project-open-data / db-to-api Goto Github PK

I am very weak in the department of rewrite rules. So, if my current rewrite rule is this:

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l

RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]

and all pages are in the form of http://example.com/controller/action/params/, how should I update the rewrite rules for db-to-api or is it best just to run it along side of the application instead of trying to integrate with? Thanks.

I am new to RESTful API. How would I go about adding an authentication key for making this a private RESTful API?

This can be cribbed from CSV-to-API. Don't forget to use jsonp_callback_filter().

I've tried to use this on three different MySQL databases on two different servers, but it always yields the same error message: "Invalid Database." I haven't chased down the source of the problem, though I'm working on it.

Running into what seems like it should be a minor issue.

I am using a MySQL DB outlined here https://github.com/tyronegrandison/DOL-ILAB/blob/master/CREATE%20DATABASE%20DOLILAB

I set the config file as specified in the readme to:

There are some inconsistencies and formatting problems between CSV to API and DB to API, and I think it would be wise to standardize between the two. Those inconsistencies are:

• Should the sorting of results be done via "sort" or "order"?
• Should the direction of sorting be done via "sort_by" or "order_by"?
• Should the readme file be README.md or readme.md?
• Given the generic nature of the names of these programs, should there be a stylized display of them each time that they're used (e.g., in italics or in bold) in order to set them apart?
• Is the name of this project "DB to API," "Database to API," or "Database to Restful API"?

Hi, what are your thoughts about Zend's DB to API library apigility?
https://github.com/zfcampus/zf-apigility-skeleton

@KristenHoney is correct for connect in Oracle?
#14

$args = array( 
            'name' => '//192.168.96.93:1521/ORCL',
            'username' => 'user',
            'password' => 'pass',
            'type' => 'oracle',
            'table_blacklist' => array(),
            'column_blacklist' => array(),
);

register_db_api( 'oradw', $args );

I set up the config.php as instructed and I'm getting "Must select a database." Is there nothing else I need to edit?

The PDO connection is being made like such:

new PDO("mysql:host={$db->server};dbname={$db->name}", $db->username, $db->password );

This is obviously not database agnostic, as it needs to be.

If I comment out the code "$name = $this->slugify( $name );" then it works.

[Enhancement] Is there a way to avoid the [database-name] in the request url ?

I mean to specify in the config that this, and only this, database will be used.

The user would then only specify /table[/column][/value].format, with the classical convention that fields between brackets are optional.

e.g., https://github.com/project-open-data/db-to-api/blob/master/includes/class.db-api.php#L234.

This does three things:

1. it will return the proper error code
2. it will halt the script from running
3. It will allow us to do better error handling (e.g., logging) in the long run.

Rather than echo "msg" as is now, would just need to be moved to $this->error( $msg );

to allow pre 5.4 compatability

DB_API has the following two functions:

function render_html( $data ) {

    var_dump( $data );
}


function render_xml( $data ) {

    echo "XML HERE";

}

These two functions need to actually perform the advertised tasks.

The render_html() method does not sanitize outputs. If a database field contains <script>alert(1)</script>, this will lead to code execution in the user's browser.

Simple fix, change from this:

    		echo "\t<td>$cell</td>\n";

...to this:

    		$cell = htmlspecialchars($cell);
    		echo "\t<td>$cell</td>\n";