This article introduces the content of the PHP interface. Now I share it with you, and also give a reference to friends who need help. Come and take a look together
1. Interfaces can be divided into two types according to the requester:
One is the interface called by other internal projects (including js asynchronous request interfaces and timing programs).
The other is the external interface, which is mainly provided for calls by external developers.
The biggest difference between the two interfaces is that the internal interface does not require strict authentication, while the external interface requires strict authentication. There are various encryption and decryption methods, the most common and simple of which is http basic authentication. , for example, the account and password pop-up windows that pop up in our backend use basic verification. You must enter your account and password to pass the verification. However, if the internal interface involves important operations and you do not want to be maliciously requested by others, you still need to do some encryption verification.
2. No matter which interface it is, the following issues should be considered:
1. Security. Parameter safety: For this we have $_INPUT which is basically enough. Whether authentication is required: If it is just an interface of the internal notification class/callback class, even if it is maliciously requested, the normal data will not be affected. In this case, there is no need to do verification at all. For example, I will make an interface to synchronize order status. The process inside is to query the orders with problematic order status, and then update the status of these orders. This kind of interface does not need to return any value, and even if it is maliciously called by a bad person, it will not be affected, so there is no need to perform authentication at all. Therefore, whether to add verification is determined according to the actual logic of the interface.
2. Can you repeat the request? For example, if an interface inserts a piece of data based on the incoming order number, it needs to make judgments about repeated requests to avoid inserting multiple pieces of data.
3. Write interface specification
1. Use try...catch...structure to write. (The main reason is that throw can end the program at any time, which is very cool~)
2. Return the status code. Do not return success equal to true or false. If you want to write a document, the meaning of different error codes should also be written clearly for the convenience of the caller. Check the cause of the error.
Look directly at the chestnut below:
<?php $code = 200; // 接口状态码 $name = trim($_INPUT['name']); $age = trim($_INPUT['age']); if (empty($name)) { $code = 401; throw new Exception('名字不能为空'); } if (!is_numeric($age)) { $code = 402; throw new Exception('年龄必须由数字组成'); } $database_obj = new database_class(); $res = $database_obj->save($name, $age); if ( !$res ) { $code = 403; throw new Exception('保存数据失败'); } $msg = 'ok'; } catch ( Exception $e ) { $msg = $e->getMessage(); } output_json($code,$data,$msg); // $data可以放置需要返回的数据// output_json函数在大function里面有~如果不想引入大function的话可以复制一份到自己项目// ========END=======?>
Reprinted from: https://www.cnblogs.com/xiaomendelu/p/5819708.html
1. Interface by requester It can be divided into two types:
One is the interface called by other internal projects (including js asynchronous request interface and timer program).
The other is the external interface, which is mainly provided for calls by external developers.
The biggest difference between the two interfaces is that the internal interface does not require strict authentication, while the external interface requires strict authentication. There are various encryption and decryption methods, the most common and simple of which is http basic authentication. , for example, the account and password pop-up windows that pop up in our backend use basic verification. You must enter your account and password to pass the verification. However, if the internal interface involves important operations and you do not want to be maliciously requested by others, you still need to do some encryption verification.
2. No matter which interface it is, the following issues should be considered:
1. Security. Parameter safety: For this we have $_INPUT which is basically enough. Whether authentication is required: If it is just an interface of the internal notification class/callback class, even if it is maliciously requested, the normal data will not be affected. In this case, there is no need to do verification at all. For example, I will make an interface to synchronize order status. The process inside is to query the orders with problematic order status, and then update the status of these orders. This kind of interface does not need to return any value, and even if it is maliciously called by a bad person, it will not be affected, so there is no need to perform authentication at all. Therefore, whether to add verification is determined according to the actual logic of the interface.
2. Can you repeat the request? For example, if an interface inserts a piece of data based on the incoming order number, it needs to make judgments about repeated requests to avoid inserting multiple pieces of data.
3. Write interface specification
1. Use try...catch...structure to write. (The main reason is that throw can end the program at any time, which is very cool~)
2. Return the status code. Do not return success equal to true or false. If you want to write a document, the meaning of different error codes should also be written clearly for the convenience of the caller. Check the cause of the error.
Look directly at the chestnut below:
<?php $code = 200; // 接口状态码 $name = trim($_INPUT['name']); $age = trim($_INPUT['age']); if (empty($name)) { $code = 401; throw new Exception('名字不能为空'); } if (!is_numeric($age)) { $code = 402; throw new Exception('年龄必须由数字组成'); } $database_obj = new database_class(); $res = $database_obj->save($name, $age); if ( !$res ) { $code = 403; throw new Exception('保存数据失败'); } $msg = 'ok'; } catch ( Exception $e ) { $msg = $e->getMessage(); } output_json($code,$data,$msg); // $data可以放置需要返回的数据// output_json函数在大function里面有~如果不想引入大function的话可以复制一份到自己项目// ========END=======?>
Reprinted from: https://www.cnblogs.com/xiaomendelu/p/5819708.html
Related recommendations:
Detailed explanation of php interface programming
How to use the php interface correctly
The above is the detailed content of First introduction to php interface. For more information, please follow other related articles on the PHP Chinese website!