PHP and hash

Get answers here.

Moderators: BBear, theunknownhost, flaguy

Post Reply
User avatar
BBear
Hosting Superstar
Posts: 1915
Joined: Sat Jun 29, 2002 5:18 pm
Location: Connecticut

PHP and hash

Post by BBear » Fri Jul 14, 2006 4:16 pm

Does anyone know what it means to do a "hash" at the server command prompt? Obviously this isn't the hash you get to eat! You're supposed to be able to do this "hash" thing to get information on patches applied for PHP, but I don't know, sounds pretty funky to me :) Guess it would be a good thing to know anyway.

Bbear

User avatar
Arf
Official Test Penquin
Posts: 9103
Joined: Tue Apr 09, 2002 12:00 am
Location: IDAHO, USA
Contact:

Post by Arf » Fri Jul 14, 2006 9:33 pm

Don't ya smoke hash?

Anyway, there are a few different hash programs. The one I'm most familiar with is the md5sum.

Example:

Code: Select all

md5sum somefilename 
a6280e99ea183df514c067e7f7587576  somefilename


The big long string is the hash of the file.

User avatar
BBear
Hosting Superstar
Posts: 1915
Joined: Sat Jun 29, 2002 5:18 pm
Location: Connecticut

Post by BBear » Fri Jul 14, 2006 11:37 pm

Interesting... but how do you then read it to get the PHP version and patches applied to it information?

Bbear

User avatar
Arf
Official Test Penquin
Posts: 9103
Joined: Tue Apr 09, 2002 12:00 am
Location: IDAHO, USA
Contact:

Post by Arf » Sat Jul 15, 2006 1:10 am

I don't know. I figure if I speak in a small quiet voice nobody will see how dumb I am. :o

User avatar
BBear
Hosting Superstar
Posts: 1915
Joined: Sat Jun 29, 2002 5:18 pm
Location: Connecticut

Post by BBear » Sat Jul 15, 2006 4:22 am

Well I guess that's better than being invisable

:-?
Bbear

sixpackmx
Hard Drive Crasher
Posts: 640
Joined: Fri Nov 01, 2002 9:44 am
Location: Mexico City, Mexico

Post by sixpackmx » Mon Jul 17, 2006 6:52 pm

I don't know what specific need you need hash for, however it's mostly used to validate that a file downloaded from the Internet is exactly the same file you are expecting to receive. (To protect you from corrupt file, or "man in the middle" attack).

This is how it works:

a) When you download something (like PHP, for example), generally thereis a md5 or hash string on the download page with the hash of that file. (Example: http://www.php.net/downloads.php)

b) After downloading the file, you can use md5sum command on the file you just downloaded to validate it's exactly the same file.

Pretty much that's it.

User avatar
BBear
Hosting Superstar
Posts: 1915
Joined: Sat Jun 29, 2002 5:18 pm
Location: Connecticut

Post by BBear » Mon Jul 17, 2006 7:15 pm

Thank you for clarifying that, truly appreciated! :)

Hmm, OK, based on that, it doesn't make sense since it sounds like the hash doesn't supply the info needed... I have no clue why they needed it then.

In any event, I learned that the patch to fix the issue in question is supposedly in testing with Ala but I don't know how long they have been testing for, or how long it will be before they actually do something with it.

Thank again!
Bbear

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest