在我的Zend应用程序中,我正在为移动应用程序编写一个小API。为了方便移动开发者,我使用了Swagger。到目前为止,除了一个GET请求外,一切正常。
当我呼叫/user/messages/{sessionToken}时?numMessages={numMessages}
/**
* @SWG\Api(path="/user/messages/{sessionToken}?numMessages={numMessages}&pageNr={pageNr}",
* @SWG\Operation(
* method="GET",
* summary="Gets messages paged",
* notes="",
* type="string",
* nickname="getUsermessagesPaged",
* authorizations={},
* @SWG\Parameter(
* name="sessionToken",
* description="The token from an active user session",
* required=true,
* type="string",
* paramType="path",
* allowMultiple=true
* ),
* @SWG\Parameter(
* name="numMessages",
* description="number of messages on page (numMessages & pageNr are ignored if not both are set)",
* required=true,
* type="string",
* paramType="query",
* allowMultiple=true
* ),
* @SWG\Parameter(
* name="pageNr",
* description="pagenumber (numMessages & pageNr are ignored if not both are set)",
* required=true,
* type="string",
* paramType="query",
* allowMultiple=true
* ),
* @SWG\ResponseMessage(code=200, message="json {messages => 'user_messages'}"),
* @SWG\ResponseMessage(code=400, message="json with error 'not logged in'")
* )
* )
*/
有人知道我的错误吗?
欢迎任何帮助。
诚挚的问候
罗特曼
更新:按照建议,我将两个参数类型都更改为“查询”并更改了路径:
@SWG\Api(path="/user/messages/{sessionToken}",
但这并没有起到更好的作用。
eclipse PDT 中的 xdebug 显示:
requestURI => /ias/public/user/messages/{sessionToken}
和
- queryParams => Zend\\Stdlib\\Parameters
- *ArrayObject*storage => Array[0]
- => <Uninitialized>
大摇大摆的JSON是:
{
"apiVersion": "1.0.0",
"swaggerVersion": "1.2",
"apis": [
{
"path": "\/user",
"description": "Operations about users"
}
],
"info": {
"title": "Mobile access api",
"description": "This is the xxx mobile access api.",
"termsOfServiceUrl": null,
"contact": "xxx",
"license": null,
"licenseUrl": null,
"_partialId": null,
"_partials": [ ],
"_context": {
"comment": "\/**\ * @SWG\\Info(\ * title="Mobile access api",\ * description="This is the xxx mobile access api.",\ * contact="xxx",\ * )\ *\/",
"line": 3
}
}
}
这里是/user的输出:
{
"basePath": "http://localhost/ias/public",
"swaggerVersion": "1.2",
"apiVersion": "1.0.0",
"resourcePath": "/user",
"apis": [
{
"path": "/user/balance/{sessionToken}",
"operations": [
{
"method": "GET",
"summary": "Gets userbalance",
"nickname": "getUserdata",
"type": "string",
"parameters": [
{
"paramType": "path",
"name": "sessionToken",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The token from an active user session"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {balance => 'user_balance'}"
},
{
"code": 400,
"message": "json with error 'not logged in'"
}
],
"notes": "",
"authorizations": {}
}
]
},
{
"path": "/user/login",
"operations": [
{
"method": "POST",
"summary": "Logs user into the system",
"nickname": "loginUser",
"type": "string",
"parameters": [
{
"paramType": "form",
"name": "email",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The user email for login"
},
{
"paramType": "form",
"name": "password",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The password for login in clear text"
}
],
"responseMessages": [
{
"code": 200,
"message": "json with session_id, user_id, user_balance"
},
{
"code": 400,
"message": "json with error 'no user with given email and password'"
},
{
"code": 400,
"message": "json with error 'invalid input'"
},
{
"code": 400,
"message": "json with error 'no post request'"
}
],
"notes": "",
"authorizations": {}
}
]
},
{
"path": "/user/logout",
"operations": [
{
"method": "POST",
"summary": "Logs user out",
"nickname": "logoutUser",
"type": "string",
"parameters": [
{
"paramType": "form",
"name": "sessionToken",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The token from an active user session"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {result => 'deleted'}"
},
{
"code": 400,
"message": "json with error 'no user_session with given sid'"
},
{
"code": 400,
"message": "json with error 'invalid input'"
},
{
"code": 400,
"message": "json with error 'no post request'"
}
],
"notes": "",
"authorizations": {}
}
]
},
{
"path": "/user/messages/{sessionToken}",
"operations": [
{
"method": "GET",
"summary": "Gets new messages",
"nickname": "getUsermessages",
"type": "string",
"parameters": [
{
"paramType": "path",
"name": "sessionToken",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The token from an active user session"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {messages => 'user_messages'}"
},
{
"code": 400,
"message": "json with error 'not logged in'"
}
],
"notes": "",
"authorizations": {}
},
{
"method": "GET",
"summary": "Gets messages paged",
"nickname": "getUsermessagesPaged",
