Subversion-Projekte lars-tiefland.php_share

<?php

/*

 * Copyright 2010-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.

 *

 * Licensed under the Apache License, Version 2.0 (the "License").

 * You may not use this file except in compliance with the License.

 * A copy of the License is located at

 *

 *  http://aws.amazon.com/apache2.0

 *

 * or in the "license" file accompanying this file. This file is distributed

 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either

 * express or implied. See the License for the specific language governing

 * permissions and limitations under the License.

 */

/*%******************************************************************************************%*/

// EXCEPTIONS

/**

 * Default S3 Exception.

 */

class S3_Exception extends Exception {}

/*%******************************************************************************************%*/

// MAIN CLASS

/**

 * Amazon S3 is a web service that enables you to store data in the cloud. You can then download the data

 * or use the data with other AWS services, such as Amazon Elastic Cloud Computer (EC2).

 *

 * Amazon Simple Storage Service (Amazon S3) is storage for the Internet. You can use Amazon S3 to store

 * and retrieve any amount of data at any time, from anywhere on the web. You can accomplish these tasks

 * using the AWS Management Console, which is a simple and intuitive web interface.

 *

 * To get the most out of Amazon S3, you need to understand a few simple concepts. Amazon S3 stores data

 * as objects in buckets. An object is comprised of a file and optionally any metadata that describes

 * that file.

 *

 * To store an object in Amazon S3, you upload the file you want to store to a bucket. When you upload a

 * file, you can set permissions on the object as well as any metadata.

 *

 * Buckets are the containers for objects. You can have one or more buckets. For each bucket, you can control

 * access to the bucket (who can create, delete, and list objects in the bucket), view access logs for the

 * bucket and its objects, and choose the geographical region where Amazon S3 will store the bucket and its

 * contents.

 *

 * Visit <http://aws.amazon.com/s3/> for more information.

 *

 * @version 2012.01.17

 * @license See the included NOTICE.md file for more information.

 * @copyright See the included NOTICE.md file for more information.

 * @link http://aws.amazon.com/s3/ Amazon Simple Storage Service

 * @link http://aws.amazon.com/documentation/s3/ Amazon Simple Storage Service documentation

 */

class AmazonS3 extends CFRuntime

{

	/*%******************************************************************************************%*/

	// REGIONAL ENDPOINTS

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region.

	 */

	const REGION_US_E1 = 's3.amazonaws.com';

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region.

	 */

	const REGION_VIRGINIA = self::REGION_US_E1;

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region.

	 */

	const REGION_US_STANDARD = self::REGION_US_E1;

	/**

	 * Specify the queue URL for the US-West 1 (Northern California) Region.

	 */

	const REGION_US_W1 = 's3-us-west-1.amazonaws.com';

	/**

	 * Specify the queue URL for the US-West 1 (Northern California) Region.

	 */

	const REGION_CALIFORNIA = self::REGION_US_W1;

	/**

	 * Specify the queue URL for the US-West 2 (Oregon) Region.

	 */

	const REGION_US_W2 = 's3-us-west-2.amazonaws.com';

	/**

	 * Specify the queue URL for the US-West 2 (Oregon) Region.

	 */

	const REGION_OREGON = self::REGION_US_W2;

	/**

	 * Specify the queue URL for the EU (Ireland) Region.

	 */

	const REGION_EU_W1 = 's3-eu-west-1.amazonaws.com';

	/**

	 * Specify the queue URL for the EU (Ireland) Region.

	 */

	const REGION_IRELAND = self::REGION_EU_W1;

	/**

	 * Specify the queue URL for the Asia Pacific (Singapore) Region.

	 */

	const REGION_APAC_SE1 = 's3-ap-southeast-1.amazonaws.com';

	/**

	 * Specify the queue URL for the Asia Pacific (Singapore) Region.

	 */

	const REGION_SINGAPORE = self::REGION_APAC_SE1;

	/**

	 * Specify the queue URL for the Asia Pacific (Japan) Region.

	 */

	const REGION_APAC_NE1 = 's3-ap-northeast-1.amazonaws.com';

	/**

	 * Specify the queue URL for the Asia Pacific (Japan) Region.

	 */

	const REGION_TOKYO = self::REGION_APAC_NE1;

	/**

	 * Specify the queue URL for the South America (Sao Paulo) Region.

