Can't get Twitter Widget working

Question

I wondered if someone can help?

I've purchased a web theme for a client but can't get the twitter widget working. It's probably something really simple but as I'm not a web developer I'm struggling to figure out what's preventing it form working.

Here's the webpage http://www.blackrocksearch.co.uk/new/ - the twitter feed should display in the footer. It works on the templates demo site but I notice in the item comments other customers having the same issue so think there could be a glitch somewhere.

Demo where it's working here:http://vasterad.com/themes/sensation/index.html

Here's the snippet of code from the twitter.php file which is apparently the only area I need to configure (I've left out the actual access token numbers for security):

    <?php

/**
* Usage:
* Send the url you want to access url encoded in the url paramater, for example (This is with JS):
* /twitter-proxy.php?url='+encodeURIComponent('statuses/user_timeline.json?screen_name=MikeRogers0&count=2')
*/

// The tokens, keys and secrets from the app you created at https://dev.twitter.com/apps
$config = array(
'oauth_access_token' => 'token-here',
'oauth_access_token_secret' => 'token-here',
'consumer_key' => 'token-here',
'consumer_secret' => 'token-here',
'use_whitelist' => true, // If you want to only allow some requests to use this script.
'base_url' => 'http://api.twitter.com/1.1/'
);

/*
* Ok, no more config should really be needed. Yay!
*/

// We'll get the URL from $_GET[]. Make sure the url is url encoded, for example encodeURIComponent('statuses/user_timeline.json?screen_name=MikeRogers0&count=10&include_rts=false&exclude_replies=true')
if(!isset($_GET['url'])){
die('No URL set');
}

$url = $_GET['url'];


if($config['use_whitelist'] && !isset($whitelist[$url])){
die('URL is not authorised');
}

// Figure out the URL parmaters
$url_parts = parse_url($url);
parse_str($url_parts['query'], $url_arguments);

$full_url = $config['base_url'].$url; // Url with the query on it.
$base_url = $config['base_url'].$url_parts['path']; // Url with the query.

/**
* Code below from http://stackoverflow.com/questions/12916539/simplest-php-example-retrieving-user-timeline-with-twitter-api-version-1-1 by Rivers
* with a few modfications by Mike Rogers to support variables in the URL nicely
*/

function buildBaseString($baseURI, $method, $params) {
$r = array();
ksort($params);
foreach($params as $key=>$value){
$r[] = "$key=" . rawurlencode($value);
}
return $method."&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r));
}

function buildAuthorizationHeader($oauth) {
$r = 'Authorization: OAuth ';
$values = array();
foreach($oauth as $key=>$value)
$values[] = "$key=\"" . rawurlencode($value) . "\"";
$r .= implode(', ', $values);
return $r;
}

// Set up the oauth Authorization array
$oauth = array(
'oauth_consumer_key' => $config['consumer_key'],
'oauth_nonce' => time(),
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_token' => $config['oauth_access_token'],
'oauth_timestamp' => time(),
'oauth_version' => '1.0'
);
$base_info = buildBaseString($base_url, 'GET', array_merge($oauth, $url_arguments));
$composite_key = rawurlencode($config['consumer_secret']) . '&' . rawurlencode($config['oauth_access_token_secret']);
$oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
$oauth['oauth_signature'] = $oauth_signature;

// Make Requests
$header = array(
buildAuthorizationHeader($oauth),
'Expect:'
);
$options = array(
CURLOPT_HTTPHEADER => $header,
//CURLOPT_POSTFIELDS => $postfields,
CURLOPT_HEADER => false,
CURLOPT_URL => $full_url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false
);

$feed = curl_init();
curl_setopt_array($feed, $options);
$result = curl_exec($feed);
$info = curl_getinfo($feed);
curl_close($feed);

// Send suitable headers to the end user.
if(isset($info['content_type']) && isset($info['size_download'])){
header('Content-Type: '.$info['content_type']);
header('Content-Length: '.$info['size_download']);

}

echo($result);
?>

Hope someone can help!

Answer 1

By looking on your site on PHP file that doing a request to Twitter's response, it appears that your request needs to do a secure connection. So, my guesses are:

1. Connecting through https

Change your base_url key on $config variable to https.

$config = array(
    'oauth_access_token' => 'token-here',
    'oauth_access_token_secret' => 'token-here',
    'consumer_key' => 'token-here',
    'consumer_secret' => 'token-here',
    'use_whitelist' => true,
    'base_url' => 'https://api.twitter.com/1.1/' //was http://api.twitter.com/1.1/
);

2. Adding CA (Certificate Authority) cert file

In case my first guess doesn't resolve anything, adding CA cert on cURL request might help. First, get your own cacert.pem from here. Save it on some path you could recognize. Then simply set cURL option CURLOPT_SSL_VERIFYPEERto true and optionally you can also explicitly set CURLOPT_SSL_VERIFYHOST to its default value which is 2.

In example, according to your snippet, saving in a same path as your Twitter cURL PHP file.

$options = array(
    CURLOPT_CAINFO => __DIR__ . '/cacert.pem', //or dirname(__FILE__) . '/cacert.pem' for PHP < 5.3
    CURLOPT_HTTPHEADER => $header,
    //CURLOPT_POSTFIELDS => $postfields,
    CURLOPT_HEADER => false,
    CURLOPT_URL => $full_url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_SSL_VERIFYPEER => true,
);

As an option you can also predefine the cacert.pem in your php.ini configuration file. Just add/edit following line and don't forget about the path too

curl.cainfo = "some/path/cacert.pem"

Let me know