I've build a web app to post on my pages via page identity.
is there any method/procedure to get any kind of warnings that appear while posting images/link on my pages, like when posting regular we get captcha or other pop up messages regarding anything we post, but we don't get this when doing so via app. so is there anything that can be used to get that on app?
i use this code to post on fb
FacebookClient client = new FacebookClient(PageAccessToken);
dynamic parameters = new ExpandoObject();
parameters.message = txtTitle.Text;
parameters.link = strLink;
var PostID = client.Post("/" + PageId + "/feed", parameters);
Now When posting if there's any captcha or another messages (Warning) while posting, i wanna see it on app??
Let Me Be Clear a Little:
When u post too many posts on a page( Continuously), facebook shows captcha warnings every few posts 5-10. And When u reach a critical limit, facebook again shows captcha with warning message "You are misusing this feature", and if you continuously keep posting, fb will block u from posting. now when u post these posts via app, facebook keeps on posting without warnings/captcha's. so post on page manually=captcha popups and warning messages. post via app=no captcha/warning messages.
i want to read those messages on my app so i know if there's any warning or captcha message is shown(but ignored due to posting via app).
Whenever you make a call:
client.Post("/" + PageId + "/feed", parameters);
You get a JSON in response. I think var PostID is mis-leading. You get a JSON in reponse.
If the posting is success, you get the response as-
{
"id": "XXXXXXXXXX_YYYYYYYYYY"
}
If posting fails, you get the response as-
{
error:
{
"message": " ........ ",
"code": XXX,
"type": "......"
}
}
So you can always check for the error in the response and handle it appropriately.
Related
Working with WordPress and the Espresso Plugin for Events. I've never dealt with WP or Plugin's before, so I'm in new territory.
I am attempting to add an event and I keep getting the following error:
{"code":"rest_cannot_create_events","message":"Sorry, you are not allowed to create events. Missing permissions: ee_edit_events,ee_edit_others_events,ee_edit_private_events","data":{"status":403}}
I've gone into the WP admin pages and made sure the user I am trying to login as has all the permissions for this plugin.
The first thing I do is access the /wp-login.php page to get the Cookies:
string formVars = "";
string result = "";
string eventUrl = $"<url>/wp-login.php";
Dictionary<string, string> headers = new Dictionary<string, string>();
formVars = $"log={UserName}&pwd={Password}";
Cookie = new System.Net.CookieContainer();
AllowAutoRedirect = false;
result = PerformPost(eventUrl, formVars, true, headers);
The PerformPost uses an HttpWebRequest to send and receive.
That part seems to work and I get what looks like valid cookies.
I then do another post to /wp-json/ee/v4.8.29/events/ and pass in the body just the name of the event like EVT_name=TestEvent.
It's at this point that I get the the error mentioned above.
So a couple of questions.
1) Has anyone done this before? (Added an Event to Espresso on WordPress)
2) If Espresso doesn't like what I am feeding it, does it generate this error rather than just telling me I'm not giving it the correct information?
I've also tried using the Basic Auth plugin with the same results.
Any help is greatly appreciated.
UPDATE: Google has recently updated their error message with an additional error code possibility: "timeout-or-duplicate".
This new error code seems to cover 99% of our previously mentioned mysterious
cases.
We are still left wondering why we get that many validation requests that are either timeouts or duplicates. Determinining this with certainty is likely to be impossible, but now I am just hoping that someone else has experienced something like it.
Disclaimer: I cross posted this to Google Groups, so apologies for spamming the ether for the ones of you who frequent both sites.
I am currently working on a page as part of a ASP.Net MVC application with a form that uses reCAPTCHA validation. The page currently has many daily users.
In my server side validation** of a reCAPTCHA response, for a while now, I have seen the case of the reCAPTCHA response having its success property set to false, but with an accompanying empty error code array.
Most of the requests pass validation, but some keep exhibiting this pattern.
So after doing some research online, I explored the two possible scenarios I could think of:
The validation has timed out and is no longer valid.
The user has already been validated using the response value, so they are rejected the second time.
After collecting data for a while, I have found that all cases of "Success: false, error codes: []" have either had the validation be rather old (ranging from 5 minutes to 10 days(!)), or it has been a case of a re-used response value, or sometimes a combination of the two.
Even after implementing client side prevention of double-clicking my submit-form button, a lot of double submits still seem to get through to the server side Google reCAPTCHA validation logic.
My data tells me that 1.6% (28) of all requests (1760) have failed with at least one of the above scenarios being true ("timeout" or "double submission").
