Creating a REST API Using Core PHP Without Any Framework
In the era of microservices and mobile-first applications, REST APIs are essential. While modern frameworks like Laravel simplify the process, understanding how to create a REST API from scratch using Core PHP gives you full control and a solid understanding of the underlying architecture.
In this post, we’ll walk through how to build a basic RESTful API using only Core PHP and MySQL — no external libraries, no frameworks.
Prerequisites
- PHP installed (v7.0+ recommended)
- A web server (XAMPP, WAMP, or LAMP)
- MySQL database
- Postman or cURL for testing
- Basic PHP & MySQL knowledge
Basic RESTful API Step by Step guide
Step 1: Setup Your Database
CREATE DATABASE rest_api_demo;
USE rest_api_demo;
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100),
email VARCHAR(100),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
Step 2: Create the Project Structure
rest-api-php/
├── config/
│ └── database.php
├── api/
│ └── users.php
└── index.php
Step 3: Database Connection (config/database.php)
<?php
$host = "localhost";
$db_name = "rest_api_demo";
$username = "root";
$password = "";
try {
$conn = new PDO("mysql:host=$host;dbname=$db_name", $username, $password);
$conn->exec("set names utf8");
} catch (PDOException $exception) {
die("Connection error: " . $exception->getMessage());
}
?>
Step 4: Routing Logic (index.php)
<?php
$request = $_SERVER['REQUEST_URI'];
switch ($request) {
case '/api/users':
require __DIR__ . '/api/users.php';
break;
default:
http_response_code(404);
echo json_encode(["message" => "Endpoint not found"]);
break;
}
?>
Step 5: API Logic (api/users.php)
<?php
header("Content-Type: application/json");
require_once "../config/database.php";
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case 'GET':
$stmt = $conn->prepare("SELECT * FROM users");
$stmt->execute();
echo json_encode($stmt->fetchAll(PDO::FETCH_ASSOC));
break;
case 'POST':
$data = json_decode(file_get_contents("php://input"));
$stmt = $conn->prepare("INSERT INTO users (name, email) VALUES (?, ?)");
$stmt->execute([$data->name, $data->email]);
echo json_encode(["message" => "User added successfully"]);
break;
default:
http_response_code(405);
echo json_encode(["message" => "Method not allowed"]);
break;
}
?>
Step 6: Testing Your API
You can test using Postman or cURL:
- GET:
http://localhost/rest-api-php/api/users - POST:
{
"name": "Jayesh Dankhara",
"email": "[email protected]"
}
Bonus: Basic Security & Validation Tips
- Sanitize input using
filter_var()orhtmlspecialchars(). - Use prepared statements (already done).
- Add API keys or authentication (e.g., JWT) in real apps.
- Implement proper error handling with try-catch.
Concluding it,
You just created a working REST API using Core PHP only, without relying on any external frameworks. This foundational understanding helps you build lightweight, custom solutions — and prepares you to dive deeper into advanced concepts.
Jayesh Dankhara
Flutter & Android Developer