How To Create A Simple REST API in PHP? Step By Step Guide!

create-simple-rest-api-in-php

Previously, we learned how to create, read, update and delete database records (CRUD operations) with our PHP, MySQL & OOP CRUD Tutorial.

Today, before we go to JavaScript programming, we will learn how to create a simple REST API in PHP. Enjoy our step-by-step tutorial below!

Project Overview

What is REST API?

To define “REST API”, we have to know what is “REST” and what is “API” first. I’ll do my best to explain it in simple terms because REST has a lot of concepts inside of it that could mean a lot of things.

REST stands for “REpresentational State Transfer”. It is a concept or architecture for managing information over the internet. REST concepts are referred to as resources. A representation of a resource must be stateless. It is usually represented by JSON. This post is worth reading: How I Explained REST to My Wife?

API stands for “Application Programming Interface”. It is a set of rules that allows one piece of software application to talk to another. Those “rules” can include the create, read, update and delete operations.

REST API enables your application to cooperate with one or several different applications using REST concepts. If you want to learn more, watch the video below.

Why do we need REST API?

In many applications, REST API is a need because this is the lightest way to create, read, update or delete information between different applications over the internet or HTTP protocol. This information is presented to the user in an instant especially if you use JavaScript to render the data on a webpage.

Where REST API is used?

REST API can be used by any application that can connect to the internet. If data from an application can be created, read, updated or deleted using another application, it usually means a REST API is used.

REST API in our tutorials

A REST API is needed for our AJAX CRUD Tutorial. But don’t mind it for now. We will do it one step at a time. You don’t need to learn all of it as well. Just choose what you need to learn.

But one thing is for sure, this source code is good enough and works for our JavaScript tutorials.

File structure

At the end of this tutorial, we will have the following folders and files.
├─ api/
├─── config/
├────── core.php – file used for core configuration
├────── database.php – file used for connecting to the database.
├─── objects/
├────── product.php – contains properties and methods for “product” database queries.
├────── category.php – contains properties and methods for “category” database queries.
├─── product/
├────── create.php – a file that will accept posted product data to be saved to the database.
├────── delete.php – a file that will accept a product ID to delete a database record.
├────── read.php – a file that will output JSON data based on “products” database records.
├────── read_paging.php – a file that will output “products” JSON data with pagination.
├────── read_one.php – a file that will accept product ID to read a record from the database.
├────── update.php – a file that will accept a product ID to update a database record.
├────── search.php – a file that will accept keywords parameter to search “products” database.
├─── category/
├────── read.php – a file that will output JSON data based on “categories” database records.
├─── shared/
├────── utilities.php – a file that will return pagination array.

Setup the database

Using PhpMyAdmin, create a new api_db database. Yes, api_db is the database name. After that, run the following SQL queries to create new tables with sample data.

Create categories table

CREATE TABLE IF NOT EXISTS `categories` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(256) NOT NULL,
  `description` text NOT NULL,
  `created` datetime NOT NULL,
  `modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=19 ;

Dump data for categories table

INSERT INTO `categories` (`id`, `name`, `description`, `created`, `modified`) VALUES
(1, 'Fashion', 'Category for anything related to fashion.', '2014-06-01 00:35:07', '2014-05-30 17:34:33'),
(2, 'Electronics', 'Gadgets, drones and more.', '2014-06-01 00:35:07', '2014-05-30 17:34:33'),
(3, 'Motors', 'Motor sports and more', '2014-06-01 00:35:07', '2014-05-30 17:34:54'),
(5, 'Movies', 'Movie products.', '0000-00-00 00:00:00', '2016-01-08 13:27:26'),
(6, 'Books', 'Kindle books, audio books and more.', '0000-00-00 00:00:00', '2016-01-08 13:27:47'),
(13, 'Sports', 'Drop into new winter gear.', '2016-01-09 02:24:24', '2016-01-09 01:24:24');

Products table

CREATE TABLE IF NOT EXISTS `products` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(32) NOT NULL,
  `description` text NOT NULL,
  `price` decimal(10,0) NOT NULL,
  `category_id` int(11) NOT NULL,
  `created` datetime NOT NULL,
  `modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=65 ;

Dump data for products table

INSERT INTO `products` (`id`, `name`, `description`, `price`, `category_id`, `created`, `modified`) VALUES
(1, 'LG P880 4X HD', 'My first awesome phone!', '336', 3, '2014-06-01 01:12:26', '2014-05-31 17:12:26'),
(2, 'Google Nexus 4', 'The most awesome phone of 2013!', '299', 2, '2014-06-01 01:12:26', '2014-05-31 17:12:26'),
(3, 'Samsung Galaxy S4', 'How about no?', '600', 3, '2014-06-01 01:12:26', '2014-05-31 17:12:26'),
(6, 'Bench Shirt', 'The best shirt!', '29', 1, '2014-06-01 01:12:26', '2014-05-31 02:12:21'),
(7, 'Lenovo Laptop', 'My business partner.', '399', 2, '2014-06-01 01:13:45', '2014-05-31 02:13:39'),
(8, 'Samsung Galaxy Tab 10.1', 'Good tablet.', '259', 2, '2014-06-01 01:14:13', '2014-05-31 02:14:08'),
(9, 'Spalding Watch', 'My sports watch.', '199', 1, '2014-06-01 01:18:36', '2014-05-31 02:18:31'),
(10, 'Sony Smart Watch', 'The coolest smart watch!', '300', 2, '2014-06-06 17:10:01', '2014-06-05 18:09:51'),
(11, 'Huawei Y300', 'For testing purposes.', '100', 2, '2014-06-06 17:11:04', '2014-06-05 18:10:54'),
(12, 'Abercrombie Lake Arnold Shirt', 'Perfect as gift!', '60', 1, '2014-06-06 17:12:21', '2014-06-05 18:12:11'),
(13, 'Abercrombie Allen Brook Shirt', 'Cool red shirt!', '70', 1, '2014-06-06 17:12:59', '2014-06-05 18:12:49'),
(26, 'Another product', 'Awesome product!', '555', 2, '2014-11-22 19:07:34', '2014-11-21 20:07:34'),
(28, 'Wallet', 'You can absolutely use this one!', '799', 6, '2014-12-04 21:12:03', '2014-12-03 22:12:03'),
(31, 'Amanda Waller Shirt', 'New awesome shirt!', '333', 1, '2014-12-13 00:52:54', '2014-12-12 01:52:54'),
(42, 'Nike Shoes for Men', 'Nike Shoes', '12999', 3, '2015-12-12 06:47:08', '2015-12-12 05:47:08'),
(48, 'Bristol Shoes', 'Awesome shoes.', '999', 5, '2016-01-08 06:36:37', '2016-01-08 05:36:37'),
(60, 'Rolex Watch', 'Luxury watch.', '25000', 1, '2016-01-11 15:46:02', '2016-01-11 14:46:02');

Connect to database

The code below shows the database credentials and a method to get a database connection using PDO. If you’re not yet familiar with PDO, please learn from our PHP OOP CRUD Tutorial first.

