Where to start? using OAuth to post in behalf of other users


Hello, I already installed Abraham’s php twitteroauth library and successfully echoed my own tweets.

I did this following a tutorial I found, however, I am building an interactive site that permits users to post from there, so I need their permission, just post one tweet with an image and close the session.

I am lost on how to do this, is there any beginners tutorial that explains step by step on doing this? using Abraham’s lib.



The TwitterOAuth documentation site (source) is a live example of authorizing someone and using those credentials. It will then not take much to update the authorized request to use the media example.


Thank you for your reply Abraham, I apreciate, I will give a try tomorrow. :smile:



To fully understand what I am doing and reading the callback.php script:

$access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);

This token will be used to future calls for this particular user, right?

$_SESSION['access_token'] = $access_token;

Save the token to a session var, to use in other pages.


I do not need the oauth tokens from the user so I am deleting them

if (200 == $connection->http_code) {
  $_SESSION['status'] = 'verified';
  header('Location: ./index.php');
} else {
  header('Location: ./clearsessions.php');

if 200 I can post to twitter, get messages… etc. If not, we need to connect again.

I am correct? Thank you in advance for your help.


That’s the gist of how to handle a user returning from authorizing on twitter.com. The code you have listed is old though so you should look at the current method names in the demo source I linked.


Yes, I will right now…

I was testing these old scripts from another tut. Thank you!


I am following your flow… but I am getting an error on this line

$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));


Fatal error: Uncaught exception 'Abraham\TwitterOAuth\TwitterOAuthException' with message 'Invalid request token' in /home/..../public_html/twitter_/twitteroauth/src/TwitterOAuth.php:141 Stack trace: #0 /home/..../public_html/twitter_/callback.php(24): Abraham\TwitterOAuth\TwitterOAuth->oauth('oauth/access_to...', Array) #1 {main} thrown in /home/..../public_html/twitter_/twitteroauth/src/TwitterOAuth.php on line 141

This is my callback script (in $connection everything looks ok) :

require "twitteroauth/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;

$request_token = [];
$request_token['oauth_token'] = $_SESSION['oauth_token'];
$request_token['oauth_token_secret'] = $_SESSION['oauth_token_secret'];

if (isset($_REQUEST['oauth_token']) && $request_token['oauth_token'] !== $_REQUEST['oauth_token']) {
    // Abort! Something is wrong.

$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $request_token['oauth_token'], $request_token['oauth_token_secret']);

$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));


It seems my $_SESSION vars are empty…

what gives?


I just added

if (!isset($_SESSION)) { session_start(); }

On each page. Its working now…