dolibarr  9.0.0
antivir.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2000-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
4  * Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
5  * Copyright (C) 2005-2009 Regis Houssin <regis.houssin@inodbox.com>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program. If not, see <http://www.gnu.org/licenses/>.
19  * or see http://www.gnu.org/
20  */
21 
31 class AntiVir
32 {
36  public $error='';
37 
41  public $errors = array();
42 
46  public $output;
47 
51  public $db;
52 
58  function __construct($db)
59  {
60  $this->db=$db;
61  }
62 
63  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.NotCamelCaps
72  function dol_avscan_file($file)
73  {
74  // phpcs:enable
75  global $conf;
76 
77  $return = 0;
78 
79  if (preg_match('/\.virus$/i', $file))
80  {
81  $this->errors[] = 'File has an extension saying file is a virus';
82  return -97;
83  }
84 
85  $fullcommand=$this->getCliCommand($file);
86  //$fullcommand='"c:\Program Files (x86)\ClamWin\bin\clamscan.exe" --database="C:\Program Files (x86)\ClamWin\lib" "c:\temp\aaa.txt"';
87  $fullcommand.=' 2>&1'; // This is to get error output
88 
89  $output=array();
90  $return_var=0;
91  $safemode=ini_get("safe_mode");
92  // Create a clean fullcommand
93  dol_syslog("AntiVir::dol_avscan_file Run command=".$fullcommand." with safe_mode ".($safemode?"on":"off"));
94  // Run CLI command. If run of Windows, you can get return with echo %ERRORLEVEL%
95  $lastline=exec($fullcommand, $output, $return_var);
96 
97  //print "x".$lastline." - ".join(',',$output)." - ".$return_var."y";exit;
98 
99  /*
100  $outputfile=$conf->admin->dir_temp.'/dol_avscan_file.out.'.session_id();
101  $handle = fopen($outputfile, 'w');
102  if ($handle)
103  {
104  $handlein = popen($fullcommand, 'r');
105  while (!feof($handlein))
106  {
107  $read = fgets($handlein);
108  fwrite($handle,$read);
109  }
110  pclose($handlein);
111 
112  $errormsg = fgets($handle,2048);
113  $this->output=$errormsg;
114 
115  fclose($handle);
116 
117  if (! empty($conf->global->MAIN_UMASK))
118  @chmod($outputfile, octdec($conf->global->MAIN_UMASK));
119  }
120  else
121  {
122  $langs->load("errors");
123  dol_syslog("Failed to open file ".$outputfile,LOG_ERR);
124  $this->error="ErrorFailedToWriteInDir";
125  $return=-1;
126  }
127  */
128 
129  dol_syslog("AntiVir::dol_avscan_file Result return_var=".$return_var." output=".join(',',$output));
130 
131  $returncodevirus=1;
132  if ($return_var == $returncodevirus) // Virus found
133  {
134  $this->errors=$output;
135  return -99;
136  }
137 
138  if ($return_var > 0) // If other error
139  {
140  $this->errors=$output;
141  return -98;
142  }
143 
144  // If return code = 0
145  return 1;
146  }
147 
148 
149 
156  function getCliCommand($file)
157  {
158  global $conf;
159 
160  $maxreclevel = 5 ; // maximal recursion level
161  $maxfiles = 1000; // maximal number of files to be scanned within archive
162  $maxratio = 200; // maximal compression ratio
163  $bz2archivememlim = 0; // limit memory usage for bzip2 (0/1)
164  $maxfilesize = 10485760; // archived files larger than this value (in bytes) will not be scanned
165 
166  $command=$conf->global->MAIN_ANTIVIRUS_COMMAND;
167  $param=$conf->global->MAIN_ANTIVIRUS_PARAM;
168 
169  $param=preg_replace('/%maxreclevel/',$maxreclevel,$param);
170  $param=preg_replace('/%maxfiles/',$maxfiles,$param);
171  $param=preg_replace('/%maxratio/',$maxratio,$param);
172  $param=preg_replace('/%bz2archivememlim/',$bz2archivememlim,$param);
173  $param=preg_replace('/%maxfilesize/',$maxfilesize,$param);
174  $param=preg_replace('/%file/',trim($file),$param);
175 
176  if (! preg_match('/%file/',$conf->global->MAIN_ANTIVIRUS_PARAM))
177  $param=$param." ".escapeshellarg(trim($file));
178 
179  if (preg_match("/\s/",$command)) $command=escapeshellarg($command); // Use quotes on command. Using escapeshellcmd fails.
180 
181  $ret=$command.' '.$param;
182  //$ret=$command.' '.$param.' 2>&1';
183  //print "xx".$ret."xx";exit;
184 
185  return $ret;
186  }
187 }
Class to scan for virus.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
__construct($db)
Constructor.
dol_avscan_file($file)
Scan a file with antivirus.
getCliCommand($file)
Get full Command Line to run.