Page 1 of 1

scanning files when they are uploaded to server

Posted: Sun Feb 09, 2003 8:13 pm
by psmshankar
in our application we are asking to user to upload '.doc' and '.zip' files only. If it is doc file, the client is very much worried about the virus...
so they asked whether is it possible to scan for virus and then copy to the server...

is it possible to scan for virus before uploading ..from the server side.??
as like in yahoo.. when u attach a file, it will automatically scan and then allow is it not...just exactly i want..

the Server OS is linux for one client and windows for another client...

can we do it from the server? once the press the submit button after choosing the file to upload, the scope is in server side....so how to call a antivirus porgram to chk that file and then do the neccesary process...

Posted: Sun Feb 09, 2003 8:43 pm
by volka
There are some virusscanners for linux that offer a commandline tool that can be invoked by php's exec/system/... functions.
If the uploaded (temp.) files do not approve you can delete or simply forget them since php will remove temp. files if not moved.

E.g. http://www.f-prot.com. Of course there are more to choose from but that's what I use for free (personal use).

Posted: Sun Feb 09, 2003 8:49 pm
by psmshankar
thanks volka...
we can execute the virus scanner thru command line ..but how to trace out the result...becos based on the result only we are going to either accept the file or reject...

Posted: Sun Feb 09, 2003 8:56 pm
by volka
I would never accept a contaminated file even if a scanner/filter tells me "it's all right now, virus deleted".
Simply passthru the output (maybe only the name of the virus found) and reject the upload. Let the user take care of the plague, probably there are more files on the infected system to worry about.

Posted: Sun Feb 09, 2003 9:06 pm
by psmshankar
what i meant was..how to get the result from the virus scanner application? we will be executing that exe by passing some values as arguments and it starts scanning..fine... but how to get the result...where we can see the results?

Posted: Sun Feb 09, 2003 9:17 pm
by volka
by fetching and parsing the output
http://www.php.net/manual/en/function.exec.php
string exec ( string command [, array output [, int return_var]])
But I cannot tell you what this output would look like, since I never encountered a virus with this tool (only once ever and that was before f-prot, lucky me :) )
But the positive output of the current version is
No viruses or suspicious files/boot sectors were found.