I created a working clientside upload script for cloudinary. The important part of the upload:
<?php
$cloudName = "...";
$apiKey = "...";
$time = time();
$apiSecret = "...";
$fileName = "...";
?>
<form action="https://api.cloudinary.com/v1_1/<?php echo $cloudName;?>/image/upload" method="post" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file"><br>
<input type="hidden" name="signature" value="<?php echo sha1('public_id='.$fileName.'×tamp='.$time.$apiSecret);?>" />
<input type="hidden" name="api_key" value="<?php echo $apiKey; ?>"/>
<input type="hidden" name="timestamp" value="<?php echo $time; ?>" />
<input type="hidden" name="public_id" value="<?php echo $fileName; ?>" />
<input type="submit" name="submit" value="Submit">
</form>
Now I want to add a transformation to the upload, so the uploads are transformed before they are stored (to save storage space).
I tried adding the following code (where resize is a transformation I created in my cloudinary account).
<input type="hidden" name="transformation" value="resize" />
But a request with a transformation field results in a 401 unauthorized error. I suppose I have to do something with the signature, but what?
You can use the cl_form_tag from the cloudinary PHP client library to build the form with all the input tags. However, you might want to use the jQuery direct upload which gives you better control and is more customizable UI-wise. See here. If you can't use the PHP client library for some reason there are two issues in the code:
A named transformation can be used by prefixing it by t_. So the value of the transformation field should be t_resize.
The transformation parameter needs to be added to the signature. Note that the parameter names need to be in alphabetical order when signed.
Related
Using this script "PHP and Jquery image upload and crop": http://www.webmotionuk.com/php-jquery-image-upload-and-crop/ I want to upload file not from local, but from URL. Any ideas how I must to do it?
I'm trying to do this like that
<form name="photo" action="test.php" method="post">
<input type="hidden" name="zdj_tmp" value="E:\WebServ3\httpd\telebim\zdjecia\<? echo $select_zdjecie_2["id_4"]; ?>.jpg"/>
<input type="hidden" name="zdj_name" value="<? echo $select_zdjecie_2["id_4"]; ?>.jpg"/>
<input type="hidden" name="zdj_size" value="7340043"/>
<input type="hidden" name="zdj_type" value="image/jpeg"/>
<input type="submit" name="upload" value="Upload" />
</form>
And than in php file
$userfile_name = $_POST['zdj_name'];
$userfile_tmp = $_POST['zdj_tmp'];
$userfile_size = $_POST['zdj_size'];
$userfile_type = $_POST['zdj_type'];
But it doesn't work.
Any ideas?
Try this.
<form action="test.php" method="POST">
<input type="text" name="fileURL" placeholder="URL to image">
<input type="submit" name="upload" value="Upload files"/>
</form>
Here is the PHP
//Get the file from the URL.
$content = file_get_contents($_POST['fileURL']);
//Open the file that exists in your root already
$fp = fopen("/location/to/save/image.jpg", "w");
//Copy the information into the existing image
fwrite($fp, $content);
fclose($fp);
This takes the information from the image, and copies (overwrites) it into your existing image, which is, well, just some useless image.
You can then load the image from your roots.
It's not the best way, since your original image will be messed up, and is only usable once, since other users will change it, and there are other better ways. But if your site is a very not-popular kind of site, and you just want to test some methods out, this is definitely one kind of way. Just not the best.
I am trying to use the AWS signature version 4 to submit a request to S3.
When I submit my request I get the message
The request signature we calculated does not match the signature you provided. Check your key and signing method.
I am not sure where to go from here. I have tried several different hash algorithms (sha1, md5) but always get the same response. I have verified the Access Key and Secret Key. I just created a new one pair on AWS, and it still fails.
Any help is appreciated!
