I been having this idea spooking around in my head for 2 weeks now. I’ve finally created some cases and plans on where I want to go with this project. I will have to create both a web application (ASP.NET) and a desktop application (Java). Both these applications will need to have sync’d databases.
I’ve been thinking about creating a public API over my database so my front-end and 3rd parties could communicate to the database. But I’ve never really attempted something like this before. I’ve spend my weekend so far on reading up on how I could approach this and I’ve gotten a pretty good idea. I’m having some questions/doubts currently and was hoping perhaps someone could help me.
1) I’m currently still in university and I don’t have a job so my pockets don’t go very deep. I’ve been thinking of writing the API in PHP, I already have possession of an unmetered hosting account and else I would be forced to buy .NET hosting which can turn out to be quite expensive. However my PHP knowledge is quite limited towards parsing user input/security. Would it be wise to search for an (e)book around this topic or would I be fine with online tutorials, do you have any suggestions on where to look? Should I put my time in writing a possible vulnerable PHP API or should I look at other options?
2) So far I’ve never really had the need to look into PHP libraries. I was wondering if I should look into some of these (for example cakePHP) to help me develop the API.
3) I’ve experience with implementing Twitter/Linkedin their API’s so I’ve been thinking to use OAuth (v2) to allow people to use my API. Is implementing OAuth to your API a lot of work? Is it well documented enough for someone with only basic PHP knowledge? If you ever used it on your API, what was your experience with it?
4) If this project would ever kick off, it would be wise to look into hosting It in the cloud. Do I currently need to think about something so future cloud integration is possible?
5) For the web application, would there be a (big) performance difference between using the API or directly connecting to the database?
6) Any recommended lecture or tips are welcome. It’s the first time I will be attempting something this big (both in functionalities & required knowledge).