I'm not how this is 'reverse engineering' and there's no indication that faking the JSON actually causing the +1 to be activated. Looking in the Safari debugger it looks like there's a bunch of other stuff going on when the +1 button is pressed. There are a load of extra headers in the HTTP request:

  Origin: https://clients6.google.com
  Origintoken: APfa0boTRJ3fof-lEyAVjVQzO_sSMz5frFmbeeMTJ2nASXJBVUX7PDb2dnWA3pGrlmuefwvwXuC9l2
  Clientdetails: appVersion=5.0%20(Macintosh%3B%20U%3B%20Intel%20Mac%20OS%20X%2010_5_8%3B%20en-
  us)%20AppleWebKit%2F533.21.1%20(KHTML%2C%20like%20Gecko)%20Version%2F5.0.5%20Safari%2F533.21
  .1&platform=MacIntel&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20U%3B%20Intel%20Mac%20OS%20X%2

  010_5_8%3B%20en-us)%20AppleWebKit%2F533.21.1%20(KHTML%2C%20like%20Gecko)%20Version%2F5.0.5%20Safari%2F533.21
  .1
  X-Javascript-User-Agent: google-api-javascript-client/1.0.0-alpha
  X-Origin: https://plusone.google.com
  X-Referer: https://plusone.google.com/u/0/_/+1/button?hl=en-US&jsh=h%3Brt%2F225303364-  
  e72328d15

And in the response he gets there seem to be a bunch of missing fields (on my machine there's the title and information about my logged in Google Account) and there's also the count of +1s on that page. He seems to be getting a 0 return. Wouldn't be much surprise if this is Google's way of showing that it ignored the request.

The article did not talk about a click but only about the display. They are only trying to access the displayed click count number directly via PHP.

And not to mention they could change the data it recieves (and how it recieves it) anytime. It would be way easier and more effective just add a click event and with some Ajax save the stadistics on your own database.

Considering this rpc key parameter, I really wonder how long this is going to work and I'd say this is a bug on googles side that it even worked.

I checked their embed page (http://www.google.com/webmasters/+1/button/) and I don't see that it requires any API key what so ever, so I assume this rpc_key thing is something private to the API and fetched as the button-JS communicates with the server.

These keys are probably issued with limited time validity, so possibly the script of the OP has already stopped working (I haven't tried yet).

We DO need a real API for this though - if we webmasters do Google a favor and add the plus one buttons, the least they could do is give us a means of finding out how many time the button has actually been used.

Otherwise, this is a bit one sided: We lend Google space, we do the work of adding the button, but we get nothing in return.

> Otherwise, this is a bit one sided: We lend Google space, we do the work of adding the button, but we get nothing in return.

You get the whole purpose of the button for you in the first place, users encouraged to share your content.

They recently added +1 metrics in Webmaster Tools. Not ideal, but it's better than nothing...

I tried cracking open the button to customize it, but I lack the skills to go all the way. I'd rather lobby Google to make a real API for it anyway.

That's pretty awesome, I wonder if it's rate limited at all?

I think they may have thought people might try this. Very cool though.

Firebug. I remember using it for the first time - felt like I was born again.

Nice work! Thanks for posting.. I will add this to my Trendn App.

I did this about a day after they officially launched +1 with Ruby for my own app. I scrape probably 2-4000 urls a day, it works fine.

Most badges or like buttons can be reverse engineered like this, it's not too hard.