Hashed your files name

Hashed your files name

I used to forget things lately. I forgot my application algorithm when I tried to customize the app last time. Then I have to break down the app again into pieces (_ _!). And it is my bad too that I don’t have the documentation, well I just don’t have the time.. *ngeles*

I chatted with my coding partner and talked about how people could get your files on your website’s folders by just typing that file’s name correctly on their browser. We know that code igniter have some protection like when we type the folder’s name, if we include some empty “index.php” file, then the browser will just shown us nothing. But I still couldn’t find the way to do so to the files inside the folders.

Then I just thought maybe I should hash the filenames. Like when I uploaded a photo to some folder, I hash the filename before I insert it to the database. So people who get naughty won’t be able to get the filename. Well, maybe just a filename that shown on the browser when they try “view source”. But at least they’ll get some difficulty to guess the other filenames 👿

My trick is, for example, I uploaded a photo with a filename base on the code (or ID) registered on the database of the application. People will guess easily if you just hash the Code or ID. But try to combine the ID with names or any code you can think of (of course related to your application), then hash it. For example: hash(dateCreated_ID). At least people will get difficulty to break your filename format if it has been hashed. I believe facebook  (and others) doing the same thing 😀

But again, don’t forget to get it documented or you too could get lost when you forgot your coding style (like me) 😆

Advertisements

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s