/**
* Validate file
*
* @param array $file
* @param int $max_file_size MB
* @param string $allowed_file_extension
* @return bool TRUE if valid ot FALSE if else
*/
public static function fileValid($file, $max_file_size, $allowed_file_extension)
{
// Dependencies test
if (!isset($file['tmp_name']) || !isset($file['name'])) {
return false;
}
// Check for array keys existing
if (empty($file['tmp_name']) || empty($file['name'])) {
return false;
}
// Test for allowed extension
if (mb_strtolower($allowed_file_extension) != @pathinfo($file['name'], PATHINFO_EXTENSION)) {
return false;
}
// Test for maximum file size
if ($max_file_size < @filesize($file['tmp_name']) / 1000000) {
return false;
}
// ClamAV scanning for viruses
if (CL_VIRUS == cl_scanfile($file['tmp_name'])) {
return false;
}
// Success
return true;
}
public function validate(\Foundation\Form\Input $input)
{
$fileArr = $input->get($this->e->getName());
$retcode = cl_scanfile($fileArr['tmp_name'], $virusname);
if ($retcode == CL_VIRUS) {
unlink($fileArr['tmp_name']);
$this->addError('Virus Detection Error: ' . cl_pretcode($retcode) . " {$virusname}.");
return false;
}
return true;
}
function isClean($filename, $orig_filename = '')
{
$ret_val = true;
if (!empty($filename) and file_exists($filename)) {
// call scanner on file
if (isset($this->_php) and !empty($this->_php) and $this->_php) {
// viren scanning with PHP - clamscan - lib
if ($virus_name = cl_scanfile($filename)) {
if (!empty($orig_filename)) {
$filename_text = $orig_filename;
} else {
$filename_text = $filename;
}
if (mb_strtoupper($virus_name, 'UTF-8') != 'OVERSIZED.ZIP') {
$this->_virus_name = $virus_name;
$this->_output = $this->_translator->getMessage('VIRUS_VIRUS_FOUND', $virus_name, $filename_text);
unlink($filename);
$ret_val = false;
}
}
} elseif (file_exists($this->_path . "/" . $this->_bin)) {
// viren scanning with shell command
$output = shell_exec($this->_path . "/" . $this->_bin . " " . escapeshellcmd($filename . " | grep FOUND"));
if ($output != '' and mb_stristr($output, 'FOUND')) {
// maybe its only the filename, so remove it from output
$output = str_replace($filename . ': ', "", $output);
if (mb_stristr($output, 'FOUND') and !mb_stristr($output, 'Oversized.Zip')) {
// still a 'FOUND' in output?
$ret_val = false;
$virus_name = str_replace(' FOUND', "", $output);
$this->_virus_name = $virus_name;
if (!empty($orig_filename)) {
$filename_text = $orig_filename;
} else {
$filename_text = $filename;
}
$this->_output = $this->_translator->getMessage('VIRUS_VIRUS_FOUND', $virus_name, $filename_text);
unlink($filename);
}
}
} else {
$ret_val = false;
$this->_output = $this->_translator->getMessage('VIRUS_SCANNER_NOT_FOUND', $this->_path . "/" . $this->_bin);
}
}
return $ret_val;
}
/**
* Does validation on the current upload.
*
* @access protected
* @param boolean $import
* @return boolean
*/
protected function _validates($import = false)
{
$current = $this->_data[$this->_current];
$grouping = self::checkMimeType($current['ext'], $current['type']);
if ($grouping) {
$this->_data[$this->_current]['group'] = $grouping;
} else {
if (!$import) {
return false;
}
}
// Only validate uploaded files, not imported
if (!$import && !isset($current['stream'])) {
if ($current['error'] > 0 || !is_uploaded_file($current['tmp_name']) || !is_file($current['tmp_name'])) {
return false;
}
// Requires the ClamAV module to be installed
if ($this->scanFile && $this->_loadExtension('clamav')) {
cl_setlimits(5, 1000, 200, 0, 10485760);
if (cl_scanfile($current['tmp_name'])) {
return false;
}
}
}
return true;
}
/**
* Does validation on the current upload
* @access private
* @return boolean
*/
private function __validates()
{
$validExt = false;
$validMime = false;
// Check valid mime type!
