I just created an account on 500px.com, and would like to use their API: http://developer.500px.com/
But it looks like it cant return JSONP, only JSON.
Is there any way to make a php file that you can post a url to -> make it convert the response from the api from JSON to JSONP, so i can handle it on the client side?
I havent been writing any PHP in a long time, so any help is appreciated. Hope you get the idea, otherwise ill elaborate. Thanks
Sure you can. The only difference between JSON and JSONP is that JSONP is wrapped with a function name;
{ "x": "hello" } // JSON
foo({ "x": "hello" }); // JSONP.
In it's simplest form you can end up with something like this;
<?php echo $_GET['callback']; ?>(<?php echo file_get_contents($_GET['endpoint']); ?>);
and you'd expect clients to use it like this;
http://yourserver.com/proxy.php?endpoint=https%3A%2F%2Fapi.500px.com%2Fv1%2Foauth%2Fauthorize&callback=foo
Note the encoded URL and the addition of the callback parameter to know which function to invoke.
Of course, you'll need to valid the input; check the existance of the parameters, check the endpoint passed isn't malicious etc. You might want to also cache the responses on your server to stop you reaching any limits imposed on the API.
Something more resilient against malicious input could look like;
// checks for existence, and checks the input isn't an array
function getAsString($param) {
if (is_null($_GET[$param]) || !is_string($_GET[$param])) {
return '';
}
return $_GET[$param];
}
$endpoint = getAsString('endpoint');
// check callback is only alpha-numeric characters
$callback = preg_replace('/[^\w\d]/', '', getAsString('callback'));
// check the endpoint is for the 500px API
$is_api = (strpos($endpoint, 'https://api.500px.com') === 0);
if (strlen($callback) > 0 && $is_api) {
echo $callback . '(' . file_get_contents($endpoint) . ')'
} else {
// handle error
}
Related
I have made a small script which uses the Twitch API. The API only allows a maximum of 100 results per query. I would like to have this query carry on until there are no more results.
My theory behind this, is to run a foreach or while loop and increment the offset by 1 each time.
My problem however, is that I cannot change the foreach parameters within itself.
Is there anyway of executing this efficiently without causing an infinite loop?
Here is my current code:
<?php
$newcurrentFollower = 0;
$offset=0;
$i = 100;
$json = json_decode(file_get_contents("https://api.twitch.tv/kraken/channels/greatbritishbg/follows?limit=25&offset=".$offset));
foreach ($json->follows as $follow)
{
echo $follow->user->name . ' (' . $newcurrentFollower . ')' . "<br>";
$newcurrentFollower++;
$offset++;
$json = json_decode(file_get_contents("https://api.twitch.tv/kraken/channels/greatbritishbg/follows?limit=25&offset=".$offset));
}
?>
Using a While loop:
while($i < $total)
{
$json = json_decode(file_get_contents("https://api.twitch.tv/kraken/channels/greatbritishbg/follows?limit=25&offset=".$offset));
echo $json->follows->user->name . ' (' . $newcurrentFollower . ')' . "<br>";
$newcurrentFollower++;
$offset++;
$i++;
}
Ends up echoing this (No names are successfully being grabbed):
Here is the API part for $json->follows:
https://github.com/justintv/Twitch-API/blob/master/v2_resources/channels.md#get-channelschannelfollows
You can use this:
$offset = 0;
$count = 1;
do {
$response = json_decode(file_get_contents(
'https://api.twitch.tv/kraken/channels/greatbritishbg/follows?limit=100&offset=' . $offset
));
foreach($response->follows as $follow) {
echo $follow->user->name . ' (' . ($count++) . ')' . "</br>";
}
$offset+=25;
} while (!empty($response->follows));
You want to use a while loop here, not just a foreach. Basically:
while (the HTTP request returns results)
{
foreach ($json->follows as $follow)
{
do stuff
}
increment offset so the next request returns the next one not already processed
}
The trickiest part is going to be getting the while condition right so that it returns false when the request gets no more results, and will depend on what the API actually returns if there are no more results.
Also important, the cleanest way would be to have the HTTP request occur as part of the while condition, but if you need to do some complicated computation of the JSON return to check the condition, you can put an initial HTTP request before the loop, and then do another request at the end of each while loop iteration.
