How to Create Web Service in PHP

Post Views: 6,536

Hello Friends, Today I am going to tell you about how to create web service in PHP. A web service is a software or program which makes itself available over Internet to give response according to inputs provided to web service. In a Web service, HTTP protocol is used for communication and response is generated to client in XML or JSON format. Web Services can be utilized by web application, mobile applications or desktop applications. Web Services can be created using Java, .Net, PHP or any other languages but I am going to use PHP and response will be generated in JSON format. I am going to create a web service for user registration and login.

Folder Structure

website_root_folder/api/config.php
website_root_folder/api/user.php

Note: website root folder can be public_html or a subfolder or depend on your web server and how to setup your website

config.php

<?php
date_default_timezone_set("Asia/Kolkata");
function getConnection() {
    $servername = "localhost";
    $username = "root"; //Database username
    $password = "root"; //Database password
    $dbname = "test"; //Database name

    // Create connection
    $conn = new mysqli($servername, $username, $password, $dbname);
    // Check connection
    if (mysqli_connect_error()) {
        die("Database connection failed: " . mysqli_connect_error());
    } else {
        return $conn;
    }
}

define("KEY", "ABCD"); //it could be anything secret key which will be shared to authorised developer only to access web service in their application
define("T_USERS", "users"); //users table needs to be created with id, name, mobile, email, password, registered_timestamp fields

<?php

date_default_timezone_set("Asia/Kolkata");

function getConnection() {

$servername = "localhost";

$username = "root"; //Database username

$password = "root"; //Database password

$dbname = "test"; //Database name

// Create connection

$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection

if (mysqli_connect_error()) {

die("Database connection failed: " . mysqli_connect_error());

} else {

return $conn;

}

define("KEY", "ABCD"); //it could be anything secret key which will be shared to authorised developer only to access web service in their application

define("T_USERS", "users"); //users table needs to be created with id, name, mobile, email, password, registered_timestamp fields

user.php

Service url will be SITE_URL/api/user.php

<?php

include 'config.php';
$conn = getConnection();

header("Content-Type:application/json");
/*
 * user table fields
 * id, name, mobile, email, password, registered_timestamp
 */
if (!isset($_REQUEST['key']) || trim($_REQUEST['key']) != KEY) {
    die("Not authorised");
}

if (!isset($_REQUEST['action'])) {
    echo "Please provide action parameter";
    die();
}

$action = trim($_REQUEST['action']);

if ($action == 'register') {
    //check get parameter or request parameter or post parameter and respond accordingly
    if (isset($_REQUEST['name']) && isset($_REQUEST['mobile']) && isset($_REQUEST['email']) && isset($_REQUEST['password'])) {
        $name = filter_var(trim($_REQUEST['name']), FILTER_SANITIZE_STRING);
        $mobile = filter_var(trim($_REQUEST['mobile']), FILTER_SANITIZE_STRING);
        $email = filter_var(trim($_REQUEST['email']), FILTER_SANITIZE_EMAIL);
        $password = trim($_REQUEST['password']);

        $result = $conn->query("SELECT * FROM " . T_USERS . " WHERE mobile='$mobile' OR email='$email'");
        if ($result->num_rows > 0) {
            $data = $result->fetch_assoc();
            unset($data['password']);
            respond("201", "Already Registered", $data);
        } else {
            $reg_timestamp = time();
            if ($conn->query("INSERT INTO " . T_USERS . " (name, mobile, email, password, registered_timestamp) VALUES('$name','$mobile','$email','$password','$reg_timestamp')")) {
                $result2 = $conn->query("SELECT * FROM users WHERE mobile='$mobile'");
                $data = $result2->fetch_assoc();
                unset($data['password']);
                respond("200", "Registered", $data);
            } else {
                respond("201", "Please try again", NULL);
            }
        }
    }
}

if ($action == 'login') {
    //check get parameter or request parameter or post parameter and respond accordingly
    if (isset($_REQUEST['emailormobile']) && isset($_REQUEST['password'])) {
        $emailormobile = filter_var(trim($_REQUEST['emailormobile']), FILTER_SANITIZE_STRING);
        $password = filter_var(trim($_REQUEST['password']), FILTER_SANITIZE_STRING);

