API | Php

Restful Web Services in PHP Example – PHP + MySQL with Source Code

ByShehryar Khan May 24, 2018November 8, 2019

Hi Guys, Today I’m going to create very simple Login & Signup Restful Webservices using PHP, without using any Framework or Library.

Using PHP Core, there are many straightforward ways to directly write Webservices in a single File or each Webservice in a single File but keep in mind that code organization is one of the most important programming practice. That is the reason that developers prefer using Frameworks because frameworks provide a pre-organized project structure, but for small Applications or writing Restful Webservices, I always prefer Core PHP.

What we’ll cover in Restful Web Services in PHP Example

File Structure
Creating Database & users Table
Database Connectivity
Creating User Class with Signup & Login methods
Creating SignUp & Login Restful Webservices

File Structure

We’ll use this folders & files structure for writing our Webservices.

api
├─── config/
├────── database.php – file used for connecting to the database.
├─── objects/
├────── user.php – contains properties and methods for “user” database queries.
├─── User/
├────── signup.php – file that will accept user data to be saved to the DB.
├────── login.php – file that will accept username & password and validate

Creating Database & Users Table

Using PHPMyAdmin First create a database I’m using PHPLearning as the database name. For keeping things simple we’ll create very simple users Table with very few columns.

Run this SQL Query to create a users table

CREATE TABLE `users` (
  `id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
  `username` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL,
  `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)

Database Connectivity

In your “api” folder, create a new folder “config” and create a new file there as “database.php” and paste this code there

<?php
class Database{
 
    // specify your own database credentials
    private $host = "localhost";
    private $db_name = "PHPLearning";
    private $username = "root";
    private $password = "";
    public $conn;
 
    // get the database connection
    public function getConnection(){
 
        $this->conn = null;
 
        try{
            $this->conn = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->db_name, $this->username, $this->password);
            $this->conn->exec("set names utf8");
        }catch(PDOException $exception){
            echo "Connection error: " . $exception->getMessage();
        }
 
        return $this->conn;
    }
}
?>

Creating User Class with Signup & Login methods

In your “api” folder, create a new folder “objects” and create a new file there as “user.php” and paste this code there

<?php
class User{
 
    // database connection and table name
    private $conn;
    private $table_name = "users";
 
    // object properties
    public $id;
    public $username;
    public $password;
    public $created;
 
    // constructor with $db as database connection
    public function __construct($db){
        $this->conn = $db;
    }

    // signup user
    function signup(){
    
    }

    // login user
    function login(){

    }
    
    // a function to check if username already exists
    function isAlreadyExist(){

    }
}

as you can see we have empty functions for Signup & Login.

Here is the signup Function Code

// signup user
function signup(){

    if($this->isAlreadyExist()){
        return false;
    }

    // query to insert record
    $query = "INSERT INTO
                " . $this->table_name . "
            SET
                username=:username, password=:password, created=:created";

    // prepare query
    $stmt = $this->conn->prepare($query);

    // sanitize
    $this->username=htmlspecialchars(strip_tags($this->username));
    $this->password=htmlspecialchars(strip_tags($this->password));
    $this->created=htmlspecialchars(strip_tags($this->created));

    // bind values
    $stmt->bindParam(":username", $this->username);
    $stmt->bindParam(":password", $this->password);
    $stmt->bindParam(":created", $this->created);

    // execute query
    if($stmt->execute()){
        $this->id = $this->conn->lastInsertId();
        return true;
    }

    return false;
    
}

you can see that signup function is calling isAlreadyExist function for validating if the username already exists. and here’s the code for it

function isAlreadyExist(){

    $query = "SELECT *
        FROM
            " . $this->table_name . " 
        WHERE
            username='".$this->username."'";

    // prepare query statement
    $stmt = $this->conn->prepare($query);

    // execute query
    $stmt->execute();

    if($stmt->rowCount() > 0){
        return true;
    }
    else{
        return false;
    }
}

and this is the login Function Code

function login(){
    // select all query
    $query = "SELECT
                `id`, `username`, `password`, `created`
            FROM
                " . $this->table_name . " 
            WHERE
                username='".$this->username."' AND password='".$this->password."'";

    // prepare query statement
    $stmt = $this->conn->prepare($query);

    // execute query
    $stmt->execute();
    return $stmt;
}

after adding functions code into “user.php” file, here is the complete code for “user.php” file

<?php
class User{
 
    // database connection and table name
    private $conn;
    private $table_name = "users";
 
    // object properties
    public $id;
    public $username;
    public $password;
    public $created;
 
    // constructor with $db as database connection
    public function __construct($db){
        $this->conn = $db;
    }

    // signup user
    function signup(){
    
        if($this->isAlreadyExist()){
            return false;
        }

        // query to insert record
        $query = "INSERT INTO
                    " . $this->table_name . "
                SET
                    username=:username, password=:password, created=:created";
    
        // prepare query
        $stmt = $this->conn->prepare($query);
    
        // sanitize
        $this->username=htmlspecialchars(strip_tags($this->username));
        $this->password=htmlspecialchars(strip_tags($this->password));
        $this->created=htmlspecialchars(strip_tags($this->created));
    