  • Create api folder. Open api folder.
  • Create config folder. Open config folder.
  • Create a database.php file. Place the following code inside it.
<?php
class Database{
 
    // specify your own database credentials
    private $host = "localhost";
    private $db_name = "api_db";
    private $username = "root";
    private $password = "";
    public $conn;
 
    // get the database connection
    public function getConnection(){
 
        $this->conn = null;
 
        try{
            $this->conn = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->db_name, $this->username, $this->password);
            $this->conn->exec("set names utf8");
        }catch(PDOException $exception){
            echo "Connection error: " . $exception->getMessage();
        }
 
        return $this->conn;
    }
}
?>

Read products

Product object

The code below shows a class named Product with several of its properties. It also shows a constructor method that will accept the database connection.

We will use this class to read data from the database.

  • Open api folder.
  • Create objects folder.
  • Open objects folder.
  • Create product.php file.
  • Place the following code inside it.
<?php
class Product{
 
    // database connection and table name
    private $conn;
    private $table_name = "products";
 
    // object properties
    public $id;
    public $name;
    public $description;
    public $price;
    public $category_id;
    public $category_name;
    public $created;
 
    // constructor with $db as database connection
    public function __construct($db){
        $this->conn = $db;
    }
}
?>

Create file to read products

The code below shows headers about who can read this file and which type of content it will return.

In this case, our read.php the file can be read by anyone (asterisk * means all) and will return a data in JSON format.

  • Open api folder.
  • Create product folder.
  • Open product folder.
  • Create read.php file.
  • Place the following code inside it.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
 
// database connection will be here

Connect to database and products table

In the code below, we included the database.php and product.php files. These are the files we created earlier.

We need to use the getConnection() method of the Database class to get a database connection. We pass this connection to the Product class.

Replace of // database connection will be here comment of read.php file with the following code.

// include database and object files
include_once '../config/database.php';
include_once '../objects/product.php';
 
// instantiate database and product object
$database = new Database();
$db = $database->getConnection();
 
// initialize object
$product = new Product($db);
 
// read products will be here

Read products from the database

In the code below, we used the read() method of Product class to read data from the database. Through the $num variable, we check if there are records found.

If there are records found, we loop through it using the while loop, add each record to the $products_arr array, set a 200 OK response code and show it to the user in JSON format.

Replace of // read products will be here comment of read.php file with the following code.

// query products
$stmt = $product->read();
$num = $stmt->rowCount();
 
// check if more than 0 record found
if($num>0){
 
    // products array
    $products_arr=array();
    $products_arr["records"]=array();
 
    // retrieve our table contents
    // fetch() is faster than fetchAll()
    // http://stackoverflow.com/questions/2770630/pdofetchall-vs-pdofetch-in-a-loop
    while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
        // extract row
        // this will make $row['name'] to
        // just $name only
        extract($row);
 
        $product_item=array(
            "id" => $id,
            "name" => $name,
            "description" => html_entity_decode($description),
            "price" => $price,
            "category_id" => $category_id,
            "category_name" => $category_name
        );
 
        array_push($products_arr["records"], $product_item);
    }
 
    // set response code - 200 OK
    http_response_code(200);
 
    // show products data in json format
    echo json_encode($products_arr);
}
 
// no products found will be here

Add product “read()” method

We used the read() method in the previous section but it does not exist yet in the Product class. We need to add this read() method. The code below shows the query to get records from the database.

  • Open objects folder.
  • Open product.php file.
  • Place the following code inside the Product class.
  • To make sure you added it correctly, place the code before the last closing curly brace.
// read products
function read(){
 
    // select all query
    $query = "SELECT
                c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
            FROM
                " . $this->table_name . " p
                LEFT JOIN
                    categories c
                        ON p.category_id = c.id
            ORDER BY
                p.created DESC";
 
    // prepare query statement
    $stmt = $this->conn->prepare($query);
 
    // execute query
    $stmt->execute();
 
    return $stmt;
}

Tell the user no products found

If the $num variable has a value of zero or negative, it means there are no records returned from the database. We need to tell the user about this.

On the code below, we set the response code to 404 - Not found and a message that says No products found.

Replace of // no products found will be here comment of read.php file with the following code.

else{
 
    // set response code - 404 Not found
    http_response_code(404);
 
    // tell the user no products found
    echo json_encode(
        array("message" => "No products found.")
    );
}

Output

You need to use POSTMAN to test our API. Download your version of POSTMAN here.

Launch POSTMAN. Enter the following as the request URL.

http://localhost/api/product/read.php

Click the blue “Send” button.

  • Output if there are product data.
  • Output if there are no product data.

Create Product

Create create.php file

  • Open product folder.
  • Create a new create.php file.
  • Open that file and put the following code inside it.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 
// get database connection
include_once '../config/database.php';
 
// instantiate product object
include_once '../objects/product.php';
 
$database = new Database();
$db = $database->getConnection();
 
$product = new Product($db);
 
// get posted data
$data = json_decode(file_get_contents("php://input"));
 
// make sure data is not empty
if(
    !empty($data->name) &&
    !empty($data->price) &&
    !empty($data->description) &&
    !empty($data->category_id)
){
 
    // set product property values
    $product->name = $data->name;
    $product->price = $data->price;
    $product->description = $data->description;
    $product->category_id = $data->category_id;
    $product->created = date('Y-m-d H:i:s');
 
    // create the product
    if($product->create()){
 
        // set response code - 201 created
        http_response_code(201);
 
        // tell the user
        echo json_encode(array("message" => "Product was created."));
    }
 
    // if unable to create the product, tell the user
    else{
 
        // set response code - 503 service unavailable
        http_response_code(503);
 
        // tell the user
        echo json_encode(array("message" => "Unable to create product."));
    }
}
 
// tell the user data is incomplete
else{
 
    // set response code - 400 bad request
    http_response_code(400);
 
    // tell the user
    echo json_encode(array("message" => "Unable to create product. Data is incomplete."));
}
?>

Product create() method

  • Open objects folder.
  • Open product.php file.
  • The previous section will not work without the following code inside the Product (objects/product.php) class.
// create product
function create(){
 
    // query to insert record
    $query = "INSERT INTO
                " . $this->table_name . "
            SET
                name=:name, price=:price, description=:description, category_id=:category_id, created=:created";
 
    // prepare query
    $stmt = $this->conn->prepare($query);
 
    // sanitize
    $this->name=htmlspecialchars(strip_tags($this->name));
    $this->price=htmlspecialchars(strip_tags($this->price));
    $this->description=htmlspecialchars(strip_tags($this->description));
    $this->category_id=htmlspecialchars(strip_tags($this->category_id));
    $this->created=htmlspecialchars(strip_tags($this->created));
 
    // bind values
    $stmt->bindParam(":name", $this->name);
    $stmt->bindParam(":price", $this->price);
    $stmt->bindParam(":description", $this->description);
    $stmt->bindParam(":category_id", $this->category_id);
    $stmt->bindParam(":created", $this->created);
 
