Post JSON data to an API via PHP - php

I need to integrate JSON into PHP, more specifically I need to post some information from a php page on our site to initiate an API request which will then send me information back. The information I am sending revolves around login information and I am struggling to work out how I can send this information.
This is the information I need to post:
POST /user/?action=login HTTP/1.1
Host: api.interlinkexpress.com
Content-Type: application/json
Accept: application/json
Authorization: Basic RFNNSVRIOk1ZUEFTU1dE
GEOClient: account/123456
Content-Length: 0
Reading around the subject I have seen that php cURL may be useful however the example I have doesn't contain all the information I need to pass over. Also I am unsure on whether I need to pass it via a button as well:
$data = array("username" => "TESTAPI", "password" => "APITEST");
$data_string = json_encode($data);
$ch = curl_init('http://api.interlinkexpress.com');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string))
);
$result = curl_exec($ch);
Any help on this matter would be appreciated. I am new to JSON having only learnt about it fleetingly.
edit: I suppose the main thing I'm asking is how do I pass this information to the API in PHP?
POST /user/?action=login HTTP/1.1
Host: api.interlinkexpress.com
Content-Type: application/json
Accept: application/json
Authorization: Basic RFNNSVRIOk1ZUEFTU1dE (this is the login credentials)
GEOClient: account/123456
Content-Length: 0

If you want something more powerful you can use Guzzle that integrates cURL in a really better way.
I don't get exactly what do you mean with passing it via a button. Are you talking just about PHP or also HTML/Javasript?
If you want a button you could proceed with a button that performs a XMLHttpRequest through Javascript, calling the API (that should return an application/json Content-Type), and then process this result via Javascript.
Or you can use cURL to call the API, get the result, json_decode it and do what you want with that.
You should explain better what you want to accomplish.
[EDIT]
Ok, after the clarifications I can tell you that you have to divide the parameters for the API from the settings for the HTTP call to the API (as you already did ^^ ).
So the parameters that will make the API to perform something are
action = login
while all the others are all setting for the HTTP client (cURL or Guzzle) that will perform the calling to the API's url
method = POST
Host = api.interlinkexpress.com
path = /user/
Accept = application/json
Content-Type = application/json
Authorization = Basic
GEOClient = account/123456 (is this a specific header needed from you API?)
Content-Length = 0
So, this is not complete nor tested but should give you a path to follow for adding
$data = array("action" => "login");
$data_string = json_encode($data);
$ch = curl_init(sprintf('%s/%s', 'http://api.interlinkexpress.com', 'user/');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string)),
'GEOClient: account/123456',
);
// I would suggest you to add the timeout
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // or set it to CURLAUTH_BASIC
curl_setopt($ch, CURLOPT_USERPWD, sprintf('%s:%s', $data['username'],$data['password']));
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); //get status code
$result = curl_exec($ch);
I honestly don't get/know where you should send JSON encoded data.
This way you are sending the 'action' as JSON data, but I guess that this is wrong.
Maybe you want to pass the $data_string as the value of a specific field? (like in the example stated from PHP Develoer?)
Work on that, and understand exactly what data you have to pass as JSON and what NOT instead.
I hope to have helped you and gave good suggestions.

Your $data_string is not in format like (field=value).
Nothing to do just pass array into POST.
curl_setopt($ch, CURLOPT_POSTFIELDS, array('Data'=>$data_string));

Related

Curl request not hitting apex rest webservice

I am trying to hit apex rest webservice from php using curl.I am getting the access token but my request not hitting the webservice as there are no logs generated from the salesforce side.But tested same request from postman and its working as required.
Previously i was getting Http error code 307.Now i am not recieving any error code.
$rAuth = json_decode(file_get_contents('https://dare.net/wpsf_auth.php/'));
$accessToken = $rAuth->access_token;
$url = 'https://dev2193--tfdev.cs47.my.salesforce.com/services/apexrest/wordpress/registration';
$ch = curl_init($url);
$jsonDataEncoded = json_encode($ret_res);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json','Authorization: Bearer '.$accessToken));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = json_decode(curl_exec($ch));
And code generated by POSTMAN:
POST /services/apexrest/wordpress/registration HTTP/1.1
Host: dev2193--tfdev.cs47.my.salesforce.com
Authorization: Bearer ***********************************************
Content-Type: application/json
Cache-Control: no-cache
Postman-Token: 3f12eef1-700d-83ad-f1bf-ef3ad6c266f5
Your Salesforce server is located on a different domain: https://dev2193--tfdev.my.salesforce.com/
If you take a look at the JSON you get from https://dare.net/wpsf_auth.php, you'll see that "instance_url" attribute is pointing to a different domain.
Also, HTTP code 307 is a temporary redirect, meaning you should look at a different URL.

