Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:11920
Return-Path: <u235@libero.it>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 8513 invoked by uid 1010); 4 Aug 2004 21:36:21 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 8305 invoked from network); 4 Aug 2004 21:36:19 -0000
Received: from unknown (HELO rod.elitel.it) (212.34.224.163)
  by pb1.pair.com with SMTP; 4 Aug 2004 21:36:19 -0000
Received: (qmail 12342 invoked from network); 4 Aug 2004 21:45:05 -0000
Received: from unknown (HELO astrid.santinoli.com) (212.34.243.106)
  by rod.elitel.it with SMTP; 4 Aug 2004 21:45:05 -0000
Received: by astrid.santinoli.com (Postfix, from userid 502)
	id 966934816B; Wed,  4 Aug 2004 23:37:54 +0200 (CEST)
Date: Wed, 4 Aug 2004 23:37:54 +0200
To: internals@lists.php.net
Message-ID: <20040804213754.GB15482@astrid.santinoli.com>
References: <20040804145657.GA15294@astrid.santinoli.com> <200408041108.22045.ilia@prohost.org> <4110FDD4.2060106@php.net> <200408041135.17954.ilia@prohost.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200408041135.17954.ilia@prohost.org>
Organization: Fastpath Research
User-Agent: Mutt/1.5.6i
Subject: Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files
From: u235@libero.it (David Santinoli)

On Wed, Aug 04, 2004 at 11:35:17AM -0400, Ilia Alshanetsky wrote:
> On August 4, 2004 11:16 am, Dave wrote:
> > I think his point was that the hash is calculated as the file is
> > being uploaded, which saves having to read the whole file a second
> > time after uploading is finished. For big files, and repetitious
> > uploading, this could probably save on the CPU cycles and I/O load a
> > bit.

Exactly.


> That is true, but to really validate the file you'd still want to
> check the data you have on disk, rather then what PHP supposedly saved
> to disk.

Actually, I don't see this as a way to validate uploaded files; rather,
I consider it an optimized replacement for the upload -> md5_file()
sequence.


> Adding hidden fields (that may conflict with the ones some people
> already use) also seems like a recipe for trouble.

I admit that's a good point, although I can't really see many possible
uses for a hidden field named COMPUTE_MD5 in a file upload form - I bet
those people would be glad to switch to the new facility. ;-)

The suggestion by Derrell Lipman - requesting the hash calculation
by adding an attribute to the INPUT element - has some merit, but I
don't know how viable this road is (in terms of functionalities already
present in the PHP core), and I'd also like to stick to "standard" HTML.

Cheers,
 David
-- 
 David Santinoli, Milano             +   <david@santinoli.com>
 Independent Linux/Unix consultant   +   http://www.santinoli.com