PHP & Web Development Blogs

Hi Guys,
I am sharing you the way to create simple resful apis using php and mysql. We are creating 2 apis here
First is to Loggin a existing user and second is to get list of written blogs by logged in user.

Create any database, i am taking

news

as the database name here, After it create following 2 tables inside it.

CREATE TABLE <code>users</code> (
 <code>id</code> int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY, 
 <code>name</code> varchar(100),
 <code>email</code> varchar(100),
 <code>password</code> varchar(100),
 <code>createdAt</code> datetime NOT NULL,
 <code>updatedAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE <code>blogs</code> (
 <code>id</code> int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY, 
 <code>user_id</code> int(11),
 <code>title</code> varchar(255),
 <code>summary</code> Tinytext,
 <code>body</code> Text,
 <code>createdAt</code> datetime NOT NULL,
 <code>updatedAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
);

Now putting some dummy data to read via the api

--create 2 entries in users table--
INSERT INTO <code>news</code>.<code>users</code> (<code>id</code>, <code>name</code>, <code>email</code>, <code>password</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (1, 'jeetendra singh', '[email protected]', MD5('123456'), '2018-12-28 02:05:12', CURRENT_TIMESTAMP), (2, 'Manvik Singh chaudhary', '[email protected]', MD5('654321'), '2018-12-28 03:08:11', CURRENT_TIMESTAMP);


-- create 2 blogs by userid 1--

INSERT INTO <code>news</code>.<code>blogs</code> (<code>id</code>, <code>user_id</code>, <code>title</code>, <code>summary</code>, <code>body</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (1, '1', 'Blog title 1 by jeetendra', 'Blog summary 1 by jeetendra', 'Blog body 1 by jeetendra', '2018-12-28 02:00:00', CURRENT_TIMESTAMP), (2, '1', 'Blog Title 2 by jeetendra ', 'Blog summary 2 by jeetendra ', 'Blog body 2 by jeetendra ', '2018-12-28 05:10:21', CURRENT_TIMESTAMP);

-- create 2 blogs by userid 2
INSERT INTO <code>news</code>.<code>blogs</code> (<code>id</code>, <code>user_id</code>, <code>title</code>, <code>summary</code>, <code>body</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (3, '2', 'Blog title 1 by manvik', 'Blog summary 1 by manvik', 'Blog body 1 by manvik', '2018-12-28 02:00:00', CURRENT_TIMESTAMP), (4, '2', 'Blog Title 2 by manvik ', 'Blog summary 2 by manvik ', 'Blog body 2 by manvik ', '2018-12-28 05:10:21', CURRENT_TIMESTAMP);

After creating this create a index.php and put this code for Db connection, login and get all blog method

<?php 
header("Content-Type: application/json; charset=UTF-8");

class DBClass {

 private $host = "localhost";
 private $username = "root";
 private $password = ""; private $database = "news";

 public $connection;

 public function connect(){

 $this->connection = null;

 try{
 $this->connection = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->database, $this->username, $this->password);
 $this->connection->exec("set names utf8");
 }catch(PDOException $exception){
 echo "Error: " . $exception->getMessage();
 }

 return $this->connection;
 }

 public function login($email,$password){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT id,name,email,createdAt,updatedAt from users where email= ? and password= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($email,md5($password)));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function get_all_blogs($Uid){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT b.*,u.id as Uid,u.email as Uemail,u.name as Uname from blogs b join users u on u.id=b.user_id where b.user_id= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($Uid));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function response($array)
 {
 echo json_encode($array);
 exit;
 }
}

$return=array();
$obj = new DBClass();
if(isset($_GET['action']) && $_GET['action']!='')
{
if($_GET['action']=="login")
{
 if(isset($_POST['email']) && isset($_POST['password']))
 {
 $UserData=$obj->login($_POST['email'],$_POST['password']);
 if(count($UserData)>0)
 {
 $return['status']=1;
 $return['_data_']=$UserData[0];
 $return['message']='User Logged in Successfully.';
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid Email or Password!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Email or Password not provided!';
 }
}
elseif($_GET['action']=="UserBlogs")
{
 if(isset($_POST['Uid']))
 {
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid UserId!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }
}
}
else
{
$return['status']=0;
$return['message']='Error:Action not provided!';
}
$obj->response($return);
$obj->connection=null;
?>

Now api file is set, just make the urls pretty(readable form) using .htaccess file, put following code in it

RewriteEngine On
RewriteRule ^api/(.*) index.php?action=

Now your Simple Restful Apis are ready to use, Now Let me show you the postman screenshot where i have used these apis.

Login Api Call:

User Post/Blog Api Call

Hello Guys,

In our Last Blog Post, we have created restful apis,But not worked on its security and authentication. Login api can be public but after login apis should be authenticate using any secure token. one of them is JWT, So i am providing the Steps for Create and use JWT Token in our already created API.


