English
English
Ensuring file integrity is a very critical step when managing a large number of local files (such as software distribution packages, documents, media resources, etc.). An effective way is to generate its MD5 signature for each file and store it in a database for subsequent checksum change detection. PHP provides a very convenient function - md5_file() , which can directly return the MD5 checksum of a file.
This article will introduce how to use md5_file() to generate signatures for local files and build a complete file verification database.
Before you begin, make sure that your server or development environment has PHP installed and has file system access. We will use a simple PHP script as an example to recursively scan all files in a directory, generate their MD5 signatures and save them to the database.
The following is a complete sample script that uses PDO to write to a SQLite database. You can also replace it with MySQL, PostgreSQL and other databases as needed.
<?php
$directory = __DIR__ . '/files';
$dbFile = __DIR__ . '/checksum.db';
$pdo = new PDO('sqlite:' . $dbFile);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Initialize the database
$pdo->exec("CREATE TABLE IF NOT EXISTS file_checksums (
id INTEGER PRIMARY KEY AUTOINCREMENT,
path TEXT UNIQUE,
md5 TEXT,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
)");
// Scan the directory and process the file
function scanFiles($dir, $pdo) {
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir));
foreach ($files as $file) {
if ($file->isFile()) {
$path = $file->getRealPath();
$md5 = md5_file($path);
$stmt = $pdo->prepare("INSERT INTO file_checksums (path, md5)
VALUES (:path, :md5)
ON CONFLICT(path) DO UPDATE SET md5 = :md5, updated_at = CURRENT_TIMESTAMP");
$stmt->execute([
':path' => $path,
':md5' => $md5,
]);
echo "Processed:$path\n";
}
}
}
scanFiles($directory, $pdo);
echo "File signature generation is completed。\n";
After that, you can run the script again, and it will automatically update the file records that already exist in the database. You can also create an independent verification script to compare whether the MD5 of the current file is consistent with the MD5 value recorded in the database:
<?php
$directory = __DIR__ . '/files';
$dbFile = __DIR__ . '/checksum.db';
$pdo = new PDO('sqlite:' . $dbFile);
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory));
foreach ($files as $file) {
if ($file->isFile()) {
$path = $file->getRealPath();
$currentMd5 = md5_file($path);
$stmt = $pdo->prepare("SELECT md5 FROM file_checksums WHERE path = :path");
$stmt->execute([':path' => $path]);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row) {
if ($row['md5'] !== $currentMd5) {
echo "The file has been modified:$path\n";
}
} else {
echo "New file:$path\n";
}
}
}
Permission control : Ensure that the read and write permissions of files and databases are correctly configured.
Periodic Run : Signature update or verification scripts can be run regularly through cron timing tasks.
Remote Verification : If you need to remotely verify file integrity, you can upload the generated signature to the server through the interface (such as <code> https://m66.net/api/upload_md5 </code>).
By combining md5_file() and database storage, you can easily build an efficient and stable file integrity verification mechanism. This method is suitable for local file monitoring, system security audit, deployment automation and other scenarios, effectively improving the reliability and traceability of the system.
