PHP & Web Development Blogs

PHP, by all means, is an immensely powerful language!



We may fall short of words, but there won't come any end to its qualities. The endless functionalities and possibilities of this server-side scripting language have managed to get it a strong and supportive community of PHP programmers on a global level. At present, PHP powers more than half on websites and applications on the internet.


Do you know what makes PHP so praiseworthy?



It is the simplicity, easy programming structure, and developer-friendly web functionalities that are to be credited to turn PHP into one of the top programming languages. You can create highly interactive and dynamic websites and applications with desired results by making use of PHP.



However, coding often could be a tough and tedious task to accomplish. As a solution to this, you get built-in PHP libraries that optimize the process of coding for maximum productivity.

But what are these libraries?

That's exactly what you will find out as you move ahead in this article, a list of top 12 PHP libraries capable of leading the development process in an intended manner.



So, without waiting any further, let's move ahead to learn about PHP libraries in-depth.

PChart

PChart is a PHP library assisting with the generation of text data in the form of something more appealing to the eyes and known as visual charts.



You can use this library to represent data as bar charts, pie charts, and many more different formats. The PHP script here utilizes SQL queries to put data in the impressive charts or graphs form.

Mink

Another well-known in the list of PHP libraries is Mink. It allows you to keep an eye on if a proper interaction is happening between your web apps and the browser. Eliminating the API differences between the two types of browser emulators, Mink offers an authentic testing environment for you. It also supports PHPUnit, Behat, and Symfony2.

Monolog

Monolog is a PHP logging library that helps you with saving logs to the specified locations by sending them to set files, sockets, inboxes, databases, or other web services. The use of the PSR-3 interface permits to type-hint logs in counter to your libraries that maintain optimum interoperability.

Hoa

This modular, extensible, and structured set of PHP libraries we know as Hoa establishes a link between the research and the industry.



It recommends essential paradigms, mechanisms, and algorithms for building the reliability of a site. Many PHP developers in different parts of the world use Hoa for ideal PHP development.

Guzzle

Guzzle is an HTTP client library for PHP that enables you to send HTTP requests to combine with web services.



It offers a simple interface that makes the development of query strings, POST requests, HTTP cookies, and many other attributes possible. You can also use Guzzle to send synchronous and asynchronous requests from the similar interface.

Ratchet

If your need is to develop real-time, two-directional apps between clients and servers over WebSockets, Ratchet is the PHP library you need to do it effectively.



Creating event-driven apps with Ratchet is a rapid, simple, and easy job to do!

Geocoder

Geocoder is a library to create applications that are very well geo-aware.



With Geocoder, there is an abstraction layer that helps with geocoding manipulations.



It is further split into two parts, known as HttpAdapter and Provider.

ImageWorkshop

ImageWorkshop is an open-source PHP library letting you work over the manipulation of images with layers. You can crop, resize, add watermarks, create thumbnails, and so much more. You can also enhance the images on the sites.

PhpThumb

phpThumb is the library specialized at handling the work associated with creating thumbnails with minimal coding. Accepting every image source type and image formats, it makes you do a lot ranging from rotating or cropping to watermarking or defining the image quality.

Parody

This simple library we know as Parody is used to copy classes and objects. It also provides results for method calls, acquiring properties, instantiating objects, and more. Sequential method chaining is used by Parody to produce defining class structures.

Imagine

This object-oriented PHP library is meant for working with images along with manipulating them. The often adopted operations such as resizing, cropping, and applying filters happen instantly and relatively well with Imagine.



With Imagine, you get a color class that forms the RGB values of any given color. Draw shapes like arc, ellipse, line, etc. with the features available.

PhpFastCache

PhpFastCache is an open-source PHP library that makes caching feasible. Coming as a single-file, it can be integrated within a matter of minutes.



Caching methods supported by PhpFastCache involve apc, memcache, memcached, wincache, pdo, and mpdo.


The Bottom Line




It's not about what extra difference these libraries make; it's about what significant individual contributions these libraries make for a final desired PHP app or website.



A PHP programmer, too, agrees with these libraries' benefits.



It's your time now to try and believe!

Composer is the way that that PHP developers manage libraries and their dependencies. Previously, developers mainly stuck to existing frameworks. If you were a Symfony developer, you used Symfony and libraries built around it. You didn’t dare cross the line to Zend Framework. These days however, developers focus less on frameworks, and more on the libraries they need to build the project they are working on. This decoupling of projects from frameworks is largely possible because of Composer and the ecosystem that has built up around it.

Like PHP, Composer is easy to get started in, but complex enough to take time and practice to master. The Composer manual does a great job of getting you up and running quickly, but some of the commands are involved enough so that many developers miss some of their power because they simply don’t understand.

I’ve picked out five commands that every user of Composer should master. In each section I give you a little insight into the command, how it is used, when it is used and why this one is important.

1: Require

Sample:

$ composer require monolog/monolog

Require is the most common command that most developers will use when using Composer. In addition to the vendor/package, you can also specify a version number to load along with modifiers. For instance, if you want version 1.18.0 of monolog specifically and never want the update command to update this, you would use this command.

$ composer require monolog/monolog:1.18.0

This command will not grab the current version of monolog (currently 1.18.2) but will instead install the specific version 1.18.0.

If you always want the most recent version of monolog greater than 1.8.0 you can use the > modifier as shown in this command.

$ composer require monolog/monolog:>1.18.0

If you want the latest in patch in your current version but don’t want any minor updates that may introduce new features, you can specify that using the tilde.

$ composer require monolog/monolog:~1.18.0

The command above will install the latest version of monolog v1.18. Updates will never update beyond the latest 1.18 version.

If you want to stay current on your major version but never want to go above it you can indicate that with the caret.

$ composer require monolog/monolog:^1.18.0

The command above will install the latest version of monolog 1. Updates continue to update beyond 1.18, but will never update to version 2.

There are other options and flags for require, you can find the complete documentation of the command here.

2: Install a package globally

The most common use of Composer is to install and manage a library within a given project. There are however, times when you want to install a given library globally so that all of your projects can use it without you having to specifically require it in each project. Composer is up to the challenge with a modifier to the require command we discussed above, global. The most common use of this is when you are using Composer to manage packages like PHPUnit.

$ composer global require "phpunit/phpunit:^5.3.*"

The command above would install PHPUnit globally. It would also allow it to be updated throughout the 5.0.0 version because we specified ~5.3.* as the version number. You should be careful in installing packages globally. As long as you do not need different versions for different projects you are ok. However, should you start a project and want to use PHPUnit 6.0.0 (when it releases) but PHPUnit 6 breaks backwards compatibility with the PHPUnit 5.* version, you would have trouble. Either you would have to stay with PHPUnit 5 for your new project, or you would have to test all your projects to make sure that your Unit Tests work after upgrading to PHPUnit 6.

Globally installed projects are something to be thought through carefully. When in doubt, install the project locally.

3: Update a single library with Composer

One of the great powers of Composer is that developers can now easily keep their dependencies up-to-date. Not only that, as we discussed in tip #1, each developer can define exactly what “up-to-date” means for them. With this simple command, Composer will check all of your dependencies in a project and download/install the latest applicable versions.

$ composer update

What about those times when you know that a new version of a specific package has released and you want it, but nothing else updated. Composer has you covered here too.

$ composer update monolog/monolog

This command will ignore everything else, and only update the monolog package and it’s dependencies.

It’s great that you can update everything, but there are times when you know that updating one or more of your packages is going to break things in a way that you aren’t ready to deal with. Composer allows you the freedom to cherry-pick the packages that you want to update, and leave the rest for a later time.

4: Don’t install dev dependencies

In a lot of projects I am working on, I want to make sure that the libraries I download and install are working before I start working with them. To this end, many packages will include things like Unit Tests and documentation. This way I can run the unit Tests on my own to validate the package first. This is all fine and good, except when I don’t want them. There are times when I know the package well enough, or have used it enough, to not have to bother with any of that.

Many packages create a distribution package that does not contain tests or docs. (The League of Extraordinary Packages does this by default on all their packages.) If you specify the --prefer-dist flag, Composer will look for a distribution file and use it instead of pulling directly from github. Of course if you want want to make sure you get the full source and all the artifacts, you can use the --prefer-src flag.

