PHP-无法显示由fine-uploader上传到Amazon s3的图像
作者:互联网
我现在正在尝试设置fineuploader-s3来显示成功上传到aws服务器上的文件的图像,如此处的示例页面所示:
http://fineuploader.com/#s3-demo
我(仍然)使用代码https://github.com/Widen/fine-uploader-server/blob/master/php/s3/s3demo.php,并且我已经添加了
uploadSuccess: {
endpoint: "s3demo.php?success"
}
到我的javascript文件中的fine-uploader实例,以便临时链接应由s3demo.php文件中的函数生成.
我意识到必须安装AWS SDK才能使其正常工作.安装的zip方法确实无法使用,因此我使用的是phar.
我将s3demo.php文件的该部分更改为:
require 'aws.phar';
use Aws\S3\S3Client;
我还对以下两行发表了评论:
$serverPublicKey = $_SERVER['PARAM1'];
$serverPrivateKey = $_SERVER['PARAM2'];
我在使它正常工作时遇到两个问题.第一个是AWS的成功响应出了点问题,我认为我应该从中获得到文件的链接.
该文件完美上传,但在控制台中出现错误:
[FineUploader 3.8.0] Sending POST request for 0 s3.jquery.fineuploader-3.8.0.js:164
[FineUploader 3.8.0] Received the following response body to an AWS upload success request for id 0: <br />
<b>Fatal error</b>: Uncaught exception 'Guzzle\Http\Exception\CurlException' with message '[curl] 28: Connection timed out after 1001 milliseconds [url] http://169.254.169.254/latest/meta-data/iam/security-credentials/' in phar:///MYSITE/aws.phar/Guzzle/Http/Curl/CurlMulti.php:339
Stack trace:
#0 phar:///MYSITE//aws.phar/Guzzle/Http/Curl/CurlMulti.php(280): Guzzle\Http\Curl\CurlMulti->isCurlException(Object(Guzzle\Http\Message\Request), Object(Guzzle\Http\Curl\CurlHandle), Array)
#1 phar:///MYSITE//aws.phar/Guzzle/Http/Curl/CurlMulti.php(245): Guzzle\Http\Curl\CurlMulti->processResponse(Object(Guzzle\Http\Message\Request), Object(Guzzle\Http\Curl\CurlHandle), Array)
#2 phar:///MYSITE//aws.phar/Guzzle/Http/Curl/CurlMulti.php(228): Guzzle\Http\Curl\CurlMulti->processMessages()
#3 phar:///MYSITE//aws.phar/Guzzle/Http/Curl/CurlMulti.php(212): Guzzle\Http\Curl\CurlMulti->executeHandles()
#4 phar:///MYSITE/z/aw in <b>phar:///home/nextq2/public_html/lenz/aws.phar/Aws/Common/InstanceMetadata/InstanceMetadataClient.php</b> on line <b>82</b><br />
s3.jquery.fineuploader-3.8.0.js:164
[FineUploader 3.8.0] Upload success was acknowledged by the server. s3.jquery.fineuploader-3.8.0.js:164
这是否意味着我的AWS开发工具包安装或我在Amazon上的权限设置有问题?对于CORS和IAM设置?仍然如下:
<CORSRule>
<AllowedOrigin>MY WEBSITE</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
我的IAM小组政策:
{
"Version":"2012-10-17",
"Statement":[{
"Effect":"Allow",
"Action":"s3:PutObject",
"Resource":"arn:aws:s3:::MY_BUCKET/*”
}]
}
我确定我应该能够但不能解决第二个问题,即如何在我的JavaScript中访问s3demo.php生成的json数组,以便显示上载的图像.我想不是$templink [0].我想知道是否可以看到示例代码,该代码为http://fineuploader.com/#s3-demo上的查看按钮提供了功能.如果我想在这里提出第二个问题,我很乐意这样做.
非常感谢你花时间陪伴.
编辑以按要求添加我的完整代码:
PHP:
<?php
/**
* PHP Server-Side Example for Fine Uploader S3.
* Maintained by Widen Enterprises.
