Solved

Use of punctuation in twilio sms api

Posted on 2011-03-22
7
973 Views
Last Modified: 2012-05-11
I have a php script that sends a string that could contain slashes, quotes, anything through Twilio's API ...

Today, I sent one single quote through & now I can't get the service to recognize the body of my messages anymore ...

I've emailed them - but I've PATIENTLY waiting a replay for hours now ... I'm stuck !!
0
Comment
Question by:Imaginx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 7

Expert Comment

by:Swafnil
ID: 35197856
If you are dealing with a black box like an API not being documented, it's always a good idea to escape data as much as needed i.e. through removing special characters or replacing them with something else.

In case you are calling a service via REST, remember to urlencode() [1] data before sending it, i.e.
$msg= urlencode(strip_tags('This is my messed-up text with \' " /\ and the like'));

Open in new window


Could you post a snippet how you are calling the Twilio API inside of your PHP file?
0
 
LVL 1

Author Comment

by:Imaginx
ID: 35197982
I'll post code today when I'm at work. I'm using urlencode now & I added stripslashes as well to get it to work. It is a REST service.

After the problem I experienced yesterday, I'm nervous of others that could arise ...
0
 
LVL 7

Expert Comment

by:Swafnil
ID: 35198193
I don't know if this applies to all SMS notifications sent through Twilio, but it seems as if a maximum of 160 characters is allowed; depending on the way Twilio handles incoming REST calls, urlencoded characters can easily break that limit. There are some useful topics in the debug section of their homepage, i.e.:
* Twilio Debugging Interface [1]
* Notification REST API, query for logs [2]

All information found here:

Debugging your application [3]

Good luck and keep us posted!

[1] http://www.twilio.com/user/account/debugger
[2] http://www.twilio.com/docs/api/rest/notification
[3] http://www.twilio.com/docs/errors/
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 1

Assisted Solution

by:Imaginx
Imaginx earned 0 total points
ID: 35198515
lol ... I read all those articles yesterday as my hair was turning grey trying to figure out my problem ..

Here's their class:
 
public function request($path, $method = "GET", $vars = array()) {
            $fp = null;
            $tmpfile = "";
            $encoded = "";
            foreach($vars AS $key=>$value)
                $encoded .= "$key=".urlencode($value)."&";
            $encoded = substr($encoded, 0, -1);
            
            // construct full url
            $url = "{$this->Endpoint}/$path";
            
            // if GET and vars, append them
            if($method == "GET") 
                $url .= (FALSE === strpos($path, '?')?"?":"&").$encoded;

            // initialize a new curl object            
            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
            switch(strtoupper($method)) {
                case "GET":
                    curl_setopt($curl, CURLOPT_HTTPGET, TRUE);
                    break;
                case "POST":
                    curl_setopt($curl, CURLOPT_POST, TRUE);
                    curl_setopt($curl, CURLOPT_POSTFIELDS, $encoded);
                    break;
                case "PUT":
                    // curl_setopt($curl, CURLOPT_PUT, TRUE);
                    curl_setopt($curl, CURLOPT_POSTFIELDS, $encoded);
                    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
                    file_put_contents($tmpfile = tempnam("/tmp", "put_"),
                        $encoded);
                    curl_setopt($curl, CURLOPT_INFILE, $fp = fopen($tmpfile,
                        'r'));
                    curl_setopt($curl, CURLOPT_INFILESIZE, 
                        filesize($tmpfile));
                    break;
                case "DELETE":
                    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "DELETE");
                    break;
                default:
                    throw(new TwilioException("Unknown method $method"));
                    break;
            }
            
            // send credentials
            curl_setopt($curl, CURLOPT_USERPWD,
                $pwd = "{$this->AccountSid}:{$this->AuthToken}");
            
            // do the request. If FALSE, then an exception occurred    
            if(FALSE === ($result = curl_exec($curl)))
                throw(new TwilioException(
                    "Curl failed with error " . curl_error($curl)));
            
            // get result code
            $responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
            
            // unlink tmpfiles
            if($fp)
                fclose($fp);
            if(strlen($tmpfile))
                unlink($tmpfile);
                
            return new TwilioRestResponse($url, $result, $responseCode);
        }
    }

Open in new window


Here's my new code (calling the method):
 
$cleanBody=stripslashes($body);
$messageArray=array("To" => $recipient,"From" => $longcode,"Body" => "$senderAlias: $cleanBody");
$response = $client->request("/$ApiVersion/Accounts/$AccountSid/SMS/Messages","POST",$messageArray);

Open in new window


Here's my old code (calling the method):
 
$response = $client->request("/$ApiVersion/Accounts/$AccountSid/SMS/Messages", 
"POST", array("To" => $recipient,"From" => "415-599-2671","Body" => "$senderAlias: $body";));

Open in new window


You can see where I added the stripslashes() - Everything seemed to work after that, but I'm not totally comfortable with the data going through urlencode .. People type random things into txt messages - I don't want it to break again ..

0
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 35199158
Is there a genuine need to send special characters?  If not, you might want to sanitize the strings with something like this to remove all the unwanted stuff.

$safe_string = preg_replace('#[^A-Z 0-9]#i', ' ', $user_string); // DISCARD ALL NON-ALPHANUMERIC CHARACTERS

If there is a need to send the special characters, then urlencode() is probably the best way to go.

About stripslashes - it may be that your PHP installation has magic-quotes set to "on."  I would want it to be off for my work.
http://us2.php.net/manual/en/security.magicquotes.php

Best regards, ~Ray
0
 
LVL 1

Author Closing Comment

by:Imaginx
ID: 35239099
Yet again ... Thanks for the direction Ray.

stripslashes works, but it isn't necc if magic_quotes wasn't on.

during the development stage, this is hosted on a shared server.

once it's live (Possibly as early as May 1st.. whew) - we'll take it to a vps where I'll have control over security settings like this one...
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 35240049
Thanks for the points - it's a great question, ~Ray
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PHP SMTP authentication 6 28
Print a <div></div> only 5 39
Find RGB colors from a screen. 2 19
Make an array show the subkey and put it in a query 2 28
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question