<?php
$date = date('Ymd');
$x_date = $date . "T000000Z";
$credential = AWS_ACCESS_KEY . '/' . $date . '/us-west-2/s3/aws4_request';
$redirect = 'https://roofscope.com/scope/thank-you';
$conditions = array(
array('bucket' => 'tracescope'),
array('starts-with', '$key', 'user/user1/'),
array('acl' => 'public-read'),
array('success_action_redirect' => $redirect),
array("starts-with", "\$Content-Type", "image/"),
array("x-amz-credential" => $credential),
array("x-amz-algorithm"=> "AWS4-HMAC-SHA256"),
array("x-amz-date" => $x_date),
);
$policy_b64 = $this->aws->getPolicy(3600 * 24, $conditions);
$signature = hash_hmac('sha256', $policy_b64, AWS_SECRET_KEY);
?>
<form action="http://tracescope.s3.amazonaws.com/" method="post" enctype="multipart/form-data">
<input type="input" name="key" value="test/${filename}"/><br/>
<input type="hidden" name="acl" value="public-read"/>
<input type="hidden" name="success_action_redirect" value="<?= $redirect; ?>"/>
<input type="input" name="Content-Type" value="image/jpeg"/><br/>
<input type="text" name="X-Amz-Credential" value="<?= $credential; ?>"/>
<input type="text" name="X-Amz-Algorithm" value="AWS4-HMAC-SHA256"/>
<input type="text" name="X-Amz-Date" value="<?= $x_date; ?>"/>
<input type="hidden" name="Policy" value="<?= $policy_b64; ?>" />
<input type="hidden" name="X-Amz-Signature" value="<?= $signature; ?>"/>
<input type="file" name="file"/> <br/>
<input type="submit" name="submit" value="Upload to Amazon S3"/>
</form>
try using my s3 policy signature verifier.
please do not key in your actual key.
use an example key and test the calculation for the example key on your side as well.
http://ttwd80.github.io/s3postcalculatorverify/
there is a "Show / hide step" link that explains the process step by step.
I am currently trying out the HP cloud object storage API but all their examples are in Python and I'm working in PHP.
It's saying my signature is invalid, if anyone can help see where I'm going wrong, I've attached the python example https://docs.hpcloud.com/api/object-storage/#formpost as well as my attempt in PHP.
import hmac
from hashlib import sha1
from time import time
path = '/v1/12345678912345/container/object_prefix'
redirect = 'https://myserver.com/some-page'
max_file_size = 104857600
max_file_count = 10
expires = int(time() + 600)
tenant_id = '12345678912345'
access_key_id = 'GP54NNRN2TKBVWH449AG'
secret_key = 'EHLzysK9S1QRWkwvVpVHsGZyM715OH4S2kJ'
hmac_body = '%s\n%s\n%s\n%s\n%s' % (path, redirect,
max_file_size, max_file_count, expires)
signature = tenant_id + ':' + access_key_id + ':' + hmac.new(secret_key, hmac_body, sha1).hexdigest()
And this is my attempt...
<?php
$expires = time()+600;
$hmac_body = 'https://region-a.geo-1.objects.hpcloudsvc.com/v1/xxx/'.'http://www.test.com/test.php'.'41943040'.'1'.$expires;
$signature = 'tenant_id:access_key:'.hash_hmac(sha1,$hmac_body,'secret_key', FALSE);
?>
<form action="<?php echo 'https://region-a.geo-1.objects.hpcloudsvc.com/v1/xxx/';?>" method="POST" enctype="multipart/form-data">
<input type="hidden" name="redirect" value="http://www.test.com/test.php" />
<input type="hidden" name="max_file_size" value="41943040" />
<input type="hidden" name="max_file_count" value="1" />
<input type="hidden" name="expires" value="<?php echo $expires;?>" />
<input type="hidden" name="signature" value="<?php echo $signature;?>" />
<input type="file" name="testupload" />
<input type="submit" />
</form>
If anyone could provide a translation from python to PHP for the hmac_body and the signature I'm sure that would help greatly.