*
* Note: This is the exact server-side code used by the S3 example
* on fineuploader.com.
*
* This example:
* - handles both CORS and non-CORS environments
* - handles delete file requests for both DELETE and POST methods
* - Performs basic inspections on the policy documents and REST headers before signing them
* - Ensures again the file size does not exceed the max (after file is in S3)
* - signs policy documents (simple uploads) and REST requests
* (chunked/multipart uploads)
*
* Requirements:
* - PHP 5.3 or newer
* - Amazon PHP SDK (only if utilizing the AWS SDK for deleting files or otherwise examining them)
*
* If you need to install the AWS SDK, see http://docs.aws.amazon.com/aws-sdk-php-2/guide/latest/installation.html.
*/
// You can remove these two lines if you are not using Fine Uploader's
// delete file feature
require 'aws/aws-autoloader.php';
use Aws\S3\S3Client;
// These assume you have the associated AWS keys stored in
// the associated system environment variables
$clientPrivateKey = ‘I put my private key here;
// These two keys are only needed if the delete file feature is enabled
// or if you are, for example, confirming the file size in a successEndpoint
// handler via S3's SDK, as we are doing in this example.
$serverPublicKey = $_SERVER['PARAM1'];
$serverPrivateKey = $_SERVER['PARAM2'];
$expectedMaxSize = 15000000;
$expectedBucket = “my bucket name here;
$method = getRequestMethod();
// This first conditional will only ever evaluate to true in a
// CORS environment
if ($method == 'OPTIONS') {
handlePreflight();
}
// This second conditional will only ever evaluate to true if
// the delete file feature is enabled
else if ($method == "DELETE") {
// handlePreflightedRequest(); // only needed in a CORS environment
deleteObject();
}
// This is all you really need if not using the delete file feature
// and not working in a CORS environment
else if ($method == 'POST') {
handlePreflightedRequest();
// Assumes the successEndpoint has a parameter of "success" associated with it,
// to allow the server to differentiate between a successEndpoint request
// and other POST requests (all requests are sent to the same endpoint in this example).
// This condition is not needed if you don't require a callback on upload success.
if (isset($_REQUEST["success"])) {
verifyFileInS3();
}
else {
signRequest();
}
}
// This will retrieve the "intended" request method. Normally, this is the
// actual method of the request. Sometimes, though, the intended request method
// must be hidden in the parameters of the request. For example, when attempting to
// send a DELETE request in a cross-origin environment in IE9 or older, it is not
// possible to send a DELETE request. So, we send a POST with the intended method,
// DELETE, in a "_method" parameter.
function getRequestMethod() {
global $HTTP_RAW_POST_DATA;
// This should only evaluate to true if the Content-Type is undefined
// or unrecognized, such as when XDomainRequest has been used to
// send the request.
if(isset($HTTP_RAW_POST_DATA)) {
parse_str($HTTP_RAW_POST_DATA, $_POST);
}
if ($_POST['_method'] != null) {
return $_POST['_method'];
}
return $_SERVER['REQUEST_METHOD'];
}
// Only needed in cross-origin setups
function handlePreflightedRequest() {
// If you are relying on CORS, you will need to adjust the allowed domain here.