    // execute query
    if($stmt->execute()){
        return true;
    }
 
    return false;
     
}

Output

To test for the successful creation of a product, open POSTMAN. Enter the following as the request URL

http://localhost/api/product/create.php
  • Click the “Body” tab.
  • Click “raw”.
  • Enter this JSON value:
{
    "name" : "Amazing Pillow 2.0",
    "price" : "199",
    "description" : "The best pillow for amazing programmers.",
    "category_id" : 2,
    "created" : "2018-06-01 00:35:07"
}
  • It should look like this:
  • If the system is unable to create the product, it should look like this:
  • If the sent data is incomplete, for example, it is missing the price data, the output should look like this:

Read One Product

Create read_one.php file

  • Open product folder.
  • Create a w read_one.php file.
  • Open that file and put the following code.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: access");
header("Access-Control-Allow-Methods: GET");
header("Access-Control-Allow-Credentials: true");
header('Content-Type: application/json');
 
// include database and object files
include_once '../config/database.php';
include_once '../objects/product.php';
 
// get database connection
$database = new Database();
$db = $database->getConnection();
 
// prepare product object
$product = new Product($db);
 
// set ID property of record to read
$product->id = isset($_GET['id']) ? $_GET['id'] : die();
 
// read the details of product to be edited
$product->readOne();
 
if($product->name!=null){
    // create array
    $product_arr = array(
        "id" =>  $product->id,
        "name" => $product->name,
        "description" => $product->description,
        "price" => $product->price,
        "category_id" => $product->category_id,
        "category_name" => $product->category_name
 
    );
 
    // set response code - 200 OK
    http_response_code(200);
 
    // make it json format
    echo json_encode($product_arr);
}
 
else{
    // set response code - 404 Not found
    http_response_code(404);
 
    // tell the user product does not exist
    echo json_encode(array("message" => "Product does not exist."));
}
?>

Product readOne() method

  • Open objects folder.
  • Open product.php file.
  • The previous section will not work without the following code inside the Product class.
// used when filling up the update product form
function readOne(){
 
    // query to read single record
    $query = "SELECT
                c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
            FROM
                " . $this->table_name . " p
                LEFT JOIN
                    categories c
                        ON p.category_id = c.id
            WHERE
                p.id = ?
            LIMIT
                0,1";
 
    // prepare query statement
    $stmt = $this->conn->prepare( $query );
 
    // bind id of product to be updated
    $stmt->bindParam(1, $this->id);
 
    // execute query
    $stmt->execute();
 
    // get retrieved row
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
 
    // set values to object properties
    $this->name = $row['name'];
    $this->price = $row['price'];
    $this->description = $row['description'];
    $this->category_id = $row['category_id'];
    $this->category_name = $row['category_name'];
}

Output

  • First, we will test for a product that exists. Open POSTMAN. Enter the following as the request URL. Click the blue “Send” button.
http://localhost/api/product/read_one.php?id=60
  • Next, we will test for a product that does not exist. Enter the following as the request URL. Click the blue “Send” button.
http://localhost/api/product/read_one.php?id=999

Update product

Create “update.php” file

  • Open product folder.
  • Create a new update.php file.
  • Open that file and put the following code inside it.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 
// include database and object files
include_once '../config/database.php';
include_once '../objects/product.php';
 
// get database connection
$database = new Database();
$db = $database->getConnection();
 
// prepare product object
$product = new Product($db);
 
// get id of product to be edited
$data = json_decode(file_get_contents("php://input"));
 
// set ID property of product to be edited
$product->id = $data->id;
 
// set product property values
$product->name = $data->name;
$product->price = $data->price;
$product->description = $data->description;
$product->category_id = $data->category_id;
 
// update the product
if($product->update()){
 
    // set response code - 200 ok
    http_response_code(200);
 
    // tell the user
    echo json_encode(array("message" => "Product was updated."));
}
 
// if unable to update the product, tell the user
else{
 
    // set response code - 503 service unavailable
    http_response_code(503);
 
    // tell the user
    echo json_encode(array("message" => "Unable to update product."));
}
?>

Product update() method

  • Open objects folder.
  • Open product.php file.
  • The previous section will not work without the following code inside the Product class.
// update the product
function update(){
 
    // update query
    $query = "UPDATE
                " . $this->table_name . "
            SET
                name = :name,
                price = :price,
                description = :description,
                category_id = :category_id
            WHERE
                id = :id";
 
    // prepare query statement
    $stmt = $this->conn->prepare($query);
 
    // sanitize
    $this->name=htmlspecialchars(strip_tags($this->name));
    $this->price=htmlspecialchars(strip_tags($this->price));
    $this->description=htmlspecialchars(strip_tags($this->description));
    $this->category_id=htmlspecialchars(strip_tags($this->category_id));
    $this->id=htmlspecialchars(strip_tags($this->id));
 
    // bind new values
    $stmt->bindParam(':name', $this->name);
    $stmt->bindParam(':price', $this->price);
    $stmt->bindParam(':description', $this->description);
    $stmt->bindParam(':category_id', $this->category_id);
    $stmt->bindParam(':id', $this->id);
 
    // execute the query
    if($stmt->execute()){
        return true;
    }
 
    return false;
}

Output

Open POSTMAN. Enter the following as the request URL.

http://localhost/api/product/update.php
  • Click the “Body” tab.
  • Click “raw”.
  • Enter the following JSON value.
  • Make sure the ID exists in your database.
  • Click the blue “Send” button.
{
    "id" : "106",
    "name" : "Amazing Pillow 3.0",
    "price" : "255",
    "description" : "The best pillow for amazing programmers.",
    "category_id" : 2,
    "created" : "2018-08-01 00:35:07"
}

The product ID 106, is just an example. You need to specify a product ID that exists in your database.

If you specify an ID that does not exist in the database, it might still say that the product was updated. It does not update anything on the database but the query was executed successfully without any syntax errors.

To prevent this, you need an extra validation where you check if an ID exists in the database. This feature is not yet part of our tutorial.

