All Products
Search
Document Center

Object Storage Service:PHP

Last Updated:Nov 09, 2023

This topic describes how to calculate signatures in PHP on the server, configure upload callbacks, and use form upload to upload data to OSS.

Prerequisites

  • A web server is deployed.

  • The domain name of the web server is accessible over the Internet.

  • The web server can parse PHP. To view the PHP version, run the php -v command.

    Note

    PHP 5.0 or later must be installed.

  • The browser on your PC supports JavaScript.

Step 1: Configure the web server

This section uses Ubuntu 16.04 as an example to show how to configure the environment for different web servers. You need to configure the environment based on your actual business scenario.

  • If you use an Apache web server, configure the environment based on the following instructions. Apache 2.4.18 is used in this example.

    • Set the public IP address of the web server to 192.0.2.11. To do so, add ServerName 192.0.2.11 to the /etc/apache2/apache2.conf configuration file.

    • Set the listening port to 8080. To do so, change the port setting in the /etc/apache2/ports.conf configuration file to Listen 8080.

    • Run sudo apt-get install libapache2-mod-php5 to install the PHP module for Apache. This module allows Apache to parse PHP files.

    You can replace the IP address and listening port based on your actual business scenario. After you update the configurations, you must run /etc/init.d/apache2 restart to restart the web server.

  • If you use an NGINX web server, configure the environment based on the following instructions. NGINX 1.19.7 is used in this example.

    Set the public IP address to 192.0.2.11 and the listening port to 8080 in the /etc/nginx/nginx.conf configuration file, as shown in the following sample code:

    server {
        listen 8080;
        server_name 192.0.2.11;
        
        root /var/www/html;
        index index.html index.php;
    
    
        location ~* \.php$ {
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
            }
    }

    You can replace the IP address and listening port based on your actual business scenario. After you update the configurations, you must restart the NGINX web server.

Step 2: Configure the application server

  1. Download the PHP source code of the application server.

  2. Decompress the application server source code to an applicable directory of the application server. In this example, the application server needs to be deployed to the /var/www/html/aliyun-oss-appserver-php directory of Ubuntu 16.04.

  3. Open the server at http://192.0.2.11:8080/aliyun-oss-appserver-php/index.html from the browser installed on your PC.

  4. If you use an Apache web server, enable Apache to capture the HTTP Authorization header. If you use an NGINX web server, skip this step.

    Some web servers automatically parse the Authorization header, so the callback requests received by your application server may not include the Authorization header. Apache 2 is an example of such web servers. You need to modify the configuration file of Apache 2 so that the Authorization header is not parsed.

    1. Open the /etc/apache2/apache2.conf configuration file of Apache 2. Find and modify the following snippet:

      <Directory /var/www/>
              Options Indexes FollowSymLinks
              AllowOverride All
              Require all granted
      </Directory>
    2. Create a file named .htaccess in the /var/www/html/aliyun-oss-appserver-php directory and enter the following content.

      <IfModule mod_rewrite.c>
      RewriteEngine on
      RewriteCond %{HTTP:Authorization} .
      RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
      </IfModule>

    The configurations are different if you use another Apache version or a different web server.

  5. Modify the configurations of the application server.

    In the /var/www/html/aliyun-oss-appserver-php/php directory, open the get.php file and modify the following snippet:

        $id= '<yourAccessKeyId>';          // Enter your AccessKey ID. 
        $key= '<yourAccessKeySecret>';     // Enter your AccessKey secret. 
    
        // Set $host to a value that is in the format of https://bucketname.endpoint. Replace the host in this example with your actual information. 
        $host = 'https://bucket-name.oss-cn-hangzhou.aliyuncs.com';  
    
        // Set $callbackUrl to the URL of the callback server. Replace the IP address and port number with your actual information. 
        $callbackUrl = 'http://192.0.2.11:8080/aliyun-oss-appserver-php/php/callback.php';
    
        $dir = 'user-dir-prefix/';          // // Specify the prefix for the name of the object that you want to upload.

