Simple PHP MySQL Rest API Sample Example Tutorial

By | February 5, 2016

In this article, we will look at a very basic rest api implementation using PHP.

If you are to build server infrastructure for any of your new website or app, I would recommend to use rest implementation for your server database access.

Rest APIs are really useful when you have to make several different calls to MySQL database or when making several GET, POST requests on server. For example for saving data, reading, updating etc.
Lets begin with a simple implementation:

STEP-1) Create a new directory named MY_API.

STEP-2) Now create a new file named .htaccess (Please note that file has an extention of .htaccess) and copy the code below:

<IfModule mod_rewrite.c>
    RewriteEngine On

	RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-s
	RewriteRule ^(.*)$ api.php?rquest=$1 [QSA,NC,L]

	RewriteCond %{REQUEST_FILENAME} -d
	RewriteRule ^(.*)$ api.php [QSA,NC,L]

	RewriteCond %{REQUEST_FILENAME} -s
	RewriteRule ^(.*)$ api.php [QSA,NC,L]	
</IfModule>

STEP-3) Now create another file in the same directory with the name, Rest.inc.php and copy the below content:

<?php
	/* File : Rest.inc.php
	*/
	class REST {
		
		public $_allow = array();
		public $_content_type = "application/json";
		public $_request = array();
		
		private $_method = "";		
		private $_code = 200;
		
		public function __construct(){
			$this->inputs();
		}
		
		public function get_referer(){
			return $_SERVER['HTTP_REFERER'];
		}
		
		public function response($data,$status){
			$this->_code = ($status)?$status:200;
			$this->set_headers();
			echo $data;
			exit;
		}
		
		private function get_status_message(){
			$status = array(
						100 => 'Continue',  
						101 => 'Switching Protocols',  
						200 => 'OK',
						201 => 'Created',  
						202 => 'Accepted',  
						203 => 'Non-Authoritative Information',  
						204 => 'No Content',  
						205 => 'Reset Content',  
						206 => 'Partial Content',  
						300 => 'Multiple Choices',  
						301 => 'Moved Permanently',  
						302 => 'Found',  
						303 => 'See Other',  
						304 => 'Not Modified',  
						305 => 'Use Proxy',  
						306 => '(Unused)',  
						307 => 'Temporary Redirect',  
						400 => 'Bad Request',  
						401 => 'Unauthorized',  
						402 => 'Payment Required',  
						403 => 'Forbidden',  
						404 => 'Not Found',  
						405 => 'Method Not Allowed',  
						406 => 'Not Acceptable',  
						407 => 'Proxy Authentication Required',  
						408 => 'Request Timeout',  
						409 => 'Conflict',  
						410 => 'Gone',  
						411 => 'Length Required',  
						412 => 'Precondition Failed',  
						413 => 'Request Entity Too Large',  
						414 => 'Request-URI Too Long',  
						415 => 'Unsupported Media Type',  
						416 => 'Requested Range Not Satisfiable',  
						417 => 'Expectation Failed',  
						500 => 'Internal Server Error',  
						501 => 'Not Implemented',  
						502 => 'Bad Gateway',  
						503 => 'Service Unavailable',  
						504 => 'Gateway Timeout',  
						505 => 'HTTP Version Not Supported');
			return ($status[$this->_code])?$status[$this->_code]:$status[500];
		}
		
		public function get_request_method(){
			return $_SERVER['REQUEST_METHOD'];
		}
		
		private function inputs(){
			switch($this->get_request_method()){
				case "POST":
					$this->_request = $this->cleanInputs($_POST);
					break;
				case "GET":
				case "DELETE":
					$this->_request = $this->cleanInputs($_GET);
					break;
				case "PUT":
					parse_str(file_get_contents("php://input"),$this->_request);
					$this->_request = $this->cleanInputs($this->_request);
					break;
				default:
					$this->response('',406);
					break;
			}
		}		
		
		private function cleanInputs($data){
			$clean_input = array();
			if(is_array($data)){
				foreach($data as $k => $v){
					$clean_input[$k] = $this->cleanInputs($v);
				}
			}else{
				if(get_magic_quotes_gpc()){
					$data = trim(stripslashes($data));
				}
				$data = strip_tags($data);
				$clean_input = trim($data);
			}
			return $clean_input;
		}		
		
		private function set_headers(){
			header("HTTP/1.1 ".$this->_code." ".$this->get_status_message());
			header("Content-Type:".$this->_content_type);
		}
	}	
?>

The above two files were simply necessary like any other library files. Lets create a working php script which will be used as your main file to write server scripts.

