in our application we are asking to user to upload '.doc' and '.zip' files only. If it is doc file, the client is very much worried about the virus...
so they asked whether is it possible to scan for virus and then copy to the server...
is it possible to scan for virus before uploading ..from the server side.??
as like in yahoo.. when u attach a file, it will automatically scan and then allow is it not...just exactly i want..
the Server OS is linux for one client and windows for another client...
can we do it from the server? once the press the submit button after choosing the file to upload, the scope is in server side....so how to call a antivirus porgram to chk that file and then do the neccesary process...
scanning files when they are uploaded to server
Moderator: General Moderators
-
psmshankar
- Forum Commoner
- Posts: 96
- Joined: Tue Aug 06, 2002 4:25 am
- Location: India
There are some virusscanners for linux that offer a commandline tool that can be invoked by php's exec/system/... functions.
If the uploaded (temp.) files do not approve you can delete or simply forget them since php will remove temp. files if not moved.
E.g. http://www.f-prot.com. Of course there are more to choose from but that's what I use for free (personal use).
If the uploaded (temp.) files do not approve you can delete or simply forget them since php will remove temp. files if not moved.
E.g. http://www.f-prot.com. Of course there are more to choose from but that's what I use for free (personal use).
-
psmshankar
- Forum Commoner
- Posts: 96
- Joined: Tue Aug 06, 2002 4:25 am
- Location: India
I would never accept a contaminated file even if a scanner/filter tells me "it's all right now, virus deleted".
Simply passthru the output (maybe only the name of the virus found) and reject the upload. Let the user take care of the plague, probably there are more files on the infected system to worry about.
Simply passthru the output (maybe only the name of the virus found) and reject the upload. Let the user take care of the plague, probably there are more files on the infected system to worry about.
-
psmshankar
- Forum Commoner
- Posts: 96
- Joined: Tue Aug 06, 2002 4:25 am
- Location: India
by fetching and parsing the output
http://www.php.net/manual/en/function.exec.php
string exec ( string command [, array output [, int return_var]])
But I cannot tell you what this output would look like, since I never encountered a virus with this tool (only once ever and that was before f-prot, lucky me
)
But the positive output of the current version is
http://www.php.net/manual/en/function.exec.php
string exec ( string command [, array output [, int return_var]])
But I cannot tell you what this output would look like, since I never encountered a virus with this tool (only once ever and that was before f-prot, lucky me
But the positive output of the current version is
No viruses or suspicious files/boot sectors were found.