php上傳到oss(web直傳)
阿新 • • 發佈:2020-12-26
php程式碼
簽名 index.php
<?php
header('Access-Control-Allow-Origin:*'); // *代表允許任何網址請求
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, x-file-name");
header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE');
function getSigns (){
$id= ' '; // 請填寫您的AccessKeyId。
$key= ' '; // 請填寫您的AccessKeySecret。
// $host = "http://".env('OSS_BUCKET').'.'.env('OSS_ENDPOINT');
$host = " ";
$callbackUrl ='http://'.$_SERVER['HTTP_HOST'].'/yl/callback.php';
$dir = 'yl/'; // 使用者上傳檔案時指定的字首。
$callback_param = array('callbackUrl'=>$callbackUrl,
'callbackBody'=>'filename=${object}&size=${size}&mimeType=${mimeType}&height=${imageInfo.height}&width=${imageInfo.width}',
'callbackBodyType'=>"application/x-www-form-urlencoded" );
$callback_string = json_encode($callback_param);
$base64_callback_body = base64_encode($callback_string);
$now = time();
$expire = 30; //設定該policy超時時間是10s. 即這個policy過了這個有效時間,將不能訪問。
$end = $now + $expire;
$expiration = gmt_iso8601($end);
//最大檔案大小.使用者可以自己設定
$condition = array(0=>'content-length-range', 1=>0, 2=>1048576000);
$conditions[] = $condition;
// 表示使用者上傳的資料,必須是以$dir開始,不然上傳會失敗,這一步不是必須項,只是為了安全起見,防止使用者通過policy上傳到別人的目錄。
$start = array(0=>'starts-with', 1=>'$key', 2=>$dir);
$conditions[] = $start;
$arr = array('expiration'=>$expiration,'conditions'=>$conditions);
$policy = json_encode($arr);
$base64_policy = base64_encode($policy);
$string_to_sign = $base64_policy;
$signature = base64_encode(hash_hmac('sha1', $string_to_sign, $key, true));
$response = array();
$response['accessid'] = $id;
$response['host'] = $host;
$response['policy'] = $base64_policy;
$response['signature'] = $signature;
$response['expire'] = $end;
$response['callback'] = $base64_callback_body;
$response['dir'] = $dir; // 這個引數是設定使用者上傳檔案時指定的字首。
#response()->json($response); //返回資訊
echo json_encode($response);
}
function gmt_iso8601($time) {
$dtStr = date("c", $time);
$mydatetime = new \DateTime($dtStr);
$expiration = $mydatetime->format(\DateTime::ISO8601);
$pos = strpos($expiration, '+');
$expiration = substr($expiration, 0, $pos);
return $expiration."Z";
}
$function = ["getSigns", "callback"];
$fun = $_GET['fun'];
if (!in_array($fun, $function)) {
echo json_encode(['code' => 500]);
}else{
echo ($fun());
}
回撥
callback.php
function callback(){
// 1.獲取OSS的簽名header和公鑰u
// dsfsdrl header
$authorizationBase64 = "";
$pubKeyUrlBase64 = "";
/*
* 注意:如果要使用HTTP_AUTHORIZATION頭,你需要先在apache或者nginx中設定rewrite,以apache為例,修改
* 配置檔案/etc/httpd/conf/httpd.conf(以你的apache安裝路徑為準),在DirectoryIndex index.php這行下面增加以下兩行
RewriteEngine On
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
* */
if (isset($_SERVER['HTTP_AUTHORIZATION']))
{
$authorizationBase64 = $_SERVER['HTTP_AUTHORIZATION'];
}
if (isset($_SERVER['HTTP_X_OSS_PUB_KEY_URL']))
{
$pubKeyUrlBase64 = $_SERVER['HTTP_X_OSS_PUB_KEY_URL'];
}
if ($authorizationBase64 == '' || $pubKeyUrlBase64 == '')
{
header("http/1.1 403 Forbidden");
exit();
}
// 2.獲取OSS的簽名
$authorization = base64_decode($authorizationBase64);
// 3.獲取公鑰
$pubKeyUrl = base64_decode($pubKeyUrlBase64);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $pubKeyUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
$pubKey = curl_exec($ch);
if ($pubKey == "")
{
//header("http/1.1 403 Forbidden");
exit();
}
// 4.獲取回撥body
$body = file_get_contents('php://input');
parse_str($body,$body_arr);
// 5.拼接待簽名字串
$authStr = '';
$path = $_SERVER['REQUEST_URI'];
$pos = strpos($path, '?');
if ($pos === false)
{
$authStr = urldecode($path)."\n".$body;
}
else
{
$authStr = urldecode(substr($path, 0, $pos)).substr($path, $pos, strlen($path) - $pos)."\n".$body;
}
// 6.驗證簽名
$ok = openssl_verify($authStr, $authorization, $pubKey, OPENSSL_ALGO_MD5);
if ($ok == 1)
{
header("Content-Type: application/json");
$data = array("Status"=>"Ok",'url'=>$body_arr['filename']);
echo json_encode($data);
}
else
{
//header("http/1.1 403 Forbidden");
exit();
}
}
前臺
$.ajax({
url: "簽名地址",
type: "get",
contentType: false,
processData: false,
success: function (res) {
new_img = calculate_object_name(myFile.name,objdata.upfile_nametype);
res = JSON.parse(res)
data.append('key',res.dir+new_img);
data.append('policy',res.policy);
data.append('OSSAccessKeyId',res.accessid);
data.append('success_action_status',200);
data.append('signature',res.signature);
data.append('file',myFile);
$.ajax({
data : data,
type : "POST",
url : res.host,
contentType: false,
processData: false,
success : function() {
console.log(new_img);
$.ajax({
data : {
phone:phoneD,
name:nameD,
images:new_img
},
type : "POST",
url : "上傳資料介面地址",
success : function() {
console.log(new_img);
},
error : function() {
new_img='';
}
});
},
error : function() {
new_img='';
}
});
}
})
}