PHP API how to Get URL

<?php
require_once("DB.php");

$db = new DB("localhost", "recaptch_security", "recaptch_securityy", "demirabi1!");

$ip = $_SERVER['REMOTE_ADDR'];
$Name = json_encode($db->query('SELECT Name FROM unbanned WHERE ip=:ip',array(':ip'=>$ip)));

if ($_SERVER['REQUEST_METHOD'] == "GET") {
    echo 'oh god';
http_response_code(200);
 if ($_GET['url'] == 'users'){
    echo 'ip adress';
    http_response_code(200);
 }else{
     echo 'API ip failed';
 }
} else if ($_SERVER['REQUEST_METHOD'] == "POST") {
        echo "POST";
         if ($_GET['url'] == 'ip'){
    echo 'ip adress POST';
 }
} else {
        http_response_code(405);
}
?>

I want to get in http://mydomain/index.php/ip and than something to show. I tried in the code but it didnt work how to do it ?? Thanks from now :slight_smile:

Hi @HaydiKod and a warm welcome to the forum.

Please supply more details about the API.

If you are creating an AP from scratch then I would create a function which is available thoughout the API:

<?php 
// ...
//===============================
function getURL()
{
  $result  = 'http://'
               . $_SERVER['REQUEST_URI']
               ;
   

   return $result;
}

Please note that the function will have to be modified to suit your exact requirements depending on the following

Display $_SERVER Parameters:

echo '<pre>'; // adds line-feed to make it easier to read
   print_r( $_SERVER );
echo '</pre>';

Let us know the contents of your getURL() function.

Hello,
Thanks for your help,
I want to output this

echo json_encode($db->query("SELECT Name FROM `unbanned` WHERE ip='$ip'"));

Try this:

$tmp = getURL();
// echo '<br>' .$tmp ;;

$tmp = 'SELECT Name FROM "unbanned" WHERE ip="'
        . $tmp 
       ., '")';
// echo '<br>' .$tmp ;

echo json_encode( $db->query( $tmp );
1 Like

Hello,

It gives a syntax error on

Try this:

$tmp = getURL();
 echo '<br>' .$tmp;

$tmp = 'SELECT Name FROM "unbanned" WHERE ip="'
        . $tmp 
        . '"';
 echo '<br>' .$tmp ;

 echo json_encode( $db->query( $tmp ) );
1 Like

Thanks for your help but nothing changed on my code. I think i may done something wrong to code:

(sorry, i am very new to this job only 2 years and i am trying to do myself but it gives errors i search them on the net and cannot find anything also do you know any kind of website that you can advice to me?)

<?php
require_once("DB.php");

$db = new DB("localhost", "recaptch_security", "recaptch_securityy", "demirabi1!");

$ip = $_SERVER['REMOTE_ADDR'];
$Name = json_encode($db->query('SELECT Name FROM unbanned WHERE ip=:ip',array(':ip'=>$ip)));

if ($_SERVER['REQUEST_METHOD'] == "GET") {
http_response_code(200);
 if ($_GET['url'] == 'users'){
$tmp = getURL();
 echo '<br>' .$tmp;

$tmp = 'SELECT Name FROM "unbanned" WHERE ip="'
        . $tmp 
        . '"';
 echo '<br>' .$tmp ;

 echo json_encode( $db->query( $tmp ) );;
 }else{
     echo 'API ip failed';
 }
} else if ($_SERVER['REQUEST_METHOD'] == "POST") {
        echo "POST";
         if ($_GET['url'] == 'ip'){
    echo 'ip adress POST';
 }
} else {
        http_response_code(405);
}
?>

Try adding echo $values; and a break statements to stop the script so you can ensure the results work up to that break and then remove and create another break further in the script.

<?php
require_once("DB.php");

$db = new DB("localhost", "recaptch_security", "recaptch_securityy", "demirabi1!");

$ip = $_SERVER['REMOTE_ADDR'];

// BREAK HERE and REMOVE ONCE $ip is showing correct value
echo $ip;
exit;

1 Like

Could you post the contents of DB.php?

Also, as I said in the other thread, please use prepared statements to prevent SQL injection!

1 Like
<?php
class DB {

        private $pdo;

        public function __construct($host, $dbname, $username, $password) {
                $pdo = new PDO('mysql:host='.$host.';dbname='.$dbname.';charset=utf8', $username, $password);
                $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
                $this->pdo = $pdo;
        }

        public function query($query, $params = array()) {
                $statement = $this->pdo->prepare($query);
                $statement->execute($params);

                if (explode(' ', $query)[0] == 'SELECT') {
                $data = $statement->fetchAll();
                return $data;
                }
        }

}

This is the content of my DB.php Thanks for your help @rpkamp
You helped me with everything

Hello,

The ip was already showing up true, this was not a problem so?? how can i access to a specific statement by writing http://www.mydomain.com/index.php/ip or kind of a thing like that?

Thanks @John_Betong

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.