        $result = $conn->query("SELECT * FROM " . T_USERS . " WHERE (mobile='$emailormobile' OR email='$emailormobile') AND password = '$password'");
        if ($result->num_rows > 0) {
            $data = $result->fetch_assoc();
            unset($data['password']);
            respond("200", "Successfully LoggedIn", $data);
        } else {
            respond("201", "Username or Password Incorrect", NULL);
        }
    } else {
        respond("202", "Invalid Argument", NULL);
    }
}

function respond($status, $status_message, $data) {
    header("HTTP/1.1 $status $status_message");
    $response['status'] = $status;
    $response['status_message'] = $status_message;
    $response['data'] = $data;

    echo json_encode($response);
}

<?php

include 'config.php';

$conn = getConnection();

header("Content-Type:application/json");

* user table fields

* id, name, mobile, email, password, registered_timestamp

if (!isset($_REQUEST['key']) || trim($_REQUEST['key']) != KEY) {

die("Not authorised");

}

if (!isset($_REQUEST['action'])) {

echo "Please provide action parameter";

die();

}

$action = trim($_REQUEST['action']);

if ($action == 'register') {

//check get parameter or request parameter or post parameter and respond accordingly

if (isset($_REQUEST['name']) && isset($_REQUEST['mobile']) && isset($_REQUEST['email']) && isset($_REQUEST['password'])) {

$name = filter_var(trim($_REQUEST['name']), FILTER_SANITIZE_STRING);

$mobile = filter_var(trim($_REQUEST['mobile']), FILTER_SANITIZE_STRING);

$email = filter_var(trim($_REQUEST['email']), FILTER_SANITIZE_EMAIL);

$password = trim($_REQUEST['password']);

$result = $conn->query("SELECT * FROM " . T_USERS . " WHERE mobile='$mobile' OR email='$email'");

if ($result->num_rows > 0) {

$data = $result->fetch_assoc();

unset($data['password']);

respond("201", "Already Registered", $data);

} else {

$reg_timestamp = time();

if ($conn->query("INSERT INTO " . T_USERS . " (name, mobile, email, password, registered_timestamp) VALUES('$name','$mobile','$email','$password','$reg_timestamp')")) {

$result2 = $conn->query("SELECT * FROM users WHERE mobile='$mobile'");

$data = $result2->fetch_assoc();

unset($data['password']);

respond("200", "Registered", $data);

} else {

respond("201", "Please try again", NULL);

}

if ($action == 'login') {

//check get parameter or request parameter or post parameter and respond accordingly

if (isset($_REQUEST['emailormobile']) && isset($_REQUEST['password'])) {

$emailormobile = filter_var(trim($_REQUEST['emailormobile']), FILTER_SANITIZE_STRING);

$password = filter_var(trim($_REQUEST['password']), FILTER_SANITIZE_STRING);

$result = $conn->query("SELECT * FROM " . T_USERS . " WHERE (mobile='$emailormobile' OR email='$emailormobile') AND password = '$password'");

if ($result->num_rows > 0) {

$data = $result->fetch_assoc();

unset($data['password']);

respond("200", "Successfully LoggedIn", $data);

} else {

respond("201", "Username or Password Incorrect", NULL);

}

} else {

respond("202", "Invalid Argument", NULL);

}

function respond($status, $status_message, $data) {

header("HTTP/1.1 $status $status_message");

$response['status'] = $status;

$response['status_message'] = $status_message;

$response['data'] = $data;

echo json_encode($response);

}

How to Access Web Service

Registration Web Service

SITE_URL/api/user.php?key=ABCD&action=register&name=Test&mobile=9999999999&[email protected]&password=test
i.e. http://example.com/api/user.php?key=ABCD&action=register&name=Test&mobile=9999999999&[email protected]&password=test

Login Web Service

SITE_URL/api/user.php?key=ABCD&action=login&emailormobile=9999999999&password=test
i.e. http://example.com/api/user.php?key=ABCD&action=login&emailormobile=9999999999&password=test

Note: Here I am using GET method you can also use POST method

Please share if you like and you can ask in comment section if you have any query

How to Create Web Service in PHP

Folder Structure

config.php

user.php

How to Access Web Service

Comments

Leave a Reply Cancel reply