The problem is you're only capturing the key not the value. Place it into a datastructure to access the information.
Honestly I find a recursive function much more effective than a iterative/loop approach then just update a datatable or list before the next call. It's simple, uses cursors, lightweight and does the job. Reusable if you use generics on it too.
This code will be in c#, however I know with minor changes you'll be able to get it working in php with ease.
query = //follower object get request//
private void doProcessFollowers(string query)
{
HTTPParse followerData = new HTTPParse(); //custom json wrapper. using the basic is fine. Careful with your cons though
var newRoot = followerData.createFollowersRoot(query); // generates a class populated by json
if (newRoot[0]._cursor != null)
{
populateUserDataTable(newRoot); //update dataset
doProcessFollowers(newRoot[0]._links.next); //recurse
}
}
Anyway - This just allows you to roll through the cursors without needing to worry about indexes - unless you specifically want them for whatever reason. If you're working with generics you can just reuse this code without issue. Find a generic example below. All you need to do to make it reuseable is pass the correct class within the <> of the method call. Can work for any custom class that you use to parse json data with. Which is basically what the 'createfollowerroot()' is in the above code, except that's hard typed.
Also I know it's in c# and the topic is php, with a few minor changes to syntax you'll get it working easily.
Anyway Hope this helped somebody
Generic example:
public static List<T> rootSerialize<T>(JsonTextReader reader)
{
List<T> outputData = new List<T>();
while (reader.Read())
{
JsonSerializer serializer = new JsonSerializer();
var tempData = serializer.Deserialize<T>(reader);
outputData.Add(tempData);
}
return outputData;
}
I'm working on a project and I would like know which is the best way for show the data after having insert a record on the database having an complex structure html between use the structure in php or jQuery and why?.
Example of scenario:
I'm building a system of posts and comments. When the user write the post and publish it an call ajax trigger the function php and it insert the information on the database. until here all ok, but then I have to display the message insert on the wall of the user, so which the best way for display that post insert?
There are so many different way, but which is the best keeping attention on speed, security, and compatibility?
some example, suggest are welcome:
<script> // default example of call ajax
$.ajax({
type: "POST",
url: 'http://localhost/ajax_ouput_post',
dataType: 'json',
data: { id_user : 1, title : "Hello everyone", content : "Good morning" },
success: function(html) {
// output under php example
},
error: function(){
alert('Error on ajax call');
}
});
</script>
1- I create the template for the output in php.
<?php
function ajax_output_post() {
$title = $_POST['title'];
$content = $_POST['content'];
$id_user = $_POST['id_user'];
// all the check for the input
$query = // insert data on mysql #return id_post;
$select_last_post_mysql = // select the last query from the db using id_user and id_post
foreach ($select_last_post_mysql as $post) {
$template = // html structure;
$template .= // continue html structure;
if ($post->photo == 1) {
$template .= // <div>photo user</div>
}
$template .= // ecc...
}
echo json_encode(array('template' => $template));
}
?>
jquery output
<script>
$(#wall).append(html.template);
</script>
php second example with output jQuery template
<?php
function ajax_output_post() {
$title = $_POST['title'];
$content = $_POST['content'];
$id_user = $_POST['id_user'];
// all the check for the input
$query = // insert data on mysql #return id_post;
$select_last_post_mysql = // select the last query from the db using id_user and id_post
foreach ($select_last_post_mysql as $post) {
$title_json = $post->title;
$content_json = $post->content;
if ($post->photo == 1) {
$photo_user_json = $post->photo_user;
} else {
$photo_user_json = "";
}
$id_post = $post->id_post;
}
echo json_encode(array('title' => $title_json, 'content' => $content_json, 'id_post' => $id_post));
}
?>
jquery
<script>
// in jquery
var Template = {
main_container: "<div class='post_container' data-post='" + html.id_post + "'>",
title: "<div class='title'>" + html.title + "</div>",
content: "<div class='content'>" + html.content + "</div>",
close_main: "</div>",
run: function() {
return Template.main_container + Template.content + Template.close_main;
}
};
$('#wall').append(Template.run());
</script>
Well, there is not really a 'best' way to do this, it always depends on the concrete situation.
