function s3_signed_object_url($bucket, $id, $more = array()) { $defaults = array('method' => 'GET', 'expires' => time() + 300); $args = array_merge($defaults, $more); $id = s3_enurlify_object_id($id); $path = "/{$bucket['id']}/{$id}"; $parts = array($args['method'], null, null, $args['expires'], $path); $raw = implode("\n", $parts); $sig = s3_sign_auth_string($bucket, $raw); $sig = base64_encode($sig); $query = array('Signature' => $sig, 'AWSAccessKeyId' => $bucket['key'], 'Expires' => $args['expires']); $query = http_build_query($query); $url = s3_unsigned_object_url($bucket, $id); return $url . "?" . $query; }
function storage_s3_url_photo($photo, $size = 'z', $more = array()) { $path = storage_s3_path_photo($photo, $size, $more); return s3_unsigned_object_url(storage_s3_bucket(), $path); }
<?php require_once '../lib/lib.everything.php'; enforce_master_on_off_switch($_SERVER['HTTP_ACCEPT_LANGUAGE']); $context = default_context(True); /**** ... ****/ $url = $_GET['url'] ? $_GET['url'] : null; $scan_id = $_GET['scan'] ? $_GET['scan'] : null; $object_id = $_GET['key'] ? $_GET['key'] : null; $expected_etag = $_GET['etag'] ? $_GET['etag'] : null; if ($scan_id) { $scan = get_scan($context->db, $scan_id); } if ($scan && $object_id && $expected_etag) { $url = s3_unsigned_object_url($object_id, time() + 300, 'HEAD'); $etag_match = verify_s3_etag($object_id, $expected_etag); $attempted_upload = true; $acceptable_upload = $etag_match; } elseif ($scan && $url) { // it's probably fine if a whole URL is being sent over $attempted_upload = true; $acceptable_upload = preg_match('#^http://#', $url); } if ($attempted_upload && !$acceptable_upload) { die_with_code(400, 'Sorry, something about your file was bad'); } if ($acceptable_upload && $scan && !$scan['decoded']) { queue_task("tasks.decodeScan", array("http://" . SERVER_NAME, API_PASSWORD), array("action" => "decode", "scan_id" => $scan["id"], "url" => $url)); $context->db->query('START TRANSACTION'); $scan = get_scan($context->db, $scan['id']); $parsed_url = parse_url($url);