STEP-4) Create another file named api.php and copy the below code:


<?php
    
require_once("Rest.inc.php");
	
class API extends REST {
	
	public $data = "";
	//Enter details of your database
	const DB_SERVER = "localhost";
	const DB_USER = "user";
	const DB_PASSWORD = "db_password";
	const DB = "my_db";
	
	private $db = NULL;

	public function __construct(){
		parent::__construct();				// Init parent contructor
		$this->dbConnect();			       // Initiate Database connection
}
	
private function dbConnect(){
		$this->db = mysql_connect(self::DB_SERVER,self::DB_USER,self::DB_PASSWORD);
		if($this->db)
			mysql_select_db(self::DB,$this->db);
}
	
	/*
	 * Public method for access api.
	 * This method dynmically call the method based on the query string
	 *
	 */
public function processApi(){
		$func = strtolower(trim(str_replace("/","",$_REQUEST['rquest'])));
		if((int)method_exists($this,$func) > 0)
			$this->$func();
		else
			$this->response('Error code 404, Page not found',404);	// If the method not exist with in this class, response would be "Page not found".
}
private function hello(){
	echo str_replace("this","that","HELLO WORLD!!");

}
	

private function test(){	
	// Cross validation if the request method is GET else it will return "Not Acceptable" status
	if($this->get_request_method() != "GET"){
		$this->response('',406);
	}
	$myDatabase= $this->db;// variable to access your database
	$param=$this->_request['var'];
	// If success everythig is good send header as "OK" return param
	$this->response($param, 200);	
}

	
	/*
	 *	Encode array into JSON
	*/
	private function json($data){
		if(is_array($data)){
			return json_encode($data);
		}
	}
}

	// Initiiate Library
	
	$api = new API;
	$api->processApi();
?>

In the file api.php, provide your MySQL database details in the variables as shown below:

const DB_SERVER = “localhost”;
const DB_USER = “user”;
const DB_PASSWORD = “db_password”;
const DB = “my_db”;

There are two functions defined in api.php,
1) test(){} – For testing GET METHOD
2) hello({} – For simply printing hello world.

Our Rest API Implementation is finished. You can simply call the above two functions using the urls as follows:

http://yourweb.com/MY_API/hello
Output: HELLO WORLD

http://yourweb.com/MY_API/test?var=testing_get_method
Output: testing_get_method

Similarly you can create your own methods in the api.php with any definition and access the methods in the manner shown above.

Thank you for reading this article, I hope it helps somebody.

45,588 total views, 6 views today

(Visited 39,693 times, 27 visits today)
  • Didi

    public function processApi(){
    [1] $func = strtolower(trim(str_replace(“/”,””,$_REQUEST[‘rquest’])));
    if((int)method_exists($this,$func) > 0)
    $this->$func();
    else
    $this->response(‘Error code 404, Page not found’,404); // If the method not exist with in this class, response would be “Page not found”.
    }
    “Notice: Undefined index:”

    [1] $name = “NULL”;
    if (isset($_REQUEST[‘rquest’])) {
    $name = $_REQUEST[‘rquest’];
    }
    $func = strtolower(trim(str_replace(“/”,””, $name)));

    • Raúl

      public function processApi(){
      if (isset($_REQUEST[‘rquest’])) {
      $func = strtolower(trim(str_replace(“/”,””,$_REQUEST[‘rquest’])));
      } else {
      $func = ”;
      }

  • NonZero

    there is some error.