  • If updating a product is successful, it should look like this:
  • If the system fails to update the product, the output will look like this:

Delete Product

Create “delete.php” file

  • Open product folder.
  • Create new delete.php file.
  • Open that file and put the following code inside it.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 
// include database and object file
include_once '../config/database.php';
include_once '../objects/product.php';
 
// get database connection
$database = new Database();
$db = $database->getConnection();
 
// prepare product object
$product = new Product($db);
 
// get product id
$data = json_decode(file_get_contents("php://input"));
 
// set product id to be deleted
$product->id = $data->id;
 
// delete the product
if($product->delete()){
 
    // set response code - 200 ok
    http_response_code(200);
 
    // tell the user
    echo json_encode(array("message" => "Product was deleted."));
}
 
// if unable to delete the product
else{
 
    // set response code - 503 service unavailable
    http_response_code(503);
 
    // tell the user
    echo json_encode(array("message" => "Unable to delete product."));
}
?>

Product delete() method

  • Open objects folder.
  • Open product.php file.
  • The previous section will not work without the following code inside the Product class.
// delete the product
function delete(){
 
    // delete query
    $query = "DELETE FROM " . $this->table_name . " WHERE id = ?";
 
    // prepare query
    $stmt = $this->conn->prepare($query);
 
    // sanitize
    $this->id=htmlspecialchars(strip_tags($this->id));
 
    // bind id of record to delete
    $stmt->bindParam(1, $this->id);
 
    // execute query
    if($stmt->execute()){
        return true;
    }
 
    return false;
}

Output

Open POSTMAN. Enter the following as the request URL.

http://localhost/api/product/delete.php
  • Click the “Body” tab.
  • Click “raw”.
  • Enter the following JSON value.
  • Make sure the ID exists in your database.
  • Click the blue “Send” button.
{
    "id" : "106"
}
  • If a product was successfully deleted, it should look like this:
  • If the system fails to delete the product, the output will look like this:

Search Products

Create “search.php” file

  • Open product folder.
  • Create a search.php file.
  • Open that file and place the following code.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
 
// include database and object files
include_once '../config/core.php';
include_once '../config/database.php';
include_once '../objects/product.php';
 
// instantiate database and product object
$database = new Database();
$db = $database->getConnection();
 
// initialize object
$product = new Product($db);
 
// get keywords
$keywords=isset($_GET["s"]) ? $_GET["s"] : "";
 
// query products
$stmt = $product->search($keywords);
$num = $stmt->rowCount();
 
// check if more than 0 record found
if($num>0){
 
    // products array
    $products_arr=array();
    $products_arr["records"]=array();
 
    // retrieve our table contents
    // fetch() is faster than fetchAll()
    // http://stackoverflow.com/questions/2770630/pdofetchall-vs-pdofetch-in-a-loop
    while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
        // extract row
        // this will make $row['name'] to
        // just $name only
        extract($row);
 
        $product_item=array(
            "id" => $id,
            "name" => $name,
            "description" => html_entity_decode($description),
            "price" => $price,
            "category_id" => $category_id,
            "category_name" => $category_name
        );
 
        array_push($products_arr["records"], $product_item);
    }
 
    // set response code - 200 OK
    http_response_code(200);
 
    // show products data
    echo json_encode($products_arr);
}
 
else{
    // set response code - 404 Not found
    http_response_code(404);
 
    // tell the user no products found
    echo json_encode(
        array("message" => "No products found.")
    );
}
?>

Create search() method

  • Open objects folder.
  • Open product.php file.
  • Add the following search() method.
// search products
function search($keywords){
 
    // select all query
    $query = "SELECT
                c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
            FROM
                " . $this->table_name . " p
                LEFT JOIN
                    categories c
                        ON p.category_id = c.id
            WHERE
                p.name LIKE ? OR p.description LIKE ? OR c.name LIKE ?
            ORDER BY
                p.created DESC";
 
    // prepare query statement
    $stmt = $this->conn->prepare($query);
 
    // sanitize
    $keywords=htmlspecialchars(strip_tags($keywords));
    $keywords = "%{$keywords}%";
 
    // bind
    $stmt->bindParam(1, $keywords);
    $stmt->bindParam(2, $keywords);
    $stmt->bindParam(3, $keywords);
 
    // execute query
    $stmt->execute();
 
    return $stmt;
}

Output

Open POSTMAN. Enter the following as the request URL.

http://localhost/api/product/search.php?s=shirt

Click the blue “Send” button.

  • If there was a product found, it should look like this:
  • If there are no products found, the output will look like this:

Paginate Products

Create “read_paging.php” file

  • Open product folder.
  • Create read_paging.php file.
<?php
// required headers
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
 
// include database and object files
include_once '../config/core.php';
include_once '../shared/utilities.php';
include_once '../config/database.php';
include_once '../objects/product.php';
 
// utilities
$utilities = new Utilities();
 
// instantiate database and product object
$database = new Database();
$db = $database->getConnection();
 
// initialize object
$product = new Product($db);
 
// query products
$stmt = $product->readPaging($from_record_num, $records_per_page);
$num = $stmt->rowCount();
 
// check if more than 0 record found
if($num>0){
 
    // products array
    $products_arr=array();
    $products_arr["records"]=array();
    $products_arr["paging"]=array();
 
    // retrieve our table contents
    // fetch() is faster than fetchAll()
    // http://stackoverflow.com/questions/2770630/pdofetchall-vs-pdofetch-in-a-loop
    while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
        // extract row
        // this will make $row['name'] to
        // just $name only
        extract($row);
 
        $product_item=array(
            "id" => $id,
            "name" => $name,
            "description" => html_entity_decode($description),
            "price" => $price,
            "category_id" => $category_id,
            "category_name" => $category_name
        );
 
        array_push($products_arr["records"], $product_item);
    }
 
 
    // include paging
    $total_rows=$product->count();
    $page_url="{$home_url}product/read_paging.php?";
    $paging=$utilities->getPaging($page, $total_rows, $records_per_page, $page_url);
    $products_arr["paging"]=$paging;
 
    // set response code - 200 OK
    http_response_code(200);
 
    // make it json format
    echo json_encode($products_arr);
}
 
else{
 
    // set response code - 404 Not found
    http_response_code(404);
 
    // tell the user products does not exist
    echo json_encode(
        array("message" => "No products found.")
    );
}
?>

Create “core.php” file

This file holds our core configuration like the home URL and pagination variables.

  • Open the config folder.
  • Create core.php file.
  • Open core.php file.
  • Place the following code.
<?php
// show error reporting
ini_set('display_errors', 1);
error_reporting(E_ALL);
 
// home page url
$home_url="http://localhost/api/";
 
// page given in URL parameter, default page is one
$page = isset($_GET['page']) ? $_GET['page'] : 1;
 
// set number of records per page
$records_per_page = 5;
 
// calculate for the query LIMIT clause
$from_record_num = ($records_per_page * $page) - $records_per_page;
?>

Create “readPaging()” method

  • Open objects folder.
  • Open product.php file.
  • Add the following method inside the product class.
  • This method will return a list of records limited to what we set in $records_per_page of the previous section.
// read products with pagination
public function readPaging($from_record_num, $records_per_page){
 
    // select query
    $query = "SELECT
                c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
            FROM
                " . $this->table_name . " p
                LEFT JOIN
                    categories c
                        ON p.category_id = c.id
            ORDER BY p.created DESC
            LIMIT ?, ?";
 
    // prepare query statement
    $stmt = $this->conn->prepare( $query );
 
    // bind variable values
    $stmt->bindParam(1, $from_record_num, PDO::PARAM_INT);
    $stmt->bindParam(2, $records_per_page, PDO::PARAM_INT);
 
    // execute query
    $stmt->execute();
 
    // return values from database
    return $stmt;
}

Create “count()” method

Still in the product class (product.php file), add the following method. The total rows are needed to build the pagination array. It is included in the ‘paging’ computation.

