PHP Web service(wsdl-mode) Question

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jimath
Forum Newbie
Posts: 7
Joined: Fri Sep 23, 2005 3:56 am

PHP Web service(wsdl-mode) Question

Post by jimath »

hello everyone!

I d like to create a php web service that insert a patient to the db, using SOAP and WSDL.
Can i create a php class to be consumed without taking any parameters from the client?
For example:

A client including a form like this:

Code: Select all

 
....
<p align="center" valign="top">
        <form name="addP" action="index.php?type=addPatientToDB" method="POST" onSubmit="return check(this);">
                <table align="center" width="500px" border="1">
                        <tr>
                                <td colspan="2" align="center"><h2>???????? ??????</h2></td>
                        </tr>
                        <tr>
                                <td>FName :</td>
                                <td><input name="firstname" type="text" size="50"></td>
                        </tr>
                        <tr>
                                <td>LName:</td>
                                <td><input name="lastname" type="text" size="50"></td>
                        </tr>
                        <tr>
                                <td>Identity :</td>
                                <td><input name="identity" type="text" size="50"></td>
                     </tr>
                        <tr>
                                <td align="center"><input type="reset" name="reset" value="Clear"></td>
                                <td align="center"><input type="submit" name="submit" value="Submit"></td>
                        </tr>
                </table>
        </form>
</p>
....
....
$client=new SoapClient($wsdl);
$client->insertPatient();
 
 
and a handler class (service) like this:

Code: Select all

 
<?php
Class MyClass {
function insertPatient{
 
if($_POST["firstname"] != "" && $_POST["lastname"] != "" && $_POST["identity"] != "" ){
                $db = "mydb";
                $sql = "INSERT INTO patients (userid, firstname, lastname, identity) VALUES (" . $_SESSION["userid"] . ", '" . $_POST["firstname"] . "', '" . $_POST["lastname"] . "', '" . $_POST["identity"] . "') ";
                include($folder["query"]);
        }
        else{
                die("Please insert all info");
        }
 
 
echo("<script type=\"text/javascript\" language=\"Javascript\">
<!--
        window.open('index.php?type=showPatients&identity=" . $_POST["identity"] . "', '_self');
-->
</script>");
}
?>
 
 
server

Code: Select all

 
require_once "MyClass.php";
$wsdl=......
$srv=new SoapServer($wsdl);
$srv->setClass("MyClass");
$srv->handle();
 
Thank you!
User avatar
JNettles
Forum Contributor
Posts: 228
Joined: Mon Oct 05, 2009 4:09 pm

Re: PHP Web service(wsdl-mode) Question

Post by JNettles »

First of all you're going to want to approach this from a more consistent manner. Your class shouldn't be taking $_POST data directly - go ahead and create arguments for your function instead of grabbing them from the global $_POST. Why? This will make your code reusable in other locations and also frees you up from having to do error checking inside your insertion class - do NOT depend solely on your Javascript validation for all error checking.

Try to design your program like this.

HTML Form -> posts to process.php (or wherever).

Have a function that accepts the $_POST data and cleans it (read up on SQL injection attacks for the reason why) and do your error checking (eg. somebody enters an invalid identity). After you have your variables checked and ready, create a function that takes those variables as an argument. This is a pillar of good OOP.

Code: Select all

function insertPatient($firstname, $lastname, $identity)
{
.......
This will give you a much more capable web service rather than depending directly on global post data. This way if you come across a situation where you need to do an insert without a POST you'll be set and ready. Keep resusable code in mind always.
Post Reply