Now its time To Implement JWT Authentication IN our Api, So these are the steps to implement it in our already created Apis

Step 1:Install and include Firebase JWT(JSON WEB TOKEN) in our project with following composer command        

 composer require firebase/php-jwt 

include the composer installed packages

require_once('vendor/autoload.php');

use namespace using following:

 use \Firebase\JWT\JWT; 

Step 2: Create a JWT server side using Firebase Jwt Library's encode method in Login action , and return it to Client

Define a private variable named Secret_Key in Class like following:

 private {
 $payload = array(
 'iss' => $_SERVER['HOST_NAME'],
 'exp' => time()+600, 'uId' => $UiD
 );
 try{
 $jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 }
 return $res;
 }

In our login action , if the user has been logged in successfully then with the status,_data_ and message just replace the login success code with following code:

$return['status']=1;
$return['_data_']=$UserData[0];
$return['message']='User Logged in Successfully.';

 $jwt=$obj->generateToken($UserData[0]['id']);
 if($jwt['status']==true)
 {
 $return['JWT']=$jwt['Token'];
 }
 else{
 unset($return['_data_']);
 $return['status']=0;
 $return['message']='Error:'.$jwt['Error'];
 }

Step 3: Now with every request after login should have the JWT token in its Post(even we can receive it in get or authentication header also but here we are receiving it in post)

No afetr successfully login you will get the JWt Token in your response,Just add that Token with every post request of after login api calls. So we will do it using postman, Find the screenshot 1 for checking the JWT Token is coming in login api response

Step 4:After reciving the JWt in every after login api call, we need to check whether the token is fine using JWT decode method in After login Apis like

UserBlogs

is a After login Api, So for verify that we are creating Authencate method in class like following:

 public function Authenticate($JWT,$Curret_User_id)
 {
 try {
 $decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
 $payload = json_decode(json_encode($decoded),true);
 
 if($payload['uId'] == $Curret_User_id) {
 $res=array("status"=>true);
 }else{
 $res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
 }
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 } 
 return $res;
 
 }

Step 5: Cross check the response returned by Authenticate method in

UserBlogs

Action of api , replace the

UserBlogs

Action inner content with following code:

 if(isset($_POST['Uid']))
 {

 $resp=$obj->Authenticate($_POST['JWT'],$_POST['Uid']);
 if($resp['status']==false)
 {
 $return['status']=0;
 $return['message']='Error:'.$resp['Error'];
 }
 else{
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Invalid UserId!';
 }
 } 
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }

Ah great its time to check out the UserBlogs Api, please find the screenshoot for that, Remember we need to put the JWt Token in POST Parameter as we have already recived that Value in Login Api call.



Now if you want to verify that token is expiring in given time(10 minutes after generation time/login time), i am just clicking the same api with same token after 10 minutes and you can see there will not return any data and it is returning status false with following message :





Also if you want to eloborate it more then i suggest you to try with modify Uid value with same token , you will another authentication issue and also if you modify the JWT token also then also you will not get the desired result and get authentication Issue

Thanks for reading out if you want the complete code of this file then please find following:

<?php 
header("Content-Type: application/json; charset=UTF-8");
require_once('vendor/autoload.php');
use \Firebase\JWT\JWT; 

class DBClass {

 private $host = "localhost";
 private $username = "root";
 private $password = ""; private $database = "news";

 public $connection;

 private $Secret_Key="*$%43MVKJTKMN$#"; 
 public function connect(){

 $this->connection = null;

 try{
 $this->connection = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->database, $this->username, $this->password);
 $this->connection->exec("set names utf8");
 }catch(PDOException $exception){
 echo "Error: " . $exception->getMessage();
 }

 return $this->connection;
 }

 public function login($email,$password){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT id,name,email,createdAt,updatedAt from users where email= ? and password= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($email,md5($password)));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function get_all_blogs($Uid){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT b.*,u.id as Uid,u.email as Uemail,u.name as Uname from blogs b join users u on u.id=b.user_id where b.user_id= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($Uid));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function response($array)
 {
 echo json_encode($array);
 exit;
 }

 public function generateToken($UiD)
 {
 $payload = array(
 'iss' => $_SERVER['HOST_NAME'],
 'exp' => time()+600, 'uId' => $UiD
 );
 try{
 $jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 }
 return $res;
 }

 public function Authenticate($JWT,$Current_User_id)
 { 
 try {
 $decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
 $payload = json_decode(json_encode($decoded),true);
 
 if($payload['uId'] == $Current_User_id) {
 $res=array("status"=>true);
 }else{
 $res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
 }
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 } 
 return $res;
 
 }
}

$return=array();
$obj = new DBClass();
if(isset($_GET['action']) && $_GET['action']!='')
{
if($_GET['action']=="login")
{
 if(isset($_POST['email']) && isset($_POST['password']))
 {
 $UserData=$obj->login($_POST['email'],$_POST['password']);
 if(count($UserData)>0)
 {
 $return['status']=1;
 $return['_data_']=$UserData[0];
 $return['message']='User Logged in Successfully.';

 $jwt=$obj->generateToken($UserData[0]['id']);
 if($jwt['status']==true)
 {
 $return['JWT']=$jwt['Token'];
 }
 else{
 unset($return['_data_']);
 $return['status']=0;
 $return['message']='Error:'.$jwt['Error'];
 }
 
