CODEWITHSUNDEEP
phpweb-servicesrest
mrhands
mrhands

Reputation: 1533

RESTfull concept

I'm still confusing about RESTfull concept. I have a service it's like here

include '../includeall.php';
$query = Q_GET_FACT_GIVEN_TABLE;

$i = 0;
$queryall = null;
if (isset($_GET['year'])) {
    $year = $_GET['year'];
    $queryall[$i++] = "f.year=" . $year;
}

if (isset($_GET['period_id'])) {
    $period_id = $_GET['period_id'];
    $queryall[$i++] = "f.period_id=" . $period_id;
}

if (isset($_GET['month_id'])) {
    $month_id = $_GET['month_id'];
    $queryall[$i++] = "f.month_id=" . $month_id;]
}

if (isset($_GET['var_in_cat_id'])) {
    $var_in_cat_id = $_GET['var_in_cat_id'];
    $queryall[$i++] = "f.var_in_cat_id=" . $var_in_cat_id;
}

if (isset($_GET['reg_id'])) {
    $reg_id = $_GET['reg_id'];
    if ($reg_id == "prop")
        $queryall[$i++] = "substring(reg_id,-2)='00' AND reg_id<>'0000'";
    else
        $queryall[$i++] = "f.reg_id=" . $reg_id;
}

if (isset($_GET['id_prop'])) {
    $idprop = $_GET['id_prop'];
    $queryall[$i++] = "substring(reg_id,1,2)='$idprop' AND substring(reg_id,-2)<>'00'";
}

if (isset($_GET['data_source_id'])) {
    $data_source_id = $_GET['data_source_id'];
    $queryall[$i++] = "f.data_source_id=" . $data_source_id;
}

for($i=0;$i<count($queryall);$i++){
    $queryi=$queryall[$i];
    $query.=" AND ".$queryi;
}

$query.=" ORDER BY reg_id,month_id";

$database = new Database();
$queryResult = $database->query($query);
$resultArray = Utils::convertToJSON($queryResult);
?>

Is my implementation code above can be called as web service?? It's contains of JSON implementation in output as user request on some url. If it can be categorized as a web service what kind of service do I have?? Can it be call as a RESTfull web service.. Please help me..

Upvotes: 0

Views: 1457

Answers (1)

phihag
phihag

Reputation: 288090

Well, you could consider it a web service, but its interface there's no REST aspect in there. I'd call it ... a search function.

REST(Representational State Transfer) means that the HTTP method defines the action you're taking. For example, a DELETE HTTP request will actually cause a deletion, and a PUT will write a resource. As presented above, your application consists of a search function, and therefore does not apply.

In php, you can determine the HTTP method used in the request from $_SERVER['REQUEST_METHOD'].

By the way, you should not initialize $queryall as null, but array(). You can also dispose of the $i and just write $queryall[] = ... instead of $queryall[$i++].

Also, you should not construct a database query by concatenating input strings, as this code makes your application vulnerable to SQL injections. Use prepared statements to avoid SQL injection vulnerabilities.

Upvotes: 1

Related Questions