Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-09 Thread Richard Quadling
On 08/05/07, Richard Lynch <[EMAIL PROTECTED]> wrote: On Tue, May 8, 2007 9:13 am, David Santinoli wrote: > If there's enough interest in this, I will rework the patch according > to > Sara's hint. I'd have to be +1 on making more than just the 2 hashes available for this feature, though if it's

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-08 Thread Richard Lynch
On Tue, May 8, 2007 9:13 am, David Santinoli wrote: > If there's enough interest in this, I will rework the patch according > to > Sara's hint. I'd have to be +1 on making more than just the 2 hashes available for this feature, though if it's a *TON* of work... -- Some people have a "gift" link

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-08 Thread David Santinoli
On Mon, May 07, 2007 at 06:37:29PM -0700, Sara Golemon wrote: > Ditto Richard's comments about false-implications of security, but I'd > also like to add that *IF* folks decide on the whole that this is > worth adding, it should be done more generically than a setting for > md5 and a setting for sh

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-08 Thread David Santinoli
On Mon, May 07, 2007 at 04:30:28PM -0500, Richard Lynch wrote: > > Can you PLEASE make 100% certain that this is specifically documented > to NOT be a "Security Feature" and it is NOT intended to indicate > secure transmission of the file? It is not meant to be a "security feature". Not in the l

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-07 Thread Sara Golemon
Ditto Richard's comments about false-implications of security, but I'd also like to add that *IF* folks decide on the whole that this is worth adding, it should be done more generically than a setting for md5 and a setting for sha1. e.g. or or or whatever hash algo you're looking for. Th

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-07 Thread Richard Lynch
What purpose does this serve, exactly?... Seems like anybody who can intercept the upload and send bad file data can also send a matching MD5 for the bad data... Actually, re-reading the message clarified for me that you're doing this only to save the time of whatever it would take to do an MD5 f

[PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2007-05-07 Thread David Santinoli
Hi, I'm submitting a patch to perform "on the fly" MD5/SHA1 digest calculation of a file uploaded via the HTTP POST method. Being not uncommon for applications to require some digest of a freshly uploaded file, doing the math directly in the buffer where the file is being read can save some tim

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread David Santinoli
On Wed, Aug 04, 2004 at 11:35:17AM -0400, Ilia Alshanetsky wrote: > On August 4, 2004 11:16 am, Dave wrote: > > I think his point was that the hash is calculated as the file is > > being uploaded, which saves having to read the whole file a second > > time after uploading is finished. For big files

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread David Santinoli
On Wed, Aug 04, 2004 at 05:06:45PM +0200, Derick Rethans wrote: > > I like this idea, and the patch looks (from a glance OK). Without > applying it I have a question though: > > Does it handle cleaning up the digest structures correctly if the > fileupload is aborted in some way? Do you refer to

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread Ilia Alshanetsky
On August 4, 2004 11:16 am, Dave wrote: > I think his point was that the hash is calculated as the file is being > uploaded, which saves having to read the whole file a second time after > uploading is finished. For big files, and repetitious uploading, this > could probably save on the CPU cycles

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread Derrell . Lipman
David Santinoli <[EMAIL PROTECTED]> writes: > Hi, > I'm submitting a patch to perform "on the fly" MD5/SHA1 digest > calculation of a file uploaded via the HTTP POST method. Being > not uncommon for applications to require some digest of a freshly > uploaded file, doing the math directly in the

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread Dave
Ilia Alshanetsky wrote: -1 it seems somewhat redundant given that this signature can be easily generated via a single function call, md5_file() or sha1_file(). Ilia I think his point was that the hash is calculated as the file is being uploaded, which saves having to read the whole file a second

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread Ilia Alshanetsky
-1 it seems somewhat redundant given that this signature can be easily generated via a single function call, md5_file() or sha1_file(). Ilia On August 4, 2004 10:56 am, David Santinoli wrote: > Hi, > I'm submitting a patch to perform "on the fly" MD5/SHA1 digest > calculation of a file uploade

Re: [PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread Derick Rethans
On Wed, 4 Aug 2004, David Santinoli wrote: > I'm submitting a patch to perform "on the fly" MD5/SHA1 digest > calculation of a file uploaded via the HTTP POST method. Being > not uncommon for applications to require some digest of a freshly > uploaded file, doing the math directly in the buffer

[PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2004-08-04 Thread David Santinoli
Hi, I'm submitting a patch to perform "on the fly" MD5/SHA1 digest calculation of a file uploaded via the HTTP POST method. Being not uncommon for applications to require some digest of a freshly uploaded file, doing the math directly in the buffer where the file is being read can save some tim

[PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2003-11-05 Thread David Santinoli
Hi, I'm submitting a patch to perform "on the fly" MD5/SHA1 digest calculation of a file uploaded via the HTTP POST method. Since it is not uncommon for applications to require some digest of a freshly uploaded file, doing the math directly in the buffer where the file is being read can save so

[PHP-DEV] [PATCH] Passthrough MD5/SHA1 calculation of uploaded files

2003-07-07 Thread David Santinoli
Hi, I'm submitting a patch (previously sent to php-dev as suggested in the [obsolete?] README.SUBMITTING_PATCH) to perform "on the fly" MD5/SHA1 digest calculation of a file uploaded via the HTTP POST method. Since it is not uncommon for applications to require some digest of a freshly uploaded