In your case you could:
simply attach the user post to the DOM via javascript, without knowing whether it was inserted to the database or not (because you have all data of the post at client side available, you do not need to select it again)
attach the user post by javascript (like in the point above) after you know it was inserted (in the success handler, but still no data in response from php)
I would recommend not to select the inserted data again anyway, except you need an auto generated value like id or inserted-timestamp, instead you could simply return the values of the request in your response after the insert.
Hope this helps.
There are a few ways to accomplish this, and there are tradeoffs to be made for each of them.
The simplest way to accomplish this is to retain the user input in javascript as answered by Nico above. The pro for this method is it is very simple to accomplish and move on to other problems and due to this simplicity, has few moving parts to be misused. The major con for this method is that it means the frontend is making blind assumptions about what is going on when the backend logic processes the data, which presents the risk of misinforming the user about what happened if the backend silently fails, and this sort of bug is often difficult to catch until it bites someone and they complain. This is probably your best answer for simple use cases, but if you intend to scale it or introduce significant complexity this makes the likelihood of bugs high and should be replaced.
As per your given example, you seem to be on this frame of thought already. So to address each of your given concerns, first I would say that compatibility is best addressed by being generally unopinionated. This is appropriate for a library meant to be used for general consumption, but is not necessarily preferable for a private project or internal business logic, which require opinion to execute a specific desired result. The major caveat in terms of compatibility is that templating is handled by the frontend at least as often as the backend. It may in some cases be done in ReactJS or Angular, or it may be done on the backend by Twig, or any number of other things. If you want wide compatibility, then this should have some configuration for whether to pass response in raw format or accompanied by a template. In the case of private business logic or an app you are building with a specific purpose, the underlying point is to accomplish a specific result, and either using the existing templating structure of the system or picking one and sticking to it is preferable so you are focusing on the end goal and not getting distracted. But either way a github library author and a app developer would likely solve this same problem in completely different ways, and neither of them are wrong.
In terms of security, the typical concerns all apply. Individual approach is mostly arbitrary, provided you cover these bases if user input is being output, entered into template content, or stored in a database.
In terms of speed, the javascript DOM option is always going to be the fastest. However you can make it almost as fast depending how much tolerance for optimization you have. You could perhaps use client side storage to cache unmodified templates client side, and just use a hash of the template content as its identifying key so it automatically flushes when you change the template on the server. If you then send the key to the server and it matches, you don't need to serve the template in the response body because the client already has the correct one. If the template hash on the backend is different, you serve the new one, bust the storage cache for that template and replace the key and value with the new one. This will make the template body, which is almost certainly the longest part of the response, only need to be sent when changes are made. You would need to inject the values into the static template clientside to do it this way, and still obtain those from the server on each request. On the backend, you do not want to make a separate SELECT statement. You want to store the values in an array and just return those if your INSERT query is successful, like maybe something like this:
<?php
// List of keys that MUST be present for the query to succeed. Don't bother calling the db if any of these did not come in the request.
$expected_keys = [
'id_user',
'title',
'content' // add whatever else has to be passed
];
// key/val for db insert
$vals = [];
try {
// verify expected keys are provided
foreach ( $expected_keys as $k => $expected ) {
if !(array_key_exists ( $expected, $_POST ) ) {
// not a valid post, return an error
throw new \InvalidArgumentException( sprintf( 'Expected field [%1$s] was not provided. ', $expected ) );
}
// retain the field in $vals for insert
$vals[ $expected ] = $_POST[$expected];
}
$dsn = "mysql:host=localhost;dbname=myDatabase;charset=utf8mb4";
$options = [
\PDO::ATTR_EMULATE_PREPARES => false,
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC
];
$pdo = new \PDO($dsn, "username", "password", $options);
$stmt = $pdo->prepare(
'INSERT INTO `myTable` ( `:' .
implode( '`, `:', array_keys( $vals ) ) .
'` ) VALUES (' .
implode( '", ":', $vals ) .
');'
);
$stmt->execute( $vals );
$stmt = null;
}
// User error
catch \InvalidArgumentException $e {
// return 400 Bad Request and $e->getMessage() as the error message
}
// Server error
catch \Exception $e {
// log or whatever and return a 500 error
}
// return success with whatever you need to send back from $vals or $_POST
I have constructed my entire webpage with hashes (http://example.com/videos#video01), but the problem is when I want to share on facebook obviously it doesn't recognize the hash, so my question is: Is there a way to transform or redirect the hash url to a long social-friendly-url?