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid Email or Password!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Email or Password not provided!';
 }
}
elseif($_GET['action']=="UserBlogs")
{
 if(isset($_POST['Uid']))
 {

 $resp=$obj->Authenticate($_POST['JWT'],$_POST['Uid']);
 if($resp['status']==false)
 {
 $return['status']=0;
 $return['message']='Error:'.$resp['Error'];
 }
 else{
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Invalid UserId!';
 }
 } 
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }
}
}
else
{
$return['status']=0;
$return['message']='Error:Action not provided!';
}
$obj->response($return);
$obj->connection=null;
?>

Hi Guys,
I am sharing you the simple steps by which you can broadcast the web push notifications to your subscriber. In this tutorial we are making a subscriber form and saving information using Ajax and PHP and then through a server side code returning response to current logged in user and showing notification to that user.
Following are the steps to build this system

1. Create a database, I am creating db with name 'web_notifications'

Creating subscribers and notifications tables using following sql statements

CREATE TABLE IF NOT EXISTS <code>subscribers</code> (
 <code>id</code> int(11) NOT NULL,
 <code>name</code> varchar(255) NOT NULL,
 <code>email</code> varchar(255) NOT NULL,
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>subscribers</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>subscribers</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;



CREATE TABLE IF NOT EXISTS <code>notifications</code> (
 <code>id</code> int(11) NOT NULL,
 <code>to_user</code> int(11) NOT NULL,
 <code>title</code> varchar(255) NOT NULL,
 <code>body</code> varchar(255) NOT NULL,
 <code>url</code> varchar(255) NOT NULL,
 <code>is_sent</code> int(11) NOT NULL DEFAULT '0',
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>notifications</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>notifications</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;

2. Now create a db_connect.php file with following code

<?php 
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "web_notifications";

$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
} 
?>

3. Create a cookies.js file to read and write browser cookies

function WriteCookie(key,content) {
 var now = new Date();
 now.setMonth( now.getMonth() + 1 ); 
 document.cookie = key+"=" + escape(content) + ";";
 document.cookie = "expires=" + now.toUTCString() + ";"
}

function ReadCookie(key) {
 var allcookies = document.cookie;
 cookiearray = allcookies.split(';');
 var CookieData=Array();
 for(var i=0; i<cookiearray.length; i++) {
 k = cookiearray[i].split('=')[0];
 v = cookiearray[i].split('=')[1];
 CookieData[k]=v;
 }
 return CookieData[key];
}

4. Create a ajax file to read and mark is_sent if any notification foun to be sent in database for that user. create file with name 'fetch_notifications.php' with following content

<?php require 'db_connect.php';

$sql = "SELECT id,title,body,url FROM notifications where to_user='".@$_GET['user_id']."' and is_sent='0' ";
$result = $conn->query($sql);

$data=array();
if ($result->num_rows > 0) {
 while($row = $result->fetch_assoc()) {
 $data[]=$row;

 $upd = "update notifications set is_sent='1' where id='".$row['id']."' ";
 $conn->query($upd);

 }
}

if(count($data)>0)
{
 $response=array("status"=>1,"notification"=>$data);
}
else
{
 $response=array("status"=>0,"error"=>"No new notification!");
}

echo json_encode($response);

$conn->close(); 
?>

5. Now code index.php to show subscriber form and on submit insert record into the subscriber table

<?php require 'db_connect.php'; ?>
<!DOCTYPE html>
<html>
<head>
 <title>Web Push Notification Demo</title>
 <script src="./cookies.js" type="text/javascript"></script>
 <link href="
<script src="
<script src="
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt" crossorigin="anonymous">
<?php 
if(isset($_POST['subscribe_form']))
{
 $_SESSION['is_login']=0;
 $username=$conn->real_escape_string($_POST['username']);
 $useremail=$conn->real_escape_string($_POST['useremail']);


 $sql = "INSERT INTO subscribers set name='".$username."',email='".$useremail."' ";
 if ($conn->query($sql) === TRUE) {
 $_SESSION['is_login']=1;
 $_SESSION['Uid']= $conn->insert_id;
 $_SESSION['Uname']= $username;
 ?>
 <script type="text/javascript">
 WriteCookie("Uid","<?php echo $_SESSION['Uid']; ?>");
 </script> 
 <?php
 $msg="<p style='color:green'>You have subscribe for push notification succesfully :)</p>";
 } else {
 $msg="<p style='color:red'>Error in subscribing for notifications</p>";
 }


}

?>
<div class="container">
<?php 
if(isset($msg) && $msg!='')
{
 ?>
 <br>
 <div class="alert alert-info">
 <?php echo $msg; ?>
 </div>
 <?php
}

if(isset($_SESSION['is_login']) && $_SESSION['is_login']==1)
{
 ?>
 <h2>Welcome <?php echo $_SESSION['Uname']; ?></h2>
 <script type="text/javascript"> 

setInterval(function(){ 
 check_notification(); 
}, 10000);

function check_notification()
{ 
 var Uid=ReadCookie("Uid");
 if(Uid!==undefined)
 {
 $.ajax({url: "fetch_notifications.php?user_id="+Uid, success: function(result){ 
 var response=JSON.parse(result);
 if(response.status==1)
 {
 
 response=response.notifications;
 for (var i = response.length - 1; i >= 0; i--) {
 var url = response[i]['url'];
 var noti = new Notification(response[i]['title'], {
 icon: 'logo.png', body: response[i]['body'],
 });
 noti.onclick = function () {
 window.open(url); 
 noti.close(); 
 };
 
