Ive used the QueryBuilder to order the results like so:

    $listProducts = $query->select('*')
                ->from('table')
                ->range('0-0')
                ->order('color')
                ->execute()
                ->getResult();

Which gives me the first result ordering by 'color' descending. How can I do the same thing but ascending?

Thanks!

There is a getUser function, but no removeUser function.

I tried adding it myself by looking at their JS SDK but don't find the correct REST endpoint (tried /admin/user/[id] but that doesn't seem to work for me).

Any chance you can add it in?

public function like_dogs(Request $request){
$service = new \PHPSupabase\Service(
"eyJhbGciwOiJIUzI1NiIsInR5cCI6IkpXVCJ9.ewogICJyb2xlIjogImFub24iLAogICJpc3MiOiAicW3VwYWJhc2UiLAogICJApYXQiOiAxNjkxNzkxMjAwLAogICJleHAiOiAxODQ5NjQ0MDAwCn01.l9f3OhYMcvuuf14WKbF6zdSoNfP3TXz7yViMkNIgV0w",
"https://viz6101212.ru"
);
$db = $service->initializeDatabase('Posts', 'id');
$postId = $request->input('postId');
$post_sent = $db->findBy('id', $postId)->getResult();
$post_sent = $post_sent["0"];
$liked_ids = $post_sent->likedIDs;
$disliked_ids = $post_sent->dislikedIDs;
if (in_array(\Session::get('uid'), $disliked_ids)) {
$post_sent->update([

        ]);
        $post_sent->update([
            
        ]);
        return redirect()->back();
    }
    if (in_array(\Session::get('uid'), $liked_ids)) {
        $post_sent->update([
            
        ]);
        return redirect()->back();
    }
    else{
        $post_sent->update('likedIDs',\Session::get('uid'));
        return redirect()->back();
    }
}

Hello,

I came across one issue when trying to perform an INSERT on a table where the user only has INSERT priviledges enabled in RLS and not SELECT permission. The use case is for example an application where a user can provide anonymous feedback that gets added to the database, but is not allowed to view any submitted feedback.

Currently the library defaults to return type representation as it is hardcoded in the database class:

To fix the issue about RLS blocking the INSERT due to the added SELECT query it needs to be changed to return=minimal if required which is currently not supported. My suggestion would be to default to return type representation in executeDml function but add the option to overwrite this by insert function if set by the user.

This issue was also once present in Supabase JS library, the discussion can be found here for reference: https://github.com/orgs/supabase/discussions/4107

Project References

Where did you get the references to make the classes and functions? From the official JS repository? supabase.js

Or did you do it with your own ideas?

diff --git a/vendor/rafaelwendel/phpsupabase/src/QueryBuilder.php b/vendor/rafaelwendel/phpsupabase/src/QueryBuilder.php
index 681afff..32dfd92 100644
--- a/vendor/rafaelwendel/phpsupabase/src/QueryBuilder.php
+++ b/vendor/rafaelwendel/phpsupabase/src/QueryBuilder.php
@@ -113,7 +113,7 @@ class QueryBuilder {
*/
public function where(string $column, string $value) : QueryBuilder
{

•    $this->query['where'][] = $column . '=' . $value;
  

•    $this->query['where'][] = $column . '=' . urlencode($value);
     return $this;
  

  }

Thank you for building this library!
When I try to use
$db = $service->initializeDatabase('categories', 'id');
$newCategory = ['categoryname' => '[email protected]'];
$data = $db->insert($newCategory);

I get the error
Client error: 'POST https://MY_URL_PROJECT.supabase.co/auth/v1/categories' resulted in a '404 Not Found' response: 404 page not found

Do you have any suggestion what might cause this?

$auth = $service->createAuth();
This seems to be a bug but not sure if it is with this code or supabase. If this is called and the user exist, the password and any metadata passed is overwritten.

Possible security issue that someone could reset another user's password using just the signup form.

I am still developing and testing but I think an error should be returned if the email already exist.

