I want to make a small PHP script that will check a web app periodically. The communication will be only in json. The code will run on Google App Engine.
First request will be an HTTP POST request with form data like this: username=user&password=pass
POST http://www.example.com/login HTTP/1.1
If login fails the response json will be:
{
"message": "Failed login"
}
If successful:
{
"response": "OK",
"username": "user",
"protocol": "http"
}
Subsequent requests will be GET, POST and PUT requests containing json and also the response will be in json.
This code will be run by Google App Engine's Cron for PHP ones a day.
Since I have little knowledge of PHP, I would like to know how I should implement this.
How do I make the http request to the web app.
How do I remember login/authentication headers from one request to another.
How do I handle reading, writing and modifying of json in PHP.
All I need is a basic example and guidelines to get me started.
Thank you in advance.
Tase
Given that GAE does not currently support cURL I would recommend an approach like How do I send a POST request with PHP?. Down the road you may be able to use something slick like Guzzle (if GAE adds cURL support).
Use json_decode/json_encode to create JSON to send and parse the responses.
Just to get you started: cURL and json_decode/json_encode.
If all of your requests will be in the same script, run all at the same time, you'll just need to use the cookies and headers options for cURL.
I'll leave a full example to someone else, if necessary.
Also, you should use HTTPS if possible. It's never a good idea to send username/password in clear text, no matter how trivial the service.
Edit: as it looks like GAE doesn't support curl (thanks #boombatower), check this out: Replacing CURL with urlfetch in PHP
Related
I am new to http://www.slimframework.com/, but it is easy and I have the basics working. Now I wish to go through some of my script which is initiated by slimframework using an IDE (PhpED).
I suppose I could just set the URL as needed for a GET request, and make a HTML form and submit it for POST requests.
I expect there has to be a better way. How can I specify the method, url, and body so that I can troubleshoot the script?
You can look into a handy tool called Postman.
Once downloaded and open, you can specify URL, body, method and much more, send the request and look at the response. Parsed or unparsed. It lets you add collections so you can actually rebuild your entire API calls.
I would like to create a PHP script that would perform a request to an https site using the GET method. In return, I get a response in xml format. I need to be able to get the contents/save this xml.
I've tried using curl, file_get_contents, fopen but I'm getting a Bad Request (400) response. But when I try to go directly to the url, I receive the xml response. Here's the url that I'm trying to get response with:
https://tst.webservices.outsurance.co.za/SecureHost/Lead/LeadPostService.svc/SubmitAffiliateLead?xml=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22+%3F%3E%0D%0A%0D%0A%3Clead%3E%0D%0A+++%3Cmode%3ELIVE%3C%2Fmode%3E%0D%0A%09%3Ctitle%3EMrs%3C%2Ftitle%3E%0D%0A%09%3Cfirstname%3EHannah%3C%2Ffirstname%3E%0D%0A%09%3Clastname%3EDwindle%3C%2Flastname%3E%0D%0A%09%3Cid%3E1723658492165%3C%2Fid%3E%0D%0A%09%3Chomecode%3E%3C%2Fhomecode%3E%0D%0A%09%3Chometel%3E%3C%2Fhometel%3E%0D%0A%09%3Cworkcode%3E011%3C%2Fworkcode%3E%0D%0A%09%3Cworktel%3E132189%3C%2Fworktel%3E%0D%0A%09%3Cmobile%3E0824176239%3C%2Fmobile%3E%0D%0A%09%3Cemail%3Ehannahdwindle#gmail.com%3C%2Femail%3E%0D%0A%09%3Ccomment%3ETHIS+IS+A+COMMENT%3C%2Fcomment%3E%0D%0A%09%3Csource%3EUPSTART%3C%2Fsource%3E%0D%0A%09%3Cnotes%3ETHIS+I+A+NOTE%3C%2Fnotes%3E%0D%0A%09%3Clanguage%3EE%3C%2Flanguage%3E%0D%0A%09%3Cproduct%3EP%3C%2Fproduct%3E%0D%0A%3C%2Flead%3E%0D%0A+++++++++
I really don't kknow what to do now. I have tried every solution that I've seen on the internet but to no avail.
I wrote this response a while back. It can give you way to debug your outgoing requests.
