Php 使用命令行AV的安全文件上载脚本中的问题
我有一个安全的文件上传功能,这是我的网站的一部分 我正在使用防病毒软件来帮助我检查用户试图上传的文件 这是我的uploadprocess.php文件Php 使用命令行AV的安全文件上载脚本中的问题,php,file,file-upload,xampp,antivirus,Php,File,File Upload,Xampp,Antivirus,我有一个安全的文件上传功能,这是我的网站的一部分 我正在使用防病毒软件来帮助我检查用户试图上传的文件 这是我的uploadprocess.php文件 $target_tmp = "D:\avscan\u\\"; $file = basename( $_FILES['uploaded_file']['name']) ; if($file != "") $_SESSION['file'] = $file; $target = 'C:\xampp\htdocs\ssd\Uploads\\';
$target_tmp = "D:\avscan\u\\";
$file = basename( $_FILES['uploaded_file']['name']) ;
if($file != "")
$_SESSION['file'] = $file;
$target = 'C:\xampp\htdocs\ssd\Uploads\\';
$file_path = $target_tmp.$file;
if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $file_path))
{
$safe_path = escapeshellarg($file_path);
$command = 'scancl'. $safe_path. ' --stdout';
$out = '';
$int = -1;
$output = exec($command, $out, $int);
echo "The output is" .$output;
echo $int;
exit(0);
//Checking for Virus.
if ($int == 0) {
$target = $target.$file;
//echo $target; exit(0);
copy($file_path, $target);
$uploaded = "The file ". $_SESSION['file']. "has been uploaded";
$clean = 'File is Clean.';
$_SESSION['status'] = $clean;
$_SESSION['upload'] = $uploaded;
header("location: ../upload.php");
exit(0);
}
// File is a virus.
else {
$mal = 'Contains Malware';
$deny_up = "Unable to Upload Your File!";
$_SESSION['status'] = $mal;
$_SESSION['upload'] = $deny_up;
header("location: ../upload.php");
exit(0);
}
}
else
{
echo "SORRY, There was a Problem Uploading Your File."; exit(0);
$err_upload = "SORRY, There was a Problem Uploading Your File.";
$_SESSION['err'] = err_upload;
header("location: ../upload.php");
exit(0);
}
PS系统安装在XAMPP上,如果这有什么不同您能更具体地说明什么不起作用吗?从理论上讲,至少对于ClamAV来说,您所做的似乎很好,因为它有以下返回代码(来自man clamscan): 也许它想记录exec调用的输出,如果您没有得到预期的退出代码,那么原因应该在输出中(比如缺少命令行标志)
RETURN CODES
0 : No virus found.
1 : Virus(es) found.
2 : Some error(s) occured.