扫描 PHP 上传的病毒 [英] Scan PHP uploads for viruses
问题描述
我目前正在使用以下代码扫描已作为申请表一部分上传的文件:
I'm currently using the following code to scan files that have been uploaded as part of an application form:
$safe_path = escapeshellarg($dir . $file);
$command = '/usr/bin/clamscan --stdout ' . $safe_path;
$out = '';
$int = -1;
exec($command, $out, $int);
if ($int == 0) {
// all good;
} else {
// VIRUS!;
}
它有效,但速度很慢.任何人都有任何建议 a).加快速度和 b).总体上改进脚本(例如,我不完全清楚 exec() 与 system() 等的好处)?
It works, but is slow. Anyone got any suggestions that would a). speed things up and b). improve the script generally (for instance, I'm not entirely clear on the benefits of exec() vs system(), etc)?
如果速度无法提高,那么我最好显示某种临时的请耐心等待您的文件正在被扫描"消息,但我也不知道该怎么做.
If the speed can't be improved then I'd ideally like to display some kind of interim "Please be patient your files are being scanned" message, but am not sure how to go about that either.
抱歉,应该说扫描需要在当时完成,因为如果没有有效(即无病毒)文件,将不会接受有问题的应用程序.
Sorry, should have said the scan needs to be done at the time as the application in question won't be accepted without valid (i.e virus-free) files.
推荐答案
如果您不需要立即向用户显示结果,您可以将文件添加到数据库表中以便稍后扫描.
If you don't need to display the results to the user instantly, you could add the file to a Database table for scanning later.
然后,您可以创建一个新进程来扫描和更新表中的结果.你有一个很好的例子:http://robert.accettura.com/blog/2006/09/14/asynchronous-processing-with-php/.
Then, you could fork a new process to scan and update the results in the table. You have a good example here: http://robert.accettura.com/blog/2006/09/14/asynchronous-processing-with-php/.
如果你绝对需要在同一个请求中显示结果,那么你可以完全按照我之前说的那样做,但是输出一个通过 AJAX 请求结果的临时页面;扫描结束后,将用户重定向到结果页面.
If you absolutely need to display the results within the same request, then you could do it exactly as I said before but outputting a temp page requesting the results via AJAX; once the scan is over, redirect the user to the results page.
如果您不想使用 JavaScript,那么一个简单的元刷新标签就可以解决问题.
If you don't want to use JavaScript, then a simple meta refresh tag would do the trick.
这篇关于扫描 PHP 上传的病毒的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
