Are you working with multiple devices like iPhone, Android and Web then take a look at this post that explains you how to develop a RESTful API in PHP. Representational state transfer (REST) is a software system for distributing the data to different kind of applications. The web service system produce status code response in JSON or XML format.
Download ScriptDeveloper
Database
Sample database users table columns user_id, user_fullname, user_email, user_password and user_status.
CREATE TABLE IF NOT EXISTS `users`
(
`user_id` int(11) NOT NULL AUTO_INCREMENT,
`user_fullname` varchar(25) NOT NULL,
`user_email` varchar(50) NOT NULL,
`user_password` varchar(50) NOT NULL,
`user_status` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
(
`user_id` int(11) NOT NULL AUTO_INCREMENT,
`user_fullname` varchar(25) NOT NULL,
`user_email` varchar(50) NOT NULL,
`user_password` varchar(50) NOT NULL,
`user_status` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
Rest API Class: api.php
Contains simple PHP code, here you have to modify database configuration details like database name, username and password.
<?php
require_once("Rest.inc.php");
class API extends REST
{
public $data = "";
const DB_SERVER = "localhost";
const DB_USER = "Database_Username";
const DB_PASSWORD = "Database_Password";
const DB = "Database_Name";
private $db = NULL;
public function __construct()
{
parent::__construct();// Init parent contructor
$this->dbConnect();// Initiate Database connection
}
//Database connection
private function dbConnect()
{
$this->db = mysql_connect(self::DB_SERVER,self::DB_USER,self::DB_PASSWORD);
if($this->db)
mysql_select_db(self::DB,$this->db);
}
//Public method for access api.
//This method dynmically call the method based on the query string
public function processApi()
{
$func = strtolower(trim(str_replace("/","",$_REQUEST['rquest'])));
if((int)method_exists($this,$func) > 0)
$this->$func();
else
$this->response('',404);
// If the method not exist with in this class, response would be "Page not found".
}
private function login()
{
..............
}
private function users()
{
..............
}
private function deleteUser()
{
.............
}
//Encode array into JSON
private function json($data)
{
if(is_array($data)){
return json_encode($data);
}
}
}
// Initiiate Library
$api = new API;
$api->processApi();
?>
require_once("Rest.inc.php");
class API extends REST
{
public $data = "";
const DB_SERVER = "localhost";
const DB_USER = "Database_Username";
const DB_PASSWORD = "Database_Password";
const DB = "Database_Name";
private $db = NULL;
public function __construct()
{
parent::__construct();// Init parent contructor
$this->dbConnect();// Initiate Database connection
}
//Database connection
private function dbConnect()
{
$this->db = mysql_connect(self::DB_SERVER,self::DB_USER,self::DB_PASSWORD);
if($this->db)
mysql_select_db(self::DB,$this->db);
}
//Public method for access api.
//This method dynmically call the method based on the query string
public function processApi()
{
$func = strtolower(trim(str_replace("/","",$_REQUEST['rquest'])));
if((int)method_exists($this,$func) > 0)
$this->$func();
else
$this->response('',404);
// If the method not exist with in this class, response would be "Page not found".
}
private function login()
{
..............
}
private function users()
{
..............
}
private function deleteUser()
{
.............
}
//Encode array into JSON
private function json($data)
{
if(is_array($data)){
return json_encode($data);
}
}
}
// Initiiate Library
$api = new API;
$api->processApi();
?>
Login POST
Displaying users records from the users table Rest API URL http://localhost/rest/login/. This Restful API login status works with status codes if status code 200 login success else status code 204 shows fail message. For more status code information check Rest.inc.php in download script.
