api?

[dadamssg]

Hey,

To be honest i didn't even know what an API was until today...i've only been php/mysql programming for the past six months and finally launched my site...a user(who knows more than me haha) wants to know if there is an API for the site. He wants to publish things from his google calendar to the calendar i've programmed on my site. He says he'll write the script to do but i don't realllly know much of anything about API's. Should i even bother with this? He can currently add his events directly from his site...i guess he just doesn't want the hassle of posting it to two calendars. 

[Grayda]

Something to look at, is RESTful applications. Basically, this is simple HTTP verbs (GET, PUT, DELETE etc.) used with PHP so people can send information to http://www.example.com/api/calendar/ and have it inserted into the calendar or access http://www.example.com/api/calendar/2009/23/05 to access information about the 23rd of May 2009

 

Here's a sample of code. It's a lot more involved than this, but it's a start.

 

<?php
    // Are we working with a PUT request?
    if($_SERVER['REQUEST_METHOD'] == 'PUT') {
        // Yes? Then parse the string and put the results into $results. php://input is a special "file" that contains the PUT information. You can use this with DELETE etc.
        parse_str(file_get_contents("php://input"), $results);
        // Use your own "login" function here to make sure people are logged in BEFORE sending calendar information
        $isLoggedIn = userLogin($results["username"], $results["password"]);
        if(!$isLoggedIn) {
            // If we failed to log in, return a 401 status code so the browser knows we aren't authorized to do this action
            header('HTTP/1.1 401 Unauthorized');
            // Then exit, because we don't want to process anything else
            exit();
        }
        // Add the calendar information
        $success = addCalendarInformation($results["calendarTitle"], $results["calendarDate"], $results["calendarDescription"]);
        // If all went well,
        if($success) {
            // Let them know with a "Created" HTTP status code
            header("HTTP/1.1 201 Created");
        } else {
            // They forgot to put some information in, because $success is false
            header("HTTP/1.1 412 Precondition Failed");
        }
    }
    
?>

I hope this is a start. Check out these links for more information and code snippets:

http://www.recessframework.org/page/towards-restful-php-5-basic-tips
http://www.lornajane.net/posts/2008/Accessing-Incoming-PUT-Data-from-PHP
http://www.gen-x-design.com/archives/create-a-rest-api-with-php/ (WARNING: Lots of code in classes, great for copy-pasta into your code )

Enjoy 

[dbo]

If you're really slick you can actually use the pages that control your business logic to also serve as the API. What do I mean?

 

Well if a user posts some variables to http://www.somesite.com/calendar/add and this adds an event... well by using curl you could programatically pass those same variables to http://www.somesite.com/calendar/add and you can manage your business logic in one place instead of two.

 

You'll just want to make sure you've taken precautions to validate who the user is doing the posting. Perhaps you do a scenario where like:

 

if( $isLoggedIn || isValidToken($token) )
{
   //add the event
}

 

So a normal user on the site would only be able to post (update calendar) when logged in. Alternative the same user could post via the API (curl calls) by looking at their token to determine validity.

 

Just some thoughts... the less code you have to write the better/easier to manage your site is going to be.