Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When my app users upload files to S3 I add a metadata in the object with the user id.
e.g. x-amz-meta-user_id = 9
I allow my users to delete their files in the php app:
$response = $s3->delete_objects ($bucket, array(
'objects' => $array //objects to be deleted
));
Before deleting an object is it possible to check if the user id metadata in S3 matches the user id in my app? This would add extra security not allowing users to delete another user’s files.
In the PHP SDK, use the
AmazonS3::get_object_headers()method to look for thex-amz-meta*header of your choice and compare it to the current user.If you have a match, do ahead and execute the delete.