Understanding RESTful APIs

REST (Representational State Transfer) is an architectural style that uses standard HTTP methods to manage resources. The primary HTTP methods used in RESTful APIs are:

  • GET: Retrieve data from the server.
  • POST: Send data to the server to create a new resource.
  • PUT: Update existing resources.
  • DELETE: Remove resources.

Setting Up Your PHP Environment

To start building a RESTful API, ensure you have a PHP environment set up. You can use tools like XAMPP, MAMP, or a cloud-based server. For this tutorial, we will use a simple file-based structure.

  1. Create Project Directory: Create a folder named rest_api in your web server's root directory.
  2. Create an index.php File: This will serve as the entry point for your API.

Basic API Structure

Here's a basic structure for your index.php file:

<?php
header("Content-Type: application/json; charset=UTF-8");

$requestMethod = $_SERVER["REQUEST_METHOD"];
$uri = explode('/', trim($_SERVER['PATH_INFO'], '/'));

switch ($requestMethod) {
    case 'GET':
        // Handle GET requests
        break;
    case 'POST':
        // Handle POST requests
        break;
    case 'PUT':
        // Handle PUT requests
        break;
    case 'DELETE':
        // Handle DELETE requests
        break;
    default:
        http_response_code(405);
        echo json_encode(["message" => "Method Not Allowed"]);
        break;
}
?>

Implementing CRUD Operations

Let’s implement basic CRUD operations for a users resource.

Sample Data

For simplicity, we will use an array to simulate a database:

$users = [
    ["id" => 1, "name" => "Alice", "email" => "[email protected]"],
    ["id" => 2, "name" => "Bob", "email" => "[email protected]"],
];

Handling GET Requests

To retrieve user data, implement the following code under the GET case:

case 'GET':
    if (isset($uri[1])) {
        $id = intval($uri[1]);
        $user = array_filter($users, fn($u) => $u['id'] === $id);
        echo json_encode(array_values($user));
    } else {
        echo json_encode($users);
    }
    break;

Handling POST Requests

To create a new user, add the following code under the POST case:

case 'POST':
    $input = json_decode(file_get_contents('php://input'), true);
    $newUser = [
        "id" => count($users) + 1,
        "name" => $input['name'],
        "email" => $input['email'],
    ];
    $users[] = $newUser;
    echo json_encode($newUser);
    break;

Handling PUT Requests

To update an existing user, include this code under the PUT case:

case 'PUT':
    $id = intval($uri[1]);
    $input = json_decode(file_get_contents('php://input'), true);
    foreach ($users as &$user) {
        if ($user['id'] === $id) {
            $user['name'] = $input['name'];
            $user['email'] = $input['email'];
            echo json_encode($user);
            break;
        }
    }
    break;

Handling DELETE Requests

To delete a user, add this code under the DELETE case:

case 'DELETE':
    $id = intval($uri[1]);
    foreach ($users as $key => $user) {
        if ($user['id'] === $id) {
            unset($users[$key]);
            echo json_encode(["message" => "User deleted"]);
            break;
        }
    }
    break;

Complete API Code

Here is the complete index.php code:

<?php
header("Content-Type: application/json; charset=UTF-8");

$requestMethod = $_SERVER["REQUEST_METHOD"];
$uri = explode('/', trim($_SERVER['PATH_INFO'], '/'));

$users = [
    ["id" => 1, "name" => "Alice", "email" => "[email protected]"],
    ["id" => 2, "name" => "Bob", "email" => "[email protected]"],
];

switch ($requestMethod) {
    case 'GET':
        if (isset($uri[1])) {
            $id = intval($uri[1]);
            $user = array_filter($users, fn($u) => $u['id'] === $id);
            echo json_encode(array_values($user));
        } else {
            echo json_encode($users);
        }
        break;
    case 'POST':
        $input = json_decode(file_get_contents('php://input'), true);
        $newUser = [
            "id" => count($users) + 1,
            "name" => $input['name'],
            "email" => $input['email'],
        ];
        $users[] = $newUser;
        echo json_encode($newUser);
        break;
    case 'PUT':
        $id = intval($uri[1]);
        $input = json_decode(file_get_contents('php://input'), true);
        foreach ($users as &$user) {
            if ($user['id'] === $id) {
                $user['name'] = $input['name'];
                $user['email'] = $input['email'];
                echo json_encode($user);
                break;
            }
        }
        break;
    case 'DELETE':
        $id = intval($uri[1]);
        foreach ($users as $key => $user) {
            if ($user['id'] === $id) {
                unset($users[$key]);
                echo json_encode(["message" => "User deleted"]);
                break;
            }
        }
        break;
    default:
        http_response_code(405);
        echo json_encode(["message" => "Method Not Allowed"]);
        break;
}
?>

Best Practices

  1. Use a Framework: For production applications, consider using a PHP framework like Laravel or Slim, which provides built-in support for routing and middleware.
  2. Input Validation: Always validate and sanitize user input to prevent security vulnerabilities.
  3. Error Handling: Implement comprehensive error handling to provide meaningful feedback to API consumers.
  4. Versioning: Consider versioning your API (e.g., /api/v1/users) to manage changes over time.

Learn more with useful resources