Not long ago, I applied to join an open source organization, they asked me to write a function to detect whether there is a Trojan script in the picture.
In fact, I do not know at the beginning of anything, but later on the Internet to check some information, found all have to make pictures of the Trojan, and did not find the detection procedures.
After several thoughts, I decided to analyze the Trojan horse from the principle of production. This trojan is written in hexadecimal code, I brainwave, wrote the following this upload class. Finally passed the organizational test. Oh
Now take it out for everyone to share, what bad place, also please correct me! anyon@139.com;
Copy CodeThe code is as follows:
/**
+------------------------------------------------------------------------------
* Upload File Upload class
+------------------------------------------------------------------------------
* @package Upload
* @author Anyon
* @version $Id: Upload.class.php 2013-3-20 21:47:23 Anyon $
+------------------------------------------------------------------------------
*/
Class Upload {
private static $image = null;
private static $status = 0;
private static $suffix = null;
private static $imageType = Array ('. jpg ', '. bmp ', '. gif ', '. png ');
private static $message = Array (
' 0 ' = ' no error occurred and the file upload was successful. ',
' 1 ' + ' uploaded file exceeded the upload_max_filesize option limit in php.ini. ',
' 2 ' + ' the size of the uploaded file exceeds the value specified by the Max_file_size option in the HTML form. ',
' 3 ' + ' files are only partially uploaded. ',
' 4 ' = ' no file upload. ',
' 5 ' = ' Failed to pass security check file. ',
' 6 ' = ' cannot find the Temp folder. ',
' 7 ' = ' file failed to write. ',
' 8 ' = ' file type not supported ',
' 9 ' = ' upload temporary files are missing. ',
);
@ Start performing file uploads
public static function Start ($feild = ' file ') {
if (!empty ($_files)) {
Self:: $status = $_files[$feild] [' ERROR '];
if (self:: $status > 0)
Return array (' status ' = + Self:: $status, ' msg ' + ' self:: $message [Self:: $status]);
Self:: $image = $_files[$feild] [' tmp_name '];
Self:: $suffix = Strtolower (STRRCHR ($_files[$feild [' name '], '. '));
Return array (' status ' = = Self::_upload (), ' path ' = + Self:: $image, ' msg ' = ' self:: $message [Self:: $status]);
} else {
Return array (' status ' = + Self:: $status, ' msg ' + ' self:: $message [Self:: $status]);
}
}
@ Private Upload Start
private static function _upload ($path = './upload/') {
Date_default_timezone_set (' PRC ');
$newFile = $path. Date (' Y/m/d/his '). RAND (100, 999). Self:: $suffix;
Self::umkdir (DirName ($newFile));
if (Is_uploaded_file (self:: $image) && move_uploaded_file (self:: $image, $newFile)) {
Self:: $image = $newFile;
if (In_array (self:: $suffix, Self:: $imageType))
return Self::checkhex ();
Else
Return self:: $status = 0;
} else {
Return self:: $status = 9;
}
}
@ Private 16 in-system detection
private static function Checkhex () {
if (File_exists (self:: $image)) {
$resource = fopen (self:: $image, ' RB ');
$fileSize = FileSize (self:: $image);
Fseek ($resource, 0);
if ($fileSize > 512) {//Pick head and tail
$hexCode = Bin2Hex (Fread ($resource, 512));
Fseek ($resource, $fileSize-512);
$hexCode. = Bin2Hex (Fread ($resource, 512));
} else {//Fetch all
$hexCode = Bin2Hex (Fread ($resource, $fileSize));
}
Fclose ($resource);
/* Match <% in 16 binary ()%> */
/* Match 16 in the binary */
/* Match 16 in the binary
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
