Sep 292014
Article PHP

Our previous post on “How to connect to Twitter from a single user application in PHP” explained the procedure to connect to Twitter from a PHP script.

This post explains how to create a sample multiuser application “OpenAlfa Tweet Scheduler” that can send tweets on behalf of the users.


The first step is connecting to, to register in Twitter the application “OpenAlfa Tweet Scheduler” to be developed:


After the application has been created, go to the “Settings” tab to configure:

  • “Read and Write” access (because it is meant to send tweets)
  • Allow the application to be used to Sign in with Twitter (because the application needs to authenticate with the credentials of the user in order to send tweets)


Returning to the “Details” tab, write down the “Consumer Key” and “Consumer secret” assigned to the application.

Finally, the “twitteroauth” library must be installed, as explained in our previous post.

Setting up the configuration file

Under the directory where we want to place the application, create a configuration file “config.php”, with the definitions of the consumer key and consumer secret assigned by Twitter, and the callback url in our site.


Writing a page to sign in with Twitter

Create a “connect.php” page. This page should include some text about the purpose of the service, and a button that will send the user to Twitter, to authenticate and grant access to the application.


The HTML code above renders the following screen:

tweet-scheduler-connectClicking on the button loads the next script “redirect.php”. As the script name indicates, redirect.php is responsible to redirect the browser to the twitter authorization page.

The scripts starts by loading the twitteroauth library, and then sends to twitter a request for temporary credentials.

Twitter sends a pair of temporary credentials (token+secret), that will be used to create the authorization url sent to the browser.

The temporary credentials are stored in the session to be used in the next step.

Note: The generated url is:

Finally, the browser is redirected to twitter:

The page displayed asks the user to grant access to the application:


In this page, twitter informs the user about the name of the application requesting access (“OpenAlfa Tweet Scheduler”), and the permissions that will be granted to it. In the example above, the aplication will be able to send tweets on behalf of the user, but won’t be granted access to the user’s direct messages, and won’t be able to see the user’s password.

If the user validates entering the username and password and clicking on the “Sign in” button, twitter will redirect to the callback url (“cb.php”) specified.

The callback script “cb.php” starts by sending a request to twitter to obtain permanent access credentials. The request must be signed with the temporary credentials, that had been previously saved in session:

With the permanent credentials, the application can use the Twitter API to perform operations on behalf of the user, such as sending a tweet.

The following example sends a test tweet:

Index of posts about programming in PHP

 Posted by at 7:35 pm

 Leave a Reply