You forgot the newlines:
mac_body = '%s\n%s\n%s\n%s\n%s' % (path, redirect,
^^--^^--^^--^^-- newlines
$hmac_body = 'https://blahblah/xxx/'.'http://blahblah/test.php'.'41943040'.'1'.$expires;
^--here ^--here etc....
My problem is related to this specific error:
I'm doing a form to contain data that have to be passed to the server to obtain the token, but probably i haven't understood some concepts about doing this
Here is my form
<form method="post" action="https://api-3t.sandbox.paypal.com/nvp">
<input type="hidden" name="USER" value="Apiuser"/>
<input type="hidden" name="PWD" value="Apipass"/>
<input type="hidden" name="SIGNATURE" value="Apisignature"/>
<input type="hidden" name="VERSION" value="52.0"/>
<input type="hidden" name="PAYMENTACTION" value="Sale"/>
<input name="AMT" value="19.95"/>
<input type="hidden" name="RETURNURL" value="http://www.YourReturnURL.com"/>
<input type="hidden" name="CANCELURL" value="http://www.YourCancelURL.com"/>
<input type="image" name="METHOD" src="https://www.paypal.com/it_IT/IT/i/btn/btn_xpressCheckout.gif" value="SetExpressCheckout"/>
</form>
And here is my function
if (isset($_POST['METHOD'])) {
$API_UserName = urlencode("Apiuser");
$API_PassWord = urlencode("Apipass");
$API_Signature = urlencode("Apisignature");
$return_url = "http://www.myurl.com";
$cancel_url = "http://www.myurl.com";
$version = urlencode('52.0');
$nvpreq = "USER=$API_UserName&PWD=$API_PassWord&SIGNATURE=$API_Signature&VERSION=$version&PAYMENTACTION=Sale&AMT=19.95&RETURNURL=$return_url&CANCELURL=$cancel_url&METHOD=SetExpressCheckout";
}
Is seems that something is wrong, can you give me a tip please?
Thanks a lot
Have you checked that you are not encoding the parameters twice? Im my case that was happening though http_build_query() and some default setting which was unstable for some reason due to being changed somewhere during runtime.
Basically your final call should contain & and not &, for me the final curl call for some reason ended up with being encoded as &.
Make sure you are not encoding twize, and if using http_build_query() update your function so it will be explicit on the encoding part:
from: http_build_query($requestParameters)
to: http_build_query($requestParameters,'','&')
The difference is that the last version will explicitly use & as delimiter while the first will use the default, so be sure.
Post Updated: After commentors advice.
Index.php
<?php
$id = uniqid("");
?>
</head>
<body>
<form method="post" action="frame.php" target="upload_iframe" enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<input type="hidden" name="APC_UPLOAD_PROGRESS" id="progress_key" value="<?php echo $id; ?>"/>
<br />
<input type="submit" name="submit" value="Submit" />
</form>
<iframe name="upload_iframe" style="width: 400px; height: 100px;">
</iframe>
frame.php
<?php
if(isset($_POST['progress_key'])) {
echo "hey1";
$status = apc_fetch('upload_'.$_POST['progress_key']);
echo $status['current']/$status['total']*100;
}
echo "hey2";
?>
Still doesnt work :(, I dont even get POST form data in frame. Where am i going so wrong?
Regards.
Whenever you use the APC file upload mechanism, you need to add an additional parameter to your form that identifies the file that's being uploaded, and is the key for your apc_fetch.
<?php $id = uniqid(time()); ?>
<input type="hidden" name="APC_UPLOAD_PROGRESS" id="myUniProgressKey" value="<?php echo $id; ?>"/>
As the file is uploaded the value in the key upload . $id will contain the info you need to display the progress bar. Easiest way to get to is to ajax poll the server, using the apc_fetch call you have. This dictates that your upload page needs to not refresh the current page the user is on. I've used an iframe in the past that kicks off an interval to poll the server. Once the upload is complete, you're able to show a nice complete message in the same iframe.