Solution:
I tried one more time with bit.ly's API, I got 50 videos to show each with a hash at the end of the url. I made a little cache script (bit.ly has a limit) and I wrote with PHP a "foreach", seem like bit.ly accepts hashes.
Thanks anyway.
The # and everything after is not sent to a server. In your case you're only sending http://example.com/videos.
New Link format: http://example.com/videos?name=video01
Call this function toward top of controller or http://example.com/videos/index.php:
function redirect()
{
if (!empty($_GET['name'])) {
// sanitize & validate $_GET['name']
// Remove anything which isn't a word, whitespace, number
// or any of the following caracters -_~,;[]().
// If you don't need to handle multi-byte characters
// you can use preg_replace rather than mb_ereg_replace
$file = mb_ereg_replace("([^\w\s\d\-_~,;\[\]\(\).])", '', $_GET['name']);
// Remove any runs of periods
$file = mb_ereg_replace("([\.]{2,})", '', $file);
$valid = file_exists('pathToFiles/' . $file);
if ($valid) {
$url = '/videos#' . $file;
} else {
$url = '/your404page.php';
}
header("Location: $url");
}
}
Sanitization snippet from this highly ranked answer: https://stackoverflow.com/a/2021729/1296209
i am using http://www.asual.com/jquery/address/ plugin and trying to parse some url, this is what i got:
<script>$(function(){
$.address.init(function(event) {
// Initializes the plugin
$('a').address();
}).change(function(event) {
$('a').attr('href').replace(/^#/, '');
$.ajax({
url: 'items.php',
data:"data="+event.value,
success: function(data) {
$('div#content').html(data)
}
})
});
})</script>
then HTML:
link02
link03
then im calling item.php, wich for now only has
echo $_GET["data"];
so after the ajax request has complete it echoes :
/items.php?id=2
/items.php?id=3
how can i parse this so i get only the var values? it is better to do it on client side?
and also if my html href is something like link02
jQuery address will ignore the &var=jj
cheers
You can use parse_url() to get the query string and then parse_str to get the query string parsed into variables.
Example:
<?php
// this is your url
$url = 'items.php?id=2&var=jj';
// you ask parse_url to parse the url and return you only the query string from it
$queryString = parse_url($url, PHP_URL_QUERY);
// parse_str can extract the variables into the global space or can put them into an array
// NOTE: for simplicity no validation is performed but in production you should perform validation
$params = array();
parse_str($queryString, $params);
// you can access the values like thid
echo $params['id']; // will output 2
echo $params['var']; // will output 'jj'
// I prefer this way, because it eliminates the posibility of overwriting another global variable
// with the same name as one of the parameters in the url.
// or you can tell parse_str to extract the variables into the global space
parse_str($queryString);
// or if you want to use the global scope
echo $id; // will output 2
echo $var; // will output 'jj'
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
Is there something like serialize/unserialize PHP functions in jQuery?
These functions return a string representations of an array or an object which can than be decoded back into array/object.
http://sk2.php.net/serialize
jQuery's serialize/serializeArray only works for form elements. I think you're looking for something more generic like this:
http://code.google.com/p/jquery-json/
This plugin makes it simple to convert to and from JSON:
var thing = {plugin: 'jquery-json', version: 2.2};
var encoded = $.toJSON(thing);
//'{"plugin":"jquery-json","version":2.2}'
var name = $.evalJSON(encoded).plugin;
//"jquery-json"
var version = $.evalJSON(encoded).version;
// 2.2
Most people asked me why I would want
to do such a thing, which boggles my
mind. Javascript makes it relatively
easy to convert from JSON, thanks to
eval(), but converting to JSON is
supposedly an edge requirement.
This plugin exposes four new functions
onto the $, or jQuery object:
toJSON: Serializes a javascript object, number, string, or arry into JSON.
evalJSON: Converts from JSON to Javascript, quickly, and is trivial.
secureEvalJSON: Converts from JSON to Javascript, but does so while checking to see if the source is actually JSON, and not with other Javascript statements thrown in.
quoteString: Places quotes around a string, and inteligently escapes any quote, backslash, or control characters.