Also, it says confirm email is sent but supabase seems to send if new and not already exist.

try{
$auth->createUserWithEmailAndPassword('[email protected]', 'bxxxy');
$data = $auth->data(); // get the returned data generated by request
echo 'User has been created! A confirmation link has been sent to the '. $data->email;
}
catch(Exception $e){
echo $auth->getError();
}

Hi, is it possible to implement a sign in with oauth function (especially for google and discord) with this library?

Add limit in QueryBuilder please

  if(isset($this->query['limit'])){
        $queryString .= '&limit=' . $this->query['limit'];
    }

/**
 * Add the "limit" to the query
 * @access public
 * @param $range String The interval of fetch registers
 * @return QueryBuilder
 */
public function limit(string $range) : QueryBuilder
{
    $this->query['limit'] = $range;
    return $this;
}

Database.php in createCustomQuery()

    if(isset($args['limit'])){
        $queryBuilder->limit($args['limit']);
    }

I didn't find any method to check input data like Prepared Statement against SQL injection attacks

Is it possible using the QueryBuilder to query Timestamps for not null? I tried:

->where('DATE','is.not null')

and

->where('DATE','not.null')

Hello, I am getting a 500 error from Supabase on like, ilike query on some string, example:
try{
$listClients = $query->select('')
->from('clients')
->where('department_name', 'ilike.%cal%')
->execute()
->getResult();
foreach ($listClients as $client){
$resp[] = $client;
}
}
Same call is working if I change 'cal' to 'matt':
try{
$listClients = $query->select('')
->from('clients')
->where('department_name', 'ilike.%matt%')
->execute()
->getResult();
foreach ($listClients as $client){
$resp[] = $client;
}
}
I was able to make all string work adding urlencode at the ilike statement:
try{
$listClients = $query->select('*')
->from('clients')
->where('department_name', urlencode('ilike.%cal%'))
->execute()
->getResult();
foreach ($listClients as $client){
$resp[] = $client;
}
}
Is this a normal behaviour?
I don't see in the documentation that urlencode must be used in the where statement using like.
Thank you!

I don't know why it keeps appearing. Unable to use this package.

I got warnings in my code base when using library functions with optional parameters, when using e.g. initializeDatabase.

Argument '2' passed to initializeDatabase() is expected to be of type PHPSupabase\optional, string given PHP(PHP0406)

https://github.com/rafaelwendel/phpsupabase/blob/main/src/Service.php#L160

Documentation : https://docs.phpdoc.org/3.0/guide/references/phpdoc/tags/param.html

In my case (VSCODE + DEVSENSE PHP extension) I got errors, as it parses the first word after the variable as the type. Which is Optional int this case.

And as I see now, the documented way of PHPDoc is even:

@param [<Type>] [name] [<description>]

And in this lib,

@param [name] [] [(optional)] []

is used mostly...

With also String needs to be a lower case string.

Or do you use another method/library for documentation?

Thanks!

i'm not into git so i can't open a pull request atm.
but in the documentation at "Sign in with email and password"
theres "acess_token" instead of "access_token" 2 times.
it's just a spelling mistake but the example code doesnt work.

it would be really nice for the next person if someone could fix that.
thanks!

Hi, from the official docs both the signup & recover method include the emailRedirectTo param in "options" which to specific the request redirection. Is this emailRedirectTo will be add on into these method?

define('SUPABASE_URL', 'https://id-project.supabase.co/');
define('SUPABASE_KEY', 'apikeysupabase...');

$serviceAuth = new PHPSupabase\Service(
    SUPABASE_KEY, 
    SUPABASE_URL . 'auth/v1/'
);

$auth = $serviceAuth->createAuth();

try{
    $auth->signInWithEmailAndPassword('[email protected]', '1234');
    $data = $auth->data(); // get the returned data generated by request

    if(isset($data->access_token)){
        $userData = $data->user; //get the user data
        echo 'Login successfully for user ' . $userData->email;

        //save the $data->access_token in Session, Cookie or other for future requests.
    }
}
catch(Exception $e){
    print_r($e);
}

If the url route is set with supabase/auth/v1 then the queries cannot be performed.
I nedd create another service with resource consumption url with supabase.co/rest/v1

$service = new PHPSupabase\Service(
    SUPABASE_KEY, 
    SUPABASE_URL . 'rest/v1/'
);

$db = $service->initializeDatabase('lightprice', 'id');

Or is it working correctly as it should be used?

