Created
March 8, 2017 12:10
-
-
Save mmoehrlein/c1d9a8500ecc6fd10ab00c2ef2971740 to your computer and use it in GitHub Desktop.
s3 upload with dropzone.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// AWS data | |
$bucketName = "BUCKET-NAME"; | |
$AWSAccessKeyId = "XXXXXXXXXXXXXXXXXXXX"; | |
$AWSSecretAccessKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; | |
$date = date("Y-m-d"); | |
$dateISO = date("Ymd"); | |
$validTill = date('Y-m-d\TH:i:s.000\Z', time() + (60 * 60 * 4)); // 4 hours | |
$alg = "sha256"; | |
$region = "REGION"; | |
$service = "s3"; | |
// syntax: hash_hmac(algorithm, string, key, binaryOutput) | |
$kSecret = 'AWS4' . $AWSSecretAccessKey; | |
$kDate = hash_hmac($alg, $dateISO, $kSecret, true); | |
$kRegion = hash_hmac($alg, $region, $kDate, true); | |
$kService = hash_hmac($alg, $service, $kRegion, true); | |
$secretSignatureKey = hash_hmac($alg, 'aws4_request', $kService, true); | |
// user specific data | |
$IdOne = "1"; | |
$IdTwo = "1234"; | |
$keyPrefix = "new/" . $IdOne . "/" . $IdTwo . "/" . date("Y-m-d_H-i-s_"); | |
$keyFilename = '${filename}'; | |
// fields to be used within form | |
$url = "https://" . $bucketName . ".s3.amazonaws.com/"; | |
$key = $keyPrefix . $keyFilename; | |
$acl = "private"; | |
$success_action_redirect = ""; | |
$ContentType = "image/jpeg"; // can be empty, if there shouldn't be any restrictions | |
$amzMetaTag = ""; // optional tags | |
$maxFilesize = 1048576; // 1 MB | |
$policy = '{ | |
"expiration": "' . $validTill . '", | |
"conditions": [ | |
{"bucket": "' . $bucketName . '"}, | |
["starts-with", "$key", "' . $keyPrefix . '"], | |
{"acl": "' . $acl . '"}, | |
{"success_action_redirect": "' . $success_action_redirect . '"}, | |
["starts-with", "$Content-Type", "' . $ContentType . '"], | |
["content-length-range", 0, ' . $maxFilesize . '], | |
{"x-amz-server-side-encryption": "AES256"}, | |
["starts-with", "$x-amz-meta-tag", "' . $amzMetaTag . '"], | |
{"x-amz-credential": "' . $AWSAccessKeyId . '/' . $dateISO . '/us-east-2/s3/aws4_request"}, | |
{"x-amz-algorithm": "AWS4-HMAC-SHA256"}, | |
{"x-amz-date": "' . $dateISO . 'T000000Z" } | |
] | |
}'; | |
$policyBase64 = base64_encode($policy); | |
$signature = hash_hmac($alg, $policyBase64, $secretSignatureKey); | |
?> | |
<html> | |
<head> | |
<title>S3 Dropzone</title> | |
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> | |
<link rel="stylesheet" href="https://rawgit.com/enyo/dropzone/master/dist/dropzone.css"> | |
<script src="https://rawgit.com/enyo/dropzone/master/dist/dropzone.js"></script> | |
</head> | |
<body> | |
<br><br><br> | |
<h1 style="text-align: center">ImageUpload to "<?=$bucketName?>" - S3Bucket</h1> | |
<div id="test" class="dropzone dz-clickable"></div> | |
<script type="text/javascript"> | |
Dropzone.options.test = { | |
url: "<?= $url ?>", | |
method: "post", | |
uploadMultiple: false, | |
sending: function (file, xhr, data) { | |
data.append("key", "<?= $key ?>"); | |
data.append("acl", "<?= $acl ?>"); | |
data.append("success_action_redirect", "<?= $success_action_redirect ?>"); | |
data.append("Content-Type", "<?= $ContentType ?>"); | |
data.append("x-amz-server-side-encryption", "AES256"); | |
data.append("X-Amz-Credential", "<?= $AWSAccessKeyId ?>/<?= $dateISO ?>/us-east-2/s3/aws4_request"); | |
data.append("X-Amz-Algorithm", "AWS4-HMAC-SHA256"); | |
data.append("X-Amz-Date", "<?= $dateISO ?>T000000Z"); | |
data.append("x-amz-meta-tag", ""); | |
data.append("X-Amz-Signature", "<?= $signature ?>"); | |
data.append("Policy", "<?= $policyBase64 ?>"); | |
} | |
}; | |
</script> | |
</body> | |
</html> |
Wow, that help really a lot! Thank you!
There are 2 small bugs, if you fix them, it will be perfect. You use 2 time hard-coded region "us-east-2". that doesn't work for everyone.
One more hint for the newcomers, open your S3 permissions tab and put that code peace under CORS section:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"POST",
"PUT",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]
@mmoehrlein @serdarde
Thank you very much
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm using a different method in the browser with aws-sdk and retrieving a signed upload url via the sdk multipart upload. But now I'm running into another problem where if I add more than 10 or so files to the process queue, not all of them finish.