Twitter OAuth: There is no request token for this page

Twitter OAuth: There is no request token for this page

I’m using Abraham’s TwitterOAuth library to implement Twitter OAuth in my application. However, on clicking the Login button, users are sometimes redirected to the following page:

I said ‘sometimes’, because sometimes the Twitter OAuth provider does generate the request token, and the users are taken to the ‘Grant Permission’ page.
Is this a library issue? Or is this an issue with the Twitter OAuth provider? If there was an issue with my code, then this page should appear every time a user tries to login using his/her Twitter account, and not at random tries.
Here’s the code of the template that the users are redirected to after clicking the Login button:


oauth('oauth/request_token', array('oauth_callback' => OAUTH_CALLBACK));
    $_SESSION['oauth_token'] = $request_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];

    $url = $connection->url('oauth/authorize', array('oauth_token' => $request_token['oauth_token']));

    header('Location: '.$url);
?>

PS: I also tried regenerating the Consumer Key and Consumer Secret, but that doesn’t seem to have solved the problem.

Solutions/Answers:

Solution 1:

The two scenarios that seem most likely to me are:

1) There is an error while getting the request token. Try adding some error handling.

$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
$request_token = $connection->oauth('oauth/request_token', array('oauth_callback' => OAUTH_CALLBACK));
if ($connection->getLastHttpCode() == 200) {
    $_SESSION['oauth_token'] = $request_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
    $url = $connection->url('oauth/authorize', array('oauth_token' => $request_token['oauth_token']));
    header('Location: '.$url);
} else {
    var_dump($request_token);
    exit('Error getting request_token');
}

2) Twitter has a bug where it’s not recognizing the the request_token for some reason.

The next step in debugging is to find out the status of $request_token that results in the error.

References

Captcha is working fine on localhost , but not online

Captcha is working fine on localhost , but not online

I’m using simple-php-captcha( https://github.com/claviska/simple-php-captcha ) script on an ajax form in my wordpress theme,
it works fine when it’s on localhost but when i upload it on an online host , the captcha codes don’t match , every thing works fine , captcha image loads , sessions get created but the captcha code displayed in the image is not the same as when the form is submitted.
functions.php
require_once( get_template_directory() . ‘/libs/captcha/simple-php-captcha.php’ );
require_once( get_template_directory() . ‘/inc/ajax/testimonial.php’ );

header.php
session_start();
$_SESSION[‘captcha’] = simple_php_captcha();

The html form

” class=”dw-ajax-form dw-form” method=”post” id=”send_testimonial”>



” alt=”“>



The ajax function ( /inc/ajax/testimonial.php )
Somethings wrong‘ );

/******************************* IT ALWAYS GIVES ME THIS ERROR WHEN ONLINE , BUT IT WORKS ON LOCALHOST( i also tried it with “!=” operator ) **************/
if( $captcha_code !== $captcha_input )
die( ‘The entered code doesnt match‘ );
/**********************************************************************************************************************************************************/

if ( !isset( $_POST[‘send_testimonial_nonce’] ) || ! wp_verify_nonce( $_POST[‘send_testimonial_nonce’], ‘send_testimonial’ ) )
die(‘Somethings wrong‘);

if( empty( $comment ) )
die(‘Please enter your comment‘);

if( empty( $name ) )
die(‘please enter your name‘);

if( !empty( $email ) && !filter_var($email, FILTER_VALIDATE_EMAIL) )
die(‘the entered email doesnt look like an email address‘);

if( empty( $name ) && empty( $comment ) )
die(‘please fill the form‘);

/* send testimonial */
$testimonial = array(
‘post_title’ => $name,
‘post_status’ => ‘pending’,
‘post_type’ => ‘testimonials’,
‘post_author’ => 1
);

$post_id = wp_insert_post( $testimonial );

update_field( ‘job’, $job, $post_id );
update_field( ’email’, $email, $post_id );
update_field( ‘comment’, $comment, $post_id );

// form is valid
if( empty( $message ) )
$message = ‘Your comment submitted! thank you.‘;

echo $message;
wp_die();
}

edited :
I’ve run a test here ( sorry the page is in farsi ) : http://test.dornaweb.ir/ , there is a form in the middle of the page that when you click it , it shows you a var_dump() of $_SESSION[‘captcha’] , as you can see , the code shown in the image is different is from the code in var_dump data , it’s like when the form submits the $_SESSION is one step ahead or something like that , the weird thing is when i use the exact same theme on localhost nothing goes wrong!!

Solutions/Answers:

Solution 1:

It looks like there is some duplicate request (also judging from the provided access.log). This might be caused by a missing/inaccessible file on the server (which is there/accessible on localhost, thus not causing problems there). If this is requested, some rewrite-code (either within WP or mod_rewrite in .htaccess) rewrites the “failing” request and sends it to the main script. Then, in the main script, the session data gets overwritten with a new captcha…

These issues are sometimes hard to spot. Start at:

  • looking for differences between localhost and server

  • looking for requests by following each link in the generated html code and checking whether they give the expected response

Perhaps you could also write some debugging messages to either the error.log or some other logging facility. That might also help finding this.

Sorry if this doesn’t help you any further…

References