Meanwhile, not a single request of the 1760 has failed where the error code array was not empty.
I just have a hard time imagining a practical use case where a ChallengeTimeStamp gets issued, and then after 10 days validation is attempted, server side.
My question is:
What could be the reason for a non-negligible percentage of all Google reCAPTCHA server side validation attempts to be either very old or a case of double submission?
**By "server side validation" I mean logic that looks like this:
public bool IsVerifiedUser(string captchaResponse, string endUserIp)
{
string apiUrl = ConfigurationManager.AppSettings["Google_Captcha_API"];
string secret = ConfigurationManager.AppSettings["Google_Captcha_SecretKey"];
using (var client = new HttpClient())
{
var parameters = new Dictionary<string, string>
{
{ "secret", secret },
{ "response", captchaResponse },
{ "remoteip", endUserIp },
};
var content = new FormUrlEncodedContent(parameters);
var response = client.PostAsync(apiUrl, content).Result;
var responseContent = response.Content.ReadAsStringAsync().Result;
GoogleCaptchaResponse googleCaptchaResponse = JsonConvert.DeserializeObject<GoogleCaptchaResponse>(responseContent);
if (googleCaptchaResponse.Success)
{
_dal.LogGoogleRecaptchaResponse(endUserIp, captchaResponse);
return true;
}
else
{
//Actual code ommitted
//Try to determine the cause of failure
//Look at googleCaptchaResponse.ErrorCodes array (this has been empty in all of the 28 cases of "success: false")
//Measure time between googleCaptchaResponse.ChallengeTimeStamp (which is UTC) and DateTime.UtcNow
//Check reCAPTCHAresponse against local database of previously used reCAPTCHAresponses to detect cases of double submission
return false;
}
}
}
Thank you in advance to anyone who has a clue and can perhaps shed some light on the subject.
You will get timeout-or-duplicate problem if your captcha is validated twice.
Save logs in a file in append mode and check if you are validating a Captcha twice.
Here is an example
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response'])
file_put_contents( "logfile", $verifyResponse, FILE_APPEND );
Now read the content of logfile created above and check if captcha is verified twice
This is an interesting question, but it's going to be impossible to answer with any sort of certainly. I can give an educated guess about what's occurring.
As far as the old submissions go, that could simply be users leaving the page open in the browser and coming back later to finally submit. You can handle this scenario in a few different ways:
Set a meta refresh for the page, such that it will update itself after a defined period of time, and hopefully either get a new ReCAPTCHA validation code or at least prompt the user to verify the CAPTCHA again. However, this is less than ideal as it increases requests to your server and will blow out any work the user has done on the form. It's also very brute-force: it will simply refresh after a certain amount of time, regardless of whether the user is currently actively using the page or not.
Use a JavaScript timer to notify the user about the page timing out and then refresh. This is like #1, but with much more finesse. You can pop a warning dialog telling the user that they've left the page sitting too long and it will soon need to be refreshed, giving them time to finish up if they're actively using it. You can also check for user activity via events like onmousemove. If the user's not moving the mouse, it's very likely they aren't on the page.
Handle it server-side, by catching this scenario. I actually prefer this method the most as it's the most fluid, and honestly the easiest to achieve. When you get back success: false with no error codes, simply send the user back to the page, as if they had made a validation error in the form. Provide a message telling them that their CAPTCHA validation expired and they need to verify again. Then, all they have to do is verify and resubmit.
The double-submit issue is a perennial one that plagues all web developers. User behavior studies have shown that the vast majority occur because users have been trained to double-click icons, and as a result, think they need to double-click submit buttons as well. Some of it is impatience if something doesn't happen immediately on click. Regardless, the best thing you can do is implement JavaScript that disables the button on click, preventing a second click.
I know this has been asked many times before, but I have used info from the linqtotwitter docs and examples along with other posts on here to get this far. I can get my new app to send a tweet, but only by letting it take me to twitters authorise page and me having to click the authorise button to continue.
The app itself is authorised fine, so I don't need my password each time, it's just the use of the app that it wants permission for.
I know the reason for this is because nowhere in my code is there my access token or access token secret. I have added them in but every time I get a 401 unauthorised (invalid or expired token).
