Initial knowledge of PHP interface

Source: Internet
Author: User

This article introduces the content of PHP interface, now share to everyone, but also to have a friend in need of help a reference, we have a look at it

one. The interface can be divided into two types by requester:
One is the interface that is called by other internal projects (including the interface of the JS asynchronous request and the timer program).
The other is the external interface, which is mainly provided to external developers to call.
  
The biggest difference between the two interfaces is that the internal interface does not require too strict authentication, and the external interface requires strict authentication, encryption and decryption methods, the most common and simplest is the HTTP Basic authentication, for example, our large background pop-up account and password popup is the use of Basic authentication, Enter your account and password to pass the verification. However, if the internal interface involves important operations and does not want to be maliciously requested by others, it is necessary to do a bit of encryption verification.
  
two. Regardless of the interface, the following questions should be considered:
1. Security. Parameter safety: This one we have $_input basic is enough. Whether authentication is required: if it is only the interface of the internal notification class/callback class, even if the malicious request does not affect the data is normal, this can be completely non-validation, for a chestnut, I make a synchronization order status interface, the process is to query the order status of problematic orders, and then update the status of these orders. This interface does not need to return any value, even if the bad call by the villain will not have the effect of yarn, then there is no need to do the authentication. So this verification is determined by the actual logic of the interface.

2. Can I repeat the request. For example, an interface that inserts a piece of data based on an incoming order number needs to be judged by repeated requests to avoid inserting multiple data.

three. Writing Interface Specifications
1. Using Try...catch ... structure to write. (mainly throw can end the program at any time, so very cool ~)
2. Return status code, do not return success equals True or FALSE, if you want to write a document, the meaning of the different error codes should also be clear, convenient for callers to query the cause of the error.
See below the chestnuts directly:

<?php    $code = 200;//Interface Status code     $name = Trim ($_input[' name ');    $age  = Trim ($_input[' age ');    if (empty ($name))    {        $code = 401;        throw new Exception (' name cannot be empty ');    }    if (!is_numeric ($age))    {        $code = 402;        throw new Exception (' age must consist of numbers ');    }    $database _obj = new Database_class ();    $res = $database _obj->save ($name, $age);    if (! $res)    {        $code = 403;        throw new Exception (' Save data failed ');    }            $msg = ' OK ';    } catch (Exception $e) {        $msg = $e->getmessage ();    } Output_json ($code, $data, $msg); $data can place the data that needs to be returned//Output_json function in the big function there is ~ if you do not want to introduce a large function, you can copy one to your project//========end=======?>

Reprinted from: https://www.cnblogs.com/xiaomendelu/p/5819708.html

one. The interface can be divided into two types by requester:
One is the interface that is called by other internal projects (including the interface of the JS asynchronous request and the timer program).
The other is the external interface, which is mainly provided to external developers to call.
  
The biggest difference between the two interfaces is that the internal interface does not require too strict authentication, and the external interface requires strict authentication, encryption and decryption methods, the most common and simplest is the HTTP Basic authentication, for example, our large background pop-up account and password popup is the use of Basic authentication, Enter your account and password to pass the verification. However, if the internal interface involves important operations and does not want to be maliciously requested by others, it is necessary to do a bit of encryption verification.
  
two. Regardless of the interface, the following questions should be considered:
1. Security. Parameter safety: This one we have $_input basic is enough. Whether authentication is required: if it is only the interface of the internal notification class/callback class, even if the malicious request does not affect the data is normal, this can be completely non-validation, for a chestnut, I make a synchronization order status interface, the process is to query the order status of problematic orders, and then update the status of these orders. This interface does not need to return any value, even if the bad call by the villain will not have the effect of yarn, then there is no need to do the authentication. So this verification is determined by the actual logic of the interface.

2. Can I repeat the request. For example, an interface that inserts a piece of data based on an incoming order number needs to be judged by repeated requests to avoid inserting multiple data.

three. Writing Interface Specifications
1. Using Try...catch ... structure to write. (mainly throw can end the program at any time, so very cool ~)
2. Return status code, do not return success equals True or FALSE, if you want to write a document, the meaning of the different error codes should also be clear, convenient for callers to query the cause of the error.
See below the chestnuts directly:

<?php    $code = 200;//Interface Status code     $name = Trim ($_input[' name ');    $age  = Trim ($_input[' age ');    if (empty ($name))    {        $code = 401;        throw new Exception (' name cannot be empty ');    }    if (!is_numeric ($age))    {        $code = 402;        throw new Exception (' age must consist of numbers ');    }    $database _obj = new Database_class ();    $res = $database _obj->save ($name, $age);    if (! $res)    {        $code = 403;        throw new Exception (' Save data failed ');    }            $msg = ' OK ';    } catch (Exception $e) {        $msg = $e->getmessage ();    } Output_json ($code, $data, $msg); $data can place the data that needs to be returned//Output_json function in the big function there is ~ if you do not want to introduce a large function, you can copy one to your project//========end=======?>

Reprinted from: https://www.cnblogs.com/xiaomendelu/p/5819708.html

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.