5: Optimize your autoload

Regardless of whether you --prefer-dist or --prefer-source, when your package is incorporated into your project with require, it just adds it to the end of your autoloader. This isn’t always the best solution. Therefore Composer gives us the option to optimize the autoloader with the --optimize switch. Optimizing your autoloader converts your entire autoloader into classmaps. Instead of the autoloader having to use file_exists() to locate a file, Composer creates an array of file locations for each class. This can speed up your application by as much as 30%.

$ composer dump-autoload --optimize

The command above can be issued at any time to optimize your autoloader. It’s a good idea to execute this before moving your application into production.

$ composer require monolog/monolog:~1.18.0 -o

You can also use the optimize flag with the require command. Doing this every time you require a new package will keep your autoloader up-to-date. That having said, it’s still a good idea to get in the habit of using the first command as a safety net when you roll to production, just to make sure.

BONUS: Commit your composer.lock

After you have installed your first package with composer, you now have two files in the root of your project, composer.json and composer.lock. Of the two, composer.lock is the most important one. It contains detailed information about every package and version installed. When you issue a composer install in a directory with a composer.lock file, composer will install the exact same packages and versions. Therefore, by pulling a git repo on a production server will replicate the exact same packages in production that were installed in development. Of course the corollary of this is that you never want to commit your vendor/ directory. Since you can recreate it exactly, there is no need to store all of that code in your repo.

It is recommended that also commit your composer.json. When you check out your repo into production and do an install, composer will use the composer.lock instead of the composer.json when present. This means that your production environment is setup exactly like your development environment.

Hi Guys,
I am sharing you the simple steps by which you can broadcast the web push notifications to your subscriber. In this tutorial we are making a subscriber form and saving information using Ajax and PHP and then through a server side code returning response to current logged in user and showing notification to that user.
Following are the steps to build this system

1. Create a database, I am creating db with name 'web_notifications'

Creating subscribers and notifications tables using following sql statements

CREATE TABLE IF NOT EXISTS <code>subscribers</code> (
 <code>id</code> int(11) NOT NULL,
 <code>name</code> varchar(255) NOT NULL,
 <code>email</code> varchar(255) NOT NULL,
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>subscribers</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>subscribers</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;



CREATE TABLE IF NOT EXISTS <code>notifications</code> (
 <code>id</code> int(11) NOT NULL,
 <code>to_user</code> int(11) NOT NULL,
 <code>title</code> varchar(255) NOT NULL,
 <code>body</code> varchar(255) NOT NULL,
 <code>url</code> varchar(255) NOT NULL,
 <code>is_sent</code> int(11) NOT NULL DEFAULT '0',
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>notifications</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>notifications</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;

2. Now create a db_connect.php file with following code

<?php 
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "web_notifications";

$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
 die("Connection failed: " . $conn->connect_error);
} 
?>

3. Create a cookies.js file to read and write browser cookies

function WriteCookie(key,content) {
 var now = new Date();
 now.setMonth( now.getMonth() + 1 ); 
 document.cookie = key+"=" + escape(content) + ";";
 document.cookie = "expires=" + now.toUTCString() + ";"
}

function ReadCookie(key) {
 var allcookies = document.cookie;
 cookiearray = allcookies.split(';');
 var CookieData=Array();
 for(var i=0; i<cookiearray.length; i++) {
 k = cookiearray[i].split('=')[0];
 v = cookiearray[i].split('=')[1];
 CookieData[k]=v;
 }
 return CookieData[key];
}

4. Create a ajax file to read and mark is_sent if any notification foun to be sent in database for that user. create file with name 'fetch_notifications.php' with following content

<?php require 'db_connect.php';

$sql = "SELECT id,title,body,url FROM notifications where to_user='".@$_GET['user_id']."' and is_sent='0' ";
$result = $conn->query($sql);

$data=array();
if ($result->num_rows > 0) {
 while($row = $result->fetch_assoc()) {
 $data[]=$row;

 $upd = "update notifications set is_sent='1' where id='".$row['id']."' ";
 $conn->query($upd);

 }
}

if(count($data)>0)
{
 $response=array("status"=>1,"notification"=>$data);
}
else
{
 $response=array("status"=>0,"error"=>"No new notification!");
}

echo json_encode($response);

