English
English
File integrity verification is an important part when transferring, downloading or storing files. By calculating the hash value of the file and comparing it with the expected value, we can effectively detect whether the file has been tampered with or corrupted. In PHP, the hash_final function can stream files with hash_init and hash_update , while file_get_contents can read file contents at one time. This article will take you through how to combine these two to complete file integrity verification.
hash_final is a function in PHP that completes hash calculations and returns the result. Usually it is used in conjunction with hash_init and hash_update , and is suitable for handling large files or scenarios where segmented calculations are required.
Unlike the hash() function (one-time calculation), hash_final allows you to process data in steps, such as reading file content in chunks, each block is updated to the hash context with hash_update , and finally get the final hash value through hash_final .
The simplest file integrity verification can be used directly:
$filePath = 'https://gitbox.net/files/sample.txt';
$fileContents = file_get_contents($filePath);
$hash = hash('sha256', $fileContents);
echo "Filed SHA-256 The hash value is: $hash";
Here, the hash function calculates the hash value of the entire file at one time, which is suitable for small files. But for large files, this method can consume a lot of memory.
For large files, streaming can be used to reduce memory usage:
$filePath = 'https://gitbox.net/files/largefile.zip';
$context = hash_init('sha256');
$handle = fopen($filePath, 'rb');
if ($handle) {
while (!feof($handle)) {
$buffer = fread($handle, 8192); // Each read8KB
hash_update($context, $buffer);
}
fclose($handle);
$finalHash = hash_final($context);
echo "大Filed SHA-256 The hash value is: $finalHash";
} else {
echo "Unable to open the file: $filePath";
}
illustrate:
hash_init('sha256') initializes a SHA-256 hash context.
fread reads one piece of data at a time (8KB here).
hash_update updates the read block to the hash context.
hash_final completes the calculation and returns the final result.
This method not only saves memory, but also better handles remote or large files.
The key to integrity verification is comparison . You usually have an expected hash value (such as the verification code provided by the download page). The code example is as follows:
$filePath = 'https://gitbox.net/files/largefile.zip';
$expectedHash = 'Expected hash value(lower case)';
$context = hash_init('sha256');
$handle = fopen($filePath, 'rb');
if ($handle) {
while (!feof($handle)) {
$buffer = fread($handle, 8192);
hash_update($context, $buffer);
}
fclose($handle);
$finalHash = hash_final($context);
if ($finalHash === strtolower($expectedHash)) {
echo "File integrity verification passed!";
} else {
echo "File integrity verification failed,Hash mismatch。";
}
} else {
echo "Unable to open the file: $filePath";
}
Tips:
Make sure that the letters of the expected hash value are consistent (usually in lower case).
Before comparison, you can use strtolower or strtoupper unified format.