//header('Access-Control-Allow-Origin: http://nextquestion.org');
}
// Only needed in cross-origin setups
function handlePreflight() {
handlePreflightedRequest();
header('Access-Control-Allow-Methods: POST');
header('Access-Control-Allow-Headers: Content-Type');
}
function getS3Client() {
global $serverPublicKey, $serverPrivateKey;
return S3Client::factory(array(
'key' => $serverPublicKey,
'secret' => $serverPrivateKey
));
}
// Only needed if the delete file feature is enabled
function deleteObject() {
getS3Client()->deleteObject(array(
'Bucket' => $_POST['bucket'],
'Key' => $_POST['key']
));
}
function signRequest() {
header('Content-Type: application/json');
$responseBody = file_get_contents('php://input');
$contentAsObject = json_decode($responseBody, true);
$jsonContent = json_encode($contentAsObject);
$headersStr = $contentAsObject["headers"];
if ($headersStr) {
signRestRequest($headersStr);
}
else {
signPolicy($jsonContent);
}
}
function signRestRequest($headersStr) {
if (isValidRestRequest($headersStr)) {
$response = array('signature' => sign($headersStr));
echo json_encode($response);
}
else {
echo json_encode(array("invalid" => true));
}
}
function isValidRestRequest($headersStr) {
global $expectedBucket;
$pattern = "/\/$expectedBucket\/.+$/";
preg_match($pattern, $headersStr, $matches);
return count($matches) > 0;
}
function signPolicy($policyStr) {
$policyObj = json_decode($policyStr, true);
if (isPolicyValid($policyObj)) {
$encodedPolicy = base64_encode($policyStr);
$response = array('policy' => $encodedPolicy, 'signature' => sign($encodedPolicy));
echo json_encode($response);
}
else {
echo json_encode(array("invalid" => true));
}
}
function isPolicyValid($policy) {
global $expectedMaxSize, $expectedBucket;
$conditions = $policy["conditions"];
$bucket = null;
$parsedMaxSize = null;
for ($i = 0; $i < count($conditions); ++$i) {
$condition = $conditions[$i];
if (isset($condition["bucket"])) {
$bucket = $condition["bucket"];
}
else if (isset($condition[0]) && $condition[0] == "content-length-range") {
$parsedMaxSize = $condition[2];
}
}
return $bucket == $expectedBucket && $parsedMaxSize == (string)$expectedMaxSize;
}
function sign($stringToSign) {
global $clientPrivateKey;
return base64_encode(hash_hmac(
'sha1',
$stringToSign,
$clientPrivateKey,
true
));
}
// This is not needed if you don't require a callback on upload success.
function verifyFileInS3() {
global $expectedMaxSize;
$bucket = $_POST["bucket"];
$key = $_POST["key"];
// If utilizing CORS, we return a 200 response with the error message in the body
// to ensure Fine Uploader can parse the error message in IE9 and IE8,
// since XDomainRequest is used on those browsers for CORS requests. XDomainRequest
// does not allow access to the response body for non-success responses.
if (getObjectSize($bucket, $key) > $expectedMaxSize) {
// You can safely uncomment this next line if you are not depending on CORS
//header("HTTP/1.0 500 Internal Server Error");
deleteObject();
echo json_encode(array("error" => "File is too big!"));
}
else {
echo json_encode(array("tempLink" => getTempLink($bucket, $key)));
}
}
function testfunction(){
alert('whatever');
}
// Provide a time-bombed public link to the file.
function getTempLink($bucket, $key) {
$client = getS3Client();
$url = "{$bucket}/{$key}";
$request = $client->get($url);
return $client->createPresignedUrl($request, '+15 minutes');
}