$conn->close(); 
?>

5. Now code index.php to show subscriber form and on submit insert record into the subscriber table

<?php require 'db_connect.php'; ?>
<!DOCTYPE html>
<html>
<head>
 <title>Web Push Notification Demo</title>
 <script src="./cookies.js" type="text/javascript"></script>
 <link href="
<script src="
<script src="
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt" crossorigin="anonymous">
<?php 
if(isset($_POST['subscribe_form']))
{
 $_SESSION['is_login']=0;
 $username=$conn->real_escape_string($_POST['username']);
 $useremail=$conn->real_escape_string($_POST['useremail']);


 $sql = "INSERT INTO subscribers set name='".$username."',email='".$useremail."' ";
 if ($conn->query($sql) === TRUE) {
 $_SESSION['is_login']=1;
 $_SESSION['Uid']= $conn->insert_id;
 $_SESSION['Uname']= $username;
 ?>
 <script type="text/javascript">
 WriteCookie("Uid","<?php echo $_SESSION['Uid']; ?>");
 </script> 
 <?php
 $msg="<p style='color:green'>You have subscribe for push notification succesfully :)</p>";
 } else {
 $msg="<p style='color:red'>Error in subscribing for notifications</p>";
 }


}

?>
<div class="container">
<?php 
if(isset($msg) && $msg!='')
{
 ?>
 <br>
 <div class="alert alert-info">
 <?php echo $msg; ?>
 </div>
 <?php
}

if(isset($_SESSION['is_login']) && $_SESSION['is_login']==1)
{
 ?>
 <h2>Welcome <?php echo $_SESSION['Uname']; ?></h2>
 <script type="text/javascript"> 

setInterval(function(){ 
 check_notification(); 
}, 10000);

function check_notification()
{ 
 var Uid=ReadCookie("Uid");
 if(Uid!==undefined)
 {
 $.ajax({url: "fetch_notifications.php?user_id="+Uid, success: function(result){ 
 var response=JSON.parse(result);
 if(response.status==1)
 {
 
 response=response.notifications;
 for (var i = response.length - 1; i >= 0; i--) {
 var url = response[i]['url'];
 var noti = new Notification(response[i]['title'], {
 icon: 'logo.png', body: response[i]['body'],
 });
 noti.onclick = function () {
 window.open(url); 
 noti.close(); 
 };
 
 };

 }
 else{
 console.log(response.error);

 }
 
 }

 }); 
 }
}

 
 </script>
 <?php
}
else
{
 ?>
 <h2 class="text-center">Subscribe for Notifications</h2>
 <div class="row justify-content-center">
 <div class="col-12 col-md-8 col-lg-6 pb-5">

 <div class="card border-primary rounded-0">
 <div class="card-header p-0">
 <div class="bg-info text-white text-center py-2">
 <h3><i class="fa fa-envelope"></i> Information</h3>
 <p class="m-0">provide your information</p>
 </div>
 </div>
 <div class="card-body p-3">
 <form method="post">
 <!--Body-->
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-user text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="username" name="username" placeholder="Input Your Name Here" required>
 </div>
 </div>
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-envelope text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="useremail" name="useremail" pattern="[^@\s]+@[^@\s]+\.[^@\s]+" title="Invalid email address" placeholder="[email protected]" required>
 </div>
 </div>

 <div class="text-center">
 <input type="submit" value="Subscribe" name="subscribe_form" class="btn btn-info btn-block rounded-0 py-2">
 </div>
 </form>
 </div>

 </div>
 


 </div>
 </div>
<?php }?>
</div>



</head>
<body>

</body>
</html>
<?php 
$conn->close(); 
?>

The frontend of your subscription page (index.php) should look like this:




Now we are ready to receive notification in frontend, but we still need to create an admin page from where we can send notification to subscriber(s).

