I am not sure about how can I tell that a tweet is tweeted from a mobile/smart phone.
I am using Tweepy for the twitter API. Twitter API can only tell us the source/client of a tweet (e.g. Twitter for Android).
That's why the only solution I see, is to compare the name of the client used to tweet to a list of mobile clients. (I should build the list by myself)
The list can be huge, that's why I am searching for another suggestion, hack or magic.
(Alternatively, do you know where can I find a good list of mobile app?)
As you've discovered, you can look at the source parameter.
This will give you two interesting things
The name of the client.
The URL of the client.
I'd suggest a two pronged approach. Look to see if the name says something like "for Android" or "mobile" - and check whether the URL points to iTunes, play.google, or similar.
According to Wikipedia
A new app is registered every 1.5 seconds, according to Twitter.
I would suggest looking at the Top 100 Twitter Applications (or similar) and then build your own list of the most commonly seen apps.
Related
I have an android and iPhone app, and the apps are getting data
from my website based on some conditions they select on the app.
I created a secured url that is not open to the public (can't be find on our website) and using a hash code that I thought was secure enough. Something like the following
http://test.com/data/get_data.php?key=akl;sd8234
The extra conditions they select in the app will be append as query parameters to the same url.
Base on the condition, the php file will then out data in json format.
However, I discovered recently someone else create the exact same app and actually getting data from my server, and from the secret url that I created. The reason I know is because I change something on that secret get_data.php page and it reflected on their app.
I don't know who they get a hold to my url, is there a way to create a more secure way to pass the data from my web server to the app so others can't steal my data?
You should create an API with Basic Auth or OAuth. You can't rely on your URL because it can be caught in logs.
Check this course out
In addition to shayegh's answer, you need to understand that every endpoint that you access within your application is public by nature. Everyone can access your server's endpoint just as well as your mobile application (created by you) can. However, you can make your server's endpoint protected by adding authorization requirements on your endpoint.
Authorization
There are many authorization protocols out there, OAuth, OAuth2.0, Basic Auth (credentials like email and password), etc. All of these are just ways to grant anyone access to resources in your endpoint. Think of it as a lock on your home door, only someone with a key can go into your house and make a mess.
Please keep in mind that this is a very simplified version of what authorization protocols actually look like, how it actually secures the distribution of access keys/tokens, etc.
Additional questions and answers
I tried to generate log files from my android phone, and I can't seem to find the .php file from the log files. Is that possible for someone to decode the android app or the iphone app so that they can view my source code?
Answer: I would always assume that everything that is happening on client's side (mobile app, WebApp's front end, etc) is beyond my control. That means anyone can access, read, tweak my client applications. With that said, I would assume that it is indeed possible for someone to unravel your android / iPhone app (get the source code) to get your client side keys.
How would this (OAuth/basic) help? Surely the person creating the other app would just add the OAuth/basic auth as well, wouldn't they?
In order for that other person to access the protected endpoint they would need to have access to your access tokens of the original app. On top of that, they would need to do it fast because usually access tokens only lasts for a short period of time.
Will using Basic Auth or OAuth key works if they are able to see my code?
Yes and no, depending on your implementation, attackers might be able to unravel your app and somehow fetch user's credentials or tokens from bad practices.
Hello I am beginner to Android development so I want to ask how to create dynamically changeable database (content) in Android?
I'm aware of sqlite shared preferences but how can I interact with them via internet and add new information like news apps? Could Parse help?
This is not a answer, but a comment rather, I don't have the 50 rep required to comment.
It all depends on the sort of functionality you want to achieve. I.e. do you want to be able to push new content to the device using the internet such as push notifications.
OR
Do you want the app to make a http connection to a api or your own news service on startup or on button press for example?
UPDATE
Ok you have decided you want something similar to option 2. I am not going to write code for you but I will point you in the right direction and if you get stuck, post a question.
Please take a look at:-
https://play.google.com/store/apps/details?id=com.rsoftware.news
If you have decided this is what you want or similar, this application uses an API calling infrastructure.
The API they use is called FAROO.
http://www.faroo.com/hp/api/api.html
I suggest reading the documentation, deciding if this is indeed what you want, then sign up and get a API key. Afterall it is free! enjoy coding, enjoy the errors that you will receive and persevere =).
How to make a API call
I suggest when using a API, test the queries through the browser first of all or use something like Runscope for testing their services. So first get their URL which is:-
http://www.faroo.com/api
If we were to go to this url we will get a 401 response code, which means unauthorised. This is because we haven't added our unique API key to the html query. So this url can take parameters. We simply append a ? to the end of the url and supply the parameters that FAROO offers such as:-
q which stands for query (what do you want FAROO to search for?)
start which is the number it should start from
length which is the number of results you want FAROO to return
key which is your unique to make the requests
etc etc...
So an example of a complete url would be:-
http://www.faroo.com/api?q=iphone&start=1&length=10&l=en&src=news&f=json
This url is for demonstration purposes... your own url will have a key=YourAPIKey
Also notice how the parameters are separated by & symbols i.e. q=iphone&start=1 so this part q we know stands for query which is iphone & start=1 & so on.
Hope this helps.
I am developing an android native application for sentimental analysis. The context is I need to get the information from the social media like Twitter and Facebook. I have done it for Twitter by using the API to get the 100 latest tweets about the particular organisation. That is fine.
