PHP automatically scan files for viruses?

[random1]

I have a site that holds a lot of user-updated content (including PDFs) that I want to automatically scan for viruses upon file upload or download.

 

An example of this would be Hotmail's email scanner that checks before you download.

 

How can I scan files when the user requests a download or performs an upload?

[cooldude832]

You have to define what is a "virus" in the files content in some sort of array or database system and then using file or file_get_contents() explore its content for malicious code and then from there approve or deny the file upload.

 

Its a large task for someone who doesn't know to start and I'd suggest its over kill for what you are doing if you have a properly setup .htaccess and chmods

[random1]

Hmmm, shouldn't need to use anything custom really.

 

I found:

 

if (system("clamscan uploadedfile.rar"))

{

echo "File clean.";

}

else

{

echo "File infected.";

}

 

I don't know if I have 'clamscan' on my server but I'll give a whirl...

 

Anyone have any info for anything better?

[cooldude832]

I'd assume u had no system side Virus scan to run on a given file.

 

However that will not work until the file has a physical location on your system (not the temp upload directory)