PHP and hash

[BBear]

Does anyone know what it means to do a "hash" at the server command prompt? Obviously this isn't the hash you get to eat! You're supposed to be able to do this "hash" thing to get information on patches applied for PHP, but I don't know, sounds pretty funky to me Guess it would be a good thing to know anyway.

Bbear

[Arf]

Don't ya smoke hash?

Anyway, there are a few different hash programs. The one I'm most familiar with is the md5sum.

Example:

Code: Select all

md5sum somefilename 
a6280e99ea183df514c067e7f7587576  somefilename

The big long string is the hash of the file.

[BBear]

Interesting... but how do you then read it to get the PHP version and patches applied to it information?

Bbear

[Arf]

I don't know. I figure if I speak in a small quiet voice nobody will see how dumb I am.

[BBear]

Well I guess that's better than being invisable


Bbear

[sixpackmx]

I don't know what specific need you need hash for, however it's mostly used to validate that a file downloaded from the Internet is exactly the same file you are expecting to receive. (To protect you from corrupt file, or "man in the middle" attack).

This is how it works:

a) When you download something (like PHP, for example), generally thereis a md5 or hash string on the download page with the hash of that file. (Example: http://www.php.net/downloads.php)

b) After downloading the file, you can use md5sum command on the file you just downloaded to validate it's exactly the same file.

Pretty much that's it.

[BBear]

Thank you for clarifying that, truly appreciated!

Hmm, OK, based on that, it doesn't make sense since it sounds like the hash doesn't supply the info needed... I have no clue why they needed it then.

In any event, I learned that the patch to fix the issue in question is supposedly in testing with Ala but I don't know how long they have been testing for, or how long it will be before they actually do something with it.

Thank again!
Bbear