I am looking to see how I can go about checking if an uploaded file has a virus or not via PHP. What options exist, pros and cons of each, etc.
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am looking to see how I can go about checking if an uploaded file has a virus or not via PHP. What options exist, pros and cons of each, etc.
ClamAV is a free anti virus commonly used on server applications.
php-clamav is an extension for binding ClamAV to PHP. You can check their documentation.
I’ve found a tutorial on how to use clamav as a Zend Framework Validator which already includes instructions on how to verify upload files. The tutorial should also help you on using it on another frameworks or architectures.
You can also call clamav by its command line interface with
clamscan. This requires clamav to be installed but not the PHP extension. In the PHP side, you canshell_exec('clamscan myuploadedfile.zip');then parse the output. Lines ending withOKare safe files, lines ending withFOUNDare malicious files.