[UPDATE] tweepy to v4.3.0 and fix Security Inline Bugs

Author: New-dev0

.gitignore

@@ -0,0 +1,7 @@
+.env
+*.session
+
+__pycache__\
+downloads\
+
+twitterbot/plugins/test*

Configs.py

@@ -3,7 +3,7 @@
 
 class Var:
     API_ID = config("API_ID", default=6)
-    API_HASH = config("API_HASH", None)
+    API_HASH = config("API_HASH", default="eb06d4abfb49dc3eeb1aeb98ae0f581e")
     BOT_TOKEN = config("BOT_TOKEN", None)
     CONSUMER_KEY = config("CONSUMER_KEY", None)
     CONSUMER_SECRET = config("CONSUMER_SECRET", None)

requirements.txt

@@ -1,4 +1,4 @@
-pyrogram
-python-decouple
-tgcrypto
-tweepy==3.10.0
+pyrogram<=1.2.20
+python-decouple<=3.3
+tgcrypto==1.2.2
+tweepy==4.3.0

runtime.txt

@@ -1 +1 @@
-python-3.9.5
+python-3.9.9

twitterbot/__init__.py

@@ -4,12 +4,17 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
+import logging
+
+logging.basicConfig(level=logging.INFO)
+
 import tweepy
 from Configs import Var
 from pyrogram.types import InlineKeyboardMarkup, InlineKeyboardButton as Button
 
+LOGGER = logging.getLogger("TGTwitterBot")
 
-AUTH = list(int(a) for a in Var.AUTHUSERS.split(" "))
+AUTH = list(set(int(a) for a in Var.AUTHUSERS.split()))
 HNDLR = Var.HNDLR
 
 auth = tweepy.OAuthHandler(Var.CONSUMER_KEY, Var.CONSUMER_SECRET)
@@ -20,13 +25,11 @@
 TLOGO = "https://telegra.ph/file/845054582c76963620311.jpg"
 
 HELP_MARKUP = InlineKeyboardMarkup(
-    [[Button(text="Home Tweets",
-             switch_inline_query_current_chat="home")],
-     [Button(text="Favorites",
-             switch_inline_query_current_chat="favorites")],
-     [Button(text="Mentions",
-             switch_inline_query_current_chat="mentions")],
-     [Button(text="Search Tweets",
-             switch_inline_query_current_chat="search quote")],
-     [Button(text="Search User",
-             switch_inline_query_current_chat="user NewDev0")]])
+    [
+        [Button(text="Home Tweets", switch_inline_query_current_chat="home")],
+        [Button(text="Favorites", switch_inline_query_current_chat="favorites")],
+        [Button(text="Mentions", switch_inline_query_current_chat="mentions")],
+        [Button(text="Search Tweets", switch_inline_query_current_chat="search quote")],
+        [Button(text="Search User", switch_inline_query_current_chat="user NewDev0")],
+    ]
+)

twitterbot/__main__.py

@@ -4,25 +4,22 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
+from . import LOGGER
 from Configs import Var
 from pyrogram import Client, idle
 
-import logging
-logging.basicConfig(level=logging.WARNING)
-
-Client = Client("TgTwitterBot",
-                api_id=Var.API_ID,
-                api_hash=Var.API_HASH,
-                bot_token=Var.BOT_TOKEN,
-                plugins=dict(
-                    root="twitterbot/plugins"
-                    )
-                )
+Client = Client(
+    "TgTwitterBot",
+    api_id=Var.API_ID,
+    api_hash=Var.API_HASH,
+    bot_token=Var.BOT_TOKEN,
+    plugins=dict(root="twitterbot/plugins"),
+)
 
 Client.start()
 
 Client = Client.get_me()
-print(f"@{Client.username} Deployed Successfully!")
-print("Your Tg-Twitter-Bot is Alive 🎉")
+LOGGER.info(f"@{Client.username} Deployed Successfully!")
+LOGGER.info("Your Tg-Twitter-Bot is Alive 🎉")
 
 idle()

twitterbot/funcs.py

@@ -8,7 +8,7 @@
     InlineKeyboardButton,
     InlineKeyboardMarkup,
     InlineQueryResultArticle,
-    InputTextMessageContent
+    InputTextMessageContent,
 )
 