private function login()
{
// Cross validation if the request method is POST else it will return "Not Acceptable" status
if($this->get_request_method() != "POST")
{
$this->response('',406);
}
$email = $this->_request['email'];
$password = $this->_request['pwd'];
// Input validations
if(!empty($email) and !empty($password))
{
if(filter_var($email, FILTER_VALIDATE_EMAIL)){
$sql = mysql_query("SELECT user_id, user_fullname, user_email FROM users WHERE user_email = '$email' AND user_password = '".md5($password)."' LIMIT 1", $this->db);
if(mysql_num_rows($sql) > 0){
$result = mysql_fetch_array($sql,MYSQL_ASSOC);
// If success everythig is good send header as "OK" and user details
$this->response($this->json($result), 200);
}
$this->response('', 204); // If no records "No Content" status
}
}
// If invalid inputs "Bad Request" status message and reason
$error = array('status' => "Failed", "msg" => "Invalid Email address or Password");
$this->response($this->json($error), 400);
}
{
// Cross validation if the request method is POST else it will return "Not Acceptable" status
if($this->get_request_method() != "POST")
{
$this->response('',406);
}
$email = $this->_request['email'];
$password = $this->_request['pwd'];
// Input validations
if(!empty($email) and !empty($password))
{
if(filter_var($email, FILTER_VALIDATE_EMAIL)){
$sql = mysql_query("SELECT user_id, user_fullname, user_email FROM users WHERE user_email = '$email' AND user_password = '".md5($password)."' LIMIT 1", $this->db);
if(mysql_num_rows($sql) > 0){
$result = mysql_fetch_array($sql,MYSQL_ASSOC);
// If success everythig is good send header as "OK" and user details
$this->response($this->json($result), 200);
}
$this->response('', 204); // If no records "No Content" status
}
}
// If invalid inputs "Bad Request" status message and reason
$error = array('status' => "Failed", "msg" => "Invalid Email address or Password");
$this->response($this->json($error), 400);
}
Users GET
Displaying users records from the users table Rest API URL http://localhost/rest/users/
private function users()
{
// Cross validation if the request method is GET else it will return "Not Acceptable" status
if($this->get_request_method() != "GET")
{
$this->response('',406);
}
$sql = mysql_query("SELECT user_id, user_fullname, user_email FROM users WHERE user_status = 1", $this->db);
if(mysql_num_rows($sql) > 0)
{
$result = array();
while($rlt = mysql_fetch_array($sql,MYSQL_ASSOC))
{
$result[] = $rlt;
}
// If success everythig is good send header as "OK" and return list of users in JSON format
$this->response($this->json($result), 200);
}
$this->response('',204); // If no records "No Content" status
}
{
// Cross validation if the request method is GET else it will return "Not Acceptable" status
if($this->get_request_method() != "GET")
{
$this->response('',406);
}
$sql = mysql_query("SELECT user_id, user_fullname, user_email FROM users WHERE user_status = 1", $this->db);
if(mysql_num_rows($sql) > 0)
{
$result = array();
while($rlt = mysql_fetch_array($sql,MYSQL_ASSOC))
{
$result[] = $rlt;
}
// If success everythig is good send header as "OK" and return list of users in JSON format
$this->response($this->json($result), 200);
}
$this->response('',204); // If no records "No Content" status
}
DeleteUser
Delete user function based on the user_id value deleting the particular record from the users table Rest API URL http://localhost/rest/deleteUser/
private function deleteUser()
{
if($this->get_request_method() != "DELETE"){
$this->response('',406);
}
$id = (int)$this->_request['id'];
if($id > 0)
{
mysql_query("DELETE FROM users WHERE user_id = $id");
$success = array('status' => "Success", "msg" => "Successfully one record deleted.");
$this->response($this->json($success),200);
}
else
{
$this->response('',204); // If no records "No Content" status
}
}
{
if($this->get_request_method() != "DELETE"){
$this->response('',406);
}
$id = (int)$this->_request['id'];
if($id > 0)
{
mysql_query("DELETE FROM users WHERE user_id = $id");
$success = array('status' => "Success", "msg" => "Successfully one record deleted.");
$this->response($this->json($success),200);
}
else
{
$this->response('',204); // If no records "No Content" status
}
}
Chrome Extention
A Extention for testing PHP restful API response download here Advanced REST client Application
.htaccess code
Rewriting code for friendly URLs. In the download code you just modify htaccess.txt to .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteRule ^(.*)$ api.php?rquest=$1 [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ api.php [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^(.*)$ api.php [QSA,NC,L]
</IfModule>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteRule ^(.*)$ api.php?rquest=$1 [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ api.php [QSA,NC,L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^(.*)$ api.php [QSA,NC,L]
</IfModule>
pls post more about api i want to learn that
It's very nice , what about XML RPC
nice
really usefull to me.. thanks a lot :)
Nice. 'll give it a try
thanks for the article :)
That a very well but I want some more example & declaration pls provide this.Thank u
Kool man nice work .. i have used this one
Good job ! But it would be much better if you indent the Code with Tabs, as the code above is little difficult to understand
I will definitely try it out to develop demo API by myself and will try the same API for the android app development.
