Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Access token



  PHP to get access token for Facebook app

Since Facebook is now using OAuth 2.0 to authenticate apps to access user information. the SDK of Facebook has provided developers some useful functions to get authentication done. For example, in PHP SDK, there are getAccessToken(), getLoginUrl() etc. But unfortunately, for me I cannot use getAccessToken() method to get the user access token, it only returns me the app access token. Finally I gave up this approach to get access token for the time being. I may later retry this approach if I have...

   Faceook,PHP,Access token,signed request     2012-03-27 12:37:46

  4 ways to obtain access token in OAuth 2.0

OAuth 2.0 is an authorization mechanism, it's ,mainly used for issuing access token. There are 4 ways to obtain access token as per RFC 6749. Authorization code Implicit Password Client credentials The third party application must obtain a client id and client secret from the target service before obtaining access token no matter which method to use. This is to prevent token to be used maliciously. Authorization code With this method, the third party application must first get an authorization...

   OAUTH2,ACCESS TOKEN,REFRESH TOKEN     2019-06-29 07:12:03

  Remote form submission

Remote form submission is way of submitting HTML forms from local to a particular remote server. This is used by many advertisers, spammers or even hackers to submit bad data to other websites in order to get what they want. They can write some automation scripts to help them do spamming. How can people do remote form submission and how to prevent this kind of attacks? Since a website can be accessed by almost every one, so one can save a local copy of a HTML form of a website through File->S...

   PHP,Security,Remote form submission     2013-07-14 01:04:49

  PHP to get access token for Sina Weibo app

Previously I wrote two articles about getting access token for Facebook and Twitter apps using PHP. Today I will write one more article about getting access token for Sina Weibo app using PHP. OAuth 2.0 is now the authorization mechanism of Sina Weibo API. The API authorization process is similar to the process of Twitter. It has basically two steps: 1. Authorization; 2. Get access token. 1. Create an app. I hope you know how to create an app in Sina Weibo now. If not. You can access this page ...

   PHP,access token,Sina Weibo     2013-05-16 12:07:39

  Accessing Reddit top posts using OAuth

Previously one can use the https://www.reddit.com/r/rprogramming/top.json API to access one subreddit's top posts. This API doesn't require any access token to fetch the data. However, this API may not work all the time. Reddit may block the API's request if it finds that you are using a script or some app which accesses the API now and then. For an app or script which needs to fetch the data routinely, what should we do? Reddit provides one method which can be used to fetch this kind of to...

   REDDIT,OAUTH,TOP POSTS,HOT POSTS     2023-12-16 07:24:14

  PHP to get access token for Twitter app

Previously we wrote an article about getting access token for Facebook app--PHP to get access token for Facebook app. Today we will introduce how to get access token for Twitter app using PHP. Since now Twitter is also using OAuth 2.0 to allow some web apps to access some users information on behalf of one user. They provided some APIs for developers to easily get them integrated with their own websites. The first step to get all these done is how to get the access token, the access token seems ...

   Twitter,OAuth,access token,PHP     2013-03-03 03:49:26

  Introduction to OAuth (in Plain English)

Last week we talked about giving away your passwords and how you should never do it.  When a website wants to use the services of another—such as Bitly posting to your Twitter stream—instead of asking you to share your password, they should use OAuth instead. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. This is a quick guide to illustrate, as simply as possibl...

   Security,OAuth,Permission,Partial access     2012-04-05 11:39:54

  Twitter user database is hacked

According to Sina Tech, One hacker from Islamic Republic of Mauritania claimed today that he had acquired Twitter's entire user database and he shared over 15000 user account information on file sharing website Zippyshare.These information include the name of each account on Twitter, username and access tokens of third-party applications which have access to their Twitter accounts(such as Instagram or HootSuite).Twitter has yet to comment on the matter, but the company sent messages urging ...

   Twitter,Hacker,Access token     2013-08-20 10:49:44

  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

  Twitter OAuth the easy way – simple post to twitter script

After Twitter introduced mandatory authentication with OAuth, many of the current scripts for posting content to Twitter don’t work anymore. OAuth can be great for more advanced authentication, but for a simple post to twitter script, it seems like a little overkill. In this post you’ll learn how to create a simple script that uses a quick and dirty version of OAuth for posting new tweets to Twitter. How to create a simple script Simplified, Twitter OAuth involves sending both ap...

   Twitter,OAuth,PHP,Auto tweet     2012-02-25 12:51:07