It says invaild token and signature, i wanna know why


#1

i think i done everything…but seems not wrok

<?php
         function code($s){
		return str_replace('%7E', '~', rawurlencode($s));
	}
	//readQuery
	$url="https://api.twitter.com/oauth/request_token";
	//echo $postParament;
	$consumer_secret="XXXX";
	$consumer_key="XXXXX";
	date_default_timezone_set("GMT");
	$timestamp=mktime(date('H'),date('i'),date('s'),date('m'),date('d'),date('y'));
	//echo $timestamp;
	$signature_method="HMAC-SHA1";
	if($_POST['signature_method']){
		$signature_method=$POST['signature_method'];
	}
	$callback = "http%3A%2F%2Flocalhost%2Fsign-in-with-twitter%2F";
	$chart="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
	$nonce = substr( str_shuffle($chart),0,42);
	$version = "1.0";
	//build baseString
	$baseString = "oauth_callback=${callback}&oauth_consumer_key=${consumer_key}&oauth_nonce=${nonce}&oauth_signature_method=${signature_method}&oauth_timestamp=${timestamp}&oauth_version=${version}";
	$baseString = code($baseString);
	$eurl = code($url);
	$baseString = "POST&${eurl}&${baseString}";
	//signature
	$s_key = "${consumer_secret}&${token_secret}";
	//echo $s_key;
	$signature = code(base64_encode(hash_hmac("sha1",$baseString,$s_key,true))); 
	//buildheadString
	$h = array();
	$h[Authorization]="OAuth oauth_callback=\"${callback}\",oauth_consumer_key=\"${consumer_key}\",oauth_nouce=\"${nonce}\",oauth_signature=\"${signature}\",oauth_signature_method=\"${signature_method}\",oauth_timestamp=\"${timestamp}\",oauth_version=\"${version}\"";
	//post
	echo date("H:i:s \e\= e \T\= T \z\= Z");
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_POST, true);
	curl_setopt($ch, CURLOPT_HEADER, false);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch,CURLOPT_HTTPHEADER,$h);
	$data = curl_exec($ch);
	if ($data === false) {
		header('HTTP/1.1 400 Bad Request');
		exit;
	} else {
	echo $data;
	}
?>