Thank for sharing detailed article.
awesome article....!
amazing!!
Very good tutorial! Thanks a lot!
Muito bom cara! Parabéns.
Very good post as usual! Good work, Arun! :)
Could you explain how to get data? As I see in this script, in URL you send a name, that name is the name on the function. Further more _request is set to array. So you wrap everything in an array?? But then, how to extract, so you get correct function?? IM CONFUSED! And where to extend this so I can claim and API key ?
@KFllash32 : This is little bit tricky but more user friendly, api(api.php) demo class wrote like this way query string as a function. But you can write your own class insteed of api.php. Validating api key or headers and all up to you.
I have some experiences in this, so I figures out a way, but the Login function in the api.php will not work for most users because you also need email and username input. And something strange.
You write this: $this->response('',204). And this will return nothing at all, because first param is '' (empty) and in the function you return data (data is the first param left empty). So what is the point with this one?
Good..article
Every nice ... big thanks if i can have more tutorial
how to highlight your codes?
yeah looks nice dude
Your diagrams are impressive, what tool you use for that?
I heard PHP is not good for applying RESTfull because it does not integrate natively query functionality DELETE and PUT
It's really?
thank this blog always saves me.I love your jobs and i stay tune.I ll try this API because i have a simillar projet and this will help i think so
awesome
well nice post keep it up for us to learn more...
Can any one explain this line in Sample database "users"
ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
What did you use in making the illustration:
https://lh6.googleusercontent.com/-u9hFxEK0OS8/T6a9yHaniHI/AAAAAAAAF_Y/prEsvdWrNtI/s550/rest.png
Adobe illustration
What about security :))?
Write is you can how to use also with REST OAuth.
Also do you know why some API uses such url
site.com/api/create.json
why the use dot?
nice sir ji
Post more information regarding the REST modules and I want to integrate it with my application
good one
nice sir.. Thank you for sharing always your ideas to us ..
very nice. thanks..
i am having a problem getting Params such as email and Password for the sample Post function login()
could it be htaccess?
email and password keep coming in as null
any suggestions? I have Sample Code
Well, this example ios really nice and working so far. I just wanna know if it's possible to request for a special user this way:
http://localhost/rest/users/14
GET: List info for user with ID of 14
How do I manage it with your code? Is that possible?
how to pass request for deleteuser and login in url..
pls explain someone
This is really nice and easy plugin. Can u plz tell me how to call 'login' function with POST menthod. Plz it's urgent. It wil be really great if you reply ASAP
This tutorial is not in detail for the person who is new to API. I was trying to create an API that inserts records to my db. I know i could use this, But i'm struggling
Hi,
Can anyone tell how to use this api? Do I need to call it from other application? If yes, then how?
I always see Get request. How to change it to POST ?
Could you please post an example for inserting data using POST.
could you please post insert & fetch data using xml with rest
cool
Can you explain the post methods. Means how can i post email and password
thanks
thanks.... its enough to start with rest api for begginers
Helpful !!
Hello,
I am new to php, how to execute this program ?
Can any one help.
what are de .ds_store and .htacces files for? regards!
To execute the program you must have php installed, and a web server.