6. Create a table for admin user

CREATE TABLE IF NOT EXISTS <code>admin</code> (
 <code>id</code> int(11) NOT NULL,
 <code>username</code> varchar(255) NOT NULL,
 <code>password</code> varchar(255) NOT NULL,
 <code>createdAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE <code>admin</code> ADD PRIMARY KEY (<code>id</code>);

ALTER TABLE <code>admin</code> MODIFY <code>id</code> int(11) NOT NULL AUTO_INCREMENT;

INSERT INTO <code>web_notifications</code>.<code>admin</code> (<code>id</code>, <code>username</code>, <code>password</code>, <code>createdAt</code>) VALUES (NULL, 'admin', MD5('123456'), CURRENT_TIMESTAMP);

Following is the code for admin.php to add the notifications to subscriber(s) account also i have inserted following login credentials for admin in admin table:
username:admin
password:123456

7. Now put following code in admin.php

<?php require 'db_connect.php'; ?>
<!DOCTYPE html>
<html>
<head>
 <title>ADMIN PAGE</title> 
 <link href="
<script src="
<script src="
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt" crossorigin="anonymous">
<?php 
if(isset($_POST['login']))
{
 $_SESSION['admin_login']=0;
 $username=$conn->real_escape_string($_POST['username']);
 $password=$conn->real_escape_string($_POST['password']);
 $sql = "SELECT * FROM admin where username='".$username."' and password='".md5($password)."' ";
 $result = $conn->query($sql);
 if ($result->num_rows > 0) {
 $_SESSION['admin_login']=1;
 $msg="<p style='color:green'>Admin Logged-in Successfully :)</p>";
 }
 else {
 $msg="<p style='color:red'>INVALID CREDENTIALS FOR ADMIN</p>";
 } 


}
if(isset($_POST['add_notification']))
{ 
 $title=$conn->real_escape_string($_POST['title']);
 $body=$conn->real_escape_string($_POST['body']);
 $url=$conn->real_escape_string($_POST['url']);
 $users=$_POST['users'];

 foreach ($users as $user_id) {
 $ins = "insert into notifications set to_user='".$user_id."' , title='".$title."', url='".$url."', body='".$body."' ";
 $conn->query($ins);
 }
 $msg="<p style='color:green'>Notification(s) added to subscribers account.</p>";
 
}

?>
<div class="container">
<?php 
if(isset($msg) && $msg!='')
{
 ?>
 <br>
 <div class="alert alert-info">
 <?php echo $msg; ?>
 </div>
 <?php
}

if(isset($_SESSION['admin_login']) && $_SESSION['admin_login']==1)
{
 ?>
 <h2>Welcome Admin, Send notification to Subscriber(s)</h2>

<form method="post">
 
 

<div class="form-group">
 <label for="sel1">Select Subscriber(s):</label>
 <select multiple="multiple" required="required" class="form-control" id="users" name="users[]">
 <?php
$sql = "SELECT id,name FROM subscribers";
$result = $conn->query($sql);

$data=array();
if ($result->num_rows > 0) {
 while($row = $result->fetch_assoc()) {
 echo "<option value='".$row['id']."'>".$row['name']."</option>";
 }
}
?>
 </select>
</div>

 <div class="form-group">
 <label for="email">Title</label>
 <input type="text" required class="form-control" placeholder="notification title here" name="title" id="title">
 </div>
 
 <div class="form-group">
 <label for="email">Message</label>
 <textarea required class="form-control" placeholder="notification message here" name="body" id="body"></textarea> 
 </div>

 <div class="form-group">
 <label for="email">Url</label>
 <input type="url" required class="form-control" placeholder="notification landing/click url here" name="url" id="url">
 </div>
 
 <input type="submit" class="btn btn-primary btn-block" name="add_notification" value="Submit" />

</form>


 <?php
}
else
{
 ?>
 <h2 class="text-center">ADMINISTRATOR</h2>
 <div class="row justify-content-center">
 <div class="col-12 col-md-8 col-lg-6 pb-5">

 <div class="card border-primary rounded-0">
 <div class="card-header p-0">
 <div class="bg-info text-white text-center py-2">
 <h3><i class="fa fa-envelope"></i> LOGIN</h3>
 <p class="m-0">provide admin login credentials</p>
 </div>
 </div>
 <div class="card-body p-3">
 <form method="post">
 <!--Body-->
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-user text-info"></i></div>
 </div>
 <input type="text" class="form-control" id="username" name="username" placeholder="Input username here" required>
 </div>
 </div>
 <div class="form-group">
 <div class="input-group mb-2">
 <div class="input-group-prepend">
 <div class="input-group-text"><i class="fa fa-key text-info"></i></div>
 </div>
 <input type="password" class="form-control" id="password" name="password" placeholder="your password here" required>
 </div>
 </div>

