Connecting to an External Database with Tropo Scripting
November 16th, 2010 by Mark HeaddTropo Scripting is a great way to build powerful, sophisticated communication applications in one of several popular development languages.
It’s easy to get up and running quickly with Tropo Scripting, to build multi-channel applications that leverage powerful features like SIP integration and speech recognition.
If you are developing an application in Tropo Scripting, you might at some point find that you need to send values to a back-end database or to retrieve information from an external system. There are several different ways to do this depending on the language you are using. This post will provide an example of one way to do this using the PHP scripting language.
Sending Information From Your Tropo Script
Before we begin, please note that there are a number of different ways to accomplish the same end described in this post. Essentially, we want to send information from our Tropo script over HTTP to a script running somewhere else. The remote script will access the submitted data and use it to update a back-end database.
If you’re familiar with web development then you’ve been exposed to the concept of web application security – we want to achieve our goal of sending data from our Tropo script in a secure way. This post describes one way of doing this with a focus on striking a balance between security, ease of use and repeatability.
The code for your Tropo scripting app (whether it is written in PHP or another of the supported languages) is executed in the Tropo cloud, and not on an external server that might be hosting it. You can’t call native PHP functions like mysql_connect() from your Tropo script because the Tropo cloud does not support connecting to an external data source in this way.
Instead, you can use cURL to send information from your Tropo script to the server that houses your database.
Here is an example of a PHP function that uses cURL to send data to a URL using the HTTP POST method:
function submitValue($myValue) {
$ch = curl_init("http://someurl/my-script.php");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, "admin:mypass");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "myValue=$myValue");
$output = curl_exec($ch);
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != '200') {
return null;
}
return $output;
}
This function takes one parameter – $myValue – and sends it to “http://someurl/my-script.php” using HTTP POST. Note also that we are using access credentials to authenticate with our backend script. We are also using digest authentication to send our login credentials, which will ensure that they are not sent in plain text (the reason for this will become more apparent shortly).
Our function simply sends the value of $myValue to “http://someurl/my-script.php” and returns the response we get back to whatever called it. Now lets take a look at complete Tropo Scrpting app that uses this function.
<?php
// The URL where the my-script.php script resides.
define("POST_DATA_TO_URL", "http://someurl/my-script.php");
// Function to send value to auth-test.php script via cURL with digest authentication.
function submitValue($myValue) {
$ch = curl_init(POST_DATA_TO_URL);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, "admin:mypass");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "myValue=$myValue");
$output = curl_exec($ch);
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != '200') {
return null;
}
return $output;
}
answer(30);
say("Hello, welcome to my sample application.", array("bargein" => false));
// Prompt the caller for the extension they want to call.
$event = ask("Please enter a 5 digit zip code.", array("choices" => "[5 DIGITS]", "choiceMode" => "dtmf", "repeat" => "3", "timeout" => "5"));
if($event->name == 'choice') {
_log("*** User entered ".$event->value." ***");
$result = submitValue($event->value);
if($result == "SUCCESS") {
say("Thank you. Goodbye", array("bargein" => false));
hangup();
}
else {
_log("*** $result ***");
say("Sorry, there was a problem. Goodbye", array("bargein" => false));
hangup();
}
}
?>
This simple script asks a caller to enter a 5 digit zip code and then POSTs that inforamtion back to the script at http://someurl/my-script.php.
Accessing Data Submitted from Tropo
The script we are posting to is responsible for 3 things:
- It must authenticate our HTTP request using digest authentication and the credentials we pass to it in our submitValue() method described above.
- It must make a connection to a data source (like MySQL or some other RDBMS system) and insert our value.
- It must send a response back to our Tropo script indicating success or failure.
You can see what this script might look like here.
Note the this script can be changed to match your local environment and your needs. On line 27, the $users array contains the credentials of those users that are allow to access this script.
$users = array('admin' => 'mypass', 'guest' => 'guest');
Modify as needed, and make sure you also modify the credentials used in the submitValue() method of our Tropo script to match what is in your external script.
Although this script demonstrates the use of a MySQL database for storing data submitted from Tropo, you could easily use any other data source you want. Do note, however, that the login credentials for the MySQL database (line 55) are different from those used to authenticate the HTTP request from Tropo.
When creating database access credentials for your Tropo application, be sure to always follow the principle of least privilege – if the database user for our script only needs to insert data into a database, and nothing more, then that user should only have INSERT privileges:
> GRANT INSERT ON tropodata.* TO 'user'@'host' IDENTIFIED BY 'password'; > FLUSH PRIVILEGES;
Like all access credentials, you should take care in where these values are stored. If you are using Apache as your web server, you could store these credentials as environmental variables.
In fact, if you prefer, you could use Apache itself to do digest authentication on HTTP requests. For additional security, you could use SSL to encrypt your HTTP requests.
As mentioned previously, there are a number of alternative approaches to the one described here – select the one that best fits your environment and your needs. Hopefully this post will get you thinking about how to connect, conveniently and securely, to a back-end data source from your Tropo Scripting application.
Tropo Scripting makes it easy to build multi-channel applications that leverage cutting edge features. Using HTTP and digest authentication, it’s easy to extend the power of your Tropo script by connecting it to a remote database or back-end system.
Related posts:
What about sending data from my website request handler, to my tropo script? Is a script allowed to listen for and accept connections?
There are two ways to initiate a Tropo script – you can call a number assigned to a script, or send a message to it (depending on the channels it uses).
You can also invoke a script through the Tropo Session API – https://www.tropo.com/docs/scripting/outbound_sessions_tokens_scripting_api.htm (scroll down to the section entitled “Tropo Session API”).
The Tropo Session API lets you initiate a script via a simple HTTP request.
Hope this helps.
i dont understand where to write the above code to get connected with mysql database..plz give me detailed overview on it i am new on this platform