"type": "string",
"parameters": [
{
"paramType": "path",
"name": "sessionToken",
"type": "string",
"required": true,
"description": "The token from an active user session"
},
{
"paramType": "query",
"name": "numMessages",
"type": "string",
"required": true,
"description": "number of messages on page (numMessages & pageNr are ignored if not both are set)"
},
{
"paramType": "query",
"name": "pageNr",
"type": "string",
"required": true,
"description": "pagenumber (numMessages & pageNr are ignored if not both are set)"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {messages => 'user_messages'}"
},
{
"code": 400,
"message": "json with error 'not logged in'"
}
],
"notes": "",
"authorizations": {}
}
]
},
{
"path": "/user/userdata",
"operations": [
{
"method": "POST",
"summary": "Posts userdata",
"nickname": "postUserdata",
"type": "string",
"parameters": [
{
"paramType": "form",
"name": "sessionToken",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The token from an active user session"
},
{
"paramType": "form",
"name": "password",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new password"
},
{
"paramType": "form",
"name": "address",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new address"
},
{
"paramType": "form",
"name": "housenr",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new housenr"
},
{
"paramType": "form",
"name": "zip",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new zip"
},
{
"paramType": "form",
"name": "city",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new city"
},
{
"paramType": "form",
"name": "email",
"type": "string",
"required": false,
"allowMultiple": false,
"description": "new email"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {user => 'userdata'}"
},
{
"code": 400,
"message": "json with error 'not logged in'"
}
],
"notes": "",
"authorizations": {}
}
]
},
{
"path": "/user/userdata/{sessionToken}",
"operations": [
{
"method": "GET",
"summary": "Gets userdata",
"nickname": "getUserdata",
"type": "string",
"parameters": [
{
"paramType": "path",
"name": "sessionToken",
"type": "string",
"required": true,
"allowMultiple": false,
"description": "The token from an active user session"
}
],
"responseMessages": [
{
"code": 200,
"message": "json {user => 'userdata', user_limit => 'userLimits'}"
},
{
"code": 400,
"message": "json with error 'not logged in'"
}
],
"notes": "",
"authorizations": {}
}
]
}
],
"produces": [
"application/json"
]
}
错误似乎是,我的大摇大摆的用户界面没有发出任何查询参数?这是一个只有一个查询参数的示例,会话令牌:(由FireBug 2.0.6监控)
GET /ias/public/user/balance HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: application/json
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/json
Referer: http://localhost/ias/swagger/
Cookie: __utma=111872281.581414660.1366700677.1394721873.1394723866.255; uvts=sB5Dda3cZBNdaTk; searchpanel-close=set
Connection: keep-alive
答案是:
HTTP/1.1 400 Bad Request
Date: Tue, 25 Nov 2014 14:58:20 GMT
Server: Apache/2.4.9 (Win32) PHP/5.5.12
X-Powered-By: PHP/5.5.12
Content-Length: 25
Connection: close
Content-Type: application/json; charset=utf-8
答案是正确的,因为没有会话令牌被传输。
这个请求有效,但不是来自swagger-ui:
GET /ias/public/user/balance?sessionToken=54275cc6358e42c4b1fb1d8daf850b52 HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: __utma=111872281.581414660.1366700677.1394721873.1394723866.255; uvts=sB5Dda3cZBNdaTk; searchpanel-close=set
Connection: keep-alive
问题解决了,解决方案是更新 swagger-ui。
更新后,查询参数已发送到应用程序,一切正常。
感谢所有试图解决我问题的人。
亲切问候罗特尔曼
我想你失踪了
paramType="query",
自
paramType="path",
我认为这会解决你的问题。
将第一行改为:
* @SWG\Api(path="/user/messages/{sessionToken}",
Swagger不支持将查询参数作为路径本身的一部分。它们将被自动添加到请求中(从UI中),因为它们被描述为< code>query类型。
查询创建工具及查询编辑器都支持在查询文本使用参数。你可以设置查询参数来在每次运行查询时添加变量值。参数应作为一个识别符以 $ 开头,[ ] 括住,例如 [$任何名]。 运行查询及 输入参数 对话框提供你输入想要搜索的数据。
查询支持在查询文本内使用参数。你可以设置查询参数,于每次运行查询时添加变量值。参数是一个以 $ 开头以及用 [ ] 括住的标识符,例如:[$任何名]。 运行查询时,你可以在“输入参数”对话框输入你想要搜索的数据。如勾选“原始模式”选项,将不会在传递输入值到查询时添加引号。
查询支持在查询文本内使用参数。你可以设置查询参数,于每次运行查询时添加变量值。参数是一个以 $ 开头以及用 [ ] 括住的标识符,例如:[$任何名]。 运行查询时,你可以在“输入参数”对话框输入你想要搜索的数据。如勾选“原始模式”选项,将不会在传递输入值到查询时添加引号。
查询支持在查询文本内使用参数。你可以设置查询参数,于每次运行查询时添加变量值。参数是一个以 $ 开头以及用 [ ] 括住的标识符,例如:[$任何名]。 运行查询时,你可以在“输入参数”对话框输入你想要搜索的数据。如勾选“原始模式”选项,将不会在传递输入值到查询时添加引号。
主要内容:示例关于查询的最好的部分是可以一次又一次地保存和运行相同的查询,但是当您通过只更改条件来一次又一次地运行相同的查询时,则可以考虑查询来接受参数并按指定参数值来查询。 如果您经常要运行特定查询的变体,请考虑使用参数查询。 参数查询以交互方式检索信息,提示最终用户在运行查询之前提供条件。 也可以指定参数应该接受的数据类型。 可以为任何参数设置数据类型,但为数字,货币或日期/时间数据设置数据类型尤其重要。
问题内容: 我很难使用MySQLdb模块将信息插入到我的数据库中。我需要在表中插入6个变量。 有人可以帮我这里的语法吗? 问题答案: 提防对SQL查询使用字符串插值,因为它不能正确地转义输入参数,并使您的应用程序容易受到SQL注入漏洞的影响。 这种差异看似微不足道,但实际上它是巨大的 。 不正确(存在安全问题) 正确(带有转义符) 这增加了混乱,即用于绑定SQL语句中的参数的修饰符在不同的DB A