scanner.php
3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
/**
* Copyright (c) 2012 Bart Visscher <bartv@thisnet.nl>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
class OC_Files_Antivirus_BackgroundScanner {
public static function check() {
// get mimetype code for directory
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?');
$result = $query->execute(array('httpd/unix-directory'));
if ($row = $result->fetchRow()) {
$dir_mimetype = $row['id'];
} else {
$dir_mimetype = 0;
}
// locate files that are not checked yet
$sql = 'SELECT `*PREFIX*filecache`.`fileid`, `path`, `*PREFIX*storages`.`id`'
.' FROM `*PREFIX*filecache`'
.' LEFT JOIN `*PREFIX*files_antivirus` ON `*PREFIX*files_antivirus`.`fileid` = `*PREFIX*filecache`.`fileid`'
.' JOIN `*PREFIX*storages` ON `*PREFIX*storages`.`numeric_id` = `*PREFIX*filecache`.`storage`'
.' WHERE `mimetype` != ? AND `*PREFIX*storages`.`id` LIKE ? AND (`*PREFIX*files_antivirus`.`fileid` IS NULL OR `mtime` > `check_time`)';
$stmt = OCP\DB::prepare($sql, 5);
try {
$result = $stmt->execute(array($dir_mimetype, 'local::%'));
if (\OC_DB::isError($result)) {
\OC_Log::write('files_antivirus', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OCP\Util::ERROR);
return;
}
} catch(\Exception $e) {
\OCP\Util::writeLog('files_antivirus', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR);
return;
}
// scan the found files
while ($row = $result->fetchRow()) {
$storage = self::getStorage($row['id']);
if ($storage !== null) {
self::scan($row['fileid'], $row['path'], $storage);
} else {
\OCP\Util::writeLog('files_antivirus', 'File "'.$row['path'].'" has a non local storage backend "'.$row['id'].'"', \OCP\Util::ERROR);
}
}
}
protected static function getStorage($storage_id) {
if (strpos($storage_id, 'local::') === 0) {
$arguments = array(
'datadir' => substr($storage_id, 7),
);
return new \OC\Files\Storage\Local($arguments);
}
return null;
}
public static function scan($id, $path, $storage) {
$result = OC_Files_Antivirus::clamav_scan($storage, $path);
switch($result) {
case CLAMAV_SCANRESULT_UNCHECKED:
\OCP\Util::writeLog('files_antivirus', 'File "'.$path.'" from user "'.$user.'": is not checked', \OCP\Util::ERROR);
break;
case CLAMAV_SCANRESULT_INFECTED:
$infected_action = \OCP\Config::getAppValue('files_antivirus', 'infected_action', 'only_log');
if ($infected_action == 'delete') {
\OCP\Util::writeLog('files_antivirus', 'File "'.$path.'" from user "'.$user.'": is infected, file deleted', \OCP\Util::ERROR);
$storage->unlink($path);
}
else {
\OCP\Util::writeLog('files_antivirus', 'File "'.$path.'" from user "'.$user.'": is infected', \OCP\Util::ERROR);
}
break;
case CLAMAV_SCANRESULT_CLEAN:
$stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*files_antivirus` (`fileid`, `check_time`) VALUES (?, ?)');
try {
$result = $stmt->execute(array($id, time()));
if (\OC_DB::isError($result)) {
\OC_Log::write('files_antivirus', __METHOD__. ', DB error: ' . \OC_DB::getErrorMessage($result), \OCP\Util::ERROR);
return;
}
} catch(\Exception $e) {
\OCP\Util::writeLog('files_antivirus', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR);
}
break;
}
}
}