	 */

	const REGION_SA_E1 = 's3-sa-east-1.amazonaws.com';

	/**

	 * Specify the queue URL for the South America (Sao Paulo) Region.

	 */

	const REGION_SAO_PAULO = self::REGION_SA_E1;

	/**

	 * Specify the queue URL for the United States GovCloud Region.

	 */

	const REGION_US_GOV1 = 's3-us-gov-west-1.amazonaws.com';

	/**

	 * Specify the queue URL for the United States GovCloud FIPS 140-2 Region.

	 */

	const REGION_US_GOV1_FIPS = 's3-fips-us-gov-west-1.amazonaws.com';

	/**

	 * The default endpoint.

	 */

	const DEFAULT_URL = self::REGION_US_E1;

	/*%******************************************************************************************%*/

	// REGIONAL WEBSITE ENDPOINTS

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region.

	 */

	const REGION_US_E1_WEBSITE = 's3-website-us-east-1.amazonaws.com';

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region.

	 */

	const REGION_VIRGINIA_WEBSITE = self::REGION_US_E1_WEBSITE;

	/**

	 * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region.

	 */

	const REGION_US_STANDARD_WEBSITE = self::REGION_US_E1_WEBSITE;

	/**

	 * Specify the queue URL for the US-West 1 (Northern California) Website Region.

	 */

	const REGION_US_W1_WEBSITE = 's3-website-us-west-1.amazonaws.com';

	/**

	 * Specify the queue URL for the US-West 1 (Northern California) Website Region.

	 */

	const REGION_CALIFORNIA_WEBSITE = self::REGION_US_W1_WEBSITE;

	/**

	 * Specify the queue URL for the US-West 2 (Oregon) Website Region.

	 */

	const REGION_US_W2_WEBSITE = 's3-website-us-west-2.amazonaws.com';

	/**

	 * Specify the queue URL for the US-West 2 (Oregon) Website Region.

	 */

	const REGION_OREGON_WEBSITE = self::REGION_US_W2_WEBSITE;

	/**

	 * Specify the queue URL for the EU (Ireland) Website Region.

	 */

	const REGION_EU_W1_WEBSITE = 's3-website-eu-west-1.amazonaws.com';

	/**

	 * Specify the queue URL for the EU (Ireland) Website Region.

	 */

	const REGION_IRELAND_WEBSITE = self::REGION_EU_W1_WEBSITE;

	/**

	 * Specify the queue URL for the Asia Pacific (Singapore) Website Region.

	 */

	const REGION_APAC_SE1_WEBSITE = 's3-website-ap-southeast-1.amazonaws.com';

	/**

	 * Specify the queue URL for the Asia Pacific (Singapore) Website Region.

	 */

	const REGION_SINGAPORE_WEBSITE = self::REGION_APAC_SE1_WEBSITE;

	/**

	 * Specify the queue URL for the Asia Pacific (Japan) Website Region.

	 */

	const REGION_APAC_NE1_WEBSITE = 's3-website-ap-northeast-1.amazonaws.com';

	/**

	 * Specify the queue URL for the Asia Pacific (Japan) Website Region.

	 */

	const REGION_TOKYO_WEBSITE = self::REGION_APAC_NE1_WEBSITE;

	/**

	 * Specify the queue URL for the South America (Sao Paulo) Website Region.

	 */

	const REGION_SA_E1_WEBSITE = 's3-website-sa-east-1.amazonaws.com';

	/**

	 * Specify the queue URL for the South America (Sao Paulo) Website Region.

	 */

	const REGION_SAO_PAULO_WEBSITE = self::REGION_SA_E1_WEBSITE;

	/**

	 * Specify the queue URL for the United States GovCloud Website Region.

	 */

	const REGION_US_GOV1_WEBSITE = 's3-website-us-gov-west-1.amazonaws.com';

	/*%******************************************************************************************%*/

	// ACL

	/**

	 * ACL: Owner-only read/write.

	 */

	const ACL_PRIVATE = 'private';

	/**

	 * ACL: Owner read/write, public read.

	 */

	const ACL_PUBLIC = 'public-read';

	/**

	 * ACL: Public read/write.

	 */

	const ACL_OPEN = 'public-read-write';

	/**

	 * ACL: Owner read/write, authenticated read.

