderhead to get it working. Perhaps it's a combination of heatstroke or this rotten head-cold, but I just can't see what I'm doing wrong. Any help much appreciated. The easy bit. It's easy to post the data to Twitpic $media_data = array( 'media' => '@'.$_FILES['media']['tmp_name'], 'message' => html_entity_decode($_POST['message']), 'key'=>'123465789132465' );…
Continue reading →
The Twitter Engineering Team have a set of text processing classes which are meant to simplify and standardise the recognition of URLs, screen names, and hashtags. Dabr makes use of them to keep in conformance with Twitter's style. One of the advantages of the text processing is that it will recognise that www.example.com is a URL and automatically create a hyperlink. Considering that dropping the "http://" represents 5% saving on Twitter's 140 character limit for messages, this is great. …
Continue reading →
People have been very excited to see some new functionality in Dabr - the mobile Twitter client I develop for. But what is it and how does it work? @@ and geotag Reply to All The @@ symbol allows you to reply to all the people mentioned within the tweet. It only shows up on tweets which mention other users - so you should only ever see it when it can be used. Hitting @@ on the above tweet will pre-populate the text box with "@topgold @whatleydude @dabr". It should remove any duplicates…
Continue reading →
This morning, when I logged on to Twitter, I saw a user who I didn't recognise tweeting away in my timeline. I wracked my brains thinking about how they could have gotten in there before I realised it was a long-dormant friend who had changed their name and avatar. But, in thinking about how a spammer could infiltrate one's timeline, I think I came up with a fairly bullet-proof method to spam Twitter users. I present this as an exercise in devious thinking - and also to show how our…
Continue reading →
This is one of the longest and geekiest posts I've done. It's a work in progress. All comments and abuse welcome. #hashtag – As long has there has been a way to search Tweets* people have been adding information to make the easy to find. The #hashtag syntax has become the standard for attaching a succinct tag to Tweets. The Twitter Engineering Blog That's all well and good, but as I discovered yesterday, without standardisation the ability to search falls apart. I'm not talking about w…
Continue reading →
