Scan the uploaded file

@bee_kishoreAug 30.2005

Hi All!,
I developed an application using PHP called ‘Resume Manager’ where user can register and upload their resume. But i want to scan the uploaded file (in this case resume) before moving the file on to the server.
Can anyone helps me regarding this.
Thanx in advance,
WIth regards,
Kishore

to post a comment

PHP

8 Comments(s) _↴

@bokehAug 30.2005 — #Scan it for what? You could analyse it to assess if it is of the correct mime type or content. What type of file will it be and what will it contain?

@charlesdavisonAug 31.2005 — #I'm also quite curious on this; bee_kishore - how do you scan a file to make sure it is of the correct type? For example, to make sure an MP3 is in fact an MP3?

And how would you scan for viruses in PHP?

@bee_kishoreauthorSep 05.2005 — #Hi friends!

As i said earlier, i want to scan the uploaded file (in my cases, resumes/cv in word or text format posted by applicants) before moving it on to my server to protect it from virus treat. Can any one help me regarding this.

WIth regards,

-KISHORE

@bokehSep 05.2005 — #

[code=php]<?php
 // set variables
 $field_name = 'upload'; //This is the field name in your form. e.g. <input type="file" name="upload">
 $upload_tmp = $_FILES[$field_name]['tmp_name'];
 $upload_type = $_FILES[$field_name]['type'];
 
 // test file
 if(accepted_type($upload_tmp, $upload_type)){
 // uploaded file is a text or MS word doc file
 }else{
 // uploaded file is NOT a text or MS word doc file
 }
 
 
 function accepted_type($upload_tmp, $upload_type, &$error = NULL)
 {
 function is_ASCII($data)
 {
 $bad = false;
 for($x = 0, $y = strlen($data); !$bad && $x < $y; $x++)
 {
 $bad = (ord($data{$x}) > 127);
 }
 return !$bad;
 }
 
  if(!is_uploaded_file($upload_tmp)) {
   if(!is_null($error))$error = 'Cannot modify a file you did not upload!'; 
   return FALSE;
  }
 
  if(!(is_readable($upload_tmp) and $data = file_get_contents($upload_tmp))){
   if(!is_null($error))$error = 'Cannot open file to run checks!';
   return FALSE;
  }
 
  print $upload_type;
  if($upload_type != ('application/msword' || 'text/plain')){
   if(!is_null($error))$error = 'File is not an accepted type!';
   return FALSE;
  }
 
  if($upload_type == 'application/msword'){
   if(eregi('0M8R4KGxGuE=', base64_encode(substr($data, 0, 8)))) return TRUE;
   if(!is_null($error))$error = 'Mime type ('.$upload_type.')does not match file content!';
   return FALSE;
  }
 
  if($upload_type == 'plain/text'){
   if(is_ASCII($data)) return TRUE;
   if(!is_null($error))$error = 'Mime type ('.$upload_type.')does not match file content!';
   return FALSE;
  }
  if(!is_null($error))$error = 'Error: type not specified';
  return FALSE;
 }
 
 ?> [/code]

@ShrineDesignsSep 05.2005 — #most anti-virus programs have a command-line interface, so you can simply do something like this, and depending on what is returned (would require some testing) you should be able to determine what is a threat

[code=php]<?php
 $av = 'path/to/anti-virus program';
 $f = $_FILES['upload']['tmp_name'];
 passthru("$av -scan $f", $retval); // you will need to know what parameters to set
 echo $retval;
 ?>[/code]

@skydiver700Oct 06.2005 — #Hi All!,

I developed an application using PHP called 'Resume Manager' where user can register and upload their resume. But i want to scan the uploaded file (in this case resume) before moving the file on to the server.

Can anyone helps me regarding this.

Thanx in advance,

WIth regards,

Kishore[/QUOTE]

I want to know the code of how to scan uploaded file in ASP.NET,thx

@skydiver700Oct 06.2005 — #Plz Any one Know the code of how to scan uploaded file In ASP.Net plz send it

@chazzyOct 07.2005 — #Plz Any one Know the code of how to scan uploaded file In ASP.Net plz send it[/QUOTE]

I would seriously consider posting in the ASP forum.

Also in #PHP _↴

Problem in function of enter key Help with reg expressions (extract and replace URLs in string)xml sort tags

Success!

Help @bee_kishore spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 6.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @nearjob,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,
)...

Scan the uploaded file

8 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

Scan the uploaded file

8 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

8 Comments(s) _↴

Also in #PHP _↴