// used for paging products
public function count(){
    $query = "SELECT COUNT(*) as total_rows FROM " . $this->table_name . "";
 
    $stmt = $this->conn->prepare( $query );
    $stmt->execute();
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
 
    return $row['total_rows'];
}

Get “paging” array

  • Create shared folder.
  • Open shared folder.
  • Create utilities.php file.
  • Open utilities.php file and place the following code.
<?php
class Utilities{
 
    public function getPaging($page, $total_rows, $records_per_page, $page_url){
 
        // paging array
        $paging_arr=array();
 
        // button for first page
        $paging_arr["first"] = $page>1 ? "{$page_url}page=1" : "";
 
        // count all products in the database to calculate total pages
        $total_pages = ceil($total_rows / $records_per_page);
 
        // range of links to show
        $range = 2;
 
        // display links to 'range of pages' around 'current page'
        $initial_num = $page - $range;
        $condition_limit_num = ($page + $range)  + 1;
 
        $paging_arr['pages']=array();
        $page_count=0;
         
        for($x=$initial_num; $x<$condition_limit_num; $x++){
            // be sure '$x is greater than 0' AND 'less than or equal to the $total_pages'
            if(($x > 0) && ($x <= $total_pages)){
                $paging_arr['pages'][$page_count]["page"]=$x;
                $paging_arr['pages'][$page_count]["url"]="{$page_url}page={$x}";
                $paging_arr['pages'][$page_count]["current_page"] = $x==$page ? "yes" : "no";
 
                $page_count++;
            }
        }
 
        // button for last page
        $paging_arr["last"] = $page<$total_pages ? "{$page_url}page={$total_pages}" : "";
 
        // json format
        return $paging_arr;
    }
 
}
?>

Output

Open POSTMAN. Enter the following as the request URL.

http://localhost/api/product/read_paging.php

Click the blue “Send” button.

  • If there are products found, scroll down to see the paging node. It should look like this:
  • If there are no products found, the output will look like this:

Read Categories

Create “category.php” file

  • Open objects folder.
  • Create new category.php file.
  • Place the following code inside the category.php file.
<?php
class Category{
 
    // database connection and table name
    private $conn;
    private $table_name = "categories";
 
    // object properties
    public $id;
    public $name;
    public $description;
    public $created;
 
    public function __construct($db){
        $this->conn = $db;
    }
 
    // used by select drop-down list
    public function readAll(){
        //select all data
        $query = "SELECT
                    id, name, description
                FROM
                    " . $this->table_name . "
                ORDER BY
                    name";
 
        $stmt = $this->conn->prepare( $query );
        $stmt->execute();
 
        return $stmt;
    }
}
?>

Create “read.php” file

  • Create new category folder.
  • Open that folder and create new read.php file inside it.
  • Open read.php file and place the following code.
<?php
// required header
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
 
// include database and object files
include_once '../config/database.php';
include_once '../objects/category.php';
 
// instantiate database and category object
$database = new Database();
$db = $database->getConnection();
 
// initialize object
$category = new Category($db);
 
// query categorys
$stmt = $category->read();
$num = $stmt->rowCount();
 
// check if more than 0 record found
if($num>0){
 
    // products array
    $categories_arr=array();
    $categories_arr["records"]=array();
 
    // retrieve our table contents
    // fetch() is faster than fetchAll()
    // http://stackoverflow.com/questions/2770630/pdofetchall-vs-pdofetch-in-a-loop
    while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
        // extract row
        // this will make $row['name'] to
        // just $name only
        extract($row);
 
        $category_item=array(
            "id" => $id,
            "name" => $name,
            "description" => html_entity_decode($description)
        );
 
        array_push($categories_arr["records"], $category_item);
    }
 
    // set response code - 200 OK
    http_response_code(200);
 
    // show categories data in json format
    echo json_encode($categories_arr);
}
 
else{
 
    // set response code - 404 Not found
    http_response_code(404);
 
    // tell the user no categories found
    echo json_encode(
        array("message" => "No categories found.")
    );
}
?>

Add Category “read()” method

  • Open objects folder.
  • Open category.php file.
  • The previous section’s code will not work without the following code inside the category.php file.
  • Add the following method inside the Category class.
// used by select drop-down list
public function read(){
 
    //select all data
    $query = "SELECT
                id, name, description
            FROM
                " . $this->table_name . "
            ORDER BY
                name";
 
    $stmt = $this->conn->prepare( $query );
    $stmt->execute();
 
    return $stmt;
}

Output

Open POSTMAN. Enter the following as the request URL.

http://localhost/api/category/read.php

Click the blue “Send” button.

  • If there are categories found, it should look like this:
  • If there are no categories found, the output will look like this:

Download Source Codes

We highly recommend for you to follow and study our well-detailed, step-by-step tutorial above first. Nothing beats experience when it comes to learning.

But we believe you will learn faster if you’ll see the final source code as well. We consider it as your additional guide.

Imagine the value or skill upgrade it can bring you. The additional income you can get from your work, projects or business. The precious time you save. Isn’t that what you want?

Download LEVEL 1 source code

FEATURES LEVEL 1
Create product YES
Read products YES
Read one product YES
Update product YES
Delete product YES
Search products YES
Paginate products YES
Read categories YES
FREE email support for 3 months YES
Source code updates via email YES
$30 – Download now

Download LEVEL 2 source code

Before downloading the LEVEL 2 source code, I highly recommend learning the LEVEL 1 source code first. Use our tutorial above. LEVEL 2 might be a bit challenging to understand if you don’t fully understand LEVEL 1.

FEATURES LEVEL 2
All features of LEVEL 1 source code YES
Delete selected product YES
Export product CSV YES
Read products by category YES
Search products with pagination YES
Create category YES
Read categories YES
Read one category YES
Update category YES
Delete category YES
Search categories YES
Paginate categories YES
Delete selected categories YES
Export categories CSV YES
Search categories with pagination YES
FREE email support for 6 months YES
Source code updates via email YES
$50 – Download now

What’s Next?

You have two options:

a. Take your skills to the next level by learning how to do REST API authentication (with user interface) on our REST API Authentication Example in PHP – JWT Tutorial.

b. The tutorial above focuses on the API side, without any user interface. We will learn how to create, read, update and delete database records (with user interface) on our AJAX CRUD Tutorial.

If you want to receive new and updated high-quality tutorials, please subscribe for free.

Related Tutorials

We listed all our high quality full-stack web development tutorials here: Click here.

Notes

Found An Issue?


If you found a problem with this code, please send us an email. Before you send an email, please read our our code of conduct. Our team's email address is [email protected]


Please be descriptive about your issue. Please provide the error messages, screenshots (or screen recording) and your test URL. Thanks!


Subscribe to CodeOfaNinja


Receive valuable web development tutorials to your email. Subscribe now for FREE!



Thank You!

