I’m the author of php-crud-api and I want to share the core of the application with you. It includes routing a JSON REST request, converting it into SQL, executing it and giving a meaningful response. I tried to write the application as short as possible and came up with these 65 lines of code:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
<?php// get the HTTP method, path and body of the request$method = $_SERVER['REQUEST_METHOD'];$request = explode('/', trim($_SERVER['PATH_INFO'],'/'));$input = json_decode(file_get_contents('php://input'),true);// connect to the mysql database$link = mysqli_connect('localhost', 'user', 'pass', 'dbname');mysqli_set_charset($link,'utf8');// retrieve the table and key from the path$table = preg_replace('/[^a-z0-9_]+/i','',array_shift($request));$key = array_shift($request)+0;// escape the columns and values from the input object$columns = preg_replace('/[^a-z0-9_]+/i','',array_keys($input));$values = array_map(function ($value) use ($link) { if ($value===null) return null; return mysqli_real_escape_string($link,(string)$value);},array_values($input));// build the SET part of the SQL command$set = '';for ($i=0;$i<count($columns);$i++) { $set.=($i>0?',':'').'`'.$columns[$i].'`='; $set.=($values[$i]===null?'NULL':'"'.$values[$i].'"');}// create SQL based on HTTP methodswitch ($method) { case 'GET': $sql = "select * from `$table`".($key?" WHERE id=$key":''); break; case 'PUT': $sql = "update `$table` set $set where id=$key"; break; case 'POST': $sql = "insert into `$table` set $set"; break; case 'DELETE': $sql = "delete `$table` where id=$key"; break;}// excecute SQL statement$result = mysqli_query($link,$sql);// die if SQL statement failedif (!$result) { http_response_code(404); die(mysqli_error());}// print results, insert id or affected row countif ($method == 'GET') { if (!$key) echo '['; for ($i=0;$i<mysqli_num_rows($result);$i++) { echo ($i>0?',':'').json_encode(mysqli_fetch_object($result)); } if (!$key) echo ']';} elseif ($method == 'POST') { echo mysqli_insert_id($link);} else { echo mysqli_affected_rows($link);}// close mysql connectionmysqli_close($link); |
This code is written to show you how simple it is to make a fully operational REST API in PHP.
Running
Save this file as “api.php” in your (Apache) document root and call it using:
http://localhost/api.php/{$table}/{$id}
Or you can use the PHP built-in webserver from the command line using:
$ php -S localhost:8888 api.php
The URL when ran in from the command line is:
http://localhost:8888/api.php/{$table}/{$id}
NB: Don’t forget to adjust the ‘mysqli_connect’ parameters in the above script!
REST API in a single PHP file
Although the above code is not perfect it actually does do 3 important things:
- Support HTTP verbs GET, POST, UPDATE and DELETE
- Escape all data properly to avoid SQL injection
- Handle null values correctly
One could thus say that the REST API is fully functional. You may run into missing features of the code, such as:
- No related data (automatic joins) supported
- No condensed JSON output supported
- No support for PostgreSQL or SQL Server
- No POST parameter support
- No JSONP/CORS cross domain support
- No base64 binary column support
- No permission system
- No search/filter support
- No pagination or sorting supported
- No column selection supported
Don’t worry, all these features are available in php-crud-api, which you can get from Github. On the other hand, now that you have the essence of the application, you may also write your own!
[출처] https://www.leaseweb.com/labs/2015/10/creating-a-simple-rest-api-in-php/
