Hi I am trying to find out how to scan my uploaded files for viruses. I have been searching for a bit and the only posts I have found are like 2007 posts that say to use clamav. The only problem is that is hadn't been updated for a while back in 2007 and now the website is some car loan page. I managed to find the files but noticed it is a UNIX file which would work at home but not at work where I'm using IIS running PHP. And what worries me is that it seems this php-clamavlib project is dead and not being updated. So is there a new one to use? Or how else would I do it? Thanks for any help.
you'll need to find a command line based virus scanner, then trigger it when a file has been uploaded. try a google search for "windows command line virus scanner"
Thanks... I will check with the guys in the IT to make sure which version of AV we are running here... So would you recommend doing the same for a UNIX system or something different.
it would be the same logic on any system. though as always, *nix systems likely make it run a little more smoothly. I don't have much experience executing command line programs on windowz/iis. but it should work.
*nix systems likely make it run a little more smoothly.
That make's me smile...hahaha Yea, It takes about 3 to 4 times as long to write for windows and MsSQL as it does with a Unix/Linux system with MySQL. And then it never runs 100% as well as it should. Thanks for the help.
I would say so. You could use either exec() and call clamscan from the script to scan the file(s), or connect via a TCP/unix socket and scan it directly.
Should be simple enough to connect and scan that way using fsockopen and such. There'll also be far less overhead doing it this way. Clamscan, (unlike clamdscan, which requires permissions on the files to be the Clam user or group, but can't remember which offhand), has to load the sig files each time it's called.
Checked it and the scan worked. Came back saying it was a virus.
Now for the code... I'm not too knowledgeable with command line so hopefully you can help me out. Here is the code I am just testing. But it keeps coming back a virus even though I know the file is not... Do I have the wrong command line path or something.
Okay now that that is working... Matt you mentioned that you could call 'clamscan from the script to scan the file(s)'; Is this what you meant or something else cause this uses the exec command.
That's what I meant. Clamscan scans with the privileges of the user calling it, so that's the one you want for exec. As I say though, that won't be the best option if the server is quite busy/loaded. Connecting directly to clamd via a socket would be preferable under those circumstances.
Before you post, read our: 
Yea, It takes about 3 to 4 times as long to write for windows and MsSQL as it does with a Unix/Linux system with MySQL. And then it never runs 100% as well as it should. 
Thanks for the help.
Clamscan scans with the privileges of the user calling it, so that's the one you want for exec. As I say though, that won't be the best option if the server is quite busy/loaded. Connecting directly to clamd via a socket would be preferable under those circumstances.