 };

 }
 else{
 console.log(response.error);

 }
 
 }

 }); 
 }
}

 
 </script>
 <?php
}
else
{
 ?>
 <h2 class="text-center">Subscribe for Notifications</h2>
 <div class="row justify-content-center">
 <div class="col-12 col-md-8 col-lg-6 pb-5">

 <div class="card border-primary rounded-0">
 <div class="card-header p-0">
 <div class="bg-info text-white text-center py-2">
 <h3><i class="fa fa-envelope"></i> Information</h3>
 <p class="m-0">provide your information</p>
 </div>
 </div>
 <div class="card-body p-3">
 <form method="post">
 <!--Body-->
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-user text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="username" name="username" placeholder="Input Your Name Here" required>
 </div>
 </div>
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-envelope text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="useremail" name="useremail" pattern="[^@\s]+@[^@\s]+\.[^@\s]+" title="Invalid email address" placeholder="[email protected]" required>
 </div>
 </div>

 <div class="text-center">
 <input type="submit" value="Subscribe" name="subscribe_form" class="btn btn-info btn-block rounded-0 py-2">
 </div>
 </form>
 </div>

 </div>
 


 </div>
 </div>
<?php }?>
</div>



</head>
<body>

</body>
</html>
<?php 
$conn->close(); 
?>

The frontend of your subscription page (index.php) should look like this:




Now we are ready to receive notification in frontend, but we still need to create an admin page from where we can send notification to subscriber(s).

6. Create a table for admin user

CREATE TABLE IF NOT EXISTS <code>admin</code> (
 <code>id</code> int(11) NOT NULL,
 <code>username</code> varchar(255) NOT NULL,
 <code>password</code> varchar(255) NOT NULL,
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>admin</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>admin</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;

INSERT INTO <code>web_notifications</code>.<code>admin</code> (<code>id</code>, <code>username</code>, <code>password</code>, <code>createdAt</code>) VALUES (NULL, 'admin', MD5('123456'), CURRENT_TIMESTAMP);

Following is the code for admin.php to add the notifications to subscriber(s) account also i have inserted following login credentials for admin in admin table:
username:admin
password:123456

7. Now put following code in admin.php

<?php require 'db_connect.php'; ?>
<!DOCTYPE html>
<html>
<head>
 <title>ADMIN PAGE</title> 
 <link href="
<script src="
<script src="
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt" crossorigin="anonymous">
<?php 
if(isset($_POST['login']))
{
 $_SESSION['admin_login']=0;
 $username=$conn->real_escape_string($_POST['username']);
 $password=$conn->real_escape_string($_POST['password']);
 $sql = "SELECT * FROM admin where username='".$username."' and password='".md5($password)."' ";
 $result = $conn->query($sql);
 if ($result->num_rows > 0) {
 $_SESSION['admin_login']=1;
 $msg="<p style='color:green'>Admin Logged-in Successfully :)</p>";
 }
 else {
 $msg="<p style='color:red'>INVALID CREDENTIALS FOR ADMIN</p>";
 } 


}
if(isset($_POST['add_notification']))
{ 
 $title=$conn->real_escape_string($_POST['title']);
 $body=$conn->real_escape_string($_POST['body']);
 $url=$conn->real_escape_string($_POST['url']);
 $users=$_POST['users'];

 foreach ($users as $user_id) {
 $ins = "insert into notifications set to_user='".$user_id."' , title='".$title."', url='".$url."', body='".$body."' ";
 $conn->query($ins);
 }
 $msg="<p style='color:green'>Notification(s) added to subscribers account.</p>";
 
}

?>
<div class="container">
<?php 
if(isset($msg) && $msg!='')
{
 ?>
 <br>
 <div class="alert alert-info">
 <?php echo $msg; ?>
 </div>
 <?php
}

if(isset($_SESSION['admin_login']) && $_SESSION['admin_login']==1)
{
 ?>
 <h2>Welcome Admin, Send notification to Subscriber(s)</h2>

<form method="post">
 
 

<div class="form-group">
 <label for="sel1">Select Subscriber(s):</label>
 <select multiple="multiple" required="required" class="form-control" id="users" name="users[]">
 <?php
$sql = "SELECT id,name FROM subscribers";
$result = $conn->query($sql);

$data=array();
if ($result->num_rows > 0) {
 while($row = $result->fetch_assoc()) {
 echo "<option value='".$row['id']."'>".$row['name']."</option>";
 }
}
?>
 </select>
</div>

 <div class="form-group">
 <label for="email">Title</label>
 <input type="text" required class="form-control" placeholder="notification title here" name="title" id="title">
 </div>
 