function getObjectSize($bucket, $key) {
$objInfo = getS3Client()->headObject(array(
'Bucket' => $bucket,
'Key' => $key
));
return $objInfo['ContentLength'];
}
?>
我的HTML.我使用了Mark在StackOverflow上进行测试的另一个示例,因为最终我想同时提交其他一些数据:
<!DOCTYPE html>
<html>
<head>
<title>test of fine uploader</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="fineuploader-3.8.0.css" rel="stylesheet">
<style>
.button {
display: block;
height: 30px;
width: 100px;
border: 1px solid #000;
}
</style>
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="s3.jquery.fineuploader-3.8.0.js"></script>
<script type="text/javascript" src="lenz_javascript4.js"></script>
</head>
<body>
<!-- Generated Image Thumbnail -->
<a href="#" id="thumbnail">view image</a>
<form action="fineuploadertest.php" method="post" id="uploader">
<input type="text" name="textbox" value="Test data">
<div id="manual-fine-uploader"></div>
<div id="triggerUpload" class="button" style="margin-top: 10px;">click here
</div>
</form>
</body>
</html>
我的JavaScript:
$(document).ready(function() {
$("#triggerUpload").click(function () {
$("#manual-fine-uploader").fineUploaderS3('uploadStoredFiles');
});
function submitForm () {
if ($(this).fineUploader('getInProgress') == 0) {
var failedUploads = $(this).fineUploaderS3('getUploads',
{ status: qq.status.UPLOAD_FAILED });
if (failedUploads.length == 0) {
// do any other form processing here
$("#uploader").submit();
}
}
};
$("#manual-fine-uploader").fineUploaderS3({
autoUpload: false,
debug: true,
request: {
endpoint: "http://my bucket name.s3.amazonaws.com",
accessKey: “I put my access key here”
},
validation: {
allowedExtensions: ['jpeg', 'jpg', 'gif', 'png'],
sizeLimit: 15000000,
itemLimit: 3
},
signature: {
endpoint: "s3demo.php"
},
camera: {
ios: true
},
iframeSupport: {
localBlankPagePath: "/success.html"
},
uploadSuccess: {
endpoint: "s3demo.php?success"
}
});
});
解决方法:
听起来您只是想在FineUploader.com上镜像S3演示的行为.因此,您显然遇到麻烦的部分是该演示的一部分,它使您可以查看/下载已上传的文件.我的猜测是您没有设置PARAM1和PARAM2环境变量.您应该真正了解PHP文档中的$_SERVER super global如何工作.就目前而言,此代码期望您拥有一个名为PARAM1的系统环境变量,其中包含与应为服务器(而非客户端)创建的IAM用户关联的公共AWS密钥,以供使用.应该将PARAM2系统环境变量设置为该同一用户的密钥.您可以设置这些环境变量,或者将关联的$serverPublicKey和$serverPrivateKey PHP全局变量分别设置为服务器端IAM用户的公用密钥和私有密钥.
请注意,与服务器的AWS公钥和私钥(PARAM1和PARAM2)关联的系统环境变量的较差名称选择是由于以下事实:fineuploader.com S3演示的服务器运行在Amazon’s Elastic Beanstalk service创建的AWS EC2 instance上.Elastic Beanstalk没有提供(至少显然没有提供)通过用于PHP应用程序的Elastic Beanstalk UI命名系统环境变量的方法.它命名为PARAM1,PARAM2等.
$serverPublicKey和$serverPrivateKey变量不应与与为客户端任务创建的IAM用户关联的密钥相同.您应该创建其他IAM用户,并具有适合服务器端任务的权限.例如,如果要支持删除文件功能,则希望拥有一个具有“ S3:DeleteObject”权限的IAM用户.仅出于安全原因,应将此用户限制为服务器端任务.
在您的情况下,您的服务器端IAM用户必须对存储桶具有“ S3:GetObject”权限.为了从存储桶中获取对象,此权限是必需的.最安全的方法是仅将此权限授予服务器端IAM用户.您可能会问:“如果我的客户端用户无法从存储桶中读取对象,我如何允许在客户端下载文件?”好吧,一种选择是将Fine Uploader中的acl选项设置为“ public-read”,然后使用以下约定构造URL客户端:“ http://mybucket.s3.amazonaws.com/objectkey”.这不是fineuploader.com上的S3演示的工作方式.继续阅读以了解详细信息…
我不想让用户无限制地访问他们上传到Fine Uploader的S3存储桶中的文件,因此我将ACL保留为“私有”(默认值),我只授予了服务器端IAM用户“ S3:GetObject”权限到Fine Uploader S3存储桶中,我让服务器向存储桶中的关联对象返回“定时炸弹”签名的URL.服务器返回的URL包含一个到期参数,该参数仅允许使用15分钟.任何尝试更改查询字符串中的到期参数的尝试都会使签名无效,并且请求将失败. PHP示例中的getTempLink函数将生成一个带有时间标记的签名URL,该URL将在对Fine Uploader的uploadSucess.endpoint POST请求的响应中返回.您可以通过输入complete event handler来访问此值.传递给回调的responseJSON对象参数将包含tempLink属性,该属性将包含签名的URL.然后,您可以将src属性设置为此属性的值来生成锚.
标签:amazon-s3,amazon-iam,fine-uploader,javascript,php 来源: https://codeday.me/bug/20191030/1968452.html