cURL call to Twitter API meeting “Rate Limit” without making more than 5 requests

Question

I'm just starting to mess around with a very, very basic call to the Twitter API (http://api.twitter.com/1/statuses/user_timeline.json) to pull my tweets to my website through cURL. However, using a page that nobody knows exists yet (thus eliminating the possibility of inadvertent traffic), I'm getting a Rate Limit Exceeded thing before I've had the chance to even test it. It says it resets at 5 past the hour, so I check again, and for a minute it works but then it's back to telling me my rate limit is exceeded. A few questions for anyone who knows about the Twitter API and/or cURL:

First, is the rate limit applied to my server (instead of the user)? I would assume so, but that could make it tough of course. Even one API call per visitor could, on a site with marginal traffic, easily surpass the rate limit in an hour. Is there a way to associate the call with the visitor, not the server? Seems like probably not, but I'm not entirely sure how the whole API works, and cURL does seem to be advocated in a number of places. I'm aware that if I use JSON and AJAX the data in I can make that request from the user, but just for the sake of argument, what about cURL?

Second, any idea how I could be surpassing my rate limit without even refreshing the page? I pay for hosting at another location, so I might be sharing server space with another site, but my site definitely has a unique IP, so that should … that should be OK, right? So how is it that I'm surpassing the rate limit without even running the code (or by running it once?)?

Here's what I've got for code, if it helps:

$ch=curl_init("http://api.twitter.com/1/statuses/user_timeline.json?screen_name=screenname");
    curl_setopt_array($ch,array(
            CURLOPT_RETURNTRANSFER=>true,
            CURLOPT_TIMEOUT=>5,
        )
    );
$temp=curl_exec($ch);
curl_close($ch);
$results=json_decode($temp,true);

Also, I've now got it so that if Twitter returns a Rate Limit error, it records the error in a text file, as well as the time that the limit will reset. Looking at that file, the only time it updates (I don't have it rewrite, it just adds on) is when I've loaded the page (which is maybe once or twice in an hour), so it's not like something else is using this page and calling on this URL.

Any help?

Answer 1

Authenticated requests should count against the user's 350/hour limit. Non-authenticated requests get counted against your IP address's 150/hour limit.

If you're running into the limits during development, Twitter has generally been quite willing to whitelist dev server IPs.

http://dev.twitter.com/pages/rate-limiting

Some applications find that the default limit proves insufficient. Under such circumstances, we offer whitelisting. It is possible to whitelist both user accounts and IP addresses. Each whitelisted entity, whether an account or IP address, is allowed 20,000 requests per hour. If you are developing an application and would like to be considered for whitelisting you fill out the whitelisting request form . Due to the volume of requests, we cannot respond to them all. If your request has been approved, you'll receive an email.