php - Securing Rest API with Basic Authentication -


i'm making rest api, called curl using ssl http (example: curl http://domain.com/api/v1/hello -x post -u my@email.com:1x5a6s9x4q1z2 -d post="data").

this @ moment - best , most-secured way it?

i'm concerned "hello" class - needs called if login valid.

<?php require_once '../rest.class.php';  class api extends rest {     protected $user;      public function __construct($request) {         parent::__construct($request);          $this->db = new pdo('mysql:host=******;dbname=******;charset=utf8', '******', '******');         $this->db->setattribute(pdo::attr_errmode, pdo::errmode_warning);         $this->db->setattribute(pdo::attr_emulate_prepares, false);          if(isset($_server['php_auth_user']) && isset($_server['php_auth_pw'])) {             $dbh = $this->db;              $sth = $dbh->prepare("select id user email=:email , api=:api limit 0,1");             $sth->execute(array(                 'email' => $_server['php_auth_user'],                 'api' => $_server['php_auth_pw']             ));              if($sth->rowcount() == 1) {                 while($row = $sth->fetch()) {                     $this->user = $row["id"];                 }             }             else {                 throw new exception('invalid api login credentials.');             }         }         else {             throw new exception('please provide valid api login credentials.');         }     }      protected function hello() {         if($this->method == 'post') {             $response = array();              $response['user'] = $this->user;              $response['method'] = $this->method;              return $response;         }         else {             return "only accepts post requests";         }     } }  try {     $api = new api($_request['request']);      echo $api->processapi(); } catch (exception $e) {     echo json_encode(array(         'error' => $e->getmessage()     )); } ?>

you can create new function validate user

function validate_user() {  } , call function in hello   protected function hello()  {  if($this->validate_user())  {    if($this->method == 'post') {             $response = array();              $response['user'] = $this->user;              $response['method'] = $this->method;              return $response;         }         else {             return "only accepts post requests";         }  } }

Comments

Post a Comment

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

Image
i have page in each contest shown in row. each row contains contest id , link other model names have foreign key contest. news model: class news(models.model): title = models.charfield(max_length=50, null=true) description = models.textfield() time = models.timefield( default= datetime.datetime.now().time()) contest = models.foreignkey(contest) i want use admin adding , changing these models. want when user clicks on 'news' has foreign key contest id=1, shows list of news value foreign key. use {% instance in instances %} <tr class="{% cycle 'row1' 'row2' %}"> <td>{{ instance.title }}</td> <td>{{ instance.starttime }}</td> <td>{{ instance.timespan }}</td> <td>{{ instance.date }}</td> <td><a href="/adm...
Read more

android - Keyboard hides my half of edit-text and button below it even in scroll view -

i having trouble keyboard covers edit-text , half of button in scroll view. here's layout , please tell me how should resolve problem. many questions on topic none of them s working me. <?xml version="1.0" encoding="utf-8"?> <linearlayout xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:background="@drawable/bg" android:layout_height="match_parent"> <scrollview android:layout_width="match_parent" android:fillviewport="true" android:layout_height="match_parent"> <relativelayout android:layout_width="match_parent" android:layout_height="wrap_content" android:orientation="vertical"> <linearlayout android:layout_width="match_parent" android:layout_height="w...
Read more

css - Make div keyboard-scrollable in jQuery Mobile? -

from can tell, although jquery-mobile-powered pages can contain divs overflow set scroll or auto, , these divs can scrolled one-screen bar or mouse wheel, cannot scrolled using arrow keys, page-up/page-down, or home/end. instead, official "page" div (with data-role="page") absorbs input. perhaps other divs can't acquire focus, i'm not sure. is there way around this? edit: jsfiddle of simple example: https://jsfiddle.net/qogz0shx/ <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js"> </script> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"/> <style> #outer { overflow:scroll; height: 50vh; width: 50vw; } #inner { height: 500vh; width: 500vw; } ...
Read more