Please note that this post is not yet in its final form. We are going to update this post so it will be perfect in the future.

If you have a friend or know someone who needs this PHP REST API Tutorial, please share this page to them! I know you will help them a lot by doing it. Thanks!

By Mike Dalisay

I'm Mike Dalisay, a pro web developer since 2010. I love web development. Improving our tutorials and source codes makes me happy. Do you want to suggest an edit to our tutorial? Got something to ask about our source codes? You may use our comments section below or email our team at [email protected]

185 comments

  1. I am new to PHP and didn’t know that I had to initialize the vars in a constructor function. here is my initial question:

    HI :) I built a rest API with this tutorial, I enjoyed it a lot. Thank you! Now I am trying to deploy the API on Heroku. But I am having trouble with the database.php configurations. Bc this code examples depends on the class database which is used to set up the connection to the Database and PHP doesn’t want me to put my environment variables to access the Heroku DB within the class. Any hints on how I could solve that?

  2. This is too complex.
    I want to look at how to implement endpoints with PHP versus Express or Rails or Djanngo.
    Most of this is about database and retrieving data. It’s a lot of stuff that skips an overview of essential.
    I give it an F.

  3. Hi, everybody,

    i’m trying this code but I don’t know why I can’t create a product. it return me 503 error code. Any idea?

    1. conn = $db;
      }
      }

      // read products
      function read() {

      // select all query
      $query = “SELECT
      c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
      FROM
      ” . $this->table_name . ” p
      LEFT JOIN
      categories c
      ON p.category_id = c.id
      ORDER BY
      p.created DESC”;

      // prepare query statement
      $stmt = $this->conn->prepare($query);

      // execute query
      $stmt->execute();

      return $stmt;
      }

      // search products
      function search($keywords){

      // select all query
      $query = “SELECT
      c.name as category_name, p.id, p.name, p.description, p.price, p.category_id, p.created
      FROM
      ” . $this->table_name . ” p
      LEFT JOIN
      categories c
      ON p.category_id = c.id
      WHERE
      p.name LIKE ? OR p.description LIKE ? OR c.name LIKE ?
      ORDER BY
      p.created DESC”;

      // prepare query statement
      $stmt = $this->conn->prepare($query);

      // sanitize
      $keywords=htmlspecialchars(strip_tags($keywords));
      $keywords = “%{$keywords}%”;

      // bind
      $stmt->bindParam(1, $keywords);
      $stmt->bindParam(2, $keywords);
      $stmt->bindParam(3, $keywords);

      // execute query
      $stmt->execute();

      return $stmt;
      }
      ?>

      the only script in my product.php

  4. Hi @ranisomu, did your query worked on PhpMyAdmin? Based on your query, it should be:


    $start_date="2014-06-01";
    $end_date"2014-06-30";

    I’m not sure why this is not working on your end. Which PHP and MySQL version are you using? Are you debugging locally?

    Yes, the isset method is needed. The code on your searchdate.php is in comments, please remove the double slash.

  5. Hi @disqus_TR7OR7SoPY, if it works on localhost, I think there’s a problem with your database connection. Would you try to show an error message using this inside the “else” statement.

    print_r($this->conn->errorInfo());

  6. how would i update read.php in the API to show only a certain category? e.g. only Electronics

  7. Hi,
    This article is clearly explained each and every step. It is very useful. Thank you for this article.
    I need your guidance to achieve the following requirements.
    1. “SELECT * FROM” . $this->table_name . ” WHERE created between ? and ?;”
    2. “SELECT * FROM” . $this->table_name . ” WHERE created >=? and created<=?;"
    Can you please guide me.
    Thanks in advance.

      1. That section deals with LIKE and bind parameter surrounded by %{ }% as such as in mysql. It’s working fine for LIKE.

        In my case, I need to do it for BETWEEN and >=, <=. The step which is used for LIKE doesn't work for my requirement.

        I'm not getting an idea, how to pass the bind parameter for BETWEEN. So only I had attached the screenshots.
        Kindly please refer it and guide me to achieve this.

      2. @ranisomu, sorry, I misunderstood your question. If you need to use the between/and clause, it should look like this:

        SELECT * FROM `table` WHERE `start_date` BETWEEN :start_date AND :end_date

  8. Hi @disqus_ky7Wa1JuzZ, thanks for the kind words and suggestion! Postman is very useful, thanks for the tip about it and testing the API with Android as well.

  9. Thank you for the detailed reply @tobiasparent! We’ll definitely improve the tutorial above with your suggestions in mind. I’m looking forward to the link of your work. I’m glad your appreciate our resource even though it is not perfect. Thank you!

  10. Hi @dave_geez, first, I’m not forcing anyone to use MyISAM. A person like you who has a lot of time to update or comment on a tutorial can use whatever you want.

    I’m not forcing you to use it. In fact, I updated the tutorial with InnoDB as well.

    I don’t believe my question makes no sense. Some users have had to rely on MyISAM for its full text search capabilities, and in some cases, better performance in applications that didn’t require transactional capabilities.

    1. Normally I would return the hole json object (or an id) in a spa app or mobile app you need that for any other operations following, show details or link some other object to this new one or delete or I don’t know whatever etc.

  11. This doesn’t work for a react fetch call – I’ve followed the code exactly, I’m receiving a Json response back when I visit in a browser but (I think) something is wrong with the header where the react code:

    fetch(‘fetch(‘http://localhost/api/product/read_one.php?id=60’)
    .then((response) => response.json())
    .then(json => this.setState({series:json}))

    won’t retrieve the data back

    why is that?
    thanks

    K

  12. not able to get output of search() function
    i m getting this
    Fatal error: Uncaught Error: Call to undefined method Product::search() in E:xampphtdocsrootfolderapiproductsearch.php:21
    line no. 21// query products
    $stmt = $product->search($keywords);
    $num = $stmt->rowCount();
    plz help

  13. Hi @meindertjorna, I’m glad it works now and thanks for sharing your solution! But do you mean you placed the read() function inside the Product class?

  14. Hi @tobiasparent, thanks for the kind words and sorry for the late reply, it’s been a crazy couple of monhts for me. Anyway, yes, this is only a good starting point and the article covers only the basic concepts.

    Let me know if I understood your concern correctly. Do you mean you need the code to run with different type of data sources and not rely with PDO? You have a point, we can do that with PHP because it can connect even to an Oracle database.

    Unfortunately, I am not familiar with that situation and my knowledge is currently limited to using PDO. It works with all my projects and my clients are happy with it.

    It sounds like you’re a very knowledgable person and I’d love to learn more from you! Can you point us to better references or resources so that we can improve our tutorial above?

  15. Hi. I’m using this tutorial to help me build my own REST api. But within the search part of my api, I need to be able to search by two parameters. Is this an easy fix in this code? I’m really struggling to figure out how to implement it.

