将来自API调用的返回值保存到现有的数据库中

Question

我有一个输入详细信息后提交的表单。 提交后，它会将数据发送到一个PHP文件，该文件具有针对我的服务提供商的API调用。

首先，我保存本地数据库中的所有详细信息，以及从以前的表单传递的代理和时间戳的名称。 保存数据后，我将所有相关数据发送到使用其API提供的服务。我使用curl来发布数据。

如果一切顺利，我得到如下回应

HTTP/1.1 100 Continue HTTP/1.1 200 OK Server: nginx/1.8.0 Date: Fri, 19 Aug 2016 16:38:16 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST {"success":true,"message":"1 row successfully inserted","warnings":[],"data":{"TRANSACTIONID":"SS_100526","STATUS":"Accepted, Verifying Funds"}} 

现在，而不是这种长篇大论的消息，我想只显示一行 - “

数据提交成功。此次销售的交易ID为： SS_100526

“在同一页面上而不是新的空白窗口。 此外，我希望将返回的事务ID保存在调用API之前保存销售详细信息的同一本地表中。

我试图使用各种JSON选项，也用它作为一个字符串来解析，但似乎无法让它工作。 任何想法如何正确显示返回响应并将返回的事务ID保存在我现有的数据库中？

这里是我目前正在使用与评论

<?php 
 
\t ob_start(); 
 
\t session_start(); 
 
\t require_once '../dbconnect.php';// to connect to the database on my server 
 
\t 
 
\t if(!isset($_SESSION['user'])) { 
 
\t \t header("Location: ../index.php"); //fetching session details 
 
\t \t exit; 
 
\t } 
 
\t // select loggedin users detail 
 
\t $res=mysql_query("SELECT * FROM users WHERE userId=".$_SESSION['user']); 
 
\t $userRow=mysql_fetch_array($res); 
 
\t $userid=$userRow['userEmail']; 
 
\t $usernam=$userRow['userName']; 
 
\t $timestamp = date('Y-m-d G:i:s'); 
 

 
$apikey = 'xxxxxxxxxxxxxxx'; // Your API Key 
 
$apiEndPoint = 'https://portalDev.example.com'; // URL for API 
 
    
 
$link = mysqli_connect("localhost", "root", "", "demodata"); 
 
    
 
// Check connection 
 
if($link === false){ 
 
    die("ERROR: Could not connect. " . mysqli_connect_error()); 
 
} 
 

 
//collecting the user details to save in the database 
 
\t $source = 'client1'; 
 
    $last_name= mysqli_real_escape_string($link, $_POST['last_name']);//'Doe', 
 
    $first_name= mysqli_real_escape_string($link, $_POST['first_name']);//'John', 
 
    $address= mysqli_real_escape_string($link, $_POST['address']);//'123 Broadway', 
 
    $city= mysqli_real_escape_string($link, $_POST['city']);//'New York', 
 
    $state= mysqli_real_escape_string($link, $_POST['state']);//'NY', 
 
    $zip= mysqli_real_escape_string($link, $_POST['zip']);//'10016', 
 
    $amount= mysqli_real_escape_string($link, $_POST['amount']);//'5.99', 
 
    $testmode = 0; // In test mode, you must use 1. 
 
\t $agentName = $usernam; 
 
\t $userMail = $userid; 
 
\t $saletimestamp = $timestamp; 
 
    
 
    
 
    
 
// attempt insert query execution 
 
$sql = "INSERT INTO users (source, last_name, first_name, address, city, state, zip, amount, testmode, agentName, userMail, saletimestamp) VALUES ('$source', '$last_name', '$first_name', '$address', '$city', '$state', '$zip','$amount', '$testmode', '$agentName','$userMail','$saletimestamp')"; 
 
if(mysqli_query($link, $sql)){ 
 
    echo "Records added successfully."; 
 
\t //header('Location: http://localhost/login/bsdev/success.html'); 
 
} else{ 
 
    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link); 
 
} 
 
    
 
// close connection 
 
mysqli_close($link); 
 
    
 
//collate data for sending to the service provider in the format they have shared with us. 
 
$postFields = array(
 
    'SOURCE'=> 'client1', 
 
    'LASTNAME'=> urlencode($_POST['last_name']),//'Doe', 
 
    'FIRSTNAME'=> urlencode($_POST['first_name']),//'John', 
 
    'ADDRESS'=> urlencode($_POST['address']),//'123 Broadway', 
 
    'CITY'=> urlencode($_POST['city']),//'New York', 
 
    'STATE'=> urlencode($_POST['state']),//'NY', 
 
    'ZIPCODE'=> urlencode($_POST['zip']),//'10016', 
 
    'AMOUNT'=> urlencode($_POST['amount']),//'5.99', 
 
    'TESTMODE' => 1 // In test mode, you must use 1. 
 
); 
 
    
 
    
 
$process = curl_init($apiEndPoint . "/api/v1/transaction"); 
 
curl_setopt($process, CURLOPT_HEADER, 1); 
 
curl_setopt($process, CURLOPT_USERPWD, $apikey . ":" . $apikey); // Basic Authentication using your API key 
 
curl_setopt($process, CURLOPT_TIMEOUT, 30); 
 
curl_setopt($process, CURLOPT_POST, 1); 
 
curl_setopt($process, CURLOPT_POSTFIELDS, $postFields); 
 
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE); 
 
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE); 
 
    
 
    
 
    
 
$response = (string)curl_exec($process); 
 

 
echo $response; 
 

 
//This is the response we get after curl_exec: 
 
//Records added successfully.HTTP/1.1 100 Continue HTTP/1.1 200 OK Server: nginx/1.8.0 Date: Fri, 19 Aug 2016 13:58:57 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST {"success":true,"message":"1 row successfully inserted","warnings":[],"data":{"TRANSACTIONID":"SS_100526","STATUS":"Accepted, Verifying Funds"}} 
 

 
curl_close($process); 
 

 
?>

Answer 1

首先，我可以建议你使用一个框架，而不是香草PHP PHP代码，因为这个代码在生产环境中使用并不安全。

$sql = "INSERT INTO users (source, last_name, first_name, address, city, state, zip, amount, testmode, agentName, userMail, saletimestamp) VALUES ('$source', '$last_name', '$first_name', '$address', '$city', '$state', '$zip','$amount', '$testmode', '$agentName','$userMail','$saletimestamp')"; 

当您编写这样的查询时，SQL注入并不安全。恶意用户可能会像这样危害您的Web应用程序的安全。使用PDO编写您的查询。

现在回到你的问题。我希望一旦你向API发出请求，你就已经知道了Transaction ID。

使用cURL进行HTTP请求时，可以使用curl_getinfo()从响应中获取所需的信息。

curl_getinfo($process, $options)

$options这里是一个可选的阵列可能会通过。使用curl_setopt_array()来代替将所有cURL设置放入一个数组中。这样你只需要使用一个功能而不是使用curl_setopt()七次。

从curl_getinfo的响应中检索状态码，然后像这样编写if语句。

if($statusCode === 200) { 
    echo 'Data submitted successfully. Transaction ID for this sale is: ' . $id; 
} else { 
    echo 'Something went wrong.'; 
} 

一旦运行curl_exec()，你需要关闭卷曲会话以释放资源。使用curl_close($process)。确保$response是一个类似于$response[]的数组。在curl_exec之前删除(string)。

之后，使用json_decode($response)将JSON字符串转换为PHP数组，您可以使用该数组检索所需的数据。