As there are a few discussions popping up with errors occuring generally because one or more files have not uploaded successfully before installation (but these files are not used as part of the installation so it works OK) I wondered about how much work it would be to do a file check as part of the installation? Clearly actually checking the files existed and were readable would not be too difficult, but what about doing a CRC (or other) check on each of the files to make sure they were correct? I'm not too sure about the implications of this and how much work/server resource it would take? Any comments?

I wrote some classes for that: DirectoryScanner and IntegrityChecker. I tested it on windows and php5.2 but it should work with php 4.1+.
I wrote the php cli script to create the list of md5 signatures: tools/php/md5.php. It create a csv file, appg/md5.php:

account.php,9474a96992d28764ab13f9a631831308
ajax/blockcategory.php,c3d928892a77eab2d4d523e7b5e9a2c3
ajax/getusers.php,a6c5866046272143b471cfd1bca7040e
ajax/sortcategories.php,89b6bdcd82bda772fe429b2fe5a559e9
ajax/sortroles.php,c6dcf35902accd539bd9ff0571fcc3bb
ajax/switch.php,cb65b7ae412d0a23d26e147217866fff
ajax/switchextension.php,469f9e9200036d208b711abe7c6af3c3
ajax/updatecheck.php,96dd6a68372ce1b23694de77cd3417df
appg/.htaccess,420c8aff4188125d245fa5acc4f333c6
...


It is created with the package.

The creation of signature is almost done (need some doc, exclude some some files from the list, add some error message, etc...).

It can check the installation against the md5 list but it still need to implemented in the installation script and added to the settings page.

For upgrade, vanilla could compare the application version with one saved in a configuration setting the last time a integrity check has occurred. If the check fails, a message is added to the discussion page, like the message that is inviting to check if a new version of vanilla is available.

Here what would look like the check in index.php:

// integrity check
if ($Context->Session->User->Permission('PERMISSION_CHANGE_APPLICATION_SETTINGS')
&& (empty($Configuration['LAST_INTEGRITY_CHECK'])
|| APPLICATION_VERSION !== $Configuration['LAST_INTEGRITY_CHECK'])
){
$IntegrityChecker = $Context->ObjectFactory->NewObject($Context, "IntegrityChecker");
if ($IntegrityChecker->Check($Configuration['APPLICATION_PATH'] . 'appg/md5.csv') === false) {
$NoticeCollector->AddNotice($Context->GetDefinition('SomeFilesAreCorruptedOrMissing'));
} else {
AddConfigurationSetting($Context, 'LAST_INTEGRITY_CHECK', APPLICATION_VERSION);
}
}


It seems the md5 signature generated on windows only works on windows. The one generated on Ubuntu work on linux and windows.

Maybe line-end characters got converted when the files were uploaded? We could try stripping all CRs and LFs from the file before generating the signature.

It looks like this is a "feature" of ASCII mode FTP.