function OnPageStart()
{
if (self::isSafetyRequest()) {
//Check only GET and POST request
return;
}
global $APPLICATION, $DB, $BX_SECURITY_AV_TIMEOUT, $BX_SECURITY_AV_ACTION;
$BX_SECURITY_AV_TIMEOUT = COption::GetOptionInt("security", "antivirus_timeout");
$BX_SECURITY_AV_ACTION = COption::GetOptionInt("security", "antivirus_action");
//user white list
global $BX_SECURITY_AV_WHITE_LIST, $CACHE_MANAGER;
if ($CACHE_MANAGER->Read(36000, "b_sec_white_list")) {
$BX_SECURITY_AV_WHITE_LIST = $CACHE_MANAGER->Get("b_sec_white_list");
} else {
$BX_SECURITY_AV_WHITE_LIST = array();
$res = CSecurityAntiVirus::GetWhiteList();
while ($ar = $res->Fetch()) {
$BX_SECURITY_AV_WHITE_LIST[] = $ar["WHITE_SUBSTR"];
}
$CACHE_MANAGER->Set("b_sec_white_list", $BX_SECURITY_AV_WHITE_LIST);
}
//Init DB in order to be able to register the event in the shutdown function
CSecurityDB::Init();
//Check if we started output buffering in auto_prepend_file
//so we'll have chances to detect virus before prolog
if (defined("BX_SECURITY_AV_STARTED")) {
$content = ob_get_contents();
ob_end_clean();
if (strlen($content)) {
$Antivirus = new CSecurityAntiVirus("pre");
$Antivirus->Analyze($content);
echo $content;
}
}
//Initiate monitoring of output that can be after working antivirus.
register_shutdown_function(array('CSecurityAntiVirus', 'PHPShutdown'));
//Check notification from previous hit
$fname = $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/managed_cache/b_sec_virus";
if (file_exists($fname)) {
$rsInfo = $DB->Query("select * from b_sec_virus where SENT='N'");
if ($arInfo = $rsInfo->Fetch()) {
if ($table_lock = CSecurityDB::LockTable('b_sec_virus', $APPLICATION->GetServerUniqID() . "_virus")) {
$SITE_ID = false;
do {
$SITE_ID = $arInfo["SITE_ID"];
if (strlen($arInfo["INFO"])) {
$arEvent = unserialize(base64_decode($arInfo["INFO"]));
if (is_array($arEvent)) {
$DB->Add("b_event_log", $arEvent, array("DESCRIPTION"));
}
}
CSecurityDB::Query("update b_sec_virus set SENT='Y' where ID='" . $arInfo["ID"] . "'", '');
} while ($arInfo = $rsInfo->Fetch());
CTimeZone::Disable();
$arDate = localtime(time());
$date = mktime($arDate[2], $arDate[1] - $BX_SECURITY_AV_TIMEOUT, 0, $arDate[4] + 1, $arDate[3], 1900 + $arDate[5]);
CSecurityDB::Query("DELETE FROM b_sec_virus WHERE TIMESTAMP_X <= " . $DB->CharToDateFunction(ConvertTimeStamp($date, "FULL")), '');
CTimeZone::Enable();
CEvent::Send("VIRUS_DETECTED", $SITE_ID ? $SITE_ID : SITE_ID, array("EMAIL" => COption::GetOptionString("main", "email_from", "")));
CSecurityDB::UnlockTable($table_lock);
@unlink($fname);
}
}
}
}
