0

I'm pretty new to Laravel and i'd like to know if I'm doing the follow API in the proper way.

I have a mobile app that will make a request to have the restaurants around a position, sending this URL with parameters (lng, lat, rad) :

localhost/restaurant/@59.931412,59.931342,15

I came up with this route for the moment:

Route::get('restaurants/@{latitude},{longitude},{radius}', 'RestaurantsController@show'})
->where(['latitude' => '[0-9]+', 'longitude' => '[0-9]+', 'radius' => '[0-9]+']);

But I saw that if I want to make it REST I should use:

Route::resource('restaurants', 'RestaurantsController');

What I don't understant is:

  • how do i pass the parameters ?
  • The mobile app is supposed to send an GET verb and i have to make a 'show' method in my controller ?
  • instead of doing verification of parameters in the route, i have to use a middleware at the begining of the methode, right ?

Bonus : Is my query well written, is it secure ?

public function show($latitude, $longitude, $radius)
{
    //Middleware to control parameters later

    $results = DB::select(
                'SELECT * ( 3959 * acos( cos( radians(:latitude) ) *
                cos( radians( lat ) ) * cos( radians( lng ) - radians(:longitude) ) +
                sin( radians(:latitude) ) * sin( radians( lat ) ) ) ) AS distance FROM events HAVING 
                distance < :radius ORDER BY distance LIMIT 0 , 20',
                ["latitude" => $latitude, "longitude" => $longitude, "radius" => $radius]);

    return Response::json($results);
}

Edit : It's such a mess in my head, i have so many question that i came up with a post title a bit different to my questions, sorry.

Update 1: Here is my route

Route::get('restaurants/@{latitude},{longitude},{radius}', 'EventsController@show');

and my request rule (who's injected in the controller)

public function rules()
    {
        return [
            'latitude' => 'required|digits_between:-90,90',
            'longitude' => 'required|digits_between:-180,180',
            'radius' => 'required|numeric',
        ];
    }

i'm having the page "The page isn't redirecting properly" and in the log i have "Invalid request (Unexpected EOF)"

i use artisan and my url is : http://localhost:8000/restaurants/@59.93141200,30.31992300,15

without the request in the controller, the route works... I tried puting simple rule like 'required' only for latitude alone, it still does not want to access the request process.

The probleme comes from required (required: The field under validation must be present in the input data.), i don't understant values are here.

Improve this question
1
  • 2
    rather then used DB:query, If you can use Laravel Eloquent then its more secure. Commented May 5, 2016 at 12:49

1 Answer 1

Reset to default
1

Pointers w.r.t your API(s):

  1. Use post calls while making API, why show user which parameters are needed to get response.

  2. You're using Raw query in Laravel, where this framework provides eloquent way to write query, stick with newer approach.

  3. It's not mandatory to use resource if you're building API, until and unless you want API to have (Insert, Update, Delete, Detail and Listing feature all at once)

As per your question:

Q: How do I pass the parameters?
A: Since it's a get request, you just have to concat the params to the URL.

Q: The mobile app is supposed to send an GET verb and I have to make a 'show' method in my controller?
A: It depends upon your route, which function you're calling, if you write Route::get('list', 'ABController@list'); then, list function will be called. As per you route defined in the question, the show function will be called.

Q: Instead of doing verification of parameters in the route, I have to use a middleware at the begining of the methode, right?
A: It's better to use middleware to do validation. In laravel there is an other concept called Request, which will watch your parameter and apply validation as you need.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thanks for the response, I will be right back with these modification. I think i'm going to use resource because I will need to update, delete and show. And I realy need to know how it works !
I tried to do validation as you told, using Request, so i created my own one and extended it with Request. The validation seems to work but the parameters sont go to the controller. I tried $latitude = myRequest->input('latitude'); with simple request then and Request::get.
Posted my probleme on a seperate post : stackoverflow.com/questions/37060990/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.