Although I see the validation rules if I dump $val, I alway come into the else statement as if validation is not working. But all three dumps there are completely empty as if no data seems to come in.
If I use same function without validation, it is working perfectly.
tanks for the feedback. I know this is unsafe yet, but it is also my first try to do an API like that.
I will, of course do a login before someone can read or upload data via API, but as to now, I don't really understand, how to do this login. I am still trying to find out.
It's not easy to give an example, as environment and requirements can vary greatly. For example, most of our applications authenticate using certificates.
Some general statements: - Do not use GET. Data in the url is easily visable in transit, and cached - Use HTTPS for every request that includes authentication - Perferably, use a token issuer, and use the token in API calls, and not a user/pass - API calls should be stateless, pass everything needed to execute the request
Donate