    1. Hi @disqus_fpCGRZwrkb, if you need a feature where you can pass two parameters, you can format the search like this:


      search.php?s=searchkey&s2=searchkey2

      and get the value of s2 like this


      $keywords2=isset($_GET["s2"]) ? $_GET["s2"] : "";

  16. Me and my classmate are making this api on different laptops. His and mine weren’t able to communicate for some reason. While testing the create method, the only thing that’s being inputted in my database are brackets. Like so https://uploads.disquscdn.com/images/79d4ca780abe3a158ef684be084c6951ca57be16d2a0779e5b437495d62476c3.png
    I did mess with the code a lot, since I was using it for something else, but I wonder if you know why this occurs?

    1. Hi @disqus_7hJqGh3eKk, thank you for using our tutorial! Unfortunately, there’s no way for me to debug your customizations. I highly recommend following the exact tutorial above first. After that, you can do your own customizations on the code. It will be easier since you understand the basics.

  17. Hello
    I am facing this error.

    Fatal error: Using $this when not in object context in E:xampphtdocsAPIview.php on line 6

    Kindly give me solution for this.

  18. This is a great guide for developing a REST API! Would it be possible for you guys to put together a simple guide on how to secure the API with OAuth? Or, could you point me to a resource that describes securing an API with OAuth from beginning to end? Thanks!

    1. Hi @Rookie Dev, thanks for visiting our site and sharing your thoughts! The closing PHP tag is not a “bad practice”. The link you sent says it is something that is “preferable” if a file is a pure PHP code.

      I’ve been coding PHP for many years and the closing PHP tag was never a problem. It is just a personal preference. If you think an accidental whitespace is a big deal for you app, then I suggest you don’t use the closing PHP tag.

      1. Thanks for clarifying! I want to make sure I follow best practices as I learn so that I learn the “correct” way.

  19. hi I got an error how to i solve this Fatal error: Uncaught Error: Class ‘Database’ not found in C:xampphtdocsAPI_practiceproductread.php:9

  20. First, I’m very excited about starting this, because it looks comprehensive enough without getting too far “into the weeds” for someone who needs to work a day job (stuck in a legacy env.) and learn new technologies. Question about the file structure though: Are all the directories to be placed off the docroot, or are the subsequent directories off the ‘api’ directory? Like this:
    ├─ api/
    ├─── config/
    ├────── core.php – file used for core configuration
    ├────── database.php – file used for connecting to the database.
    ├─── objects/
    ├────── product.php – contains properties and methods for “product” database queries.
    ├────── category.php – contains properties and methods for “category” database
    queries.
    ├─── product/
    ├────── create.php – file that will accept posted product data to be saved to database.
    ├────── delete.php – file that will accept a product ID to delete a database record.
    ├────── read.php – file that will output JSON data based from “products” database
    records.
    ├────── read_paging.php – file that will output “products” JSON data with pagination.
    ├────── read_one.php – file that will accept product ID to read a record from the
    database.
    ├────── update.php – file that will accept a product ID to update a database record.
    ├────── search.php – file that will accept keywords parameter to search “products”
    database.
    ├─── category/
    ├────── read.php – file that will output JSON data based from “categories” database
    records.
    ├─── shared/
    ├────── utilities.php – file that will return pagination array.

  21. Hi @zelkaeddy, thanks for the catch! Sorry for the late reply, I just read your comment. It went to the spam folder. Those type has been fixed now, thanks to you again!

  22. Hi @disqus_jd9M9R6P27, thanks for the kind words about our tutorial! I’m sorry I’m not familiar with sqlsrv. You can check if the $num variable value is correct or greater than 0. Make sure you sample data is sufficient as well.

  23. Hello,
    first and foremost great tutorial (and great job) but i have a little question:

    In your screen i see the json output formatted, and your browser is chrome. Do you get a formatting that way? I have run both on linux and windows with chrome and firefox but nothing output is always on a line like this.

    {“records”:[{“id”:”4″,”name”:”Books”,”description”:”Kindle books”},{“id”:”2″,”name”:”Electronics”,”description”:”Gadgets, drones and more.”},{“id”:”1″,”name”:”Fashion”,”description”:”Category for anything related to fashion.”},{“id”:”3″,”name”:”Motor”,”description”:”Motor sports and more”},{“id”:”5″,”name”:”Movies”,”description”:”Movie products”},{“id”:”6″,”name”:”Sports”,”description”:”Drop into new winter gear.”}]}

    1. Hi @masreshatsegayeakamati , you can use your JavaScript application to do a POST request and then your PHP code must accept a POST request as well. You can access the “id” or any parameter using this method.

    1. You’re welcome @besarteminecana! You can use the same code pattern we used in section “10.0 Paginate Products”. Or you can download the LEVEL 2 source code above.

  24. Hi @@ninjazhai thanks alot for this applicable tutorial.
    I have a problem in receiving data In the product/create.php file, “php://input” is empty when I send http post request.
    I checked $data = json_decode(file_get_contents(“php://input”)) and also $_POST through these line of codes :
    var_dump($data);
    var_dump($_POST);

    both are empty!
    I tested other enctypes also … http request response is always 200OK but the controller php file (create.php) shows nothing data received.
    can you help me to debug this problem ?

    1. Hi, I use Postman for the requests. I was experiencing the same issue: product created, but empty.

      But, if you configure headers to “Content-Type : application/json” it works. I inroduced json raw data for test. Here the example:
      https://uploads.disquscdn.com/images/5fb53c5473d3a8240880bb03ed576a4d338f022357c094d0df9c7d4f96a39301.png https://uploads.disquscdn.com/images/4ee674bbd8f7db323a9940ad20b14072134912ab98b00a9ccafc134cfea5ece6.png https://uploads.disquscdn.com/images/84991f56fffe19b73b721993071546339b5c2ce3e73633b5ad10fbb0fcea0bcb.png

      As you can see previous tests failed till I configured the headers this way!

      1. Thanks to you for this brilliant tutorial. By the way, I wonder if you know some place where there is any explanation of the headers and when & how they should be used, referred to REST services. Thanks!

    2. use
      $data = (object) $_POST;
      instead of
      $data = json_decode(file_get_contents(“php://input”));

  25. header(“Access-Control-Allow-Origin: *”); is not suitable. It allows anyone to allow access to our resources.
    You must provide some access token or Oauth for secure connection. bdw Your tutorial is nice.

    1. Thanks for sharing your thoughts @techbytesolutions! But this tutorial is not for private APIs. As said on the tutorial, this is not yet in its final form as well. You can always extend it to your project’s requirements.

  26. Hi! It appears you’re missing an else on 8.2 Product delete() method after the if statement under execute query.

    1. Hi @guidoleijten, thanks for your comment! We don’t miss an ‘else’ on section 8.2, the code will work as is. If ‘$stmt->execute()’ is true, the method will return true. It won’t execute the ‘return false’ under it.