 <div class="text-center">
 <input type="submit" value="Login" name="login" class="btn btn-info btn-block rounded-0 py-2">
 </div>
 </form>
 </div>

 </div>
 


 </div>
 </div>
<?php }?>
</div>



</head>
<body>

</body>
</html>
<?php 
$conn->close(); 
?>

The admin page will ask login credentials first then it will look like following screenshot:



Now in your project if you open index.php you have a frontend where user will register themselves to receive notifications, and admin.php is your backend where you can send notifications to users or subscribers


If you face any problem in setup this small project please just let me know in the comments below, or by messaging me.

Hello Guys,

In our Last Blog Post, we have created restful apis,But not worked on its security and authentication. Login api can be public but after login apis should be authenticate using any secure token. one of them is JWT, So i am providing the Steps for Create and use JWT Token in our already created API.


Now its time To Implement JWT Authentication IN our Api, So these are the steps to implement it in our already created Apis

Step 1:Install and include Firebase JWT(JSON WEB TOKEN) in our project with following composer command        

 composer require firebase/php-jwt 

include the composer installed packages

require_once('vendor/autoload.php');

use namespace using following:

 use \Firebase\JWT\JWT; 

Step 2: Create a JWT server side using Firebase Jwt Library's encode method in Login action , and return it to Client

Define a private variable named Secret_Key in Class like following:

 private {
 $payload = array(
 'iss' => $_SERVER['HOST_NAME'],
 'exp' => time()+600, 'uId' => $UiD
 );
 try{
 $jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 }
 return $res;
 }

In our login action , if the user has been logged in successfully then with the status,_data_ and message just replace the login success code with following code:

$return['status']=1;
$return['_data_']=$UserData[0];
$return['message']='User Logged in Successfully.';

 $jwt=$obj->generateToken($UserData[0]['id']);
 if($jwt['status']==true)
 {
 $return['JWT']=$jwt['Token'];
 }
 else{
 unset($return['_data_']);
 $return['status']=0;
 $return['message']='Error:'.$jwt['Error'];
 }

Step 3: Now with every request after login should have the JWT token in its Post(even we can receive it in get or authentication header also but here we are receiving it in post)

No afetr successfully login you will get the JWt Token in your response,Just add that Token with every post request of after login api calls. So we will do it using postman, Find the screenshot 1 for checking the JWT Token is coming in login api response

Step 4:After reciving the JWt in every after login api call, we need to check whether the token is fine using JWT decode method in After login Apis like

UserBlogs

is a After login Api, So for verify that we are creating Authencate method in class like following:

 public function Authenticate($JWT,$Curret_User_id)
 {
 try {
 $decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
 $payload = json_decode(json_encode($decoded),true);
 
 if($payload['uId'] == $Curret_User_id) {
 $res=array("status"=>true);
 }else{
 $res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
 }
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 } 
 return $res;
 
 }

Step 5: Cross check the response returned by Authenticate method in

UserBlogs

Action of api , replace the

UserBlogs

Action inner content with following code:

 if(isset($_POST['Uid']))
 {

 $resp=$obj->Authenticate($_POST['JWT'],$_POST['Uid']);
 if($resp['status']==false)
 {
 $return['status']=0;
 $return['message']='Error:'.$resp['Error'];
 }
 else{
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Invalid UserId!';
 }
 } 
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }

Ah great its time to check out the UserBlogs Api, please find the screenshoot for that, Remember we need to put the JWt Token in POST Parameter as we have already recived that Value in Login Api call.