It looks like your http client is composing a request that the receiving application doesn't like. This can be on the application level too (maybe they just don't like your variables and are returning a 400 level response). I've seen API implementers do that. There's nothing to stop the implementers from doing that.
I'd find out what the exact request is that you're sending (by that link I provided) and contact the API implementers to ensure that they're expecting that type of request.
Also, with fiddler, you can craft http requests. However, the best way to craft requests to test remote APIs is to manage every byte. You can do that by using this method (supports both HTTP and HTTPS).
Lastly, I wrote an XML wrapper to make xml modification/querying easier, if it helps you at all.
I've been reading a few REST tutorials and some of them says that in order to send data to a rest API you should send post data as an array, which is something like this:
$data = array('foo' => 'bar');
$rest->post($data);
Then there are others that say you should send JSON data like this:
$data = array('foo' => 'bar');
$data = json_encode($data);
$rest->post($data);
Not sure if there's a standard way of doing this or either if is fine but what is generally recommended when designing API's?
EDIT: There seems to be confusion. To clarify I agree JSON should be used for client consumption but this question is about SERVER consumption. Meaning should the SERVER accept JSON or POST data from its clients?
If you're the one creating the RESTful API, meaning your application is the server and is accepting requests, then your question seems confusing. Your application will not be sending any POST data; clients will be sending POST data to you.
With that being said, having an API which will accept JSON-encoded requests is possible, though would really only be useful for very niche scenarios. The vast majority of clients will be POSTing data to your API in the application/x-www-form-urlencoded format. PHP handles this behind the scenes for you, and exposes the data as the $_POST superglobal.
If you're talking about responding to POST requests, and what format you should use, then that will depend on what format the client wants you to send it in. The client will either specify this in the Accept header, or some APIs allow it to be specified in the URL (e.g. foo.com/some/thing/123.json or foo.com/some/thing/123/json). The client isn't required to tell your application what format it wants, so it's up to you to pick a sensible default. Most APIs will use JSON these days.
I've never heard of an API that understood serialized PHP array format, though, so I don't know what resources you've been reading, but I'm pretty sure you misunderstood what they were suggesting.
Actually, I think this is a pretty good question. don't know why it got downvoted.
Also, contrary to what I saw written in some comments, the client can use any language he wants, not only javascript. And it's not the server job to know which language was used to "build" the request, just that the request is valid. This makes more sense if you think that the entity making the request can actually be another server (think about a proxy server used to send post requests across domains).
That being said, personally, I think it's better for the server side to consume a XML or JSON. The main reason is validation.
It's easier to validate a XML or JSON against a schema.
Also the schema can be made public, and a well designed schema can describe webservice by itself. The client can even use the same schema to validate the request prior to sending it to the server.
Passing an url encoded form is also valid, of course. And can be validated server side as well. SO i think, down the road, it's just a matter of preference.
Also, check this discussion in SO, it regards the same topic:
JSON vs Form POST
You should think about the clients that will consume the API. A HTML5\AJAX client will probably want JSON data, while other clients (Silverlight or native mobile apps) might be better at consuming XML.
One great framework\platform for writing REST API's is looking to be Microsoft's Web API (based on ASP.NET MVC). The product succeeds the WCF framework and allows users to write REST API's in a MVC environment. One feature is that it chooses a serialization provider based on the HTTP Accept header.
So if a client Accepts application/json they work with the service in JSON and if the accept XML they work with the service in XML. You can also write your own object serializer and plug it into the framework.
More information: http://www.asp.net/web-api/overview/getting-started-with-aspnet-web-api/video-your-first-web-api
Most of the time you would want to stick to receiving POST data but I think receiving json data does have its uses for example when it comes to batch requests.
The Facebook API uses it.
You don't need to do file_get_contents('php//input'). From the facebook documentation you could just do something like this:
curl -X POST "http://example.com/batch" -d 'batch={ "param" : 1, "param2" : "2"}'
Then in the PHP code, if you're using PHP, you can get it through the $_POST parameter and do a json_decode.
var_dump($_POST);
array(1) {
["batch"]=>
string(30) "{ "param" : 1, "param2" : "2"}"
}
var_dump(json_decode($_POST['batch'], true));
array(2) {
["param"]=>
int(1)
["param2"]=>
string(1) "2"
}
JSON makes more sense, since it is language-independent and can be useful when API scales.
