Donncha: I’ve been thinking about it, and I see some problems with the MD5 concept. The problem is the CR/LF conversion is going to mess things up for you, with different hosts and such. Also, keeping big lists is a losing proposition. Why not use the MD5 idea to check if any files changed?

Here’s some sample code I threw together. It basically recursively hashes a directory of files, encrypts all the hashes with a password, and then stores them into a file. It can also read the file, repeat the process, and list any changes made. The reason for the password encryption is that if somebody has access to the file, they can just rehash unless there is something else not on the system itself to protect against that.

$hashvalue) {
if ($filehashes[$hashkey] != $hashvalue) {
echo “$hashkey has changed!\n”;


check_hashes(‘hashes.txt’, ‘/path/to/wordpress-2.5.1/’,’password’);