I need a reasonable way to use PHP to check the integrity of a large number of files that is present below a directory on a specific server (large number here means 6000 and more).
Basically, I want to know if they have been altered. The solution I've come up with is to compute a hash value of all the files as follows:
$accnum = 1;
$modulo = PHP_INT_MAX >> 5;
foreach ($files as $file) {
$crc32 = crc32(md5_file($file));
$accnum = ($accnum % $modulo) * 31 + $crc32;
}
$hash = md5($accnum);
I then record the hash somewhere an intruder can't reach it.
Then, to check for tampering, I recompute the hash and compare it to the recorded value. If it is different, I know that at least one of files have been altered.
Questions:
- Is this a reasonable way to do this?
- If not, how do I monitor the integrity of a large number of files?
Why don't you use Git for that? Keep a remote repository where your "intruder" cannot reach and watch for local changes or compare your code with the remote repo.