	 */

	const ACL_AUTH_READ = 'authenticated-read';

	/**

	 * ACL: Bucket owner read.

	 */

	const ACL_OWNER_READ = 'bucket-owner-read';

	/**

	 * ACL: Bucket owner full control.

	 */

	const ACL_OWNER_FULL_CONTROL = 'bucket-owner-full-control';

	/*%******************************************************************************************%*/

	// GRANTS

	/**

	 * When applied to a bucket, grants permission to list the bucket. When applied to an object, this

	 * grants permission to read the object data and/or metadata.

	 */

	const GRANT_READ = 'READ';

	/**

	 * When applied to a bucket, grants permission to create, overwrite, and delete any object in the

	 * bucket. This permission is not supported for objects.

	 */

	const GRANT_WRITE = 'WRITE';

	/**

	 * Grants permission to read the ACL for the applicable bucket or object. The owner of a bucket or

	 * object always has this permission implicitly.

	 */

	const GRANT_READ_ACP = 'READ_ACP';

	/**

	 * Gives permission to overwrite the ACP for the applicable bucket or object. The owner of a bucket

	 * or object always has this permission implicitly. Granting this permission is equivalent to granting

	 * FULL_CONTROL because the grant recipient can make any changes to the ACP.

	 */

	const GRANT_WRITE_ACP = 'WRITE_ACP';

	/**

	 * Provides READ, WRITE, READ_ACP, and WRITE_ACP permissions. It does not convey additional rights and

	 * is provided only for convenience.

	 */

	const GRANT_FULL_CONTROL = 'FULL_CONTROL';

	/*%******************************************************************************************%*/

	// USERS

	/**

	 * The "AuthenticatedUsers" group for access control policies.

	 */

	const USERS_AUTH = 'http://acs.amazonaws.com/groups/global/AuthenticatedUsers';

	/**

	 * The "AllUsers" group for access control policies.

	 */

	const USERS_ALL = 'http://acs.amazonaws.com/groups/global/AllUsers';

	/**

	 * The "LogDelivery" group for access control policies.

	 */

	const USERS_LOGGING = 'http://acs.amazonaws.com/groups/s3/LogDelivery';

	/*%******************************************************************************************%*/

	// PATTERNS

	/**

	 * PCRE: Match all items

	 */

	const PCRE_ALL = '/.*/i';

	/*%******************************************************************************************%*/

	// STORAGE

	/**

	 * Standard storage redundancy.

	 */

	const STORAGE_STANDARD = 'STANDARD';

	/**

	 * Reduced storage redundancy.

	 */

	const STORAGE_REDUCED = 'REDUCED_REDUNDANCY';

	/*%******************************************************************************************%*/

	// PROPERTIES

	/**

	 * The request URL.

	 */

	public $request_url;

	/**

	 * The virtual host setting.

	 */

	public $vhost;

	/**

	 * The base XML elements to use for access control policy methods.

	 */

	public $base_acp_xml;

	/**

	 * The base XML elements to use for creating buckets in regions.

	 */

	public $base_location_constraint;

	/**

	 * The base XML elements to use for logging methods.

	 */

	public $base_logging_xml;

	/**

	 * The base XML elements to use for notifications.

	 */

	public $base_notification_xml;

	/**

	 * The base XML elements to use for versioning.

	 */

	public $base_versioning_xml;

	/**

	 * The base XML elements to use for completing a multipart upload.

	 */

	public $complete_mpu_xml;

	/**

	 * The base XML elements to use for website support.

	 */

	public $website_config_xml;

	/**

	 * The base XML elements to use for multi-object delete support.

	 */

	public $multi_object_delete_xml;

	/**

	 * The base XML elements to use for object expiration support.

	 */

	public $object_expiration_xml;

	/**

	 * The DNS vs. Path-style setting.

	 */

	public $path_style = false;

	/**

	 * The state of whether the prefix change is temporary or permanent.

	 */

	public $temporary_prefix = false;

	/*%******************************************************************************************%*/

	// CONSTRUCTOR

	/**

	 * Constructs a new instance of <AmazonS3>.