        // bind values
        $stmt->bindParam(":username", $this->username);
        $stmt->bindParam(":password", $this->password);
        $stmt->bindParam(":created", $this->created);
    
        // execute query
        if($stmt->execute()){
            $this->id = $this->conn->lastInsertId();
            return true;
        }
    
        return false;
        
    }

    // login user
    function login(){
        // select all query
        $query = "SELECT
                    `id`, `username`, `password`, `created`
                FROM
                    " . $this->table_name . " 
                WHERE
                    username='".$this->username."' AND password='".$this->password."'";

        // prepare query statement
        $stmt = $this->conn->prepare($query);

        // execute query
        $stmt->execute();
        return $stmt;
    }

    function isAlreadyExist(){

        $query = "SELECT *
            FROM
                " . $this->table_name . " 
            WHERE
                username='".$this->username."'";

        // prepare query statement
        $stmt = $this->conn->prepare($query);

        // execute query
        $stmt->execute();

        if($stmt->rowCount() > 0){
            return true;
        }
        else{
            return false;
        }
    }
}

Creating SignUp & Login Webservices

In your “api” folder, create a new folder “User” and create a new file there as “signup.php” and paste this code there

<?php
 
// get database connection
include_once '../config/database.php';
 
// instantiate user object
include_once '../objects/user.php';
 
$database = new Database();
$db = $database->getConnection();
 
$user = new User($db);
 
// set user property values
$user->username = $_POST['username'];
$user->password = $_POST['password'];
$user->created = date('Y-m-d H:i:s');
 
// create the user
if($user->signup()){
    $user_arr=array(
        "status" => true,
        "message" => "Successfully Signup!",
        "id" => $user->id,
        "username" => $user->username
    );
}
else{
    $user_arr=array(
        "status" => false,
        "message" => "Username already exists!"
    );
}
print_r(json_encode($user_arr));
?>

as you can see in the code above we are just calling the signup function from the “users.php” in the objects folder.

Following the same, create another file in the User folder, name the file as “login.php” and add the code below in the file

<?php

// include database and object files
include_once '../config/database.php';
include_once '../objects/user.php';
 
// get database connection
$database = new Database();
$db = $database->getConnection();
 
// prepare user object
$user = new User($db);

// set ID property of user to be edited
$user->username = isset($_GET['username']) ? $_GET['username'] : die();
$user->password = isset($_GET['password']) ? $_GET['password'] : die();

// read the details of user to be edited
$stmt = $user->login();

if($stmt->rowCount() > 0){

    // get retrieved row
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    // create array
    $user_arr=array(
        "status" => true,
        "message" => "Successfully Login!",
        "id" => $row['id'],
        "username" => $row['username']
    );
}
else{
    $user_arr=array(
        "status" => false,
        "message" => "Invalid Username or Password!",
    );
}

// make it json format
print_r(json_encode($user_arr));
?>

almost done, now you keep this “api” folder in localhost server. I’m using XAMPP so I’m going to paste the “api” folder in the htdocs folder of XAMPP.

Remember that Signup API accepting POST parameters and Login API accepting GET.

Now you can test your Signup API using this URL => http://localhost/api/users/signup.php with Post parameters of username, & password

and for login

http://localhost/api/users/login.php?username=shehryar&password=12345

You can also download complete code from Github.

Download Complete Code

Note: For keeping things simple for Beginners I’m storing the plain password in Database which is not a good practice. Password must be hashed using PHP hashing methods.

Also, See This => Signup Login page in PHP with Database MySQL Source Code

Learn Object Oriented Programming in PHP – OOP Tutorial

ByAhmed Bashir October 14, 2019October 25, 2019

In this article series, we are going to learn Object-Oriented Programming (OOP) concepts in PHP. Pre-requisites In order to follow this article, you must have some basic knowledge of PHP. Your favorite text editor installed. You must have one of the web server solution stack installed like XAMPP, WAMP, MAMP or any other. Most of…

API | CSS | HTML | MySQL | Php

Signup Login page in PHP with Database MySQL Source Code

ByShehryar Khan May 27, 2018October 25, 2019

I have also written step by step Tutorial for Restful Web Services in PHP Example – PHP + MySQL Best Practice. Today I’m going to connect login & Signup Webservices using Login & Signup HTML page. You can use any HTML page, I’m using This because it has a really beautiful design and has Form for both Login & Signup….

