On Sat, Oct 04, 2008 at 09:06:48AM -0700, Jamie Poitra wrote:
> Brilliant question. It's because I can't turn it off in this
> situation (because of the way the PHP setting for this works) and
> actually don't want to except for isolated cases such as this.

Fair enough. I never could get the hang of that setting, though - it
always seemed like a kludge to me.

> I even distinctly remember seeing that at one point and saying, "I
> need to remember to take that out!"

Hehe, yeah I know that one - you really have to do that immediately,
or you're screwed :)

> So I removed that now and ran again. OK, so the auth_token is
> getting approved now.

Nice!

> Then the full string looks like this:
>
> &api_key
> =
> <
> API_KEY
> >&auth_token=<AUTH_TOKEN>&api_sig=<API_SIG>&photo=<PHOTO_BINARY_DATA>

That first ampersand shouldn't be in there.

What does the resulting HTTP request look like? You can either use a
sniffer like Wireshark or just use a program like NetCat to listen on
some port and connect to that.

Sybren