I'd suggest you look for tutorials for beginning php first. Then when you are comfortable, and know what REST is, then come back
not working how to see result of http://localhost/rest/users/??
How to call it for testing...
hi!
can u explain me how use credential for calling REST resources after login?
Nice job Arun :D
but are you sure that the returns in json?
for example, i use your Rest.inc.php file for construct an api, and this file return that's
string(508) " object(Api)#1 (8) { ["data"]=> string(0) "" ["db":"Api":private]=> resource(4) of type (mysql link) ["_allow"]=> array(0) { } ["_content_type"]=> string(16) "application/json" ["_request"]=> array(3) { ["rquest"]=> string(5) "login" ["Email"]=> string(15) "user1@gmail.com" ["Password"]=> string(5) "12345" } ["_resp"]=> array(1) { ["Id"]=> string(1) "1" } ["_method":"REST":private]=> string(0) "" ["_code":"REST":private]=> int(200) } "
is json?
Very helpful... I can test it in php and working perfectly. But unable to call it in windows phone.
So, Can you tell me how can I call it in Windows Phone apps.
Helpful for beginners. Great!!!
Make sure to enable mod_rewrite in httpd.conf
I am getting this error:
Notice: Undefined index: rquest in C:\server\www\jrserver.dev\public_html\rest\api.php on line 69
Thanks for the info !
@eureckou: you should pass the parameter rquest and value to that.
for example. "http://localhost/rest/api.php?rquest=users" so that your rquest parameter will be passed and the value will be accessed in processApi(). Then the action will be taken according to your request.
Thanks for sharing
Hi, thanks for that good.. it took me a while to find any good and easy to use examples..
One question.. When I use to Chrome extension to test the web service, the login and deleteUser function is not working.. During the debbuging I found out that $_GET and $_POST is just empty.. any idea why that happens?
plz tell me form where we can post the value and how can get post value within function....
Good tutorial but you know that the POST implementation is not working, right? There are a lot of people asking for help in the comments but I guess the author forgot about this post... It's a shame.
can anyone help me on how to access the service methods from the client code.
There is no impementation of any methods to add a user so to use the API you need to first add data into your database's 'users' table. Use an online md5 generator to create the password and make sure to have the field 'user-status' set to 1 if you want to get the data. To login (/login) use POST and variables 'pwd' and 'email' in Payload, to see users (/users use GET. To delete, no idea. Seems like dELETE is not accepted on my system (Chrome/Windows). I hope this will help some of you.
To delete users, there is an error: in Rest.inc.php, within the inputs() method, DELETE must be treated as PUT, not as GET as it is currently set.
Really helpful dude..thanks a lot.. :)
curl testing
$ch = curl_init('http://api.local/deleteUser?id=2');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
echo $result = curl_exec($ch);
curl testing
$ch = curl_init('http://api.local/deleteUser?id=2');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
echo $result = curl_exec($ch);
curl testing
$ch = curl_init('http://api.local/deleteUser?id=2');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
echo $result = curl_exec($ch);
Good I'd like to know how to call the api from jquery mobile application
Hi,
Can you tell me please where from download Rest.inc.php?
To use it without problems make sure you have:
apt-get install php5-curl
require_once("Rest.inc.php");
from where i get it?
Not served in WAMPSERVER gives me a problem in the require_once ("Rest.inc.php");
Very helpful tutorial, thanks very much!
very helpful
I am new to SOAP and REST which do you recommend me to learn and is easy to learn.
How do I use the private function login() section. If i have 2 inputs for username and password and I post the email and password to api.php how can I log that user in through private function login()?
Getting a 404 Not Found?
Make sure to enable mod_rewrite in httpd.conf
we want to create api for prepaid mobile recharges & other kindly provide suggession to get it
Hi,
I am trying to use this code and actually i am getting an notice like..
Notice: Undefined index: rquest in C:\xampp\htdocs\rest\api.php on line 69
Can you please explain what the problem..
nice post... Very helpful
This is a very nice api method i will defenetly implement it in my system currently i am using SOAP apis.