Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Connecting To The Service

The Picasa Web Albums API, like all GData APIs, is based off of the Atom Publishing Protocol (APP), an XML based format for managing web-based resources. Traffic between a client and the servers occurs over HTTP and allows for both authenticated and unauthenticated connections.

Before any transactions can occur, this connection needs to be made. Creating a connection to the Picasa servers involves two steps: creating an HTTP client and binding a Zend_Gdata_Photos service instance to that client.


The Google Picasa API allows access to both public and private photo feeds. Public feeds do not require authentication, but are read-only and offer reduced functionality. Private feeds offers the most complete functionality but requires an authenticated connection to the Picasa servers. There are three authentication schemes that are supported by Google Picasa :

  • ClientAuth provides direct username/password authentication to the Picasa servers. Since this scheme requires that users provide your application with their password, this authentication is only recommended when other authentication schemes are insufficient.

  • AuthSub allows authentication to the Picasa servers via a Google proxy server. This provides the same level of convenience as ClientAuth but without the security risk, making this an ideal choice for web-based applications.

The Zend_Gdata library provides support for both authentication schemes. The rest of this chapter will assume that you are familiar the authentication schemes available and how to create an appropriate authenticated connection. For more information, please see section the Authentication section of this manual or the Authentication Overview in the Google Data API Developer's Guide.

Creating A Service Instance

In order to interact with the servers, this library provides the Zend_Gdata_Photos service class. This class provides a common interface to the Google Data and Atom Publishing Protocol models and assists in marshaling requests to and from the servers.

Once deciding on an authentication scheme, the next step is to create an instance of Zend_Gdata_Photos. The class constructor takes an instance of Zend_Http_Client as a single argument. This provides an interface for AuthSub and ClientAuth authentication, as both of these require creation of a special authenticated HTTP client. If no arguments are provided, an unauthenticated instance of Zend_Http_Client will be automatically created.

The example below shows how to create a service class using ClientAuth authentication:

// Parameters for ClientAuth authentication
$service Zend_Gdata_Photos::AUTH_SERVICE_NAME;
$user "";
$pass "pa$$w0rd";

// Create an authenticated HTTP client
$client Zend_Gdata_ClientLogin::getHttpClient($user$pass$service);

// Create an instance of the service
$service = new Zend_Gdata_Photos($client);

A service instance using AuthSub can be created in a similar, though slightly more lengthy fashion:


 * Returns the full URL of the current page, based upon env variables
 * Env variables used:
 * $_SERVER['HTTPS'] = (on|off|)
 * $_SERVER['HTTP_HOST'] = value of the Host: header
 * $_SERVER['SERVER_PORT'] = port number (only used if not http/80,https/443)
 * $_SERVER['REQUEST_URI'] = the URI after the method of the HTTP request
 * @return string Current URL
function getCurrentUrl()

     * Filter php_self to avoid a security vulnerability.
$php_request_uri htmlentities(substr($_SERVER['REQUEST_URI'], 0,
strcspn($_SERVER['REQUEST_URI'], "\n\r")), ENT_QUOTES);

    if (isset(
$_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
$protocol 'https://';
    } else {
$protocol 'http://';
$host $_SERVER['HTTP_HOST'];
    if (
$_SERVER['SERVER_PORT'] != '' &&
$protocol == 'http://' && $_SERVER['SERVER_PORT'] != '80') ||
$protocol == 'https://' && $_SERVER['SERVER_PORT'] != '443'))) {
$port ':' $_SERVER['SERVER_PORT'];
    } else {
$port '';
$protocol $host $port $php_request_uri;

 * Returns the AuthSub URL which the user must visit to authenticate requests
 * from this application.
 * Uses getCurrentUrl() to get the next URL which the user will be redirected
 * to after successfully authenticating with the Google service.
 * @return string AuthSub URL
function getAuthSubUrl()
$next getCurrentUrl();
$scope '';
$secure false;
$session true;

 * Returns a HTTP client object with the appropriate headers for communicating
 * with Google using AuthSub authentication.
 * Uses the $_SESSION['sessionToken'] to store the AuthSub session token after
 * it is obtained. The single use token supplied in the URL when redirected
 * after the user succesfully authenticated to Google is retrieved from the
 * $_GET['token'] variable.
 * @return Zend_Http_Client
function getAuthSubHttpClient()
    if (!isset(
$_SESSION['sessionToken']) && isset($_GET['token'])) {
$_SESSION['sessionToken'] =
$client Zend_Gdata_AuthSub::getHttpClient($_SESSION['sessionToken']);

 * Create a new instance of the service, redirecting the user
 * to the AuthSub server if necessary.
$service = new Zend_Gdata_Photos(getAuthSubHttpClient());

Finally, an unauthenticated server can be created for use with public feeds:

// Create an instance of the service using an unauthenticated HTTP client
$service = new Zend_Gdata_Photos();

Zend Framework