 
@@ -22,7 +22,7 @@ def mkease(counts, cstatus):
 
 
 def simstuff(user):
-    uname = user['screen_name']
+    uname = user["screen_name"]
     text = "#User #Twitterbot\n\n"
     text += "**⫸ Details\nName** -> " + user["name"]
     text += f"\n**Username** -> [@{uname}](https://twitter.com/{uname})\n\n"
@@ -40,14 +40,17 @@ def tweeteazy(bunch):
         ds = "#Tweet"
         ds += "\n\n" + ct["text"] + "\n" + cm
         reply_markup = status_reply_markup(one)
-        results.append(InlineQueryResultArticle(
-            title=ct["text"],
-            description=f"@{uname}",
-            thumb_url=ct["user"]["profile_image_url"],
-            reply_markup=InlineKeyboardMarkup(reply_markup),
-            input_message_content=InputTextMessageContent(
-                ds,
-                disable_web_page_preview=True)))
+        results.append(
+            InlineQueryResultArticle(
+                title=ct["text"],
+                description=f"@{uname}",
+                thumb_url=ct["user"]["profile_image_url"],
+                reply_markup=InlineKeyboardMarkup(reply_markup),
+                input_message_content=InputTextMessageContent(
+                    ds, disable_web_page_preview=True
+                ),
+            )
+        )
     return results[:50]
 
 
@@ -56,16 +59,20 @@ def user_eazy(bunch):
     for one in bunch:
         user = one._json
         text = simstuff(user)
-        uname = user['screen_name']
+        uname = user["screen_name"]
         reply_markup = InlineKeyboardMarkup(user_reply_markup(one))
-        result.append(InlineQueryResultArticle(
-            title=user["name"],
-            description=f"@{uname}",
-            url="https://twitter.com/" + uname,
-            thumb_url=user["profile_image_url"],
-            reply_markup=reply_markup,
-            input_message_content=InputTextMessageContent(
-                text, disable_web_page_preview=True)))
+        result.append(
+            InlineQueryResultArticle(
+                title=user["name"],
+                description=f"@{uname}",
+                url="https://twitter.com/" + uname,
+                thumb_url=user["profile_image_url"],
+                reply_markup=reply_markup,
+                input_message_content=InputTextMessageContent(
+                    text, disable_web_page_preview=True
+                ),
+            )
+        )
     return result[:50]
 
 
@@ -83,15 +90,18 @@ def status_reply_markup(status):
         rt_ = "rt"
         rt_btn = "Re-Tweet"
     Link = "https://twitter.com/" + user["screen_name"]
-    Link += "/status/" + str(status['id'])
-    COL_1 = [InlineKeyboardButton("View", url=Link),
-             InlineKeyboardButton("User", callback_data=f"user{user['id']}")]
+    Link += "/status/" + str(status["id"])
+    COL_1 = [
+        InlineKeyboardButton("View", url=Link),
+        InlineKeyboardButton("User", callback_data=f"user{user['id']}"),
+    ]
     OUT.append(COL_1)
-    OUT.append([InlineKeyboardButton(
-        favbutn,
-        callback_data=f"favr_{is_fav}_{status['id']}")])
-    OUT.append([InlineKeyboardButton(
-        rt_btn, callback_data=f"rtt_{rt_}_{status['id']}")])
+    OUT.append(
+        [InlineKeyboardButton(favbutn, callback_data=f"favr_{is_fav}_{status['id']}")]
+    )
+    OUT.append(
+        [InlineKeyboardButton(rt_btn, callback_data=f"rtt_{rt_}_{status['id']}")]
+    )
     return OUT
 
 
@@ -103,11 +113,12 @@ def user_reply_markup(user):
     if user["following"]:
         fl = "fl"
         fl_but = "UnFollow"
-    Link = "https://twitter.com/" + user['screen_name']
-    OUT.append([InlineKeyboardButton("View", url=Link),
-                InlineKeyboardButton(
-                    fl_but,
-                    callback_data=f"fuflow_{fl}_{user['id']}")])
-    OUT.append([InlineKeyboardButton(
-        text="Help Menu", callback_data="openmenu")])
+    Link = "https://twitter.com/" + user["screen_name"]
+    OUT.append(
+        [
+            InlineKeyboardButton("View", url=Link),
+            InlineKeyboardButton(fl_but, callback_data=f"fuflow_{fl}_{user['id']}"),
+        ]
+    )
+    OUT.append([InlineKeyboardButton(text="Help Menu", callback_data="openmenu")])
     return OUT

twitterbot/plugins/_helper.py

@@ -11,7 +11,7 @@
     InlineQueryResultArticle,
     InputTextMessageContent,
     InlineKeyboardButton,
-    InlineKeyboardMarkup
+    InlineKeyboardMarkup,
 )
 