Why, yes: jQuery's serialize. To unserialize, you'd have to code a function yourself, esentially splitting the string at the &'s and then the ='s.
I was trying to serialize a form and then save it, and when the user returned to the form unserialize it and repopulate the data. Turns out there is a pretty sweet jQuery plugin for doing this already: jQuery autosave. Maybe this will help out some of you.
I personally like Chris' unserialize function for handling jQuery's serialized strings, however, don't forget to also urldecode() them on the server-side as data such as 'email' => 'me%40domain.com' will be coming in if you use the function as-is.
Updated:
function _unserializeJQuery($rubble = NULL) {
$bricks = explode('&', $rubble);
foreach ($bricks as $key => $value) {
$walls = preg_split('/=/', $value);
$built[urldecode($walls[0])] = urldecode($walls[1]);
}
return $built;
}
You should use the native JSON library. For IE less than 8, you'll also need to use Crockford's JSON.js.
Follow the variable "formdata" and look at the supporting code to see how I got this to work in a wordpress environment.
I'm using this on the client side (js):
// bind button, setup and call .ajax
jQuery('#submitbutton').click(function() {
jQuery('#response_area').html('');
// put all name-values from form into one long string
var serializedformdata = jQuery('#submitform').serialize();
// configure array of options for the ajax call (can use a different action for each form)
options = {
type: 'POST',
url: sv_submitform_global_js_vars.ajaxurl,
datatype: 'json',
data: {
clienttime: getnow(),
sv_submit_form_check: jQuery('#sv_submit_form_check').val(),
// this data:action:'value' is specifically required by the wordpress wp_ajax_<value> action hook to process the received data on the php/server side
action: 'sv_submitform_hook',
formdata: serializedformdata,
},
beforeSend: beforesendfunc,
// process returned json formatted data in function named below
success: successfunc,
}
// execute the ajax call to server (sending data)
jQuery.ajax(options);
});
... and this on the server side (PHP) to get the data back out and into a nice associative array for server side database work.
/////////////////////////////////////
// ajax serverside data handler ///
/////////////////////////////////////
// Add AJAX actions for submit form
// Serves logged in users
add_action( 'wp_ajax_sv_submitform_hook', 'sv_submitform_handler' );
// Serves non-logged in users
add_action( 'wp_ajax_nopriv_sv_submitform_hook', 'sv_submitform_handler' );
// this is the function that processes the input from the submit form
function sv_submitform_handler(){
date_default_timezone_set('EST');
$servertime = date('h:i:s a').' Server Time';
// fda = form data array can be used anywhere after the next statement.
// example: if ($fda['formfieldbyname'] == 'something'){...};
parse_str($_POST['formdata'],$fda);
// this is how the nonce value is read
// form side is wp_nonce_field('sv_submitform','sv_submitform_check');
if (!check_ajax_referer('sv_submitform', 'sv_submitform_check', false )){
$data = $servertime . ' (Security Failed)';
} else {
$data = $servertime . ' (Security Passed)';
};
$returndata = array('data' => $data);
exit(json_encode($returndata));
};
And for the WordPress coders out there, it took me a while to realize that the wp_ajax_ hook had to be in either a plugin file or my child theme's functions.php. It will not work in a normal page template!
As of version 1.4.1 of jQuery there is a jQuery.parseJSON() function built in.
http://api.jquery.com/jQuery.parseJSON/
I had the same problem recently, I was using jQuery's .serializeArray() to post form data for validation via an AJAX call. On the server side I needed to split this object down into an associative array that would replicate the original $_POST data structure, so I wrote this little function:
function unserializeMe($obj) {
$data = array();
foreach($obj as $arr) {
$data[$arr['name']] = $arr['value'];
}
return $data;
}
Then all you have to do is cast the input object to an array type before passing it in the funciton call:
$objData = (array) $_POST['data'];
$data = unserializeMe($objData);
Use function parse_str.
$array = array();
$string = "title=Hello&desc=World=&s[]=5&s[]=6&s[]=7";
parse_str($string, $array);
description on php.net
I also wrote a function to parse the jQuery .serialize() function:
function createArray($rubble) {
$bricks = explode('&', $rubble);
foreach($bricks as $key => $value) {
$walls = preg_split('/=/', $value);
$built[$walls[0]] = $walls[1];
}
return $built;
}