-
-
Save BatuhanK/b71d67c5faf1620ea107 to your computer and use it in GitHub Desktop.
<?php | |
/* | |
(2014) Main source -> http://lancenewman.me/posting-a-photo-to-instagram-without-a-phone/ | |
I just managed to sniff Instagram traffic and fixed the code | |
-- Have fun - batuhan.org - Batuhan Katırcı | |
--- for your questions, comment @ http://batuhan.org/instagram-photo-upload-with-php/ | |
*/ | |
function SendRequest($url, $post, $post_data, $user_agent, $cookies) { | |
$ch = curl_init(); | |
curl_setopt($ch, CURLOPT_URL, 'https://instagram.com/api/v1/'.$url); | |
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); | |
if($post) { | |
curl_setopt($ch, CURLOPT_POST, true); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); | |
} | |
if($cookies) { | |
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt'); | |
} else { | |
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt'); | |
} | |
$response = curl_exec($ch); | |
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE); | |
curl_close($ch); | |
return array($http, $response); | |
} | |
function GenerateGuid() { | |
return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x', | |
mt_rand(0, 65535), | |
mt_rand(0, 65535), | |
mt_rand(0, 65535), | |
mt_rand(16384, 20479), | |
mt_rand(32768, 49151), | |
mt_rand(0, 65535), | |
mt_rand(0, 65535), | |
mt_rand(0, 65535)); | |
} | |
function GenerateSignature($data) { | |
return hash_hmac('sha256', $data, '25eace5393646842f0d0c3fb2ac7d3cfa15c052436ee86b5406a8433f54d24a5'); | |
} | |
function GetPostData($filename) { | |
if(!$filename) { | |
echo "The image doesn't exist ".$filename; | |
} else { | |
$post_data = array('device_timestamp' => time(), | |
'photo' => '@'.$filename); | |
return $post_data; | |
} | |
} | |
// Set the username and password of the account that you wish to post a photo to | |
$username = ''; | |
$password = ''; | |
// Set the path to the file that you wish to post. | |
// This must be jpeg format and it must be a perfect square | |
$filename = '400x400.jpg'; | |
// Set the caption for the photo | |
$caption = "Testcaption"; | |
// Define the user agent | |
$agent = 'Instagram 6.21.2 Android (19/4.4.2; 480dpi; 1152x1920; Meizu; MX4; mx4; mt6595; en_US)'; | |
// Define the GuID | |
$guid = GenerateGuid(); | |
// Set the devide ID | |
$device_id = "android-".$guid; | |
/* LOG IN */ | |
// You must be logged in to the account that you wish to post a photo too | |
// Set all of the parameters in the string, and then sign it with their API key using SHA-256 | |
$data = '{"device_id":"'.$device_id.'","guid":"'.$guid.'","username":"'.$username.'","password":"'.$password.'","Content-Type":"application/x-www-form-urlencoded; charset=UTF-8"}'; | |
$sig = GenerateSignature($data); | |
$data = 'signed_body='.$sig.'.'.urlencode($data).'&ig_sig_key_version=6'; | |
$login = SendRequest('accounts/login/', true, $data, $agent, false); | |
if(strpos($login[1], "Sorry, an error occurred while processing this request.")) { | |
echo "Request failed, there's a chance that this proxy/ip is blocked"; | |
} else { | |
if(empty($login[1])) { | |
echo "Empty response received from the server while trying to login"; | |
} else { | |
// Decode the array that is returned | |
$obj = @json_decode($login[1], true); | |
if(empty($obj)) { | |
echo "Could not decode the response: ".$body; | |
} else { | |
// Post the picture | |
$data = GetPostData($filename); | |
$post = SendRequest('media/upload/', true, $data, $agent, true); | |
if(empty($post[1])) { | |
echo "Empty response received from the server while trying to post the image"; | |
} else { | |
// Decode the response | |
$obj = @json_decode($post[1], true); | |
if(empty($obj)) { | |
echo "Could not decode the response"; | |
} else { | |
$status = $obj['status']; | |
if($status == 'ok') { | |
// Remove and line breaks from the caption | |
$caption = preg_replace("/\r|\n/", "", $caption); | |
$media_id = $obj['media_id']; | |
$device_id = "android-".$guid; | |
$data = '{"device_id":"'.$device_id.'","guid":"'.$guid.'","media_id":"'.$media_id.'","caption":"'.trim($caption).'","device_timestamp":"'.time().'","source_type":"5","filter_type":"0","extra":"{}","Content-Type":"application/x-www-form-urlencoded; charset=UTF-8"}'; | |
$sig = GenerateSignature($data); | |
$new_data = 'signed_body='.$sig.'.'.urlencode($data).'&ig_sig_key_version=4'; | |
// Now, configure the photo | |
$conf = SendRequest('media/configure/', true, $new_data, $agent, true); | |
if(empty($conf[1])) { | |
echo "Empty response received from the server while trying to configure the image"; | |
} else { | |
if(strpos($conf[1], "login_required")) { | |
echo "You are not logged in. There's a chance that the account is banned"; | |
} else { | |
$obj = @json_decode($conf[1], true); | |
$status = $obj['status']; | |
if($status != 'fail') { | |
echo "Success"; | |
} else { | |
echo 'Fail'; | |
} | |
} | |
} | |
} else { | |
echo "Status isn't okay"; | |
} | |
} | |
} | |
} | |
} | |
} |
Good example! But what if i do not want to use username and password to upload photo? Can i use access token for this?
Have you find any solution to that. I am looking for the same thing. With access token.
This work yet? for me i couldn't login to instagram
Notice: Undefined variable: body in D:\xammp\htdocs\instagram\index.php on line 89
Could not decode the response
this error i am getting when trying to run this program
please help me how can i resolve this
The code can log in but
{"logged_in_user":{"pk":47870071423,"username":"******","full_name":"","is_private":false,"profile_pic_url":"https://instagram.fdtb1-1.fna.fbcdn.net/v/t51.2885-19/4434343435656884218_3457882519_2446069589734326272_n.jpg?_nc_ht=instagram.fdtb1-1.fna.fbcdn.net\u0026_nc_cat=1\u0026_nc_ohc=3-IomJ49GywAX-ISCK3\u0026edm=AL4D0a4BAAAA\u0026ccb=7-4\u0026oh=e1feab6628bc1f793fdfge410333ff61c0190\u0026oe=60B4EF4F\u0026_nc_sid=712cc3\u0026ig_cache_key=YW5vbnltb3VzX3Byb2ZpbGVfcGlj.2-ccb7-4","is_verified":false,"has_anonymous_prof'...
does it work in 2021?
@my21century2002 probably no, this code snippet is 7 years old :D
Have you tried this? The 2021 solution!
https://developers.facebook.com/blog/post/2021/01/26/introducing-instagram-content-publishing-api/
Could not decode the response:
How to fix this error
I'm getting the error "CSRF token missing or incorrect"