      1. Fair enough! It just looked like it as all the other methods do have it set up with an if/else. I must say that this is an excellent tutorial, I am following a PHP course and this week we had to find out how to build our own API, I searched the net for information on it and I got a vague idea, but after following your tutorial it’s all so clear and it’s amazing how simple it can be! I’ve recommended it to everyone here and my teacher will link to it on his blog as well, because not only is it good for people who want to learn how to create a RESTful API, but it’s also excellent to get a better grasp on OOP as I hear from a lot of people here that they don’t really know when to use classes.

        One other thing, I am using the Chrome extension Advanced REST Client and when trying to PUT/POST I had to utf8_encode the input before json_decode, it appears that others in the comment section did not experience this issue. Easily fixable, but it made me wonder why my code didn’t work without it.

        Anyway, again – great tutorial! Definitely something I’ll keep recommending when I hear someone struggling trying to create their own API.

      2. You’re awesome @guidoleijten! Thank you for your kind words and recommending our site to your friends. Thanks for the tip about utf8_encode as well!

  27. Hi Mike.
    I had made the first level but when I run the read.php I get this: {“message”:”No products found.”}.
    I have the tables well done. I had made the change in the table name “products” to “productos” and I don’t receive any warning. Thanks in advance for your comments

  28. Hi Mike
    one kind “issue” with all of this related with the AJAX CRUD js php tutorial that uses this API

    All of this cannot be used in production right? :-)

    Since e.g. the API is without athentication and all of the js files are easy readable so tehy will unveil the API path and commands

    Do you think to add some security? Or this tutorial is intended for the sole purpose of teach methods? Anyway the security is part of the learn stage ;-)

    1. Hi @Corsari , this tutorial is intended for the sole purpose of teaching methods. You are right about the security being part of the learn stage. But that’s another topic and deserves another post. We’ll try to release that kind of tutorial soon.

  29. Hi @Corsari , your comment above is the one I’m talking about. I don’t know why but I found it in the spam section of Disqus, so I thought you deleted it.

    Anyway, I added section 1.1 to 1.4 on the post. Those are based on your suggestions. Thank you! I hope those explanation and supplementary videos will help you and the others.

  30. Hi @Corsari , thanks for visiting our site!

    To answer your question, we used LEFT JOIN to pull the “category name”, without it, we can only pull the “category ID” from the products table and so we have to do another query for the “category name”.

    In other words, using the LEFT JOIN is more efficient because we don’t have to do multiple queries just to get the category name.

    By the way, I love your first comment here. Thanks you for the kind words! I wish you can republish it because I want to answer all your questions from there as well.

    1. Hi Mike
      As you may have noticed, yesterday I was following your tutorials
      (REST API + following one, the “Pure AJAX CRUD”)

      So I have written some comments around the website

      Can you point me to the comment you mean?

      Thank you

  31. small fixes to avoid confusion in newbies like me :-)
    10.1 Create “read_paging.php” file, no indications on where to create it (we know, in the products folder, but is worth to indicate)
    10.2 states “create config folder”, but it has been already created for the database.php file
    10.3 Create “readPaging()” method, no indications on where to create it (we know, in the product.php file, but is worth to indicate)
    10.4 Create “count()” method, same as 10.3
    11.3 Add Category “read()” method – Open “objects” folder. Create new “category.php” file. But this file already exists

    1. Or just pass second argument to json_enconde($products_arr, JSON_PRETTY_PRINT) , no extension needed. Or whatever you like, CHEERS ALL!
      Great tutorial by the way!!

      1. @petarrnonkovic thank for trick i m more like just your words mistake “json_enconde” -> “json_encode” result here : echo json_encode($products_arr, JSON_PRETTY_PRINT);

  32. how do i access this api via url? I am new to using API’s and REST especially. Or how do i access it on other platforms. I need help please. It’s a very good tutorial and i liked the step by step process

    1. Hi @niiquartey , if you want your API to be accessible in other platforms, you should upload it on your web server and access it via your domain or temporary URL.

  33. Helle Mike, great tutorial
    But I stuck on single think that I want to post data using postman it create a record with empty field so please help me

      1. after 5.2 you put these lines
        Please complete one of our JavaScript programming tutorials. This same concept applies to our “update” and “delete” code.
        But I am Stuck on what javascript I Use because i don’t use HTML forms

  34. Great Tutorial Mike. But there is issue I just want to use that code with postman talking about create() it create the product but with empty field will you please tell me reason.

    1. Hi @wellyboang , as I said at the end of section 5.2, I highly recommend completing this whole tutorial first. But if you want to test the code above, you have to use our JavaScript code.

      The reason is our JavaScript code is designed to work with this REST API. Please complete one of our JavaScript programming tutorials. See https://www.codeofaninja.com/javascript-programming-tutorials

      This same concept applies to our “update” and “delete” code.

  35. Great tutorial, love the use of ‘output’ checks. I stumbled a bit at 6.3 because of hard to read details in the provided graphic not found in the text instructions:

    “If you develop on localhost and will run the read.php file using this URL: http://localhost/api/product/read_one.php
    You will see an output like this…”

    You might want to indicate in your text that an id value has to be passed :

    “If you develop on localhost and will run the read.php file using this URL: http://localhost/api/product/read_one.php?id=60
    You will see an output like this…”

    1. Hi @laurencehudsonmontgomery , thanks for letting me know about the graphic being hard to read at your end.

      I just replaced it with a bigger image. We added more description as well. Let us know if it is more readable now.

  36. Hi Mike, very interesting tut!
    My console give me a problem here:

    Parse error: syntax error, unexpected ‘public’ (T_PUBLIC) in C:xampphtdocsAngular-restconfigcore.php on line 19

    maybe is beacause the public function must be declared inside a class?

  37. Hello Mike, great tutorial, learned so much from your tutorials, i hav just started PHP and angular js, i am getting error from this line

    $product->id = isset($_GET[‘id’]) ? $_GET[‘id’] : die(“no record found”);

    it displays “no record found”,
    could there be something wrong, becuase when i hard code the
    product->id = 1,
    it shows the result. and
    one more thing how $_GET[‘id’] works ?

    Thanks in advace

      1. Hi @masreshatsegayeakamati, you can use your JavaScript application to do a POST request and then your PHP code must accept a POST request as well. You can access the “id” or any parameter this way.

  38. Hi Mike, Great stuff. However, output for read_one.php populates only the id as shown below:
    {
    id: “2”,
    name: null,
    description: null,
    price: null,
    category_id: null,
    category_name: null
    }

    Could there be something wrong?

    ====Ignore me … it was due to bad data in my database!!===

  39. Hi, great tutorial. I am getting Fatal error: Call to undefined method Product::count() in read_paging.php – any ideas? Thanks

  40. Hi, Mike. Thank you so much a very easy and well formatted tutorial. I think there’s a function “count()” missing in “Product” class which is calling from “read_paging.php” class. Could you please add that function? Thanks.

  41. Hello Mike. Thank you for this wonderful Tutorial. But where could you find the core.php that you mentioned or ‘include’ in read.php? It’s not part of the code above under config folder.

      1. got same issue kinda
        SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
        Solved it thanks for the extra-ordinary tuts!

Leave a comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top