PHP - file uploads and ways to prevent viruses from being uploaded in zip/rar archives

Posted by Joe on Stack Overflow See other posts from Stack Overflow or by Joe
Published on 2010-05-09T16:45:23Z Indexed on 2010/05/09 16:48 UTC
Read the original article Hit count: 205

Filed under:
|
|
|
|

I am trying to provide a service on my website to allow users to upload files so others can download them.

The issue is, since some of these files I will allow to upload will be .zip/.rar files, I am curious as to what ideas exist to help prevent the uploading of archives with Viruses/trojans etc. included. Some .zip files will include legitimate .exe files,though I am not sure what options I have.

I thought about it and I don't have a method for verifying with a virus scanner on the server, since I am on shared hosting w/o the option to run a service like that... nor do I have the knowledge on how to do that. I am also aware there is no php class or database to scan the files for viruses. This means, my only options are to rely on:

a). manual approval <-- not an acceptable option for me as it might become a busy site with thousands of uploads b). get the users to somehow point out it if has viruses through voting or "flagging", etc....

anyway, regarding "b" - what ideas would you suggest?

© Stack Overflow or respective owner

Related posts about ideas

Related posts about project-ideas