phplibclamav
This PHP extension provides the ability to scan files for malware using the Clam Anti-Virus engine. It is compatible with PHP4 and PHP5. It is released under the GPL license.
This package is not officially associated with or endorsed by the ClamAV developers.
If you have feedback or bug reports email me here.
There was a minor mistake in the tarball available, which has been fixed. Download phplibclamav - current version 0.6.0.
Release Notes: 2008-05-23
- remove clamav.maxratio ini option to be compat with clamav 0.93, thanks to Jani Ollikainen for letting me know of the API change
Changelog:
0.3.2 - 2005-12-28
- Changed package name at request of ClamAV developers
- Fixed bug, startup warning if no clamav.db_path is specified
- Rebuilt internal db storage. Added reload of virus database if directory of databases are loaded and have changed. Fixed up package.xml to reflect license.
0.4.0 - 2006-10-04
- Added scanning of file uploads
- Fixed threadsafe build
0.5.0 - 2007-05-18
- new database loading and storage to be compatible with libclamav 0.90 and greater
- removal of clamav_scan_string function, libclamav no longer supports this operation
- fixes in config.m4 for building on freebsd, thanks to Igor Grinchenko for testing on that platform
- clamav_open_db now only excepts no parameters if there is a clamav.db_path ini option set
Mandriva Linux 2006 RPM‘s - for version 0.3.2
The packages were kindly built by Jeffery Fernandez. If you have feedback on the packages let me know, and i will pass it on to Jeff.
Vbulletin Forum Extension
Vladislav Rastrusny has provided an extension for vbulletin that uses this extension:
Installation
To compile from source you will need libclamav installed, and PHP 4/5 installed. Download the tarball above and extract.
cd phplibclamav
phpize
./configure --with-clamav=/prefix/for/libclamav
make
make install
You need to load the extension via your php.ini file:
extension="clamav.so"
SELinux
If you are using SELinux, then you may have to allow access to the virus definition files by the webserver. This is done on a Redhat system like so:
chcon -R -h -t httpd_sys_content_t /var/clamav/
You can verify the permissions with:
ls -aZ /var/clamav
These tips were suggested by Martin Rytter Jensen .
Usage
There are several ini options available, although all are set to the recommended defaults. All ini options are marked PHP_INI_SYSTEM to allow for easy shared hosting administration.
| Name |
Default |
Effect |
| clamav.db_path |
no value |
If this path is set then the module will attempt to preload the path as a ClamAV database at module startup. This will consume memory for every process and so is off by default. If you wanted to guarantee access to a ClamAV database then set this. |
| clamav.scan_file_uploads |
0 |
If set to a value > 0, and if the clamav.db_path ini option is set and the database is successfully loaded, then files will be scanned during upload. If the scan produces malware, or an error occures then the uploaded file is deleted and the UPLOAD_ERR_EXTENSION error is added to the $_FILES entry. This option is only available for php >= 5.2 |
| clamav.maxfiles |
1000 |
The maximum number of files to scan in an archive. |
| clamav.maxfilesize |
10485760 |
The maximum filesize of scanned files in bytes. |
| clamav.maxreclevel |
5 |
The maximum recursion when scanning archives. |
| clamav.maxratio |
200 |
The maximum compression ratio for scanned files.
This ini option is no longer provided in phplibclamav version 0.6.0 and higher. It remains documented for people running older clamav installations (which is not recommended). |
| clamav.archivememlimit |
0 |
Memory limit for bzip2 archives. Use 0 for no limit. |
mixed clamav_open_db([string path])
This functions opens a ClamAV database ready for scanning files. It must load the database in memory, and so should be called only when used. If you don‘t pass in a path, and you have set a clamav.db_path ini option, you will get that database (if loaded). You may pass in a directory to load all available databases in that directory. If you have previously loaded a directory of databases, say in your php.ini, and the databases change, then the database will automatically reload. In order to avoid the clamav engine startup time during script execution you should set the clamav.db_path ini option, so that the default db path is already loaded. The downside is then memory usage depending on SAPI. This function returns a resource or false on error.
mixed clamav_scan_file(resource db, string file)
This function scans a file for malware using the db previously opened. This function returns a string identifying the malware found, or false if the file is clean.
string clamav_default_db()
This function returns the built in path for ClamAV database files.
mixed clamav_scan_string(resource db, string string_to_scan)
This function is no longer provided in phplibclamav version 0.5.0 and higher. It remains documented for people running older clamav installations (which is not recommended).
Example
//you don‘t have to specify the path if the db has already been opened
//via the clamav.db_path option
//if you will use the virus scanner frequently in scripts, set the database
//in your php.ini and leave the path blank here
$db = clamav_open_db(‘/home/trickie/Desktop/phpclamav/test/main.cvd‘);
if($malware = clamav_scan_file($db, ‘file/to/scan‘))
{
echo ‘We have Malware: ‘.$malware;
}
echo ‘Built in Database location: ‘.clamav_default_db();