	 *

	 * @param array $options (Optional) An associative array of parameters that can have the following keys: <ul>

	 * 	<li><code>certificate_authority</code> - <code>boolean</code> - Optional - Determines which Cerificate Authority file to use. A value of boolean <code>false</code> will use the Certificate Authority file available on the system. A value of boolean <code>true</code> will use the Certificate Authority provided by the SDK. Passing a file system path to a Certificate Authority file (chmodded to <code>0755</code>) will use that. Leave this set to <code>false</code> if you're not sure.</li>

	 * 	<li><code>credentials</code> - <code>string</code> - Optional - The name of the credential set to use for authentication.</li>

	 * 	<li><code>default_cache_config</code> - <code>string</code> - Optional - This option allows a preferred storage type to be configured for long-term caching. This can be changed later using the <set_cache_config()> method. Valid values are: <code>apc</code>, <code>xcache</code>, or a file system path such as <code>./cache</code> or <code>/tmp/cache/</code>.</li>

	 * 	<li><code>key</code> - <code>string</code> - Optional - Your AWS key, or a session key. If blank, the default credential set will be used.</li>

	 * 	<li><code>secret</code> - <code>string</code> - Optional - Your AWS secret key, or a session secret key. If blank, the default credential set will be used.</li>

	 * 	<li><code>token</code> - <code>string</code> - Optional - An AWS session token.</li></ul>

	 * @return void

	 */

	public function __construct(array $options = array())

	{

		$this->vhost = null;

		$this->api_version = '2006-03-01';

		$this->hostname = self::DEFAULT_URL;

		$this->base_acp_xml             = '<?xml version="1.0" encoding="UTF-8"?><AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/latest/"></AccessControlPolicy>';

		$this->base_location_constraint = '<?xml version="1.0" encoding="UTF-8"?><CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/' . $this->api_version . '/"><LocationConstraint></LocationConstraint></CreateBucketConfiguration>';

		$this->base_logging_xml         = '<?xml version="1.0" encoding="utf-8"?><BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/' . $this->api_version . '"></BucketLoggingStatus>';

		$this->base_notification_xml    = '<?xml version="1.0" encoding="utf-8"?><NotificationConfiguration></NotificationConfiguration>';

		$this->base_versioning_xml      = '<?xml version="1.0" encoding="utf-8"?><VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/' . $this->api_version . '/"></VersioningConfiguration>';

		$this->complete_mpu_xml         = '<?xml version="1.0" encoding="utf-8"?><CompleteMultipartUpload></CompleteMultipartUpload>';

		$this->website_config_xml       = '<?xml version="1.0" encoding="utf-8"?><WebsiteConfiguration xmlns="http://s3.amazonaws.com/doc/' . $this->api_version . '/"><IndexDocument><Suffix>index.html</Suffix></IndexDocument><ErrorDocument><Key>error.html</Key></ErrorDocument></WebsiteConfiguration>';

		$this->multi_object_delete_xml  = '<?xml version="1.0" encoding="utf-8"?><Delete></Delete>';

		$this->object_expiration_xml    = '<?xml version="1.0" encoding="utf-8"?><LifecycleConfiguration></LifecycleConfiguration>';

		parent::__construct($options);

	}

	/*%******************************************************************************************%*/

	// AUTHENTICATION

	/**

	 * Authenticates a connection to Amazon S3. Do not use directly unless implementing custom methods for

	 * this class.

	 *

	 * @param string $operation (Required) The name of the bucket to operate on (S3 Only).

	 * @param array $payload (Required) An associative array of parameters for authenticating. See inline comments for allowed keys.

	 * @return CFResponse A <CFResponse> object containing a parsed HTTP response.

	 * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_Authentication.html REST authentication

	 */

	public function authenticate($operation, $payload)

	{

		/*

		 * Overriding or extending this class? You can pass the following "magic" keys into $opt.

		 *

		 * ## verb, resource, sub_resource and query_string ##

		 * 	<verb> /<resource>?<sub_resource>&<query_string>

		 * 	GET /filename.txt?versions&prefix=abc&max-items=1

		 *

		 * ## versionId, uploadId, partNumber, response-* ##

		 * 	These don't follow the same rules as above, in that the they needs to be signed, while

		 * 	other query_string values do not.

		 *

		 * ## curlopts ##

		 * 	These values get passed directly to the cURL methods in RequestCore.

		 *

		 * ## fileUpload, fileDownload, seekTo ##

		 * 	These are slightly modified and then passed to the cURL methods in RequestCore.

