I'm trying to send a POST request to an endpoint, I get a 200 response but the data I'm sending get saved wrongly in the DB;
I'd like to know if the fault lies in my post request or in the backend code that handles the request.
To be more specific: I'm sending a POST request to a Laravel MariaDB backend. I didn't write the backend code, and all the "specifics" I got are:
The post request has 3 fields:
- user_id: the patient's id
- password: the patients' password (same for all patients)
- payload: a json payload structured this way:
- 'epoch_start' => 'required|numeric',
- 'epoch_end' => 'required|numeric|gte:epoch_start',
- 'size' => 'required|numeric|gt:0',
- 'temperature' => 'required|array|min:size',
- 'pressure' => 'required|array|min:size',
- 'movement' => 'required|array|min:size',
Here is the Controller that handles the request:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Validator;
use Response;
use App\Models\User;
use App\Models\Sensor;
use Carbon\Carbon;
class SensorController extends Controller
{
public function storeData(Request $request) {
if ($request->has(['user_id', 'password', 'payload'])) {
$password = $request->get('password');
$user_id = $request->get('user_id');
$user = User::where('id', $user_id)->firstOrFail();
if($user->role != "patient") return new Response('Forbidden', 403);
if($password != "HIDDENPASS") return new Response('Forbidden', 403);
$payload = $request->get('payload');
$data = json_decode($payload, true);
$rules = [
'epoch_start' => 'required|numeric',
'epoch_end' => 'required|numeric|gte:epoch_start',
'size' => 'required|numeric|gt:0',
'temperature' => 'required|array|min:size',
'pressure' => 'required|array|min:size',
'movement' => 'required|array|min:size',
'temperature.*' => 'numeric',
'pressure.*' => 'numeric',
'movement.*' => 'numeric',
];
$validator = Validator::make($data, $rules);
if ($validator->passes()) {
$s = new Sensor;
$s->user_id = $user->id;
$s->epoch_start = Carbon::parse($data["epoch_start"]);
$s->epoch_end = Carbon::parse($data["epoch_end"]);
$s->size = $data["size"];
$s->temperature = json_encode($data["temperature"]);
$s->pressure = json_encode($data["pressure"]);
$s->movement = json_encode($data["movement"]);
$s->save();
response()->json(['success' => 'success'], 200);
} else {
dd($validator->errors());
}
} else {
return new Response('Forbidden', 403);
}
}
}
If I try this Post request using Postman (I tried using curl and python's request module, too) I get a 200 response, and the data get saved to the DB in this way.
The problem lies with the fields "temperature", "pressure" and "movement", to be more specific with the double quotes surrounding the array: the computations involving this data made by the web app are all wrong but, if I manually remove the double quotes (from PhpMyAdmin) the computations are right.
For the sake of completeness here is the table structure.
Is there a way to avoid the double quotes surrounding those fields?
Is my POST request at fault here, or is it a back-end-related thing?
I'm not familiar with PHP, but if I am not mistaken the handling of those data should be managed by these lines:
$s->temperature = json_encode($data["temperature"]);
$s->pressure = json_encode($data["pressure"]);
$s->movement = json_encode($data["movement"]);
and the json_encode returns a string, so I'm beginning to think that the backend code is at fault here, but I'd like a second opinion.
Thanks in advance
EDIT: Ok, thanks to @samuel-olufemi answer and @sumit comment I can conclude that the json_encode coupled with the longtext datatype used by MariaDB is the main problem. So I tried to store the array values without encoding them, changing those 3 lines to:
$s->temperature = $data["temperature"];
$s->pressure = $data["pressure"];
$s->movement = $data["movement"];
and the data are stored without double quotes, as per my desire. Thanks all for your help and your time.
CodePudding user response:
Your Implementation is right. The problem is due to the way Maria DB longtext data type manages JSON data.
you can check out this answer
CodePudding user response:
Maybe, for Laravel you need to send the validation token (@csrf).