Now I am trying to do the same for Facebook. Is there any free API available for this sentimental analysis.
I'm assuming to get the Twitter analysis working you used their 'firehose.'
If that is the case, and you're looking for a Facebook equivalent: it doesn't exist. Perhaps it's because the dynamics of these two social networks are not exactly identical and so what each is trying to achieve is different.
While some Facebook users' activities can be completely public (as per their choosing), most of the content is behind walls, so to speak. So unless you scrape the public info and do some analysis on it, as of right now there is no API support for what you're looking for.
If you're doing it for a particular organization they probably have a facebook page. Since almost all pages are public you can use the Facebook API to to query that page and get all the comments from that page. Once you have those comments you can perform sentiment analysis on them. The query might look something like:
$facebook->api("pageName/posts?fields=created_time,id,message,story,type,picture,shares,likes,comments.limit(5000)");
The above example is in php but you can find an equivalent Java example.
Since there is no stream like functionality for Facebook you would have to set, maybe a cron job, to run it every hour to get the latest comments.
I already published an android app where you can see a list of specific objects and detailed informations about them. The list changes every day but some of the objects can appear again.
The application is communicating with a PHP server over HTTP and periodically pulls the list of objects.
I now plan to extend the app to make it possible to rate the objects and add a comment similar to how it is done in the android market. I'd like to avoid forcing the user to sign up for an account for being able to comment.
I see two problems:
The comment-system could be abused by spammers
A comment could be added from another system
So my questions are:
How to protect the system from spam?
How to authenticate the application with the server?
How do I limit the number of comments to one per user and object?
What about the androids device id? Is it unique enough to use it as identifier for the user?
Which other problems do you see?
2020 Commenting/Rating/Reviews Options
Since Socialize is out, here are a few options you can explore:
Build your own comment/rating implementation. Personally I love reddit and how it handles nested comments and ratings. Here's a library I found that implements it beautifully. Please note you'll need to tie this with a cloud-database. This is based on groupie. Article & implementation. Many ways to do this - https://stackoverflow.com/a/59472206/668240
Disqus - SDK's coming soon to iOS and Android.
BazaarVoice - commercial
Social Networks SDKs like Facebook, Twitter, etc. Personally I dislike this as we'll need to authenticate users with respective networks to use the APIs. It's like we are shipping off users of our apps to social networks. If you don't have a problem with that - then it might be for you
Legacy Option in 2014:
You can try out Socialize SDK which is open-source and a really good SDK for the rating and commenting you are looking for. It already has a well-functioning Commenting system built-in along with a 'like/love' facility and sharing to FB and Twitter. Each 'entity' (object in your case) can have metadata associated with it. So all you have to do is construct/use a rating widget, then send that rating with the entity attached to your object. To display your rating/comment is as simple as retrieving them from Socialize.
Each object (element from your app) should be associated with an entity which has a unique key in the form of a URL - sort of like a primary key to recognize your items. This entity can have meta-data - any data that you can insert on behalf of your object. Once you do that, you can retrieve that metadata any time you want.
I've been using Socialize for around a year now. They've matured over this period and are always aspiring to be the best at what they do.
Look at the Socialize Bar at the bottom. Its can be customized to your needs.
What's more - Socialize is free.
As for your questions:
There is comment moderation built into the Socialize Web Component
where you can filter out anything you feel is out of place.
Socialize allows you to authenticate through Facebook and Twitter.
Limiting to one comment per user can be achieved by using their User
and Comments API.
Socialize has both Anonymous authentication as well as Social A/c
authentication. I believe you can remove anonymous auth. So that
ensure that every user is authenticated before rating/commenting.
For authentication, you could use OpenID like StackOverflow does or Facebook authentication. Once you have them authentication, it shoud be easy to limit the number of comments to one per user per object. As far as spam, you could follow StackOverflow's model and allow users to vote comments up or down or flag as spam. Perhaps users with comments that have been voted up would have more power and be able to flag comments as spam.
You'll need some sort of rate limiting. I've used this one in this example before.
So you need a table with the user's ID and how many api calls they have left, and then when their last api call was. Then use the algorithm to update the values in the table every time a method is called.
Read through this, I think it should be possible to create an UUID for every case:
http://android-developers.blogspot.de/2011/03/identifying-app-installations.html
And then keep a hidden api key which is hard coded, or at least get's everytime calculated the same or in enigma style influenced by the time it is used. But you will be never be sure, that it won't be find out by crackers/hackers and maybe abused, you will always have this Problem.
Authenticate with the UUID of the user + api-key.
I was wondering if it is possible to hook into the gmail and email
applications and check to see if it contains text that matches a
regular expression, and if it does, make that text into a link with a
URI that would open my application. What i am thinking of is similar
to how the gmail application can detect a web address or phone number
and make it a link. Is something like this possible?
The Gmail app is closed source and you only have the hooks they give you. AFAIK regular-expression-to-hyperlink-conversion isn't one of them:
Extending Android's Default Gmail/Email Applications
Depending on what you're doing, you might be able to send mail through some kind of gateway which does this work on the message prior to delivery. So rather than emailing johndoe#gmail.com people could write to johndoe#example.com, and the work of translating phrases into URIs could be done at example.com then forwarded to gmail.com with links in place...
But people are link-savvy these days. You can make links plenty readable, for instance look at http://en.wikipedia.org/wiki/URL ...fairly obvious, no magic required and I can enter that even without Google's help.