Integrate virus scanning for user submitted files.
No matter what type of application you are building if your users are going to be uploading files it is to your advantage (and that of your users) that you integrate real time virus checking. Before I proceed remember this:
- Virus checking is free/low cost (depending upon the product and wether you are an individual or business)
- It is relatively easy to build into your applications
Looking around the web you will find various virus checking applications, some free, some not. Some things to consider when selecting antivirus software will be:
- Does the program support a CLI (execution from the command line)
- How reliable the software is
- How easily manageable the virii definitions are
- You need to download AVG Free. *For test purposes we will be working with the free edition.
- Install the software! (I hope this was obvious to you.)
- Create a batch file that executes avgscan.exe with the parameters you want to use
- Integrate this batch file into your cold fusion program
- /HEUR Heuristic Analysis /path,path/
- /EXT test these extensions /for example EXT=*/
- /ARC test archives
- /REPORT Report to file /file name/
@echo off
cd\program files\grisoft\avg free\
avgscan.exe %1 /heur /ext=* /arc /report c:\%2.txt
cd\
type %2.txt
rem del %2.txt
You can decide on your own set of options by reviewing the avgscan /? command as shown below:
C:\Program Files\Grisoft\AVG Free>avgscan /? AVG7 Anti-Virus command line scanner Copyright (c) 2006 GRISOFT, s.r.o. /SCAN Scan test /path,path/ /HEUR Heuristic Analysis /path,path/ /EXCLUDE Exclude path or files from scan /@ Command file /file name/| /EX test these extensions /for example EXT=*/ /NOEXT do not test these extensions /for example NOEXT=JPG/ /SMART Smart scan /ARC test archives /RT test run-time compressions /CLEAN clean automatically /TRASH Move infected files to the Virus vault /QT Quick Test /LOG Generate a test result file /MACROW report macros /PWDW Report password-protected files /IGNLOCKED Ignore locked files /REPORT Report to file /file name/ /REPAPPEND Append to the report file /REPOK report uninfected files as OK /STOPLEVEL Pause on detection /1-n/ /NOBREAK Do not allow CTRL-BREAK to abort /NOBOOT Skip MBR/BOOT check /NOMEM Do not test memory /MEM Scan active processes /NOHIMEM Do not test upper memory /NOSELF Do not self-check AVG /SKIPRP Skip reparse points (NTFS only) /SPY Use Anti-Spyware Scanner /SMS Generate report in Management Information File (MIF) format /? Display help on this topic /HELP Display help on this topic /DELAY Cooperative mode (sleep during scanning)
[4 Integrate this batch file into your cold fusion program]
Obviously we need to have CF call our batch file (vscan.bat). CFEXECUTE to the rescue:
<cfexecute
name="c:\documentready\_bin\vscan.bat"
arguments="#tmpFile# #session.user_key#"
variable="getOutput" timeout="15"></cfexecute>
Thanks to our /report switch and the Type from our batch file the results of our virus scan is dumped to the screen allowing us to parse the results returned in getOutput. Pretty neat eh?
To help you get an idea of what you will be parsing, and what information is available, here is a sample output (take note that the file input parameter must be a full path, and the output you are viewing here is for a file that is not infected with a virus):
C:\DocumentReady\_bin>vscan.bat c:\foo.txt foo
AVG7 Anti-Virus command line scanner
Copyright (c) 2006 GRISOFT, s.r.o.
Program version 7.5.549, engine 442
Virus Database: Version 270.9.0/1771 2008-11-06
Tested: 1 files, 2 sectors
Infections: 0
Errors: 0
AVG 7.5
Copyright (c) GRISOFT,s.r.o. 2006
Program version 7.5.438 Engine: 442 database version 270.9.0/1771
Command line: [c:\foo.txt /heur /ext=* /arc /report c:\foo.txt]
------------------------------------------------------------
Test start 11/6/2008 12:10:15
Elapsed time 4 sec.
------------------------------------------------------------
Scanned files : 1
Scanned sectors : 2
No viruses found.
------------------------------------------------------------
To do our parsing we will be using Regular Expressions. If you aren’t famlair with regular expressions, they are essentially the hottest tool you can use to parse through text and although they appear duanting at first, with practice they become both second nature and essential to your programming needs.
<cftry>
<cfexecute
name="c:\documentready\_bin\vscan.bat"
arguments="#tmpFile# #session.user_key#"
variable="getOutput"
timeout="15"></cfexecute>
<cfcatch>
<cfset void = showError("Upload failed, virus check timed out.")>
</cfcatch>
</cftry>
<cfset infectedFiles = "Infected files : (\d+?)?">
<cfset pos = REFindNoCase(infectedFiles,getOutput,1,true)>
<cfif ArrayLen(pos.pos) gte 2>
<cfset infectedCount = mid(getOutput,pos.pos[2],pos.len[2])>
<cfelse>
<cfset infectedCount = 0>
</cfif>
<cfif infectedCount>
<cfset virusname = ListGetAt(getOutput,5,chr(10)&chr(13))>
<cfset virusname = ReplaceNoCase(virusname,"""#tmpFile#"" ...
Virus identified ","","ONE")>
<cffile action="delete" file="#tmpFile#">
<cfset void = showError("Virus Found, " & virusname)>
</cfif>
For more information on Regular Expressions check out the Introduction to Regular Expressions (Scripting) on MSDN.
