CodingForums.com

CodingForums.com (http://www.codingforums.com/index.php)
-   PHP (http://www.codingforums.com/forumdisplay.php?f=6)
-   -   Get Data From API (http://www.codingforums.com/showthread.php?t=282190)

Gamerholic 11-14-2012 07:56 PM
Get Data From API
 
I'm building an API that allows game developers to send and retrieve user info from my database.

I was finally able to put together the API, but now I need to call the API.

1st when the game initiates, it sends us the game developers key their developer id and game id.

PHP Code:
//Game loads, get developer key, send token and current high score

// == [ FIRST FILTER - FILTER GET REQUEST ] == //
$_GET array_map('_INPUT'$_GET); // filter all input


// ====================================== //
// ============[ ACTION MENU ]=========== //
// ====================================== //

if(!empty($_GET['action']) && !empty($_GET['user']) && !empty($_GET['key']) &&  !empty($_GET['email']) && !empty($_GET['password'])): // if key data exists

switch($_GET['action']):

//athenticate game developer return and high score
case 'authenticate':

    $db = new PDO('mysql:host=localhost;dbname=xxxx''xxxx''xxxx');
    $db->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_WARNING);

    $st $db->prepare("SELECT * FROM `game_developers_games` WHERE `id` = :gameid AND `developer_id`=:user AND `key`= :key AND `developer_active` = '1'"); // need to filter for next auction
    $st->bindParam(':user'$_GET['user']); // filter
    $st->bindParam(':key'$_GET['key']); // filter
    $st->execute();
    $r $st->fetch(PDO::FETCH_ASSOC);

    if($st->rowCount() == 0):

        $return = array('DBA_id'=>'0000');
        echo json_encode($return);

    else:

        $token initToken($_GET['key'],$_GET['user']);

        if($token == $r['API_Token']):

            $return = array(
            'DBA_id'=>$token,
            'DBA_servertime'=>time(),
            'DBA_highscore'=>$r['score'],
            );

            echo json_encode($return);                

        endif;

    endif;

    break; 
Here's the script the game developer will have to add to their game to get the data when the game loads. Found this on another stackoverflow question but it's not working.

<script>
$.getJSON("https://www.gamerholic.com/gamerholic_api/db_api_v1.php? user=1&key=6054abe3517a4da6db255e7fa27f4ba001083311&gameid=1&action=authenticate", function () {
alert("aaa");

});
</script>

Fou-Lu 11-14-2012 08:25 PM
Can you be more specific by "not working"?
This here looks like it'll be a problem:
PHP Code:
    $st $db->prepare("SELECT * FROM `game_developers_games` WHERE `id` = :gameid AND `developer_id`=:user AND `key`= :key AND `developer_active` = '1'"); // need to filter for next auction
    $st->bindParam(':user'$_GET['user']); // filter
    $st->bindParam(':key'$_GET['key']); // filter
    $st->execute(); 
You have specified 3x bound fields, but only given it 2x parameters to bind. It is missing the :gameid.
I'd assume that the PDO execute will be. . . unhappy about that.
Also, if that developer_active is an integer, don't wrap it in apostrophes. Weak datatype handling is pretty much a MySQL exclusive "feature" (if you can call it that), which can be disabled at any time.

I assumed as well that the code is incomplete since you are missing the endswitch and endif calls.

AndrewGSW 11-14-2012 08:31 PM
Code:
<script>
$.getJSON("https://www.gamerholic.com/gamerholic_api/db_api_v1.php? user=1&key=6054abe3517a4da6db255e7fa27f4ba001083311&gameid=1&action=authenticate", function () {
alert("aaa");

});
</script>
The above code is jQuery and so requires the jQuery library to be attached to the page. The space before the word user also needs to be removed.

Gamerholic 11-14-2012 08:43 PM
Quote:
Originally Posted by Fou-Lu (Post 1291991)
Can you be more specific by "not working"?
This here looks like it'll be a problem:
PHP Code:
    $st $db->prepare("SELECT * FROM `game_developers_games` WHERE `id` = :gameid AND `developer_id`=:user AND `key`= :key AND `developer_active` = '1'"); // need to filter for next auction
    $st->bindParam(':user'$_GET['user']); // filter
    $st->bindParam(':key'$_GET['key']); // filter
    $st->execute(); 
You have specified 3x bound fields, but only given it 2x parameters to bind. It is missing the :gameid.
I'd assume that the PDO execute will be. . . unhappy about that.
Also, if that developer_active is an integer, don't wrap it in apostrophes. Weak datatype handling is pretty much a MySQL exclusive "feature" (if you can call it that), which can be disabled at any time.

I assumed as well that the code is incomplete since you are missing the endswitch and endif calls.
Thanks for catching that error, I made the fix but I'm still not able to get the json results.

here's the complete code

PHP Code:
<?php
session_start();

ini_set('display_errors'1);
error_reporting(E_ALL);

// == [ FIRST FILTER - FILTER GET REQUEST ] == //
$_GET array_map('_INPUT'$_GET); // filter all input


// ====================================== //
// ============[ ACTION MENU ]=========== //
// ====================================== //

if(!empty($_GET['action']) && !empty($_GET['user']) && !empty($_GET['key']) && !empty($_GET['gameid'])): // if key data exists
    
switch($_GET['action']):

//athenticate game developer return play fee and high score
    case 'authenticate':
        
        $db = new PDO('mysql:host=localhost;dbname=xxxx''xxxx''xxxx');
        $db->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_WARNING);

