This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Is it necessary to have a wsdl file for the creation of a webservice in php?
I want to create a web API.
My requirement is that I want to create to a way so that my customers would be able to insert/delete data from my website database, but I do not want the customers directly logged into my site. I want them to call my WSDL file URL via a client request, which will return the response to the customer.
I have heard that we can do so with the help of SOAP call or NuSOAP. I have tried several methods after doing some googling but have no success.
Can you please tell me the step by step instructions how I can achieve this.
Basically, What is an API?
If you understand how data goes from a HTML form to php code, then trust me you know all about API's. Here rather than talking forms, we talk about urls that are created at the end by those forms.
What are the Types of API?
There are two types of heavily used APIs for web services: SOAP and REST. Google is one of the major players with a SOAP based API while Yahoo (and most of their recent acquisitions) have taken the REST approach. More often than not, a “Web 2.0” service you come across today will probably be using REST.
How to create a REST API in PHP with Authentication Key to delete a value from database?
Let’s say we have a PHP class (manage.php) that helps us manage entries in a database:
class manage {
private $entryId;
function __construct($entryId) {
$this->entryId = $entryId;
}
function deleteEntry() {
//delete $this->entryId from database
}
}
On our own server, we might access this functionality like so:
require_once('manage.php');
$m = new manage(23);
$m->deleteEntry();
Easy enough for us, but how do we allow someone not on our server access to the same functionality? For that, we’ll create a third file to act as a buffer (or “interface”) between other developers and our class. Here’s an example of a file we might create to allow developers to access the delete function in our class, we’ll locate it at ‘api/delete.php’
require_once('manage.php');
if (hasPermission($_POST['api_key']) {
$m = new manage($_POST['entry_id']);
$m->deleteEntry();
}
This will allow users to send a POST request to us at http://example.com/api/delete.php with an api_key and an entry_id. You’ll notice the function is very similar to what we wrote on our own server except we check the POST api_key variable using a function to see if its authorized to access the database. We didn’t include that function here (hasPermission) for simplicity’s sake. In addition to what’s shown, you’d also have to find the user’s account based off of the api_key, put in some error checking and (if you want to make a good API) provide a properly formatted success or error response after the request. We’ll get into the success and error responses in a bit.
How To Design A Good API and Why it Matters?
I guess this video by Google can explain lot better than me. http://youtu.be/aAb7hSCtvGw
References:
http://en.wikipedia.org/wiki/Representational_state_transfer
http://en.wikipedia.org/wiki/SOAP
http://particletree.com/features/how-to-add-an-api-to-your-web-service/
http://www.webresourcesdepot.com/how-to-create-an-api-10-tutorials/
Google Search Result
Note: The answer is compilation of all references!!.
Related
I did lots of research to find the proper guideline to get a few thing done but seems like really hard. All I am asking is below:
Anyone know in php how to extract posted jobs?
How to get job applications like all the users applied for job?
Where to start my code in php?
I know all below:
business manager id
app id
app secret key from my created app.
but I don't know how to get the pageID?
I have also found this URL to get the job applications: job applpications
but don't know how to perform from the above URL.
Please give me some guideline here as I am completely new to the Facebook API. Also, please if someone can provide me some starting point of php code to begin with my 1st and 2nd question.
Also if you check below image then it's showing that you can get applications from job:
There is no publicly available Jobs API. Reading job posts via the /feed endpoint is also not supported.
Is it possible to post to Google + through PHP using some kind of API? I've read many conflicting statements on various places, including here on SO.
I've read that you need an analytics account, that you need to add a website to your page, that it isn't possible, that it's a closed service and you must apply, that you need your GMail username & password .etc.
Just really looking for a bit of clarity really. Found this, but I'm not sure if it allows this functionality. The lack of documentation really makes it quite daunting looking into this as well, there is literally nothing I can find at all.
Another option I've found appears to work, however it was from a website where you must pay to download the API. I'm genuinely not sure how or if it can be done.
Google restrict this API to whitelisted partners and companies through https://developers.google.com/+/web/api/rest/pages-signup
You could however use a third party script such as https://gist.github.com/zachbrowne/3301749 which handles the posting as if it was a logged in front end user rather than a direct API update flow.
I am new in API. I am supposed to develop an API that allows our content provider to give information pertaining soccer whereby he is supposed to create matches,update matches etc .I would like to know how to create a REST API in php that allows a client to enter the information. So far,I have created an API but I dont know how to enable the client enter the information.
Informations:
It is the basic form that you have to create and then you must allow the user to submit the form datas that he/she has filled and you have to post the data to the route that you have created.
You must submit the data and then you have to make the submitted data to be json_encode() so that it will work for the API.
Or Else if you are not designing the form and other such things you can directly go in for the API ADD ONS that the Firefox and the chrome has . Assuming you are using the chrome or Firefox as browsers.
https://addons.mozilla.org/en-US/firefox/addon/restclient/
https://addons.mozilla.org/en-US/firefox/addon/rest-easy/
https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en
Okay, assuming that you created a REST API already, download the Advanced REST client chrome extension: https://chrome.google.com/webstore/detail/advanced-rest-client/hgmloofddffdnphfgcellkdfbfbjeloo
I hope that answers to your question.
