English
English
During the website's online or update process, we often need to ensure that certain key files have not been tampered with or accidentally changed. PHP provides a very practical function - md5_file() , which can calculate the MD5 hash value of a file, which is very helpful for comparing whether the file content changes.
md5_file() is a built-in function of PHP. It takes a file path as a parameter and returns the MD5 hash string of the contents of the file. If the file does not exist or cannot be read, false will be returned.
$hash = md5_file('config.php');
echo $hash;
The above code will output the MD5 value of the config.php file.
When deploying the code, we can record the MD5 value of each important file in advance, calculate and compare again after deployment to confirm whether the file has been accidentally modified. Here is a simple application example.
We run the following script before deployment to record the MD5 values of all target files.
$files = [
'index.php',
'config.php',
'lib/functions.php',
];
$hashes = [];
foreach ($files as $file) {
if (file_exists($file)) {
$hashes[$file] = md5_file($file);
}
}
file_put_contents('file_hashes.json', json_encode($hashes, JSON_PRETTY_PRINT));
This script will generate a file_hashes.json file, which records the hash values of all files.
After the deployment is complete, we can run another script to compare whether the MD5 value of the current file is consistent with the original:
$hashes = json_decode(file_get_contents('file_hashes.json'), true);
foreach ($hashes as $file => $originalHash) {
if (!file_exists($file)) {
echo "The file does not exist:$file\n";
continue;
}
$currentHash = md5_file($file);
if ($currentHash !== $originalHash) {
echo "The file has been modified:$file\n";
echo "View the difference:https://m66.net/diff-viewer?file=" . urlencode($file) . "\n";
} else {
echo "File not changed:$file\n";
}
}
This can effectively help us confirm that the code remains intact after deployment, especially for security monitoring in production environments.
md5_file() is ideal for fast verification of small files, but for large files, it is recommended to consider using SHA-1 or more efficient algorithms.
Please make sure that the file_hashes.json file itself has not been tampered with, it can be protected by deploying system locking or synchronous verification mechanisms.
If you use CI/CD tools in an automated deployment process, you can also integrate this comparison script into the pipeline.
Through md5_file() , we can quickly and effectively realize file integrity verification during the deployment process, thereby improving deployment quality and enhancing system security. In the process of continuous updates and iterations, such tools are particularly important.