 
@@ -24,53 +24,59 @@
 Send {HLR}help to explore !
 """
 
+
 def limit_check(client, query):
-    if len(query.query)==0:
+    if len(query.query) == 0:
         return True
     return False
 
 
 @Client.on_inline_query(~filters.user(AUTH))
 async def _andshow(client, query):
-    res = InlineQueryResultArticle(title="❌ Un-Authorised User",
+    res = InlineQueryResultArticle(
+        title="❌ Un-Authorised User",
         description="© New-dev0",
         url=REPO,
-        input_message_content=InputTextMessageContent("You are not Authorized To Use Me!"), 
-        reply_markup=InlineKeyboardMarkup([[InlineKeyboardButton(text="Deploy Your own",url=REPO)]]))
-    await query.answer([res], switch_pm_text="🤖 TgTwitterBot!",
-                       switch_pm_parameter="start")
-
-
-@Client.on_message(filters.command("start", prefixes=HNDLR)
-                   & filters.user(AUTH))
+        input_message_content=InputTextMessageContent(
+            "You are not Authorized To Use Me!"
+        ),
+        reply_markup=InlineKeyboardMarkup(
+            [[InlineKeyboardButton(text="Deploy Your own", url=REPO)]]
+        ),
+    )
+    await query.answer(
+        [res], is_personal=True,
+        switch_pm_text="🤖 TgTwitterBot!", switch_pm_parameter="start"
+    )
+
+
+@Client.on_message(filters.command("start", prefixes=HNDLR) & filters.user(AUTH))
 async def startmsg(client, message):
-    reply_markup = InlineKeyboardMarkup([
-        [InlineKeyboardButton(text="Support Group",
-                              url="t.me/FutureCodesChat")],
-        [InlineKeyboardButton(
-            text="Repo",
-            url=REPO)]])
+    reply_markup = InlineKeyboardMarkup(
+        [
+            [InlineKeyboardButton(text="Support Group", url="t.me/FutureCodesChat")],
+            [InlineKeyboardButton(text="Repo", url=REPO)],
+        ]
+    )
     await message.reply_text(
-        START_MSG.format(frm=message.from_user.mention,
-                         HLR=HNDLR),
+        START_MSG.format(frm=message.from_user.mention, HLR=HNDLR),
         reply_markup=reply_markup,
-        quote=True)
+        quote=True,
+    )
 
 
 @Client.on_inline_query(filters.user(AUTH) & limit_check)
 async def myinline(client, query):
-    if query.from_user.id not in AUTH:
-        return
-    out = [InlineQueryResultArticle(
-        title="TwitterBot",
-        description="Help Menu",
-        thumb_url=TLOGO,
-        input_message_content=InputTextMessageContent(
-            "Telegram - Twitter - Bot"),
-        reply_markup=HELP_MARKUP)]
-    await query.answer(out,
-                       switch_pm_text="HELP Portal",
-                       switch_pm_parameter="start")
+    out = [
+        InlineQueryResultArticle(
+            title="TwitterBot",
+            description="Help Menu",
+            thumb_url=TLOGO,
+            input_message_content=InputTextMessageContent("Telegram - Twitter - Bot"),
+            reply_markup=HELP_MARKUP,
+        )
+    ]
+    await query.answer(out, is_personal=True, switch_pm_text="HELP Portal", switch_pm_parameter="start")
 
 
 HEMENU = f"""
@@ -81,11 +87,9 @@ async def myinline(client, query):
 """
 
 
-@Client.on_message(filters.command("help", prefixes=HNDLR)
-                   & filters.user(AUTH))
+@Client.on_message(filters.command("help", prefixes=HNDLR) & filters.user(AUTH))
 async def shelpmsg(client, message):
-    reply_markup = InlineKeyboardMarkup([
-        [InlineKeyboardButton(text="INLINE HELP", callback_data="openmenu")]])
-    await message.reply_text(HEMENU,
-                             reply_markup=reply_markup,
-                             quote=True)
+    reply_markup = InlineKeyboardMarkup(
+        [[InlineKeyboardButton(text="INLINE HELP", callback_data="openmenu")]]
+    )
+    await message.reply_text(HEMENU, is_personal=True, reply_markup=reply_markup, quote=True)