akohan
asked on
How to write an Web Service API ?
Hello group,
I'm about to write a Web App but at the same time I need to embed (if I'm right) a Web Service in it so that I can send and receive information to front-end through XML.
Where from can I start learning this? Any online tutorial or sample that I can learn from?
Thanks,
ak
I should have added - make the receiving function "fussy". It should be a series of tests that the incoming data MUST pass or else it simply stops. For instance, if you are doing an API then your XML should always have a field called something like "command" to indicate what the attached data is for. Let us say that your XML looks like this
<api>
<command>
UPDATE
</command>
<data>
var1=1&var2=6
</data>
</api>
Then I would be looking at the following tests.
1. Is the unencrypted data proper XML? If not then die
2. <api> should only ever have two children (command and data). If it has not got 2 then die
3. "command" only ever has (say) four values. If the received data does not match then die
4. The data segment only contains certain characters. If anything else turns up then die.
5. Maybe you expect data from only known IP addresses. Check the IP address this came from.
and so on.
<api>
<command>
UPDATE
</command>
<data>
var1=1&var2=6
</data>
</api>
Then I would be looking at the following tests.
1. Is the unencrypted data proper XML? If not then die
2. <api> should only ever have two children (command and data). If it has not got 2 then die
3. "command" only ever has (say) four values. If the received data does not match then die
4. The data segment only contains certain characters. If anything else turns up then die.
5. Maybe you expect data from only known IP addresses. Check the IP address this came from.
and so on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm studying what you guys have shared with me and will get back to you soon,
regards,
ak
ASKER
Thanks!
Thanks for the points -- glad I could help, ~Ray
ASKER
NO THANK YOU!!!
If your front end is just using http then I would generate the XML, encrypt it, send it over and decrypt it on the receiving machine. There is a question in progress at the minute here https://www.experts-exchange.com/questions/26295578/expire-a-encyption-key-on-certain-time.html which shows how to deal with the encryption and talks about HTTPS as well.
In essence, build up your XML, either manually or using SimpleXML, encrypt it, send it decrypt it and use SimpleXML to read the data back. Make sure that your item names do NOT contain spaces or dashes as they will not translate back into PHP variables (see this question for reference https://www.experts-exchange.com/questions/26302214/XML-processing.html )
More on SimpleXML at http://php.net/simpleXml