oss web直传
签名信息
auth.php
<?php function gmt_iso8601($time) { $dtStr = date("c", $time); $mydatetime = new DateTime($dtStr); $expiration = $mydatetime->format(DateTime::ISO8601); $pos = strpos($expiration, '+'); $expiration = substr($expiration, 0, $pos); return $expiration."Z"; } //阿里云官方提供的秘钥 $id= '6MKOqxGiGU4AUk44'; $key= 'ufu7nS8kS59awNihtjSonMETLI0KLy'; $host = 'http://post-test.oss-cn-hangzhou.aliyuncs.com'; $now = time(); $expire = 30; //设置该policy超时时间是10s. 即这个policy过了这个有效时间,将不能访问 $end = $now + $expire; $expiration = gmt_iso8601($end); $dir = 'user-dir/'; //最大文件大小.用户可以自己设置 $condition = array(0=>'content-length-range', 1=>0, 2=>1048576000); $conditions[] = $condition; //表示用户上传的数据,必须是以$dir开始, 不然上传会失败,这一步不是必须项,只是为了安全起见,防止用户通过policy上传到别人的目录 $start = array(0=>'starts-with', 1=>'$key', 2=>$dir); $conditions[] = $start; $arr = array('expiration'=>$expiration,'conditions'=>$conditions); $policy = json_encode($arr); $base64_policy = base64_encode($policy); $string_to_sign = $base64_policy; $signature = base64_encode(hash_hmac('sha1', $string_to_sign, $key, true)); $response = array(); $response['accessid'] = $id; $response['host'] = $host; $response['policy'] = $base64_policy; $response['signature'] = $signature; $response['expire'] = $end; //这个参数是设置用户上传指定的前缀 $response['dir'] = $dir; $response['code']=1; echo json_encode(['data'=>$response,'status'=>1]);
web端
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title></title> <script type="text/javascript" src="http://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js"></script> </head> <body> <div> <input type="hidden" > <img src="" style="width: 200px;height: 100px; display: none"> <input type="file" name="upfile" accept="image/*" > </div> <script type="text/javascript"> var expire =0; sign_obj=''; var serverUrl='auth.php'; $(function () { $("div").on("change",'input[type="file"]',function(evt){ $this=$(this); var files = evt.target.files; var file=files[0]; if(file.size > 10*1024*1024 ){ alert('too big'); return false; } get_signature(); if(sign_obj == '') { alert(sign_obj); alert('签名error,请重试'); return false; } var g_object_name=sign_obj.dir+random_string()+get_suffix(file.name); var request = new FormData(); request.append("OSSAccessKeyId",sign_obj.accessid);//Bucket 拥有者的Access Key Id。 request.append("policy",sign_obj.policy);//policy规定了请求的表单域的合法性 request.append("Signature",sign_obj.signature);//根据Access Key Secret和policy计算的签名信息,OSS验证该签名信息从而验证该Post请求的合法性 request.append("key",g_object_name);//文件名字,可设置路径 request.append("success_action_status",'200');// 让服务端返回200,不然,默认会返回204 request.append('x-oss-object-acl', 'public-read'); request.append('file', file); $.ajax({ url : sign_obj.host, //上传阿里地址 data : request, processData: false,//默认true,设置为 false,不需要进行序列化处理 cache: false,//设置为false将不会从浏览器缓存中加载请求信息 async: false,//发送同步请求 contentType: false,//避免服务器不能正常解析文件---------具体的可以查下这些参数的含义 dataType: 'xml',//不涉及跨域 写json即可 type : 'post', success : function(callbackHost, request) { //callbackHost:success,request中就是 回调的一些信息,包括状态码什么的 var origin=sign_obj.host+'/'+g_object_name; var src=origin; $this.closest('div').find('img').attr('src', src).show(); $this.closest('div').find('.imgclose').show(); }, error : function(returndata) { console.log("return data:"+returndata); alert('上传图片出错啦,请重试') } }); }); }) function random_string(len) { len = len || 32; var chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678'; var maxPos = chars.length; var pwd = ''; for (i = 0; i < len; i++) { pwd += chars.charAt(Math.floor(Math.random() * maxPos)); } return pwd; } function get_suffix(filename) { var pos = filename.lastIndexOf('.') var suffix = '' if (pos != -1) { suffix = filename.substring(pos) } return suffix; } //获取签名信息 function send_request() { var xmlhttp = null; if (window.XMLHttpRequest) { xmlhttp=new XMLHttpRequest(); } else if (window.ActiveXObject) { xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } if (xmlhttp!=null) { xmlhttp.open( "GET", serverUrl, false ); xmlhttp.send( null ); return xmlhttp.responseText } else { alert("Your browser does not support XMLHTTP."); } } function get_signature() { //可以判断当前expire是否超过了当前时间,如果超过了当前时间,就重新取一下.3s 做为缓冲 now = timestamp = Date.parse(new Date()) / 1000; if (expire < now + 3) { var body = send_request(); var obj =JSON.parse(body); if(obj.status ==1 && obj.data.code == 1){ sign_obj= obj.data; expire= parseInt(sign_obj['expire']); return true; } return true; } return false; }; </script> </body> </html>