		 *

		 * ## headers ##

		 * 	$opt['headers'] is an array, whose keys are HTTP headers to be sent.

		 *

		 * ## body ##

		 * 	This is the request body that is sent to the server via PUT/POST.

		 *

		 * ## preauth ##

		 * 	This is a hook that tells authenticate() to generate a pre-authenticated URL.

		 *

		 * ## returnCurlHandle ##

		 * 	Tells authenticate() to return the cURL handle for the request instead of executing it.

		 */

		// Rename variables (to overcome inheritence issues)

		$bucket = $operation;

		$opt = $payload;

		// Validate the S3 bucket name

		if (!$this->validate_bucketname_support($bucket))

		{

			// @codeCoverageIgnoreStart

			throw new S3_Exception('S3 does not support "' . $bucket . '" as a valid bucket name. Review "Bucket Restrictions and Limitations" in the S3 Developer Guide for more information.');

			// @codeCoverageIgnoreEnd

		}

		// Die if $opt isn't set.

		if (!$opt) return false;

		$method_arguments = func_get_args();

		// Use the caching flow to determine if we need to do a round-trip to the server.

		if ($this->use_cache_flow)

		{

			// Generate an identifier specific to this particular set of arguments.

			$cache_id = $this->key . '_' . get_class($this) . '_' . $bucket . '_' . sha1(serialize($method_arguments));

			// Instantiate the appropriate caching object.

			$this->cache_object = new $this->cache_class($cache_id, $this->cache_location, $this->cache_expires, $this->cache_compress);

			if ($this->delete_cache)

			{

				$this->use_cache_flow = false;

				$this->delete_cache = false;

				return $this->cache_object->delete();

			}

			// Invoke the cache callback function to determine whether to pull data from the cache or make a fresh request.

			$data = $this->cache_object->response_manager(array($this, 'cache_callback'), $method_arguments);

			if ($this->parse_the_response)

			{

				// Parse the XML body

				$data = $this->parse_callback($data);

			}

			// End!

			return $data;

		}

		// If we haven't already set a resource prefix...

		if (!$this->resource_prefix || $this->path_style)

		{

			// And if the bucket name isn't DNS-valid...

			if (!$this->validate_bucketname_create($bucket))

			{

				// Fall back to the older path-style URI

				$this->set_resource_prefix('/' . $bucket);

				$this->temporary_prefix = true;

			}

			elseif ($this->path_style)

			{

				// Fall back to the older path-style URI

				$this->set_resource_prefix('/' . $bucket);

			}

		}

		// Determine hostname

		$scheme = $this->use_ssl ? 'https://' : 'http://';

		if ($this->resource_prefix || $this->path_style) // Use bucket-in-path method.

		{

			$hostname = $this->hostname . $this->resource_prefix . (($bucket === '' || $this->resource_prefix === '/' . $bucket) ? '' : ('/' . $bucket));

		}

		else

		{

			$hostname = $this->vhost ? $this->vhost : (($bucket === '') ? $this->hostname : ($bucket . '.') . $this->hostname);

		}

		// Get the UTC timestamp in RFC 2616 format

		$date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, time());

		// Storage for request parameters.

		$resource = '';

		$sub_resource = '';

		$querystringparams = array();

		$signable_querystringparams = array();

		$string_to_sign = '';

		$headers = array(

			'Content-MD5' => '',

			'Content-Type' => 'application/x-www-form-urlencoded',

			'Date' => $date

		);

		/*%******************************************************************************************%*/

		// Do we have an authentication token?

		if ($this->auth_token)

		{

			$headers['X-Amz-Security-Token'] = $this->auth_token;

		}

		// Handle specific resources

		if (isset($opt['resource']))

		{

			$resource .= $opt['resource'];

		}

		// Merge query string values

		if (isset($opt['query_string']))

		{

			$querystringparams = array_merge($querystringparams, $opt['query_string']);

		}

		$query_string = $this->util->to_query_string($querystringparams);

		// Merge the signable query string values. Must be alphabetical.

