Welcome Guest! You need to login or register to make posts.

Notification

Icon
Error

Options
Go to last post Go to first unread
deeptii  
#1 Posted : Thursday, October 18, 2007 12:02:07 PM(UTC)
deeptii

Rank: Member

Groups: Member
Joined: 10/17/2007(UTC)
Posts: 1

Hi,

I tested the SHA1, MD5 verifications in the PHP samples and they work well. However, when I add the parameter not to include picture's source file, the upload always fails as the verifications fail.

In the php code for checking the SHA1, MD5 that's in the samples:

Code:

	//Get SHA1 Hash.
	
	//Check if this value is actually uploaded.
	if (array_key_exists("HashCodeSHA_1", $_POST))
	{
		$postedSHA1Hash = $_POST ["HashCodeSHA_1"];

		//Compute SHA1 hash. Since Image Uploader sends the hash value encoded with Base 64 algorithm
		//the result should be also encoded with Base 64.
		$actualSHA1Hash = base64_encode(pack("H*",sha1_file($_FILES["SourceFile_1"]['tmp_name'])));
		
		//If the result differs from the uploaded one, the upload should be interpreted as corrupted.
		if ($postedSHA1Hash != $actualSHA1Hash)
		{
			header("HTTP/1.0 400 Bad Request");
			return;
		}
	}

	//Get MD5 hash.

	//Check if this value is actually uploaded.
	if (array_key_exists("HashCodeMD5_1", $_POST))
	{
		$postedMD5Hash = $_POST ["HashCodeMD5_1"];

		//Compute MD5 hash. Since Image Uploader sends the hash value encoded with Base 64 algorithm
		//the result should be also encoded wi	th Base 64.
		$actualMD5Hash = base64_encode(pack("H*",md5_file($_FILES["SourceFile_1"]['tmp_name'])));

		//If the result differs from the uploaded one, the upload should be interpreted as corrupted.
		if ($postedMD5Hash != $actualMD5Hash)
		{
			header("HTTP/1.0 400 Bad Request");
			return;
		}
	}


And since I am not uploading the original source file, I am supposed to only have Thumbnails so I changed the above codes to:

Code:

		if (array_key_exists("HashCodeSHA_1", $_POST))
		{
			$postedSHA1Hash = $_POST ["HashCodeSHA_1"];

		//Compute SHA1 hash. Since Image Uploader sends the hash value encoded with Base 64 algorithm
		//the result should be also encoded with Base 64.
			$actualSHA1Hash = base64_encode(pack("H*",sha1_file($_FILES['Thumbnail1_1']['tmp_name'])));
		
		//If the result differs from the uploaded one, the upload should be interpreted as corrupted.
			if ($postedSHA1Hash != $actualSHA1Hash)
			{
				header("HTTP/1.0 400 Bad Request");
				return;
			}
		}
		if (array_key_exists("HashCodeMD5_1", $_POST))
		{
			$postedMD5Hash = $_POST ["HashCodeMD5_1"];

		//Compute MD5 hash. Since Image Uploader sends the hash value encoded with Base 64 algorithm
		//the result should be also encoded wi	th Base 64.
			$actualMD5Hash = base64_encode(pack("H*",md5_file($_FILES['Thumbnail1_1']['tmp_name'])));

		//If the result differs from the uploaded one, the upload should be interpreted as corrupted.
			if ($postedMD5Hash != $actualMD5Hash)
			{
				header("HTTP/1.0 400 Bad Request");
				return;
			}
		}


And this doesn't work. I tried to use the original and that didn't work either.

How do I get SHA1, MD5 to work together with no source file upload?

Edited by user Monday, February 11, 2008 4:18:54 PM(UTC)  | Reason: Not specified

netcode  
#2 Posted : Friday, July 11, 2008 12:07:27 AM(UTC)
netcode

Rank: Newbie

Groups: Member
Joined: 7/11/2008(UTC)
Posts: 2

Hi,

Did you find a solution for this ?

I have the exact same problem...

BR,

Wouter
Eugene Kosmin  
#3 Posted : Sunday, July 13, 2008 12:04:10 PM(UTC)
Eugene Kosmin

Rank: Advanced Member

Groups: Member, Administration, Moderator
Joined: 9/19/2006(UTC)
Posts: 439

Was thanked: 22 time(s) in 22 post(s)
Hi,

Unfortunately HASH verification works only with source files, but not with thumbnails. So in your changed code you are comparing hash values from source file got by Image Uploader and thumbnail got in your upload script.

Even if you don’t send source files, hash values will be got from them.
Best regards,
Eugene Kosmin.
Aurigma Development Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.