我正在将文件从php上传到s3 bucket.its上传成功,但当我检索图像时出现以下错误
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<Expires>2006-03-09T07:25:20Z</Expires>
<ServerTime>2016-11-05T04:38:24Z</ServerTime>
如果我在上传文件时公开,那么我可以检索它,但我想保护免受未经授权的用户。
上传文件代码
try{
$s3 = \Storage::disk('s3');
$filePath = $file->getClientOriginalName();
$s3->put($filePath, file_get_contents($val), 'private');
} catch (Aws\Exception\S3Exception $e) {
echo "There was an error uploading the file.\n"+$e;
}
在提出问题之前,我已经审阅了很多网站,但它没有帮助我
PHP Amazon S3 access private files through URL
How to access Amazon s3 private bucket object through Zend_Service_Amazon_S3
第三个链接对我有用,但
1.在url中传递访问密钥是否安全?
2.是否可以向经过身份验证的用户查看该文件?
public function get_s3_signed_url($bucket, $resource, $AWS_S3_KEY, $AWS_s3_secret_key, $expire_seconds) {
$expires = time()+$expire_seconds;
// S3 Signed URL creation
$string_to_sign = "GET\n\n\n{$expires}\n/".str_replace(".s3.amazonAWS.com","", $bucket)."/$resource";
$signature = urlencode(base64_encode((hash_hmac("sha1", utf8_encode($string_to_sign), $AWS_s3_secret_key, TRUE))));
$authentication_params = "AWSAccessKeyId=".$AWS_S3_KEY;
$authentication_params.= "&Expires={$expires}";
$authentication_params.= "&Signature={$signature}";
return $link = "http://s3.amazonAWS.com/{$bucket}/{$resource}?{$authentication_params}";
}
答案 0 :(得分:1)
这里get_s3_signed_url函数返回具有访问密钥的url,不推荐使用。创建一个函数,它从存储桶中获取私有对象对象,并在服务器中本地创建文件/映像。使用新创建的图像的路径,并在完成后删除图像。
Zend中的代码:
require_once('Zend/Service/Amazon/S3.php');
$awsKey = 'your-key';
$awsSecretKey = 'your-secret-key';
$s3 = new Zend_Service_Amazon_S3($awsKey, $awsSecretKey);
$bucketName = 'your-bucket-name';
$objectName = $bucketName . '/image.jpg'; //image path
$info = $s3->getInfo($objectName);
if (is_array($info)) {
header('Content-type: ' . $info['type']);
header('Content-length: ' . $info['size']);
file_put_contents('image.jpg', file_get_contents($s3->getObject($objectName)));
header('Content-Description: File Transfer');
header("Content-Disposition: attachment; filename=\"image.jpg\"");
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Expires: 0');
ob_clean();
flush();
readfile('image.jpg');
unlink('image.jpg');
} else {
header('HTTP/1.0 404 Not Found');
}
核心代码:
require_once('S3.php');
$awsKey = 'your-key';
$awsSecretKey = 'your-secret-key';
$s3 = new S3($awsKey, $awsSecretKey);
$bucketName = 'your-bucket-name';
** To store/download one image at a time**
$objectName = "image.jpg"; //s3 image path
$tempFile = "image.jpg"; //temporary/local image path
$s3->getObject($bucketName, $objectName, $tempFile); //stores the image
if (filesize($tempFile)) {
header('Content-Description: File Transfer');
header('Content-Type: image/png');
header("Content-Disposition: attachment; filename=\"" . $tempFile . "\"");
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Expires: 0');
header('Content-Length: ' . filesize($tempFile));
ob_clean();
flush();
readfile($tempFile); //downloads the image
unlink($tempFile); //deletes the image from local
}
**To store/download 'n' images at a time**
$s3ImagesFolder = 'all_images/'; //folder where all the images are
$bucketContents = $s3->getBucket($bucketName);
foreach ($bucketContents as $file) {
if ((strpos($file['name'], $s3ImagesFolder) > -1)) {
$tempFile = end(explode("/", $file['name']));
$s3->getObject($bucketName, $file['name'], $tempFile); // to store
//to download
if ($file['size']) {
header('Content-Description: File Transfer');
header('Content-Type: image/png');
header("Content-Disposition: attachment; filename=\"" . $tempFile . "\"");
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Expires: 0');
header('Content-Length: ' . $file['size']);
ob_clean();
flush();
readfile($tempFile); //downloads the image
unlink($tempFile); //deletes the image from local
}
}
}