What are my options to check for viruses on a PHP upload?

php file-upload antivirus virus
Carl picture Carl · May 19, 2012 · Viewed 28.2k times · Source

I am looking to see how I can go about checking if an uploaded file has a virus or not via PHP. What options exist, pros and cons of each, etc.

Answer

alganet picture alganet · May 19, 2012

ClamAV is a free anti virus commonly used on server applications.

php-clamav is an extension for binding ClamAV to PHP. You can check their documentation.

I've found a tutorial on how to use clamav as a Zend Framework Validator which already includes instructions on how to verify upload files. The tutorial should also help you on using it on another frameworks or architectures.

You can also call clamav by its command line interface with clamscan. This requires clamav to be installed but not the PHP extension. In the PHP side, you can shell_exec('clamscan myuploadedfile.zip'); then parse the output. Lines ending with OK are safe files, lines ending with FOUND are malicious files.

Related questions

Multiple file upload in php

I want to upload multiple files and store them in a folder and get the path and store it in the database... Any good example you looked for doing multiple file upload... Note: Files can be of any type...

Read More
How to rename uploaded file before saving it into a directory?

Below is the code I used in order to upload files into a directory. It works fine. My main question is: move_uploaded_file() is the one that saves the uploaded file into the directory, and it is also my …

Read More
Multiple Image Upload PHP form with one input

I've been trying to make this work for quite some time now. But I can't seem to make it work. I wanted to have a multiple image upload form with only using one input. this is my upload.php <?…

Read More