 <div class="form-group">
 <label for="email">Message</label>
 <textarea required class="form-control" placeholder="notification message here" name="body" id="body"></textarea> 
 </div>

 <div class="form-group">
 <label for="email">Url</label>
 <input type="url" required class="form-control" placeholder="notification landing/click url here" name="url" id="url">
 </div>
 
 <input type="submit" class="btn btn-primary btn-block" name="add_notification" value="Submit" />

</form>


 <?php
}
else
{
 ?>
 <h2 class="text-center">ADMINISTRATOR</h2>
 <div class="row justify-content-center">
 <div class="col-12 col-md-8 col-lg-6 pb-5">

 <div class="card border-primary rounded-0">
 <div class="card-header p-0">
 <div class="bg-info text-white text-center py-2">
 <h3><i class="fa fa-envelope"></i> LOGIN</h3>
 <p class="m-0">provide admin login credentials</p>
 </div>
 </div>
 <div class="card-body p-3">
 <form method="post">
 <!--Body-->
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-user text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="username" name="username" placeholder="Input username here" required>
 </div>
 </div>
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-key text-info"></i></div>
 </div>
 <input type="password" class="form-control" id="password" name="password" placeholder="your password here" required>
 </div>
 </div>

 <div class="text-center">
 <input type="submit" value="Login" name="login" class="btn btn-info btn-block rounded-0 py-2">
 </div>
 </form>
 </div>

 </div>
 


 </div>
 </div>
<?php }?>
</div>



</head>
<body>

</body>
</html>
<?php 
$conn->close(); 
?>

The admin page will ask login credentials first then it will look like following screenshot:



Now in your project if you open index.php you have a frontend where user will register themselves to receive notifications, and admin.php is your backend where you can send notifications to users or subscribers


If you face any problem in setup this small project please just let me know in the comments below, or by messaging me.

Conferences are always looking for speakers - it can be hard to keep track of them all and the requirements they have. I wanted to put together this quick guide to make it easy for you to apply. Make sure to apply because as Wayne Gretzky said “You miss 100% of the shots you don’t take”!!!

phpDay 2019

First we have phpDay 2019 which will take place on May 10 & 11 at Hotel San Marco in Verona, Italy. Some facts about this call for papers:
*Submission deadline: February 4, 2019
*Submit via: https://cfp.phpday.it/
* For more info on the conference: https://2019.phpday.it/
* Twitter: (@phpday)
* Speaker package includes: Full conference pass (jsDay + phpDay), speaker dinner the first night, lunch, reception and activities included in regular conference.
* For speakers remote to the Area: A refund of up to €200 for travel costs (or €500 from US or extra-EU), 2 complimentary hotel nights (+1 hotel night for speakers presenting multiple talks or US/extra-EU) and Taxi fare from/to the airport.
*In Submission: make sure your talk title and abstract define the exact topic you want to talk about and what you hope people will learn from the session.
*Talk Ideas: APIs (REST, SOAP, etc.), Architectures, Continuous Delivery, Databases, Development, Devops, Frameworks, Internals, PHP 7.x / PHP 8, Security, Testing and UI/UX.

ScotlandPHP

Next we have ScotlandPHP which will take place on November 8 & 9 at Edinburgh International Conference Centre in Edinburgh, Scotland.
*Submission deadline: April 22, 2019
*Submit via: https://cfs.scotlandphp.co.uk/
* For more info on the conference: https://conference.scotlandphp.co.uk/
* Twitter: (@scotlandphp)
* Speaker package: Full conference pass, lunch, receptions and activities included in regular conference.
* For speakers remote to the Area: Complimentary airfare/travel, 2 complimentary hotel nights and we'll pick you up and drop you off to/from the airport so you don't have to worry about it.
* Speakers will be provided with a projector, a wireless lapel microphone and a screen for their presentation (size depends on the room). Speakers should bring any equipment they need to connect to projectors (VGA). It is also suggested that you reduce your dependency on the in-house internet connection as possible. We will however provide HDMI and Mini Display Port connections for all speakers on request. If you need something different or your selected talk needs audio equipment just let us know. We'll work it out.
* Looking for talks and workshops (November 8th).
*Talk Ideas: Virtualization and environments, Javascript, Alternate PHP run-times, PHP internals, Development principles, Security, Mobile-first design, Testing (unit, functional, etc.), Version control, User Experience/Usability, Building APIs (REST, SOAP, whatever), Continuous Integration, Framework-related topics, and Professional development.

Global diversity CFP day

In 2019 there will be numerous workshops hosted around the globe encouraging and advising newbie speakers to put together your very first talk proposal and share your own individual perspective on any subject of interest to people in tech.
* Twitter: (@gdcfpday)
*Save the Date: March 2, 2019
*Register here: https://www.globaldiversitycfpday.com/?utm_source=scotphp

CoderCruise

Then there is CoderCruise which will take place on August 19-23. It's a cruise that takes off from Port Canaveral, Florida and goes to the Bahamas.
* Twitter: (@codercruise)
*Submission deadline: March 3, 2019
*Submit via: https://www.papercall.io/codercruise-2019
* For more info on the conference: https://www.codercruise.com/
* This is a polyglot conference so looking for speakers on a wide variety of languages (PHP, JavaScript, Java, Python, etc.) and on various tech topics.

