I'm currently using the following code to scan files that have been uploaded as part of an application form:
$safe_path = escapeshellarg($dir . $file);
$command = '/usr/bin/clamscan --stdout ' . $safe_path;
$out = '';
$int = -1;
exec($command, $out, $int);
if ($int == 0) {
// all good;
} else {
// VIRUS!;
}
It works, but is slow. Anyone got any suggestions that would a). speed things up and b). improve the script generally (for instance, I'm not entirely clear on the benefits of exec() vs system(), etc)?
If the speed can't be improved then I'd ideally like to display some kind of interim "Please be patient your files are being scanned" message, but am not sure how to go about that either.
EDIT: Sorry, should have said the scan needs to be done at the time as the application in question won't be accepted without valid (i.e virus-free) files.