Android | API | Google Distance Matrix API | Google Maps

My Story When Working With Google Distance Matrix API

ByAhsen Saeed October 6, 2018October 14, 2018

A few months ago when I’m working on my freelancing project. This project is like to build an application like Careem or Uber. You see an application like Careem or Uber required a lot of working with Google Maps, Places and Distance Matrix API and many others. I’ve tackled a lot of difficulties when working on…

Php | WordPress

Warning: count(): Parameter must be an array or an object that implements Countable in /wp-includes/post-template.php on line 284

ByShehryar Khan April 17, 2018October 14, 2018

Warning: count(): Parameter must be an array or an object that implements Countable in /wp-includes/post-template.php on line 284 I met with this problem after installing The7 theme, while searching a bit I found that some people are facing this problem due to Jetpack plugin when reviewing the code I realize that this might be because…

Android | API | Php | Retrofit

Android Image Upload Example using PHP with Source Code

ByShehryar Khan July 29, 2018October 14, 2018

While learning Android, most of the developers find it difficult to upload an Image to Server from Android App using PHP Webservice as server-side. Sometimes you do nothing wrong in Android Code but Image doesn’t upload to the server. Sometimes you do not follow the same method to receive Image on the server as android application sending…

CRUD Operations using PHP & MySQL | Tutorials with Source Code

ByShehryar Khan March 12, 2019October 14, 2019

Yes, I’d say a large percentage of most applications I’ve worked on is basic CRUD(Create, Read, Update, Delete) operations. Especially In any Web Application, you need to repeat the CRUD Operations for every object in your system. For creating beautiful & responsive UI, I’m using AdminLTE Template. So, In case if you missed the first part of this…

12 Comments

satti says:

February 21, 2019 at 7:40 am

after running signup page it gives me the following reply

Notice: Undefined index: username in D:\XAMP\htdocs\LOGIN\api\User\signup.php on line 15

Notice: Undefined index: password in D:\XAMP\htdocs\LOGIN\api\User\signup.php on line 16
{“status”:false,”message”:”Username already exists!”}
manoj kumar says:

February 1, 2019 at 8:55 pm

when i am tring to insert record bu ysing signup.php null record means no insert
// set user property values
$user->username = $_POST[‘username’];
$user->password = $_POST[‘password’];

but when i use

$user->username = $_GET[‘username’];
$user->password = $_GET[‘password’];

INSERT sucessfully. why i am using php 7.1
1. Shehryar Khan says:
  
  February 3, 2019 at 3:43 pm
  
  I think you’re using POST Get method from your Client end.
Javier Balsas says:

January 25, 2019 at 5:20 pm

I have an alternative to login:
login.php:
####################################################
getConnection();

// prepare user object
$user = new User($db);

// set ID property of user to be edited

$data = json_decode(file_get_contents(“php://input”));
$user->username = $data->username;//$contacto->encrypt_decrypt(‘encrypt’, $data->username);
$user->password = $data->password;//$contacto->encrypt_decrypt(‘encrypt’, $data->password);

// $user->username = isset($_GET[‘username’]) ? $_GET[‘username’] : die();
// $user->password = isset($_GET[‘password’]) ? $_GET[‘password’] : die();
// $user->username = $contacto->encrypt_decrypt(‘encrypt’, isset($_GET[‘username’]) ? $_GET[‘username’] : die());
// $user->password = $contacto->encrypt_decrypt(‘encrypt’, isset($_GET[‘password’]) ? $_GET[‘password’] : die());

// read the details of user to be edited

if($user->login()){
// get retrieved row
http_response_code(201);

// create array
$user_arr=array(
“status” => true,
“message” => “Successfully Login!”,
“id” =>$user->id ,
“username” =>$user->username//$contacto->encrypt_decrypt(‘decrypt’,$user->username)
);
}
else{
http_response_code(503);
$user_arr=array(
“status” => false,
“message” => “Invalid Username or Password!”,
);
}
// make it json format
echo json_encode($user_arr);
?>
##########################################################

user.php:
##########################################################
function login(){
// select all query
$query = “SELECT
`id`, `username`, `password`, `created`
FROM
” . $this->table_name . ”
WHERE
username='”.$this->username.”‘ AND password='”.$this->password.”‘”;
// prepare query statement
$stmt = $this->conn->prepare($query);
// execute query
$stmt->execute();
if ($stmt->execute()) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$this->id = $row[‘id’];
$this->username = $row[‘username’];
$this->password = $row[‘password’];
return true;
}

return false;

}
############################################################
postman or restler client
{
“username”:”johndue”,
“password”:”12345″
}
vinayak says:

January 15, 2019 at 10:37 am

thanks a lot sir,
Sir i want to make android login and signup form can u please tell me how to connect this with my android project
Thamizh says:

December 29, 2018 at 11:46 am

Hi sir, how to give json format input in our PHP login service API sir
1. Shehryar Khan says:
  
  December 30, 2018 at 8:28 am
  
  already giving JSON format using this json_encode($user_arr)
  1. thamizh says:
    
    December 30, 2018 at 12:18 pm
    
    thanks sir. i am using postman rest client so i am trying to send the data from json format( body -> raw).
    {
    “username”:”shehryar”,
    “password”:”12345″
    }
    i did’t get the response.
    but i am passing the value from url is working sell
    http://localhost/REST/apii/user/login.php?username=shehryar&password=12345
    
    login and register like same .. please give the good solution.
    
    thanks in advance
    1. Shehryar Khan says:
      
      January 1, 2019 at 6:21 am
      
      to receive data as JSON, there is a different way.
      this link might give you an idea.
      https://stackoverflow.com/questions/18866571/receive-json-post-with-php
      1. tamil says:
        
        January 1, 2019 at 12:19 pm
        
        thank you so much sir.. i refered that link after i done some small changes and the api work well.. again thanks sir

Comments are closed.