PHP Conference Asia 2019

There is also PHP Conference Asia 2019, which will take place on June 24-25 at Microsot Singapore.
*Submission deadline: March 8, 2019
*Submit via: https://cfp.phpconf.asia/
* For more info on the conference: https://2019.phpconf.asia/
* Twitter: (@PHPConfAsia)
* Speaker package includes: Speaker package: Full conference pass, lunch, receptions and activities included in regular conference. We'll pick you up and drop you off to/from the airport so you don't have to worry about it. Speakers' dinner on the first evening of the conference (24th June 2019). Transport to and from the conference venue will be included
* For speakers remote to the Area: 2 complimentary hotel nights and
we can consider providing grants to partially cover the air-fare for speakers who might have financial difficulties. This is on a case-by-case basis.
* Speakers will be provided with a projector, a wireless hand-held microphone and a screen for their presentation. Speakers should prepare their slides in 4x3 aspect ratio. Speakers should bring any equipment they need to connect to projectors (HDMI). It is also suggested that you reduce your dependency on the in-house internet connection as possible.
*In Submission: Make sure your talk title and abstract define the exact topic you want to talk about and what you hope people will learn from the session.
*Talk Ideas: Virtualization and environments, Javascript, Alternate PHP run-times, PHP internals, Development principles, Security, Mobile-first design, Testing (unit, functional, etc.), Version control, User Experience/Usability, Building APIs (REST, SOAP, whatever), Continuous Integration, Framework-related topics, and Professional development.

Cascadia PHP

Another conference to apply to is Cascadia PHP, which will take place on September 19-21 at University Place Hotel & Conference Center in Portland, Oregon.
*Submission deadline: April 15, 2019
*Submit via: https://cfp.cascadiaphp.com/
* For more info on the conference: https://www.cascadiaphp.com/venue
* Twitter: (@CascadiaPHP)
* Speaker package includes: Speaker package: Full conference pass, lunch, receptions and activities included in regular conference. For speakers remote to the Area: Complimentary airfare/travel, 2 complimentary hotel nights and we'll pick you up and drop you off to/from the airport so you don't have to worry about it.
Speakers will be provided with a projector, a wireless lapel microphone and a screen for their presentation (size depends on the room). Speakers should bring any equipment they need to connect to projectors (VGA). It is also suggested that you reduce your dependency on the in-house internet connection as possible.
*In Submission: make sure your talk title and abstract define the exact topic you want to talk about and what you hope people will learn from the session.
*Talk Ideas: PHP internals, Version control, Framework-related topics, Building APIs (REST, SOAP, whatever), Mobile-first design, Professional development, Testing (unit, functional, etc.), Alternate PHP run-times, Development principles, Continuous Integration, Getting involved in the PHP community, User Experience/Usability, Technology at large, Security, Connecting to Different APIs, Development Tools, Virtualization and environments, Javascript, Modern hosting practices, Language Features, Databases, Refactoring legacy applications, Running/contributing to open source projects, AI and AR, and User Groups.

Nomad PHP

Last but not least - this is an ongoing call for papers. This is perfect if you want to present from the comfort of your office, home or really wherever you are. It’s via RingCentral meetings and will be live and recorded. This is for none other than Nomad PHP.
* Twitter: (@nomadphp)
* Deadline: Anytime :D
* Talk length: 45 - 60 minutes.
* Talks should be unique to Nomad PHP and not available in video format online.
* Talk should not be recorded or made available elsewhere online for at least 3 months following your talk.
* The talk will be featured on our page and promoted via social media.
* Speakers will receive a financial stipend.
* Upon being selected we will reach out with further details.
*Talk ideas: AI & Machine Learning, APIs, Containerization, Databases, DevOps, Documentation, Frameworks, Performance, Security, Serverless, Testing, Tools, Upgrading/ Modernization, and more.
*Submit here: https://www.papercall.io/nomadphp
Now that you have some information - make sure to apply to all of these options! Can't wait to see all of your awesome talks you present :D!

As a developer, you've probably at least heard something about CI - Continuous integration. And if you haven't - you better fix it ASAP, because that's something awesome to have on your skill list and can get extremely helpful in your everyday work. This post will focus on CI for PHP devs, and specifically, on CI implementation from Gitlab. I will suppose you know the basics of Git, PHP, PHPUnit, Docker and unix shell. Intended audience - intermediate PHP devs.
Adding something to your workflow must serve a purpose. In this case the goal is to automate routine tasks and achieve better quality control. Even a basic PHP project IMO needs the following:
* linter) checks (cannot merge changes that are invalid on the syntax level)
* Code style checks
* Unit and integration tests
All of those can be just run eventually, of course. But I prefer an automated CI approach even in my personal projects because it leads to a higher level of discipline, you simply can't avoid following a set of rules that you've developed. Also, it reduces a risk of releasing a bug or regression, thus improving quality.
Gitlab is as generous as giving you their CI for free, even for your private repos. At this point it is starting to look as advertising, therefore a quick comparison table for Gitlab, Github, Bitbucket. AFAIK, Github does not have a built-in solution, instead it is easily integrated with third parties, of which Travis CI seems to be the most popular - I will therefore mention Travis here.

