PHP - file uploads and ways to prevent viruses from being uploaded in zip/rar archives
Posted
by Joe
on Stack Overflow
See other posts from Stack Overflow
or by Joe
Published on 2010-05-09T16:45:23Z
Indexed on
2010/05/09
16:48 UTC
Read the original article
Hit count: 205
I am trying to provide a service on my website to allow users to upload files so others can download them.
The issue is, since some of these files I will allow to upload will be .zip/.rar files, I am curious as to what ideas exist to help prevent the uploading of archives with Viruses/trojans etc. included. Some .zip files will include legitimate .exe files,though I am not sure what options I have.
I thought about it and I don't have a method for verifying with a virus scanner on the server, since I am on shared hosting w/o the option to run a service like that... nor do I have the knowledge on how to do that. I am also aware there is no php class or database to scan the files for viruses. This means, my only options are to rely on:
a). manual approval <-- not an acceptable option for me as it might become a busy site with thousands of uploads b). get the users to somehow point out it if has viruses through voting or "flagging", etc....
anyway, regarding "b" - what ideas would you suggest?
© Stack Overflow or respective owner