if (!isset($this->__data[$this->__current]['group'])) {
$this->__data[$this->__current]['group'] = '';
}
foreach ($this->__mimeTypes as $grouping => $mimes) {
if (isset($mimes[$this->__data[$this->__current]['ext']])) {
$validExt = true;
}
$currType = mb_strtolower($this->__data[$this->__current]['type']);
foreach ($mimes as $mimeExt => $mimeType) {
if ($currType == $mimeType || is_array($mimeType) && in_array($currType, $mimeType)) {
$validMime = true;
break;
}
}
if ($validExt === true && $validMime === true) {
$this->__data[$this->__current]['group'] = $grouping;
}
}
if ($validExt === false || $validMime === false) {
return false;
}
// Correctly uploaded?
if ($this->__data[$this->__current]['error'] > 0 || !is_uploaded_file($this->__data[$this->__current]['tmp_name']) || !is_file($this->__data[$this->__current]['tmp_name'])) {
return false;
}
// Requires the ClamAV module to be installed
// http://www.clamav.net/
if ($this->scanFile === true) {
if (!extension_loaded('clamav')) {
@dl('clamav.' . PHP_SHLIB_SUFFIX);
}
if (extension_loaded('clamav')) {
cl_setlimits(5, 1000, 200, 0, 10485760);
//clam_get_version();
if ($malware = cl_scanfile($this->__data[$this->__current]['tmp_name'])) {
return false;
}
}
}
return true;
}
echo "<b>cl_version() return : </b>" . cl_version() . $br;
/* Run cl_retcode() and return result for a CL_CLEAN and CL_VIRUS */
echo "<b>cl_pretcode(CL_CLEAN) return : </b>" . cl_pretcode(CL_CLEAN) . $br;
echo "<b>cl_pretcode(CL_VIRUS) return : </b>" . cl_pretcode(CL_VIRUS) . $br;
/* For future use */
//echo "<b>cl_engine_get_num(\"CL_ENGINE_MAX_SCANSIZE\") return : </b>".cl_engine_get_num("CL_ENGINE_MAX_SCANSIZE").$br;
//echo "<b>cl_engine_get_num(\"CL_ENGINE_MAX_FILESIZE\") return : </b>".cl_engine_get_num("CL_ENGINE_MAX_FILESIZE").$br;
//echo "<b>cl_engine_get_num(\"CL_ENGINE_MAX_RECURSION\") return : </b>".cl_engine_get_num("CL_ENGINE_MAX_RECURSION").$br;
/* Start counter for bench execution time */
$time_start = microtime(true);
/* Run cl_engine() for set the limits values on scan */
cl_engine(10000, 734003200, 734003200, 25, 0);
/* Set max_execution_time to 120 second
* Only if safe_mode is disabled */
ini_set('max_execution_time', 120);
/* Run a cl_scanfile() and return the result into $retcode and the virus name if found in $virusname */
$retcode = cl_scanfile($file, $virusname);
/* Restore max_execution_time value from php.ini */
ini_restore('max_execution_time');
/* Stop counter for bench execution time */
$time_end = microtime(true);
$time = $time_end - $time_start;
/* Check if a virus founded by scan */
if ($retcode == CL_VIRUS) {
echo "<b>Execution time : </b>" . round($time, 2) . " seconds" . $br . "<b>File path : </b>" . $file . $br . "<b>Return code : </b>" . cl_pretcode($retcode) . $br . "<b>Virus found name : </b>" . $virusname . $br;
} else {
echo "<b>Execution time : </b>" . $time . " seconds" . $br . "<b>File path : </b>" . $file . $br . "<b>Return code : </b>" . cl_pretcode($retcode) . $br;
}
} else {
echo "Module {$module} is not loaded into PHP";
}