Public repositories (OSS projects). All 3 providers have a free offer for the open-source community!

| Provider | Limits |
|---|---|
| Gitlab | 2,000 CI pipeline minutes per group per month, shared runners |
| Travis | Apparently unlimited |
| Bitbucket| 50 min/month, max 5 users, File storage <= 1Gb/month |

Private repositories

| Provider | Price | Limits |
|---|---|---|
| Gitlab | Free | 2,000 CI pipeline minutes per group per month, shared runners |
| Travis | $69/month | Unlimited builds, 1 job at a time |
| Bitbucket| Free | 50 min/month, max 5 users, File storage <= 1Gb/month |

Getting started

I made a small project based on Laravel framework and called it "ci-showcase". I work in Linux environment, and the commands I use in the examples, are for linux shell. They should be pretty much the same on Mac and nearly the same on Windows though.

composer create-project laravel/laravel ci-showcase

Next, I went to gitlab website and created a new public project: https://gitlab.com/crocodile2u/ci-showcase. Cloned the repo and copied all files and folders from the newly created project - the the new git repo. In the root folder, I placed a .gitignore file:

.idea
vendor
.env

Then the .env file:

APP_ENV=development

Then I generated the application encryption key: php artisan key:generate, and then I wanted to verify that the primary setup works as expected: ./vendor/bin/phpunit, which produced the output OK (2 tests, 2 assertions). Nice, time to commit this: git commit && git push

At this point, we don't yet have any CI, let's do something about it!

Adding .gitlab-ci.yml

Everyone going to implement CI with Gitlab, is strongly encouraged to bookmark this page: https://docs.gitlab.com/ee/ci/README.html. I will simply provide a short introduction course here plus a bit of boilerplate code to get you started easier.
First QA check that we're going to add is PHP syntax check. PHP has a built-in linter, which you can invoke like this: php -l my-file.php. This is what we're going to use. Because the php -l command doesn't support multiple files as arguments, I've written a small wrapper shell script and saved it to ci/linter.sh:

#!/bin/sh
files=<code>sh ci/get-changed-php-files.sh | xargs</code>last_status=0
status=0
# Loop through changed PHP files and run php -l on each
for f in "$files" ; do message=<code>php -l $f</code> last_status="$?" if [ "$last_status" -ne "0" ]; then # Anything fails -> the whole thing fails echo "PHP Linter is not happy about $f: $message" status="$last_status" fi
done
if [ "$status" -ne "0" ]; then echo "PHP syntax validation failed!"
fi
exit $status

Most of the time, you don't actually want to check each and every PHP file that you have. Instead, it's better to check only those files that have been changed. The Gitlab pipeline runs on every push to the repository, and there is a way to know which PHP files have been changed. Here's a simple script, meet ci/get-changed-php-files.sh:

#!/bin/sh
# What's happening here?
#
# 1. We get names and statuses of files that differ in current branch from their state in origin/master.
# These come in form (multiline)
# 2. The output from git diff is filtered by unix grep utility, we only need files with names ending in .php
# 3. One more filter: filter *out* (grep -v) all lines starting with R or D.
# D means "deleted", R means "renamed"
# 4. The filtered status-name list is passed on to awk command, which is instructed to take only the 2nd part
# of every line, thus just the filename
git diff --name-status origin/master | grep '\.php$' | grep -v "^[RD]" | awk '{ print }'

These scripts can easily be tested in your local environment ( at least if you have a Linux machine, that is ;-) ).
Now, as we have our first check, we'll finally create our .gitlab-ci.yml. This is where your pipeline is declared using YAML notation:

# we're using this beautiful tool for our pipeline: https://github.com/jakzal/phpqa
image: jakzal/phpqa:alpine
# For this sample pipeline, we'll only have 1 stage, in real-world you would like to also add at least "deploy"
stages: - QA
linter:
stage: QA
# this is the main part: what is actually executed
script:	- sh ci/get-changed-php-files.sh | xargs sh ci/linter.sh

The first line is image: jakzal/phpqa:alpine and it's telling Gitlab that we want to run our pipeline using a PHP-QA utility by jakzal. It is a docker image containing PHP and a huge variety of QA-tools. We declare one stage - QA, and this stage by now has just a single job named linter. Every job can have it's own docker image, but we don't need that for the purpose of this tutorial. Our project reaches Step 2. Once I had pushed these changes, I immediately went to the project's CI/CD page. Aaaand.... the pipeline was already running! I clicked on the linter job and saw the following happy green output:

