Automate Twitter with Twitter API

PHP brings the best performance when it comes to automation. Using Curl is the most common automation trick, and you can easily create a powerful script that most of the time, does the job better and faster (And cheaper) than human.

Using Curl with Cron jobs (A better way to say “scheduled task”)  gives you the perfect excuse not to wake up and let your server and script do all you must do automatically.

If you read the last paragraph and ask yourself “What the hell is he talking about?”,  Please refer to these resources to know a little about Curl and cron jobs, sorry to say, this is not the subject in this post, i might write something about this later on, but you can find a huge amount of resources and tutorials about these topics all over the web :

On this post i will explain about the twitter API and why NOT working with it, but try to automate a “real” browser session just as you would do without PHP.

You might ask yourself why should you automate twitter? Well, good question, and the simple answer is “Because you can”.

  1. If you are an affiliate, this is a great way to promote your links via twitter.
  2. If you are a business owner, there is no better place to share your links.
  3. And of course, if you are a celebrity or a public figure of all kinds, you must have the ability to create an automated something so you can stay public…
  4. If you have a website, and you wish to tell your system to send updates made to the site to particular twitter user. While you can do that manually, you can automate it on each save of change.

Twitter API, like all reliable APIs work with an authentication process called oAuth, An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.

In order to work with the twitter API, we must first register an application under each user we want to automate its actions.

The application registration will produce 4 keys we will use in our scripts :

  • Consumer Key
  • Consumer Secret
  • Access Token
  • Access Secret

But here comes a HUGE problem :

When trying to generate API keys (The 4 explained above) the Twitter API requires a phone verification! Yes, you read right, for each API user, you have to use a mobile phone to verify your existence.

Needless to say, this is poor decision by Twitter, while we all agree this is a great way to protect from spammers, this will lock your privacy (Again!) and will create an unbreakable handshake between your user account and your mobile phone.

Remember, if you own a restaurant and you want to share your menu with the world, most of the time you will create a special user for it, and you want this user to be able to create tweets on your behalf. But you do not want this account to be your main mobile account you already have… Problem!

This is not a review, this is a lesson on how to use Twitter as a promotional engine without being obligated to work with the API.

I will just say, i do not pro-spam writer, but i want everyone to have the ability to use twitter for what it is, a platform to communicate, and the mobile verification prevent the small users from being able to work their way to people via twitter.

I will give you few guideline.

All websites on web are session handled sites, so the first time you go into a website and until you close the browser (Or the time limit for the session approaching) you will “ride” the same “horse”, the website can record and know who are you as a browser user and will give you the continuity as a user.

With, that, some of the websites (And twitter among them) are secures sites, using cookies and other methods to maintain stability and better security to their users.

So, the flow is as follows :

  1. you surf into twitter website and you feel the sign in form. In this form hides an “authenticity_token” which is a special identifier generated for this session only.
  2. You press the sign in button and a POST request is sent to twitter with the parameters you gave and the “authenticity_token”.
  3. Twitter recognize the “authenticity_token” and verify your login details and lets you in.
  4. From this point on, any action you make will contain the “authenticity_token” and this is how twitter will know this is the same session.

So, when automating without API, you will have to work with CURL and do as follows :

  1. Call twitter login page and scrape the “authenticity_token” from the page.
    function openTwitterSession(){
    	curl_setopt($this->curl, CURLOPT_URL, "");
    	curl_setopt($this->curl, CURLOPT_RETURNTRANSFER, true);
    	curl_setopt($this->curl, CURLOPT_SSL_VERIFYPEER, false);
    	curl_setopt($this->curl, CURLOPT_SSL_VERIFYHOST, false);
    	curl_setopt($this->curl, CURLOPT_USERAGENT,  $_SERVER['HTTP_USER_AGENT']);
    	curl_setopt($this->curl, CURLOPT_COOKIEFILE, "cookie.txt");
    	curl_setopt($this->curl, CURLOPT_REFERER, "");
    	$html = curl_exec($this->curl);
    	preg_match("/input type=\"hidden\" name=\"authenticity_token\" value=\"(.*?)\"/", $html, $authenticity_token);
    	if ($authenticity_token == null || $authenticity_token == ""){
    	  throw new Exception("authenticity_token could not be found on given HTML page.");
    	return $authenticity_token ;
  2. Now that you have the “authenticity_token” you can call curl again to tweet your thoughts (Or menu if you wish) like so :
    	$postData= "authenticity_token=$authenticity_token&place_id=&status=[THE TWEET YOU WANNA SEND]&tagged_users=";
    	curl_setopt($this->ch, CURLOPT_URL, "");
    	curl_setopt($this->ch, CURLOPT_POST, true);
    	curl_setopt($this->ch, CURLOPT_POSTFIELDS, $postData);
    	curl_setopt($this->ch, CURLOPT_FOLLOWLOCATION, true);
    	curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, true);
    	curl_setopt($this->ch, CURLOPT_HTTPHEADER, array("Content-type: application/x-www-form-urlencoded"));	
    	# display server response
    	$resp = curl_exec($this->ch);	

This is all you need to know in order to bypass Twitter Ridiculous demand for mobile verification.

Remember, with great power comes great responsibility, as one said once…

I will not give you code for retweet and follow, ’cause this will make you spam users and i do not want you to throw garbage at my office :), but this is a way to make your content visible to every one on twitter.

If you need more scripts or have a problem for me to solve, just get my newsletter and start your online education.

[do_widget “MailChimp Widget”]

One thought on “Automate Twitter with Twitter API

  1. Write Automation

    I think this is one of the most vital info for me.
    And i am glad reading your article. But want to remark
    on few general things, The web site style is wonderful, the
    articles is really nice : D. Good job, cheers


Leave a Reply

Your email address will not be published. Required fields are marked *