    • Raúl

      The error occurs because not defined “request” in the Array _REQUEST.
      The ideal is to assess the value of the _REQUEST Variable

      public function processApi(){
      if (isset($_REQUEST[‘rquest’])) {
      $func = strtolower(trim(str_replace(“/”,””,$_REQUEST[‘rquest’])));
      } else {
      $func = ”;
      }

  • Ashutosh Parashar

    Hii when i hit the url localhost/MY_API/hello i get object not found error what is the error in the code ??

    • Studio Codecraft

      The directory /MY_API/ doesn’t appear to be valid for the test in the URL: localhost/MY_API/hello

      Try the following URL instead:

      localhost/hello

  • Giovanni Abeni

    Thank you very much! It helped a lot.

  • Mashumba

    mysql_connect() is deprecated, why did you use that function in the example? Would you please update this with PDO?

    • Angelo V. Escasio

      just simply update the code mysql_connect() to mysqli_connect() and mysqli_select_db($this->db , self::DB ); He maybe using the older version of php mysql driver and your using the latest php mysql, or you may want to configure apache to ignore the warnings. The guy is trying to help out noobs on how to create php api and not do what they want too. Still appreciate this kind of a help.

  • Vipul Chaudhary

    Can you please explain a little what the added instructions in .htaccess do here.

  • Phil

    Thank you @Laxman. I real like your tutorial – it helped a lot.

    It’s probably worth mentioning that this may still not work since the server may still be ignoring the .htaccess on some systems (at least for those who never had the need to configure rewriter), or mod_rewriter.c module may need to be added. At least this was the case for me so I was getting 404.

    Anyway, just wanted to say thanks a bunch.

  • Adom

    I want to put your coding in sub folder so how can i configure your code ?

  • Salman

    I have added login function in api.php . In this function just I wanted to display username and password which they have entered in login form using JSON. So how can i display this info?

  • Krzysztof Pazdur

    This code is mess. Please don’t use this on production..
    2016, 2017 we have php7 PDO … spl, and you wrote something like that. Shame!

    • Romain

      The criticism is easy, proposes something!

  • Angelo V. Escasio

    How about creating routes which is in a sub-directory?
    example: http://yourweb.com/MY_API/hello/world

  • Romain

    Hi, thanks for the code.
    I don’t understand the goal of set_headers() ? How does it run ? When i look my source code, i don’t see it.

    Thanks for your help.

  • Nestor Al

    thank you very much, I tested and i worked for me. I appreciate the code you put, I know that’s a stone for me to follow and give another uses, may be will be ready for MySQL and SQL Server.

  • Ulrich Saukel

    Hi, I am using rest.inc.php and i recently added SSL it run with https, but all the sudden i am getting empty json responses no errors, is there something that i need to change to have it work with https? like the setheader() does it need to change to HTTPS/1.1 or should i alter something else? I tried the same on local server no https and all works, so there is 2 thing one could be the hosting or a configuration.. if anyone has experienced that trouble please let me know how you fixed it. Thank you very much in advance!

  • Yashwant Shettigar

    There was an error parsing JSON data via REST client. Well the code works fine, if accessed via browser :
    http://tstyash.byethost24.com/test?var=testing_get_method
    http://tstyash.byethost24.com/hello
    Please check attached screenshot for error.

    I am trying to get data in JSON format, but at the time of parsing it is not happening,

  • Donald Huang

    500 internal server error… why???

    • Mickelodian

      lol… yeah the old if the server fails and won’t run this code then do this routine… wt?

  • chris toohey

    This is horrible code.
    1) It uses the deprecated (removed from php 7) mysql extension, so no prepared statements. Major FAIL. This alone is reason enough to skip this tutorial.

    2) Switch statements to determine the method to call? Something like this would be better:
    $method = [‘POST’=>’create, ‘GET’=>’read’, ‘PUT’=>’update’, ‘DELETE’=>’delete’];

    if(array_key_exists($this->get_request_method(), $method)) {
    $this->$method[$this->get_request_method()]($input);
    } else {
    $this->response(”,406);
    }

    3) Speaking of calling methods, there should be REST methods in a RESTful app! That’s what the code in #2 expects, and that’s what makes REST easier to work with: it’s predictable.

  • http://google.com M Mendez

    hello all, what I do when receive OPTIONS request?