        $st $db->prepare("SELECT * FROM `game_developers_games` WHERE `id` = :gameid AND `developer_id`=:user AND `API_KEY`= :key AND `developer_active`= 1"); // need to filter for next auction
        $st->bindParam(':user'$_GET['user']); // filter
        $st->bindParam(':key'$_GET['key']); // filter
        $st->bindParam(':gameid'$_GET['gameid']); // filter

        $st->execute();
        $r $st->fetch(PDO::FETCH_ASSOC);
        
        if($st->rowCount() == 0):
            
            $return = array('DBA_id'=>'0000');
            echo json_encode($return);
            
        else:
              
            $token initToken($_GET['key'],$_GET['user']);
            
            if($token == $r['API_TOKEN']):
                
                $return = array(
                'DBA_id'=>$token,
                'DBA_play_fee'=>$r['play_fee'],
                'DBA_servertime'=>time(),
                'DBA_highscore'=>$r['current_highscore'],
                );

                echo json_encode($return);                

            endif;

        endif;

        break;


//log user in

    case 'athenticate_user':
        $db = new PDO('mysql:host=localhost;dbname=xxxx''xxxx''xxxx');
        $db->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_WARNING);

        $st $db->prepare("SELECT * FROM `ttourmember` WHERE `email` = :email AND `password` = :password AND `isactive`='Y'");        
        $st->bindParam(':email'$_GET['email']); // filter
        $st->bindParam(':password'$_GET['password']); // filter
        $st->execute();

        $r $st->fetch(PDO::FETCH_ASSOC); 

        if(empty($_GET['token']) || $_GET['token'] == '0000' || $st->rowCount() == ): // Return Error if Token Doesn't exist or no db result
            $return = array('DBA_id'=>'0000');
            echo json_encode($return);
        else:
           
            $return = array(
                'DBA_member_id'=>$r['id'],
                'DBA_member_balance'=>$r['accountamount'],
                );

            echo json_encode($return);

        endif;      
        break;
        
        
    case 'getHighScore':
        $db = new PDO('mysql:host=localhost;dbname=xxxx''xxxx''xxxx');
        $db->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_WARNING);

        $st $db->prepare("SELECT * FROM `game_developer_games` WHERE id = :gameid AND `API_KEY` = :key AND `API_TOKEN` = :token ORDER BY `score` DESC LIMIT 1");        
        $st->bindParam(':user'$_GET['user']); // filter
        $st->bindParam(':key'$_GET['key']); // filter
        $st->bindParam(':token'$_GET['token']); // filter
        $st->execute();

        $r $st->fetch(PDO::FETCH_ASSOC); 

        if(empty($_GET['token']) || $_GET['token'] == '0000' || $st->rowCount() == ): // Return Error if Token Doesn't exist or no db result
            $return = array('DBA_id'=>'0000');
            echo json_encode($return);
        else:
           
            $return = array(
                'DBA_id'=>$r['id'],
                'DBA_play_fee'=>$r['play_fee'],
                'DBA_servertime'=>time(),
                'DBA_highscore'=>$r['score'],
                );

            echo json_encode($return);

        endif;      
        break;
        
    case 'createToken':
        $token initToken($_GET['key'],$_GET['user']);
        echo $token;
        break;
        
     default:
         $return = array('DBA_id'=>'0000');
         echo json_encode($return);
         
endswitch;

else:
    
  //header("Location: http://google.com");
  //die();

endif;

// ====================================== //
// ============[ ACTION MENU ]=========== //
// ====================================== //

function _INPUT($value// filter all input
{
    $value strip_tags($value);
    $value preg_replace('/[^(\x20-\x7F)\x0A]*/',''$value);
    $value str_replace(array("!""#""$""%""^""&""*""<"">""?"',' "'"), ''$value);
    $value str_replace(array("\r\n""\r""\n""\t"" "), ''$value);

    return $value;


function initToken($d,$s
{

    $context hash_init('md5'HASH_HMAC$s);
    hash_update($context$d);

    return hash_final($context);

}

?>

Gamerholic 11-14-2012 08:45 PM
Quote:
Originally Posted by AndrewGSW (Post 1291998)
Code:
<script>
$.getJSON("https://www.gamerholic.com/gamerholic_api/db_api_v1.php? user=1&key=6054abe3517a4da6db255e7fa27f4ba001083311&gameid=1&action=authenticate", function () {
alert("aaa");

});
</script>
The above code is jQuery and so requires the jQuery library to be attached to the page. The space before the word user also needs to be removed.
Jquery library is added. The space in only when I copied I pasted it here

Fou-Lu 11-14-2012 09:55 PM
Does it work properly without the Javascript? I will always assume the problem is with the JS until its been checked out as being a PHP issue. Put that full url directly into the browser to see what it replies with.

Gamerholic 11-15-2012 12:44 AM
Quote:
Originally Posted by Fou-Lu (Post 1292025)
Does it work properly without the Javascript? I will always assume the problem is with the JS until its been checked out as being a PHP issue. Put that full url directly into the browser to see what it replies with.
Thank you sir you solved my problem. Not directly, I still doesn't work in javascript even though I get the results on the direct link.

I'll just have the game developers use their preferred method to get it from that page.

Fumigator 11-15-2012 04:15 PM
Quote:
Originally Posted by Gamerholic (Post 1292006)
Jquery library is added. The space in only when I copied I pasted it here
You may be including the jQuery library, but that jQuery statement isn't inside a jQuery "ready" function call. It needs to be enclosed like this:

Code:
$(function()
{
    //your jQuery goes here
});


All times are GMT +1. The time now is 04:13 AM.

Powered by vBulletin®
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.