Running with gitlab-runner 11.9.0-rc2 (227934c0) on docker-auto-scale ed2dce3a
Using Docker executor with image jakzal/phpqa:alpine ...
Pulling docker image jakzal/phpqa:alpine ...
Using docker image sha256:12bab06185e59387a4bf9f6054e0de9e0d5394ef6400718332c272be8956218f for jakzal/phpqa:alpine ...
Running on runner-ed2dce3a-project-11318734-concurrent-0 via runner-ed2dce3a-srm-1552606379-07370f92...
Initialized empty Git repository in /builds/crocodile2u/ci-showcase/.git/
Fetching changes...
Created fresh repository.
From https://gitlab.com/crocodile2u/ci-showcase * [new branch] master -> origin/master * [new branch] step-1 -> origin/step-1 * [new branch] step-2 -> origin/step-2
Checking out 1651a4e3 as step-2...
Skipping Git submodules setup
$ sh ci/get-changed-php-files.sh | xargs sh ci/linter.sh
Job succeeded

It means that our pipeline was successfully created and run!

PHP Code Sniffer.

PHP Code Sniffer is a tool for keeping app of your PHP files in one uniform code style. It has a hell of customizations and settings, but here we will only perform simple check for compatibilty with PSR-2 standard. A good practice is to create a configuration XML file in your project. I will put it in the root folder. Code sniffer can use a few file names, of which I prefer phpcs.xml:

<?xml version="1.0"?>
/resources

I also will append another section to .gitlab-ci.yml:

code-style:	stage: QA	script:	# Variable $files will contain the list of PHP files that have changes	- files=<code>sh ci/get-changed-php-files.sh</code> # If this list is not empty, we execute the phpcs command on all of them - if [ ! -z "$files" ]; then echo $files | xargs phpcs; fi

Again, we check only those PHP files that differ from master branch, and pass their names to phpcs utility. That's it, Step 3 is finished! If you go to see the pipeline now, you will notice that linter and code-style jobs run in parallel.

Adding PHPUnit

Unit and integration tests are essential for a successful and maintaiable modern software project. In PHP world, PHPUnit is de facto standard for these purposes. The PHPQA docker image already has PHPUnit, but that's not enough. Our project is based on Laravel, which means it depends on a bunch of third-party libraries, Laravel itself being one of them. Those are installed into vendor folder with composer. You might have noticed that our .gitignore file has vendor folder as one of it entries, which means that it is not managed by the Version Control System. Some prefer their dependencies to be part of their Git repository, I prefer to have only the composer.json declarations in Git. Makes the repo much much smaller than the other way round, also makes it easy to avoid bloating your production builds with libraries only needed for development.
Composer is also included into PHPQA docker image, and we can enrich our .gitlab-ci.yml:

test:	stage: QA	cache:	key: dependencies-including-dev	paths: - vendor/	script:	- composer install	- ./vendor/bin/phpunit

PHPUnit requires some configuration, but in the very beginning we used composer create-project to create our project boilerplate.laravel/laravel package has a lot of things included in it, and phpunit.xml is also one of them. All I had to do was to add another line to it:

xml

APP_KEY enironment variable is essential for Laravel to run, so I generated a key with php artisan key:generate.
git commit & git push, and we have all three jobs on theQA stage!

Checking that our checks work

In this branch I intentionally added changes that should fail all three job in our pipeline, take a look at git diff. And we have this out from the pipeline stages:Linter:

$ ci/linter.sh
PHP Linter is not happy about app/User.php:
Parse error: syntax error, unexpected 'syntax' (T_STRING), expecting function (T_FUNCTION) or const (T_CONST) in app/User.php on line 11
Errors parsing app/User.php
PHP syntax validation failed!
ERROR: Job failed: exit code 255

**Code-style**:

$ if [ ! -z "$files" ]; then echo $files | xargs phpcs; fi
FILE: ...ilds/crocodile2u/ci-showcase/app/Http/Controllers/Controller.php
----------------------------------------------------------------------
FOUND 0 ERRORS AND 1 WARNING AFFECTING 1 LINE
---------------------------------------------------------------------- 13 | WARNING | Line exceeds 120 characters; contains 129 characters
----------------------------------------------------------------------
Time: 39ms; Memory: 6MB
ERROR: Job failed: exit code 123

**test**:

$ ./vendor/bin/phpunit
PHPUnit 7.5.6 by Sebastian Bergmann and contributors.
F. 2 / 2 (100%)
Time: 102 ms, Memory: 14.00 MB
There was 1 failure:
1) Tests\Unit\ExampleTest::testBasicTest
This test is now failing
Failed asserting that false is true.
/builds/crocodile2u/ci-showcase/tests/Unit/ExampleTest.php:17
FAILURES!
Tests: 2, Assertions: 2, Failures: 1.
ERROR: Job failed: exit code 1

Congratulations, our pipeline is running, and we now have much less chance of messing up the result of our work.

Conclusion

Now you know how to set up a basic QA pipeline for your PHP project. There's still a lot to learn. Pipeline is a powerful tool. For instance, it can make deployments to different environments for you. Or it can build docker images, store artifacts and more! Sounds cool? Then spend 5 minutes of your time and leave a comment, you can also tell me if there is a pipeline topic you would like to be covered in next posts.