Multiple user images with cache and only few API calls


#1

Hello,
I have a small web app in which users login via Twitter. Now I want display on the home page, as well as on the user side, the user images (like https://twichteln.org/teilnehmer.php). I do not know how the API call must be build and how I update the database stored image URL. Here I would like to have as few API calls as possible. I use the oAuth library of Abraham (https://github.com/abraham/twitteroauth). At the moment, i save the user profile image URL in the database on sign up and update it if the user login again.

Here is my “callback.php” which is called after successful login with twitter:

<?php
/**
 * @file
 * Take the user when they return from Twitter. Get access tokens.
 * Verify credentials and redirect to based on response from Twitter.
 */

session_start();
require_once('twitteroauth/twitteroauth.php');
require_once('config.php');

if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] !== $_REQUEST['oauth_token']) {
        $_SESSION['oauth_status'] = 'oldtoken';
        header('Location: ./clearsessions.php');
}

$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);


$access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);
$_SESSION['access_token'] = $access_token;
// unset no longer needed request tokens
unset($_SESSION['token']);
unset($_SESSION['token_secret']);

// Getting User screen_name, Avatar URL, Name, etc...
$user_ = $connection->get('users/show', array('user_id' => $access_token['user_id']));
$screen_name = $user_->screen_name;
$profile_image = $user_->profile_image_url;
$name = $user_->name;

if (200 == $connection->http_code) {   
        $_SESSION['status'] = 'verified'; 
        
        $mysqli = new mysqli($host, $user, $password, $db);
        
        if ($mysqli->connect_errno) {
                printf("Connect failed: %s\n", $mysqli->connect_error);
                exit();
        }

        $result = $mysqli->query("SELECT user_id from `tw_teilnehmer` WHERE `user_id` = '".$access_token['user_id']."'");
                if($result->num_rows > 0)
                        {
                                $prepare = $mysqli->prepare("UPDATE `tw_teilnehmer` SET `access_token` = ?, `access_token_secret` = ?, `screen_name` = ?, `profile_image_url` = ?, `tw_name` = ? WHERE `user_id` = ?");
                                $prepare->bind_param("ssssss",$access_token['oauth_token'],$access_token['oauth_token_secret'],$screen_name,$profile_image,$name,$access_token['user_id']);
                        }
                else
                        {
                                $prepare = $mysqli->prepare("INSERT INTO `tw_teilnehmer` (`user_id`, `access_token`, `access_token_secret`, `screen_name`, `profile_image_url`, `tw_name`) VALUES (?,?,?,?,?,?)");
                                $prepare->bind_param("ssssss", $access_token['user_id'], $access_token['oauth_token'], $access_token['oauth_token_secret'], $screen_name, $profile_image, $name);
                        }
        
        $q = $prepare->execute();
        $prepare->close();
        $mysqli->close();
        
        header('Location: ./profile.php');
} else {
        header('Location: ./clearsessions.php');
}

Sorry for my bad english, i have to train it :slight_smile: