API talk:Tokens

I only get '+\' as an csrf-token
Please, can somebody help me?--Mischa004 (talk) 18:14, 16 February 2015 (UTC)

My PHP-code:

$parameters = array('action' => 'query', 'meta' => 'tokens', 'format' => 'json'); $options = array(   'http' => array( 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($parameters), ), ); $context = stream_context_create($options); $result = file_get_contents($wiki, false, $context); echo "$result";


 * That's how the token currently looks what you're not logged in (although there are plans to use real token for anonymous users too). Nothing to worry about. Matma Rex (talk) 20:19, 16 February 2015 (UTC)
 * Thank you! In fact, I really want to have a token to edit as a registered user. Before obtaining the token as shown above I login with this PHP-code:

$parameters = array('action' => 'login', 'lgname' => 'mischa', 'lgpassword' => 'PASSWORD', 'format' => 'json'); $options = array(   'http' => array( 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($parameters), ), ); $context = stream_context_create($options); $result = file_get_contents($wiki, false, $context);


 * Note: $wiki can be for example http://en.wikipedia.org/w/api.php --Mischa004 (talk) 20:29, 16 February 2015 (UTC)
 * Looks like you're not passing the cookies from the first request to the second one? I'm afraid I have no idea how that's done in PHP, though. Matma Rex (talk) 20:51, 16 February 2015 (UTC)
 * Thank you! I have to check this the day after tomorrow,--Mischa004 (talk) 20:56, 16 February 2015 (UTC)

Hi! I'm having the same problem. I always get  as result and I'm definitely passing the received cookies to the query. Did you solve the problem, Mischa004? --jobu0101 (talk) 17:03, 1 May 2015 (UTC)


 * I assume you're logging in successfully? (Return value should include result=Success either on the first try for old wikis or after sending the login token for anything newer.) Assuming that part's okay, can you post the relevant part of your code, or at least the command that it's generating, so we can have a look at it? – Robin Hood  (talk)  22:00, 1 May 2015 (UTC)
 * Thank you very much. It was my fault. I didn't login properly. I missed the second request which you need when you get   back from the first request. By the way: When I log out, is it true that I then end all sessions and not only the current one? Or isn't it possible to be logged in using the API in more then one session? --jobu0101 (talk) 11:47, 2 May 2015 (UTC)
 * I don't know the details of how logging in and out works, so I'm not sure if the cookies you get are session-specific or not. If you experiment with it, though, let me know or just add it to the page, because that would be useful info. Also, keep in mind that the MediaWiki sites use CentralAuth, which changes the whole login/logout process significantly. For those, if you log out of an account by either the UI or the API, you're logged out of all sessions on all sites for that user. – Robin Hood  (talk)  18:13, 2 May 2015 (UTC)