		$signable_list = array(

			'partNumber',

			'response-cache-control',

			'response-content-disposition',

			'response-content-encoding',

			'response-content-language',

			'response-content-type',

			'response-expires',

			'uploadId',

			'versionId'

		);

		foreach ($signable_list as $item)

		{

			if (isset($opt[$item]))

			{

				$signable_querystringparams[$item] = $opt[$item];

			}

		}

		$signable_query_string = $this->util->to_query_string($signable_querystringparams);

		// Merge the HTTP headers

		if (isset($opt['headers']))

		{

			$headers = array_merge($headers, $opt['headers']);

		}

		// Compile the URI to request

		$conjunction = '?';

		$signable_resource = '/' . str_replace('%2F', '/', rawurlencode($resource));

		$non_signable_resource = '';

		if (isset($opt['sub_resource']))

		{

			$signable_resource .= $conjunction . rawurlencode($opt['sub_resource']);

			$conjunction = '&';

		}

		if ($signable_query_string !== '')

		{

			$signable_query_string = $conjunction . $signable_query_string;

			$conjunction = '&';

		}

		if ($query_string !== '')

		{

			$non_signable_resource .= $conjunction . $query_string;

			$conjunction = '&';

		}

		$this->request_url = $scheme . $hostname . $signable_resource . $signable_query_string . $non_signable_resource;

		if (isset($opt['location']))

		{

			$this->request_url = $opt['location'];

		}

		// Gather information to pass along to other classes.

		$helpers = array(

			'utilities' => $this->utilities_class,

			'request' => $this->request_class,

			'response' => $this->response_class,

		);

		// Instantiate the request class

		$request = new $this->request_class($this->request_url, $this->proxy, $helpers, $this->credentials);

		// Update RequestCore settings

		$request->request_class = $this->request_class;

		$request->response_class = $this->response_class;

		$request->ssl_verification = $this->ssl_verification;

		// Pass along registered stream callbacks

		if ($this->registered_streaming_read_callback)

		{

			$request->register_streaming_read_callback($this->registered_streaming_read_callback);

		}

		if ($this->registered_streaming_write_callback)

		{

			$request->register_streaming_write_callback($this->registered_streaming_write_callback);

		}

		// Streaming uploads

		if (isset($opt['fileUpload']))

		{

			if (is_resource($opt['fileUpload']))

			{

				// Determine the length to read from the stream

				$length = null; // From current position until EOF by default, size determined by set_read_stream()

				if (isset($headers['Content-Length']))

				{

					$length = $headers['Content-Length'];

				}

				elseif (isset($opt['seekTo']))

				{

					// Read from seekTo until EOF by default

					$stats = fstat($opt['fileUpload']);

					if ($stats && $stats['size'] >= 0)

					{

						$length = $stats['size'] - (integer) $opt['seekTo'];

					}

				}

				$request->set_read_stream($opt['fileUpload'], $length);

				if ($headers['Content-Type'] === 'application/x-www-form-urlencoded')

				{

					$headers['Content-Type'] = 'application/octet-stream';

				}

			}

			else

			{

				$request->set_read_file($opt['fileUpload']);

				// Determine the length to read from the file

				$length = $request->read_stream_size; // The file size by default

				if (isset($headers['Content-Length']))

				{

					$length = $headers['Content-Length'];

				}

				elseif (isset($opt['seekTo']) && isset($length))

				{

					// Read from seekTo until EOF by default

					$length -= (integer) $opt['seekTo'];

				}

				$request->set_read_stream_size($length);

				// Attempt to guess the correct mime-type

				if ($headers['Content-Type'] === 'application/x-www-form-urlencoded')

				{

					$extension = explode('.', $opt['fileUpload']);

					$extension = array_pop($extension);

					$mime_type = CFMimeTypes::get_mimetype($extension);

					$headers['Content-Type'] = $mime_type;

				}

			}

			$headers['Content-Length'] = $request->read_stream_size;

			$headers['Content-MD5'] = '';

		}

		// Handle streaming file offsets

		if (isset($opt['seekTo']))

		{

			// Pass the seek position to RequestCore

			$request->set_seek_position((integer) $opt['seekTo']);

		}

		// Streaming downloads

		if (isset($opt['fileDownload']))

		{

			if (is_resource($opt['fileDownload']))

			{

				$request->set_write_stream($opt['fileDownload']);

			}

			else

			{

				$request->set_write_file($opt['fileDownload']);

			}

		}

		$curlopts = array();

		// Set custom CURLOPT settings

		if (isset($opt['curlopts']))

		{

			$curlopts = $opt['curlopts'];

		}

		// Debug mode

		if ($this->debug_mode)