My code is as follows, perhaps you can see where I'm going wrong?
private IOAuthCredentials credentials = new SessionStateCredentials();
private MvcAuthorizer auth;
private TwitterContext twitterCtx;
public ActionResult Index()
{
credentials.ConsumerKey = ConfigurationManager.AppSettings["twitterConsumerKey"];
credentials.ConsumerSecret = ConfigurationManager.AppSettings["twitterConsumerSecret"];
credentials.AccessToken = "MYaccessTOKENhere"; // Remove this line and line below and all works fine with manual authorisation every time its called //
credentials.OAuthToken = "MYaccessTOKENsecretHERE";
auth = new MvcAuthorizer
{
Credentials = credentials
};
auth.CompleteAuthorization(Request.Url);
if (!auth.IsAuthorized)
{
Uri specialUri = new Uri(Request.Url.ToString());
return auth.BeginAuthorization(specialUri);
}
twitterCtx = new TwitterContext(auth);
twitterCtx.UpdateStatus("Test Tweet Here"); // This is the line it fails on //
return View();
}
Here's the FAQ that has help on resolving 401 errors: http://linqtotwitter.codeplex.com/wikipage?title=LINQ%20to%20Twitter%20FAQ&referringTitle=Documentation
A couple items that might be helpful too:
You can't tweet the same text twice - so either delete the previous tweet with the same text or change the text. All my test append DateTime.Now.ToString() to avoid this error.
The SessionStateCredentials holds credentials in SessionState. The persistence mode default for Session state is InProc, meaning that your session variables will be null if the process recycles, which will happen unpredictably. You might want to make sure that you are using either StateServer or SQL Server modes.
I'm using ASP.NET / c# to get the news feed of a facebook user. But since today my request for the user's news feed is returning an 500 error. (Internal server error)
Here is what i'm trying to do:
s
tring jsonUrl = graphUrl + "/" + id + "/home?access_token=" + token;
var json = new WebClient().DownloadString(jsonUrl);
When i copy paste the jsonurl in my browser i get the following result:
"error": {
"type": "IDInvalidException",
"message": "Invalid id: 0"
}
If i change "home" to "feed" or "friends", then i do get the result i want. Is there something wrong here?
I hope someone can help me here.
Add "read_stream" to the list of your permissions.
This was working before without adding that flag to your permissions session but now seems they require to specify that.
I was having the same issue in a iOS Application but now is working again
I am having an issue with call Drupal node.save using MooTool's JSONP. Here is an example.
Here is my request:
callback Request.JSONP.request_map.request_1
method node.save
sessid 123123123123123
node {"type":"blog","title":"New Title","body":"This is the blog body"}
Here is my result
HTTP/1.0 500 Internal Server Error
I got this working before, but i used AMFPHP and was able to send objects to drupal. I am assuming that this has to do with Drupal expecting an object, but since it is a GET it gets transformed as a string. Is there any way of getting around this with out hacking the code?
Here is my code:
$('newBlogSubmit').addEvent('click', function()
{
var node = {
type : "blog",
title:"New Title",
body :"This is the blog body"
}
var string = JSON.encode(node);
string.escapeRegExp()
var sessID = _sessID;
DrupalService.getInstance().node_save(string, sessID, drupal_handleBlogSubmit);
});
My Drupal Service JS Code:
//NODE
DrupalService.prototype.node_save = function(node, sessid, callback){
var dataObj = {
method : "node.save",
sessid : sessid,
node : node
}
DrupalService.getInstance().request(dataObj, callback);
}
//SEND REQUEST AND CALLBACK FUNCTION
DrupalService.prototype.request = function(dataObject, callback){
new JsonP('http://myDrupalSite.com/services/json', {data: dataObject,onComplete: callback}).request();
}
I am trying to connect the dots, but not too familiar with Drupal, but i would guess all I need to do is turn the string back into an object. Any ideas where I should be looking, or if there is an existing patch?
A first question could be why you use mootools since Drupal comes with jQuery and use it extensively throughout the different modules and Drupal core itself.
Anyways I don't know mootools so can't help you there, but if your request in ending in a internal server error, you have a problem with your drupal code or your js code. So even if I knew exactly what you were doing, I couldn't tell you the problem without looking at the drupal code for your http://myDrupalSite.com/services/json callback.
In general, what you want to make sure is:
You make a POST request, as drupal will cache get's and the semantic of this, is that you are posting data - the node - to the server.
Your data should be sent as post params, this will make them end up in the PHP $_POST variable
Your callback should validate the data and act accordingly, creating a node when the data is intact. You don't need session id's since the script will have the same session the browser has.
I've answered a similar question in detail, which was about altering a field instead of saving a node, but much of the work is still the same. You can take a look on the post, although this is with jQuery and not Mootools.