P.S: May I know what framework did you use to design your REST API ? Additional details can help you further.
Building REST APIs is atually a rather easy task. That's primarily what I work on at work all day. If you have to use PHP (I'm a fan of PHP, so don't take that comment the wrong way :) ), I would reccommend using a framework like Laravel.
The logic to handle the information once it's requested wouldn't change. You would just need to make your requests/responses REST compliant.
Here is a great tutorial for doing just that!
Also, since you use Yii, this tutorial is probably better. I've never used Yii, so I can't really vouch for it, though.
I am trying to wrap my head around all this "api-centric" concept and somehow, for various reasons(after turning SO upside down) i am not able to find answers by my own, so i hope you can help me :)
Here it is, as part of a personal project i need to create something like a social application website, i say "like" because it's just a small project, nothing too fancy.
The idea i have in mind is that i create a rest service, say something like http://api.domain.com/v1/ with all the needed methods for resources (create/delete/update/read).
Now, after this service will be created, i need to create my website, say http://www.domain.com/ and this website will communicate with my api.domain.com for each action it does. If a new user registers, send the data to the api server, process it, return an answer and so on.
Then, after the website is created, i am planning to use phonegap to create a native application for iphone and android. These mobile applications, will basically act just like my website does, connect to the api server and do various actions.
This is pretty simple if no authorization is involved, so anyone who knows the api endpoints would be able to manage all the resources, thing that as you would guess, i don't want, so i have to implement some kind of authorization mechanism and i am not really sure what to use.
I am thinking to implement OAuth2 so that my api act as a oauth provider, then my website/mobile apps will connect to the api, get authorized and then do their job.
Is this a good approach, any thoughts?
Next, let's say i stick with oauth and everything works okay, what if i want to give my users the opportunity to create their own apps to access info about the other users/or their own data(basically i have a public api, why not taking advantage of that), then the user that will install the app will need to approve it in order to get access to his info. I know this is possible with oauth(since facebook/twitter/others does it), the question is, how do i differentiate between simple user created apps and my own ones(like the website and mobile apps)? Is this separation doable by providing various "scopes" when requesting permssions?
If not, what other approach should i use?
I'm not too experienced with oauth, so maybe some of the questions are a bit wrong, hopefully you get the point of my problem.
If it helps, i'll use PHP 5.4 with Yii framework, Apache 2(mod ssl available), MySQL.
Thanks :)
Yii provides CWebService (SOAP), you can use that, or create your own REST API indeed.
I created a API myself, the same way you want to do it.
For safety purposes i'm logging in with a api username and a api password using CUserIdentity:
if (Yii::app()->apiuser->isGuest) {
if (!empty($_POST['apiUser']) && !empty($_POST['apiPassword'])) {
$identity = new ApiUserIdentity($_POST['apiUser'],$_POST['apiPassword']);
$identity->authenticate();
if($identity->errorCode===ApiUserIdentity::ERROR_NONE)
{
Yii::app()->apiuser->login($identity); // Login for 30 minutes
$responseData['success'] = 1;
$responseData['sessionId'] = Yii::app()->session->sessionID;
} else {
$responseData['error'] = 'Incorrect username and/or password';
}
}
}
The POST data is coming from the app it uses the api. The SessionId is passed back to the app, so a next login isn't necessary. If you're using CURL to make the api request you can send the session ID back to the next api request using:
$strCookie = "PHPSESSID=".$sessionId."; path=/";
// Set the COOKIE files
curl_setopt($ch, CURLOPT_COOKIESESSION, true );
curl_setopt($ch, CURLOPT_COOKIE, $strCookie);
This way the session is maintained every next request.
I am working on a PHP REST API. I would like require a user key to access the API. I am not sure how to do this though, do I just issue a key and have them send it in a POST or with GET on each API request? Please help me explain in the simplest of terms possible if you can, I know this is something a lot of people want to do and it confuses a lot of people not just myself.
Also I would like to be able to limit usage, I was thinking of storing each hit in a MySQL database or something in Memory even. I just saw this in the header of a Github API request
X-RateLimi-Limit 5000 and X-RateLimi-Remaining 4996 and the number decreases by 1 on each hit, is this some kind of built in limiter?
Just require clients to register with your site,
create a record in your CLIENTS table, issue them a unique, non easy to guess id
then with each api access require that id to be included in request, either in GET or POST on in the header.
Validate it with every request, return error code if id is not present or invalid.
For rate limiting you are correct, you need to have a separate table for storing count of requests per client and then generate these response headers with X-RateLimit counters.
It's not that hard, really.
I wrote an API that does that for my project, you are welcome to look at the source code, it's in the Api folder, here
https://github.com/snytkine/LampCMS/tree/master/lib/Lampcms/Api/
and entry point to API calls is this
https://github.com/snytkine/LampCMS/blob/master/www/api/api.php
url for adding new app is:
http://support.lampcms.com/index.php?a=editapp