I am currently developing a REST API and I was asking myself the same question. After some research I found out that is no standard and is totally up to you.
You are developing the server side so you can decide how data should be sent to you. The client need to adapt to your design.
Personally I choose to receive all POST and PUT data as JSON directly in body.
The point is to reuse the HTTP implementation that already exists.
HTTP is built to accept many different content-types and you only need to specify which you are using in the headers.
A REST API that accepts the various formats and works off the content-type header is refreshing. You can submit x-www-form-urlencoded values from an HTML webpage or make an AJAX request with raw JSON and there is no confusion as long as everyone is following protocol.
As a developer you must choose the support your app will provide because you can't support everything. Typically it boils down to the support or convenience of your own environment -- nobody wants to reinvent the wheel.
Many frameworks that are designed with building APIs in mind, handle the most popular content types at a lower level. They may also encode the response data according to the "Accept" header.
Implement whatever you think will be used most first or find a framework that already speaks HTTP and takes care of all of that for you.
I am writing an API and have been reading tutorials etc from various sources. I am a little confused regarding responses. I have written a class that will send back a HTTP header response as well as an XML response. Is this correct or should I be using one or the other and not both? Also how to do I check the HTTP header response I send is correct? Im using PHP.
I have used the following tool to check the HTTP response:
http://www.seoconsultants.com/tools/check-server-headers-tool/
which says the response is HTTP/1.1 200 OK. However in my script I have set it as:
header(HTTP/1.1 401 Unauthorized);
Therefore which is correct? How can I check properly? Any ideas what is going wrong?
Many thanks in advance for your help.
Redbot http://redbot.org/ will give a very thorough analysis of your HTTP response to ensure you are compliant with the HTTP spec.
You would be well advised to read some introductory material on the HTTP protocol. It will make your life much easier.
In a restful service, you use the http methods get, put, post and delete, so the http header is there "included". The payload of such a method call can be formatted the way you like (it must be an existing mimetype!), so xml is possible, too! You have to divide between the response "metadata" and the response payload: the "metadata" is a http header, the payload is your xml string, so you have to send both! Otherwise, you would send an empty response :-)
In your request you have to define which data representation (in your case xml) should be used for the response. Have a look at this image (the left one ist restful).
But nevertheless it is a good idea to use a framework for this, like other answers say.
Are you writing this from scratch? if you are then use a common or popular framework as basis and concentrate to building your API methods and let the framework handle the delivery mechanism
http://inchoo.net/tools-frameworks/symfony2-rest/ and you can google for more samples
HTTP Headers could be any you like - let the client handle them. Client can use them to find out if the operation (request) finished successfully or not, if the service is available and other common useful stuff. Headers are correct if they are either pre-defined by protocol and contain valid data or they are defined by you (no validations needed).
XML, JSON or any other response is the data you want to tell the client. It may contain details on errors, the results of performed actions and so on.
I don't suggest you mess with the HTTP header response. Keep it always set to 200 OK, and send back the needed information in the XML response.
That way, the client has to worry only about the XML response. In case there was an HTTP error, such as 403 Forbidden, it would mean this is on the system level (sever configuration) rather than on the application layer itself.
Ok, so I am building a CMS one of the features I wanted to add is ability for me to send messages to my friends which are also using the CMS currently in development mode. This point of the idea is to allow more fluent communication between me and them, since e-mail can be delayed sometimes and here i want to send a simple message to them. With something like following format
Name:
Avatar:
Subject:
Date:
Message:
I am pretty sure this can be easily rigged together with PHP and JSON just assuring the access to the JSON file is secure in which I implemented something like access key which checks if the site requesting the file matches site host, and matches the key.
In any case sorry for my babling, this is my way. But folks I would like to know what would you suggest in making cross-domain messaging system build in into a PHP + jQuery based CMS? In terms of being robust, fast, secure and easy to work with.
Exchange data in the jsonp format, http://en.wikipedia.org/wiki/JSONP.
Server:
How to convert php to jsonp with json_encode.
http://1080d.com/lang/en-us/2009/10/converting-php-to-jsonp-with-json_encode/
Client:
Ajax example of jsonp data call. This particular example concerns the timeout feature but is an excellent example of how to set it up.
jQuery ajax (jsonp) ignores a timeout and doesn't fire the error event