403 response when sending POST data via cURL

I'm trying to send some data to a custom built API that was built by a web development agency. The api is pretty straight forward, and all that I require to do is authorise myself with an authorisation basic header and submit a payload which is just JSON data.
The problem is that the API is responding with 403 every time I send a POST request using cURL. Is there any way that my code could be causing this? or is it an error that is caused by the API/API server? Regardless if the JSON payload is correctly formatted or not, it should still return with a 200 response.
The request is pretty straight forward -
<?php
//I've removed the actual username and password
$headers = array(
'Content-Type: application/json',
'Authorization: Basic '.base64_encode('username:password'));
$empty_array = array();
//Create empty json as an example
$json = json_encode($empty_array);
$url = "https://website.com/import";
//start cURL
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS,
$json);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
$output = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
If I take out the POST data, then it will return with a 404 response. This is the correct behaviour if there is no POST data submitted to the url. (I get a 404 if I navigate to the url via a browser). So I have a theory that the server must have some kind of restrictions on accepting POST data.
Does my code seem correct or am I missing something glaringly obvious? I wan't to rule out that it's a problem caused by my end due to not being able to access the code/server for the API as that is beyond my control.

php curl and CURLOPT_FOLLOWLOCATION behavior

Here's the situation. On one side, we have a server, with a RESTful service. One possible query to it is a POST query to create an object. When that is done, the server returns a 'Location' header, to indicate where information on the newly created object can be found.
However, said server is anal about having the correct Content-Type for each request. For instance, POST requires 'application/json', and GET requires this to be unset (make sense, since GET doesn't have a body).
To sum up, we have:
www.example.com/articles/ ; one can send a POST request with 'Content-Type: application/json', and server will return 'Location: www.example.com/articles/123' if 123 is the id of the new object ;
www.example.com/articles/123 ; one can send a GET request with no 'Content-Type' and server will return a description of the new article object.
On client side, we use PHP with cURL. We use the CURLOPT_FOLLOWLOCATIONsetting so we can read the description of the newly created object. Obviously, we also set 'Content-Type: application/json' for our POST request:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_POSTFIELDS, '{"name": "test"}');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_URL, "https://www.example.com/Articles/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
$result=curl_exec($ch);
var_dump($result);
curl_close ($ch);
?>
This is what we get:
string(101) "{ "errorNo": 415, "error": "Unsupported Media Type Content-Type should not be set in a GET request" }"
I looked at the log of the server, and indeed, 'Content-Type: application/json' is sent to GET www.example.com/articles/123.
Is this an expected behaviour?
If yes, what is then best approach:
remove the 'Content-Type' check on GET requests, server-side?
(sounds silly)
forget about CURLOPT_FOLLOWLOCATION, and make 2 clearly separated curl requests, so I have control over the headers? (but then what's the point of CURLOPT_FOLLOWLOCATION?)
something else?
For control and testing, I also use Postman, and I have no problem with it, it follows the location, doesn't send the 'Content-Type' on the GET part (apparently) after the redirection and so I don't have an error.
EDIT:
There seems to be nothing useful in the PHP doc. But I found something interesting in the command line man page:
https://curl.haxx.se/docs/manpage.html
It says:
"WARNING: headers set with this option will be set in all requests - even after redirects are followed, like when told with -L, --location."
So I guess it probably is the expected behaviour for PHP too. May someone suggest best practices then?
Have you tried using
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
to set the post type

cURL with PUT method

Is it possible to do a cURL request with the PUT method using only a URL? Here is the URL i would like to be able to call using cURL with the PUT method:
$url = https://url.net/card/activate.xml?card_id=1234567890&application_key=123123&accesskey=abcdef
I was able to make it work using the REST Console(Chrome Extension) but not using cURL. I tried using curl_setopt with CURLOPT_PUT, CURLOPT_INFILE and CURLOPT_INFILESIZE but I was receiving an empty page, no response at all.
This is the headers and curl options I currently have:
$header[] = 'Authorization: Basic abc123';
$header[] = 'Accept: text/xml';
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($soap_do);
Currently, with those settings, I'm getting the 411 Length Required error. Would it be possible to make it work like that or am I trying to configure something that will never work?
The HTTP 411 Error
The Web server (running the Web site) thinks that the HTTP data stream sent by the client (e.g. your Web browser or our CheckUpDown robot) should include a 'Content-Length' specification. This is typically used only for HTTP methods that result in the placement of data on the Web server, not the retrieval of data from it.
You need to set the Content Length of your Data
$header[] = 'Content-length: '.strlen($put_data);
OR If you don't have any data, just put 0 there.

Error Handling in Web service XML request

I've been trying to perform an XML request. I've faced so many problems that I managed to solve. But this one I couldn't solve.
this is the script:
$url ="WebServiceUrl";
$xml="XmlRequest";
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_MUTE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_POSTFIELDS, "$xml");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
It is giving me this error:
System.InvalidOperationException: Request format is invalid: text/xml. at System.Web.Services.Protocols.HttpServerProtocol.ReadParameters() at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
I'm still a noob at this. So go easy on me:)
thanks.
Looks like you're sending stuff as text/xml, which is not what it wants. Find the docs for this web service e.g. WSDL stuff if it's there, and find out what data formats it accepts.
Be sure e.g. that it's not really saying it will respond in XML, after receiving a request as standard HTML POST variables.
There are two main content types used with the HTTP POST method: application/x-www-form-urlencoded and multipart/form-data.
The content-type determines what the format of the CURLOPT_POSTFIELDS should be. If you are using the default, which is "application/x-www-form-urlencoded" you probably want to use build_http_query() to construct the url encoded query string.
If you are sending non-ASCII data you canpass an associative array with keys that match the field names and values that correspond to the value for the field. Using this technique will cause the request to be issued with a multipart/formdata content-type.
At this point, it sounds like your next step should be figuring out what fields the API is expecting.
application/x-www-form-urlencoded or multipart/form-data?

Categories