    Parameter

    Required

    Example

    Description

    id

    Yes

    LTAn*********************

    The AccessKey ID and AccessKey secret of an Alibaba Cloud account or a RAM user. For more information, see Obtain an AccessKey pair.

    key

    Yes

    zbnK**************************

    host

    Yes

    https://bucket-name.oss-cn-hangzhou.aliyuncs.com

    The URL of the host. The URL follows the https://BucketName.Endpoint format. For more information about endpoints, see Regions and endpoints.

    callbackUrl

    Yes

    http://192.0.2.11:8080/aliyun-oss-appserver-php/php/callback.php

    The URL of the application server to which an upload callback request is sent. This URL is used for communication between the application server and OSS. After you upload an object, OSS uses the URL to send information about the object upload to the application server.

    dir

    No

    exampledir/

    The prefix of the names of objects uploaded to OSS. Configure this parameter based on your business requirements.

    If your business scenario does not require a prefix configuration, you can leave this parameter empty.

Step 3: Configure the client

In the /var/www/html/aliyun-oss-appserver-php directory of the application server, modify the upload.js file.

For the PHP application server source code, you do not need to modify the content of the upload.js file, because relative paths also work properly. If you want to modify the file, find the serverUrl ='./php/get.php' configuration and replace the existing serverUrl setting with the address where your web server is deployed. This way, communication between your browser and application server is established. In this example, you can use the serverUrl ='http://192.0.2.11:8080/aliyun-oss-appserver-php/php/get.php' configuration.

Step 4: Modify CORS settings

When you use form upload to upload data from the client to OSS, a request that contains the Origin header is sent from the browser to OSS. Then, OSS checks whether the value of the Origin header matches the origin settings in cross-origin resource sharing (CORS) rules that you configured for the bucket. Therefore, you must configure CORS rules for the bucket before you use the POST method to upload data to the bucket.

  1. Log on to the OSS console.

  2. In the left-side navigation pane, click Buckets. On the Buckets page, find and click the desired bucket.

  3. In the left-side navigation pane, choose Content Security > Cross-Origin Resource Sharing (CORS).

  4. On the Cross-Origin Resource Sharing (CORS) page, click Create Rule and configure the parameters showed in the following figure.

    Important

    To ensure data security, we recommend that you specify the actual domain name from which you want OSS to allow requests in the Sources field. For more information, see Configure CORS.

Step 5: Send an upload callback request

  1. Enter http://192.0.2.11:8080/aliyun-oss-appserver-php/index.html in the address bar of a browser on your PC.

    Important The index.html file may be incompatible with Internet Explorer 10 or earlier. If you encounter any problems when you use Internet Explorer 10 or earlier, you must perform debugging.
  2. Select a file, specify the file type, and upload the file.

    After you upload the object, the content that is returned by the application server is displayed.

Core code analysis of the application server

The source code of the application server is used to implement signature-based upload and upload callbacks.

  • Signature-based uploads

    During a signature-based upload, the application server responds to GET message sent from the client. The code file is aliyun-oss-appserver-php/php/get.php. Code snippet example:

    
    $response = array();
    $response['accessid'] = $id;
    $response['host'] = $host;
    $response['policy'] = $base64_policy;
    $response['signature'] = $signature;
    $response['expire'] = $end;
    $response['callback'] = $base64_callback_body;
    $response['dir'] = $dir; 
  • Upload callbacks

    During upload callback, the application server responds to POST messages sent from OSS. The code file is aliyun-oss-appserver-php/php/callback.php.

    Code snippet example:

    // 6. Verify the signature.
    $ok = openssl_verify($authStr, $authorization, $pubKey, OPENSSL_ALGO_MD5);
    if ($ok == 1)
    {
        header("Content-Type: application/json");
        $data = array("Status"=>"Ok");
        echo json_encode($data);
    }

    For more information, see Callback.