Now if you want to verify that token is expiring in given time(10 minutes after generation time/login time), i am just clicking the same api with same token after 10 minutes and you can see there will not return any data and it is returning status false with following message :





Also if you want to eloborate it more then i suggest you to try with modify Uid value with same token , you will another authentication issue and also if you modify the JWT token also then also you will not get the desired result and get authentication Issue

Thanks for reading out if you want the complete code of this file then please find following:

<?php 
header("Content-Type: application/json; charset=UTF-8");
require_once('vendor/autoload.php');
use \Firebase\JWT\JWT; 

class DBClass {

 private $host = "localhost";
 private $username = "root";
 private $password = ""; private $database = "news";

 public $connection;

 private $Secret_Key="*$%43MVKJTKMN$#"; 
 public function connect(){

 $this->connection = null;

 try{
 $this->connection = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->database, $this->username, $this->password);
 $this->connection->exec("set names utf8");
 }catch(PDOException $exception){
 echo "Error: " . $exception->getMessage();
 }

 return $this->connection;
 }

 public function login($email,$password){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT id,name,email,createdAt,updatedAt from users where email= ? and password= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($email,md5($password)));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function get_all_blogs($Uid){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT b.*,u.id as Uid,u.email as Uemail,u.name as Uname from blogs b join users u on u.id=b.user_id where b.user_id= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($Uid));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function response($array)
 {
 echo json_encode($array);
 exit;
 }

 public function generateToken($UiD)
 {
 $payload = array(
 'iss' => $_SERVER['HOST_NAME'],
 'exp' => time()+600, 'uId' => $UiD
 );
 try{
 $jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 }
 return $res;
 }

 public function Authenticate($JWT,$Current_User_id)
 { 
 try {
 $decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
 $payload = json_decode(json_encode($decoded),true);
 
 if($payload['uId'] == $Current_User_id) {
 $res=array("status"=>true);
 }else{
 $res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
 }
 }catch (UnexpectedValueException $e) {
 $res=array("status"=>false,"Error"=>$e->getMessage());
 } 
 return $res;
 
 }
}

$return=array();
$obj = new DBClass();
if(isset($_GET['action']) && $_GET['action']!='')
{
if($_GET['action']=="login")
{
 if(isset($_POST['email']) && isset($_POST['password']))
 {
 $UserData=$obj->login($_POST['email'],$_POST['password']);
 if(count($UserData)>0)
 {
 $return['status']=1;
 $return['_data_']=$UserData[0];
 $return['message']='User Logged in Successfully.';

 $jwt=$obj->generateToken($UserData[0]['id']);
 if($jwt['status']==true)
 {
 $return['JWT']=$jwt['Token'];
 }
 else{
 unset($return['_data_']);
 $return['status']=0;
 $return['message']='Error:'.$jwt['Error'];
 }
 
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid Email or Password!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Email or Password not provided!';
 }
}
elseif($_GET['action']=="UserBlogs")
{
 if(isset($_POST['Uid']))
 {

 $resp=$obj->Authenticate($_POST['JWT'],$_POST['Uid']);
 if($resp['status']==false)
 {
 $return['status']=0;
 $return['message']='Error:'.$resp['Error'];
 }
 else{
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Invalid UserId!';
 }
 } 
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }
}
}
else
{
$return['status']=0;
$return['message']='Error:Action not provided!';
}
$obj->response($return);
$obj->connection=null;
?>

Hi Guys,
I am sharing you the way to create simple resful apis using php and mysql. We are creating 2 apis here
First is to Loggin a existing user and second is to get list of written blogs by logged in user.

Create any database, i am taking

news

as the database name here, After it create following 2 tables inside it.

CREATE TABLE <code>users</code> (
 <code>id</code> int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY, 
 <code>name</code> varchar(100),
 <code>email</code> varchar(100),
 <code>password</code> varchar(100),
 <code>createdAt</code> datetime NOT NULL,
 <code>updatedAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE <code>blogs</code> (
 <code>id</code> int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY, 
 <code>user_id</code> int(11),
 <code>title</code> varchar(255),
 <code>summary</code> Tinytext,
 <code>body</code> Text,
 <code>createdAt</code> datetime NOT NULL,
 <code>updatedAt</code> timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
);

Now putting some dummy data to read via the api

--create 2 entries in users table--
INSERT INTO <code>news</code>.<code>users</code> (<code>id</code>, <code>name</code>, <code>email</code>, <code>password</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (1, 'jeetendra singh', '[email protected]', MD5('123456'), '2018-12-28 02:05:12', CURRENT_TIMESTAMP), (2, 'Manvik Singh chaudhary', '[email protected]', MD5('654321'), '2018-12-28 03:08:11', CURRENT_TIMESTAMP);