		{

			$curlopts[CURLOPT_VERBOSE] = true;

		}

		// Set the curl options.

		if (count($curlopts))

		{

			$request->set_curlopts($curlopts);

		}

		// Do we have a verb?

		if (isset($opt['verb']))

		{

			$request->set_method($opt['verb']);

			$string_to_sign .= $opt['verb'] . "\n";

		}

		// Add headers and content when we have a body

		if (isset($opt['body']))

		{

			$request->set_body($opt['body']);

			$headers['Content-Length'] = strlen($opt['body']);

			if ($headers['Content-Type'] === 'application/x-www-form-urlencoded')

			{

				$headers['Content-Type'] = 'application/octet-stream';

			}

			if (!isset($opt['NoContentMD5']) || $opt['NoContentMD5'] !== true)

			{

				$headers['Content-MD5'] = $this->util->hex_to_base64(md5($opt['body']));

			}

		}

		// Handle query-string authentication

		if (isset($opt['preauth']) && (integer) $opt['preauth'] > 0)

		{

			unset($headers['Date']);

			$headers['Content-Type'] = '';

			$headers['Expires'] = is_int($opt['preauth']) ? $opt['preauth'] : strtotime($opt['preauth']);

		}

		// Sort headers

		uksort($headers, 'strnatcasecmp');

		// Add headers to request and compute the string to sign

		foreach ($headers as $header_key => $header_value)

		{

			// Strip linebreaks from header values as they're illegal and can allow for security issues

			$header_value = str_replace(array("\r", "\n"), '', $header_value);

			// Add the header if it has a value

			if ($header_value !== '')

			{

				$request->add_header($header_key, $header_value);

			}

			// Generate the string to sign

			if (

				strtolower($header_key) === 'content-md5' ||

				strtolower($header_key) === 'content-type' ||

				strtolower($header_key) === 'date' ||

				(strtolower($header_key) === 'expires' && isset($opt['preauth']) && (integer) $opt['preauth'] > 0)

			)

			{

				$string_to_sign .= $header_value . "\n";

			}

			elseif (substr(strtolower($header_key), 0, 6) === 'x-amz-')

			{

				$string_to_sign .= strtolower($header_key) . ':' . $header_value . "\n";

			}

		}

		// Add the signable resource location

		$string_to_sign .= ($this->resource_prefix ? $this->resource_prefix : '');

		$string_to_sign .= (($bucket === '' || $this->resource_prefix === '/' . $bucket) ? '' : ('/' . $bucket)) . $signable_resource . urldecode($signable_query_string);

		// Hash the AWS secret key and generate a signature for the request.

		$signature = base64_encode(hash_hmac('sha1', $string_to_sign, $this->secret_key, true));

		$request->add_header('Authorization', 'AWS ' . $this->key . ':' . $signature);

		// If we're generating a URL, return certain data to the calling method.

		if (isset($opt['preauth']) && (integer) $opt['preauth'] > 0)

		{

			return $this->request_url . $conjunction . 'AWSAccessKeyId=' . $this->key . '&Expires=' . $headers['Expires'] . '&Signature=' . rawurlencode($signature);

		}

		elseif (isset($opt['preauth']))

		{

			return $this->request_url;

		}

		/*%******************************************************************************************%*/

		// If our changes were temporary, reset them.

		if ($this->temporary_prefix)

		{

			$this->temporary_prefix = false;

			$this->resource_prefix = null;

		}

		// Manage the (newer) batch request API or the (older) returnCurlHandle setting.

		if ($this->use_batch_flow)

		{

			$handle = $request->prep_request();

			$this->batch_object->add($handle);

			$this->use_batch_flow = false;

			return $handle;

		}

		elseif (isset($opt['returnCurlHandle']) && $opt['returnCurlHandle'] === true)

		{

			return $request->prep_request();

		}

		// Send!

		$request->send_request();

		// Prepare the response

		$headers = $request->get_response_header();

		$headers['x-aws-request-url'] = $this->request_url;

		$headers['x-aws-redirects'] = $this->redirects;

		$headers['x-aws-stringtosign'] = $string_to_sign;

		$headers['x-aws-requestheaders'] = $request->request_headers;

		// Did we have a request body?

		if (isset($opt['body']))

		{

			$headers['x-aws-requestbody'] = $opt['body'];

		}

		$data = new $this->response_class($headers, $this->parse_callback($request->get_response_body()), $request->get_response_code());

		// Did Amazon tell us to redirect? Typically happens for multiple rapid requests EU datacenters.