When I enable "Bot and Abuse Protection" using the service_role key it says "Server error: POST https://sdqczznijvha.supabase.co/auth/v1/signup resulted in a 500 Internal Server Error response : {"code":500,"msg":"captcha verification process failed","error_id":"8611cf16c0276459-SJC"} "

When I also use this service_role key from javascript I am able to skip verification.

I'm using version 0.0.7.

edit: i made sure the refresh token is not used anywhere else and this also happens with new refresh tokens created one second before running this code and receiving the error.

I have signed in before this codes runs and saved the session in my cookies.
After 1 hour it runs the following code.
Result is either null or this:

This is the code for refreshing:

How can I get the total rows count of a table ?

Or a better question is how can I get the headers from a response?
I added in the service class $header : count => 'exact', but now I need to access the header response.

Thank you

I am trying to make a query and get the data based on created_at field for a specific date interval.

How can I add to conditions for one field?

Currently I have this;

    $query = [
      'select' => 'created_at',
      'from'   => 'usersData',
      'where' =>
      [
        'created_at' => 'gte.' . $this->start_date . 'T00:00:00',
      ],

But I want to add this as well:

'created_at' => 'lt.' . $this->end_date . 'T23:59:59',

Thanks!

I tried

$query = $service->initializeQueryBuilder();

try{
    $listProducts = $query->select('COUNT(*)')
                ->from('messages')
                ->execute()
                ->getResult();
    var_dump($listProducts);
}
catch(Exception $e){
    echo $e->getMessage();
}

Result

Client error: `GET https://***.supabase.co/rest/v1/messages?select=COUNT(*)` resulted in a `400 Bad Request` response:
{"code":"PGRST200","details":"Searched for a foreign key relationship between 'messages' and 'COUNT' in the schema 'publ (truncated...)

How to count records with this api?

Hi @rafaelwendel

I am using your library in a project where I need to run some advanced queries containing aggregates etc. The createCustomQuery function does not cover this (neither does the equivalent in Supabase itself).

To get around that, I am creating database functions via the Supabase UI and using their RPC API endpoint to execute the function and return the results. This works well!

RPC is not part of your library so I am manuallyu calling it this way:

$service = self::get_service( 'rest' );
$result = $service->executeHttpRequest( 'GET', $my_base_url . 'rpc/function_name', [ 'headers' => $service->getHeaders() ] );

This works without issue, but it would be cleaner if your library had a function to call RPC directly. Perhaps you can consider to include it in a next update? Thanks!

Thank you for building this library!

When I try to use $auth->signInWithEmailAndPassword I get the error no Route matched with those values .

Do you have any suggestion what might cause this?

How to solve the following error:

**error: `POST https://xxx.supabase.co/rest/v1/yyy` resulted in a `401 Unauthorized` response:
{"code":"PGRST301","details":null,"hint":null,"message":"JWT expired"}**

This is offtopic. I was just curious about people who are using supabase for their PHP projects, how do you authenticate your users when the async login didn't return anything useful? Do you parse the url fragment returned on the callback url and make a hidden form on the page to initiate a POST request to server so that PHP able to get the values?
I'm implementing Magic Link auth on my Laravel project, and I was brain f*ed thinking how to pass those values to the backend because the values are placed in fragments. So I came across this but found out it is also using the API endpoints only and nothing special, all the auth login function return void. So it should be similar results to my current implementation using supabase JS.
Sorry for my noob question... I'm not an expert, I hope to get more information about this, since there's not much information about this on the internet. Thanks!

Hi,
when I try to use the following:

try{
    $data = $auth->getUser($bearerToken);
    print_r($data); // show all user data returned
  } catch(Exception $e){
    echo $auth->getError();
}   

I receive back an error:

Client error: GET https://*****.supabase.co/auth/v1/user resulted in a 401 Unauthorized response:

"Invalid JWT: unable to parse or verify signature, signature is invalid".

Do you probably know what the problem could be?

Hello, great job! Do you mind adding support to call stored procedures?

This can be done by calling rest/v1/rpc/, it seems the library doesn't support this feature at the moment.

Thanks!