dolibarr  13.0.2
antivir.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2000-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
4  * Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
5  * Copyright (C) 2005-2009 Regis Houssin <regis.houssin@inodbox.com>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program. If not, see <https://www.gnu.org/licenses/>.
19  * or see https://www.gnu.org/
20  */
21 
30 class AntiVir
31 {
35  public $error = '';
36 
40  public $errors = array();
41 
45  public $output;
46 
50  public $db;
51 
57  public function __construct($db)
58  {
59  $this->db = $db;
60  }
61 
62  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
71  public function dol_avscan_file($file)
72  {
73  // phpcs:enable
74  global $conf;
75 
76  $return = 0;
77 
78  if (preg_match('/\.virus$/i', $file))
79  {
80  $this->errors[] = 'File has an extension saying file is a virus';
81  return -97;
82  }
83 
84  $fullcommand = $this->getCliCommand($file);
85  //$fullcommand='"c:\Program Files (x86)\ClamWin\bin\clamscan.exe" --database="C:\Program Files (x86)\ClamWin\lib" "c:\temp\aaa.txt"';
86  $fullcommand .= ' 2>&1'; // This is to get error output
87 
88  $output = array();
89  $return_var = 0;
90  $safemode = ini_get("safe_mode");
91  // Create a clean fullcommand
92  dol_syslog("AntiVir::dol_avscan_file Run command=".$fullcommand." with safe_mode ".($safemode ? "on" : "off"));
93  // Run CLI command. If run of Windows, you can get return with echo %ERRORLEVEL%
94  $lastline = exec($fullcommand, $output, $return_var);
95 
96  if (is_null($output)) $output = array();
97 
98  //print "x".$lastline." - ".join(',',$output)." - ".$return_var."y";exit;
99 
100  /*
101  $outputfile=$conf->admin->dir_temp.'/dol_avscan_file.out.'.session_id();
102  $handle = fopen($outputfile, 'w');
103  if ($handle)
104  {
105  $handlein = popen($fullcommand, 'r');
106  while (!feof($handlein))
107  {
108  $read = fgets($handlein);
109  fwrite($handle,$read);
110  }
111  pclose($handlein);
112 
113  $errormsg = fgets($handle,2048);
114  $this->output=$errormsg;
115 
116  fclose($handle);
117 
118  if (! empty($conf->global->MAIN_UMASK))
119  @chmod($outputfile, octdec($conf->global->MAIN_UMASK));
120  }
121  else
122  {
123  $langs->load("errors");
124  dol_syslog("Failed to open file ".$outputfile,LOG_ERR);
125  $this->error="ErrorFailedToWriteInDir";
126  $return=-1;
127  }
128  */
129 
130  dol_syslog("AntiVir::dol_avscan_file Result return_var=".$return_var." output=".join(',', $output));
131 
132  $returncodevirus = 1;
133  if ($return_var == $returncodevirus) // Virus found
134  {
135  $this->errors = $output;
136  return -99;
137  }
138 
139  if ($return_var > 0) // If other error
140  {
141  $this->errors = $output;
142  return -98;
143  }
144 
145  // If return code = 0
146  return 1;
147  }
148 
149 
150 
157  public function getCliCommand($file)
158  {
159  global $conf;
160 
161  $maxreclevel = 5; // maximal recursion level
162  $maxfiles = 1000; // maximal number of files to be scanned within archive
163  $maxratio = 200; // maximal compression ratio
164  $bz2archivememlim = 0; // limit memory usage for bzip2 (0/1)
165  $maxfilesize = 10485760; // archived files larger than this value (in bytes) will not be scanned
166 
167  $command = $conf->global->MAIN_ANTIVIRUS_COMMAND;
168  $param = $conf->global->MAIN_ANTIVIRUS_PARAM;
169 
170  $param = preg_replace('/%maxreclevel/', $maxreclevel, $param);
171  $param = preg_replace('/%maxfiles/', $maxfiles, $param);
172  $param = preg_replace('/%maxratio/', $maxratio, $param);
173  $param = preg_replace('/%bz2archivememlim/', $bz2archivememlim, $param);
174  $param = preg_replace('/%maxfilesize/', $maxfilesize, $param);
175  $param = preg_replace('/%file/', trim($file), $param);
176 
177  if (!preg_match('/%file/', $conf->global->MAIN_ANTIVIRUS_PARAM))
178  $param = $param." ".escapeshellarg(trim($file));
179 
180  if (preg_match("/\s/", $command)) $command = escapeshellarg($command); // Use quotes on command. Using escapeshellcmd fails.
181 
182  $ret = $command.' '.$param;
183  //$ret=$command.' '.$param.' 2>&1';
184  //print "xx".$ret."xx";exit;
185 
186  return $ret;
187  }
188 }
AntiVir
Class to scan for virus.
Definition: antivir.class.php:30
db
$conf db
API class for accounts.
Definition: inc.php:54
AntiVir\__construct
__construct($db)
Constructor.
Definition: antivir.class.php:57
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208
AntiVir\dol_avscan_file
dol_avscan_file($file)
Scan a file with antivirus.
Definition: antivir.class.php:71
AntiVir\getCliCommand
getCliCommand($file)
Get full Command Line to run.
Definition: antivir.class.php:157
Generated on Sat Aug 23 2025 13:17:16 for dolibarr by Doxygen 1.8.5