-- create 2 blogs by userid 1--

INSERT INTO <code>news</code>.<code>blogs</code> (<code>id</code>, <code>user_id</code>, <code>title</code>, <code>summary</code>, <code>body</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (1, '1', 'Blog title 1 by jeetendra', 'Blog summary 1 by jeetendra', 'Blog body 1 by jeetendra', '2018-12-28 02:00:00', CURRENT_TIMESTAMP), (2, '1', 'Blog Title 2 by jeetendra ', 'Blog summary 2 by jeetendra ', 'Blog body 2 by jeetendra ', '2018-12-28 05:10:21', CURRENT_TIMESTAMP);

-- create 2 blogs by userid 2
INSERT INTO <code>news</code>.<code>blogs</code> (<code>id</code>, <code>user_id</code>, <code>title</code>, <code>summary</code>, <code>body</code>, <code>createdAt</code>, <code>updatedAt</code>) VALUES (3, '2', 'Blog title 1 by manvik', 'Blog summary 1 by manvik', 'Blog body 1 by manvik', '2018-12-28 02:00:00', CURRENT_TIMESTAMP), (4, '2', 'Blog Title 2 by manvik ', 'Blog summary 2 by manvik ', 'Blog body 2 by manvik ', '2018-12-28 05:10:21', CURRENT_TIMESTAMP);

After creating this create a index.php and put this code for Db connection, login and get all blog method

<?php 
header("Content-Type: application/json; charset=UTF-8");

class DBClass {

 private $host = "localhost";
 private $username = "root";
 private $password = ""; private $database = "news";

 public $connection;

 public function connect(){

 $this->connection = null;

 try{
 $this->connection = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->database, $this->username, $this->password);
 $this->connection->exec("set names utf8");
 }catch(PDOException $exception){
 echo "Error: " . $exception->getMessage();
 }

 return $this->connection;
 }

 public function login($email,$password){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT id,name,email,createdAt,updatedAt from users where email= ? and password= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($email,md5($password)));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function get_all_blogs($Uid){

 if($this->connection==null)
 {
 $this->connect();
 }
 
 $query = "SELECT b.*,u.id as Uid,u.email as Uemail,u.name as Uname from blogs b join users u on u.id=b.user_id where b.user_id= ?";
 $stmt = $this->connection->prepare($query);
 $stmt->execute(array($Uid));
 $ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
 return $ret;
 }

 public function response($array)
 {
 echo json_encode($array);
 exit;
 }
}

$return=array();
$obj = new DBClass();
if(isset($_GET['action']) && $_GET['action']!='')
{
if($_GET['action']=="login")
{
 if(isset($_POST['email']) && isset($_POST['password']))
 {
 $UserData=$obj->login($_POST['email'],$_POST['password']);
 if(count($UserData)>0)
 {
 $return['status']=1;
 $return['_data_']=$UserData[0];
 $return['message']='User Logged in Successfully.';
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid Email or Password!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:Email or Password not provided!';
 }
}
elseif($_GET['action']=="UserBlogs")
{
 if(isset($_POST['Uid']))
 {
 $blogs=$obj->get_all_blogs($_POST['Uid']);
 if(count($blogs)>0)
 {
 $return['status']=1;
 $return['_data_']=$blogs;
 $return['message']='Success.';
 }
 else
 {
	$return['status']=0;
	$return['message']='Error:Invalid UserId!';
 }
 }
 else
 {
 $return['status']=0;
 $return['message']='Error:User Id not provided!';
 }
}
}
else
{
$return['status']=0;
$return['message']='Error:Action not provided!';
}
$obj->response($return);
$obj->connection=null;
?>

Now api file is set, just make the urls pretty(readable form) using .htaccess file, put following code in it

RewriteEngine On
RewriteRule ^api/(.*) index.php?action=

Now your Simple Restful Apis are ready to use, Now Let me show you the postman screenshot where i have used these apis.

Login Api Call:

User Post/Blog Api Call