		// @see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/Redirects.html

		// @codeCoverageIgnoreStart

		if ((integer) $request->get_response_code() === 307) // Temporary redirect to new endpoint.

		{

			$this->redirects++;

			$opt['location'] = $headers['location'];

			$data = $this->authenticate($bucket, $opt);

		}

		// Was it Amazon's fault the request failed? Retry the request until we reach $max_retries.

		elseif ((integer) $request->get_response_code() === 500 || (integer) $request->get_response_code() === 503)

		{

			if ($this->redirects <= $this->max_retries)

			{

				// Exponential backoff

				$delay = (integer) (pow(4, $this->redirects) * 100000);

				usleep($delay);

				$this->redirects++;

				$data = $this->authenticate($bucket, $opt);

			}

		}

		// @codeCoverageIgnoreEnd

		// Return!

		$this->redirects = 0;

		return $data;

	}

	/**

	 * Validates whether or not the specified Amazon S3 bucket name is valid for DNS-style access. This

	 * method is leveraged by any method that creates buckets.

	 *

	 * @param string $bucket (Required) The name of the bucket to validate.

	 * @return boolean Whether or not the specified Amazon S3 bucket name is valid for DNS-style access. A value of <code>true</code> means that the bucket name is valid. A value of <code>false</code> means that the bucket name is invalid.

	 */

	public function validate_bucketname_create($bucket)

	{

		// list_buckets() uses this. Let it pass.

		if ($bucket === '') return true;

		if (

			($bucket === null || $bucket === false) ||                  // Must not be null or false

			preg_match('/[^(a-z0-9\-\.)]/', $bucket) ||                 // Must be in the lowercase Roman alphabet, period or hyphen

			!preg_match('/^([a-z]|\d)/', $bucket) ||                    // Must start with a number or letter

			!(strlen($bucket) >= 3 && strlen($bucket) <= 63) ||         // Must be between 3 and 63 characters long

			(strpos($bucket, '..') !== false) ||                        // Bucket names cannot contain two, adjacent periods

			(strpos($bucket, '-.') !== false) ||                        // Bucket names cannot contain dashes next to periods

			(strpos($bucket, '.-') !== false) ||                        // Bucket names cannot contain dashes next to periods

			preg_match('/(-|\.)$/', $bucket) ||                         // Bucket names should not end with a dash or period

			preg_match('/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/', $bucket)    // Must not be formatted as an IP address

		) return false;

		return true;

	}

	/**

	 * Validates whether or not the specified Amazon S3 bucket name is valid for path-style access. This

	 * method is leveraged by any method that reads from buckets.

	 *

	 * @param string $bucket (Required) The name of the bucket to validate.

	 * @return boolean Whether or not the bucket name is valid. A value of <code>true</code> means that the bucket name is valid. A value of <code>false</code> means that the bucket name is invalid.

	 */

	public function validate_bucketname_support($bucket)

	{

		// list_buckets() uses this. Let it pass.

		if ($bucket === '') return true;

		// Validate

		if (

			($bucket === null || $bucket === false) ||                  // Must not be null or false

			preg_match('/[^(a-z0-9_\-\.)]/i', $bucket) ||               // Must be in the Roman alphabet, period, hyphen or underscore

			!preg_match('/^([a-z]|\d)/i', $bucket) ||                   // Must start with a number or letter

			!(strlen($bucket) >= 3 && strlen($bucket) <= 255) ||        // Must be between 3 and 255 characters long

			preg_match('/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/', $bucket)    // Must not be formatted as an IP address

		) return false;

		return true;

	}

	/*%******************************************************************************************%*/

	// SETTERS

	/**

	 * Sets the region to use for subsequent Amazon S3 operations. This will also reset any prior use of

	 * <enable_path_style()>.

	 *

	 * @param string $region (Required) The region to use for subsequent Amazon S3 operations. For a complete list of REGION constants, see the <code>AmazonS3</code> Constants page in the API reference.

	 * @return $this A reference to the current instance.

	 */

	public function set_region($region)

	{

		// @codeCoverageIgnoreStart

		$this->set_hostname($region);