{"id":21696149,"url":"https://github.com/farzadforuozanfar/secureupload","last_synced_at":"2025-04-12T12:06:59.284Z","repository":{"id":162835958,"uuid":"637332952","full_name":"FarzadForuozanfar/SecureUpload","owner":"FarzadForuozanfar","description":"SecureUpload is a web application that allows users to securely upload files to a server. The application includes several security features to ensure that uploaded files do not contain malicious code that could harm the server or other users.","archived":false,"fork":false,"pushed_at":"2025-04-03T16:07:27.000Z","size":24,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-03T16:35:40.600Z","etag":null,"topics":["clamav","php","python","secure","secure-upload","upload-files"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FarzadForuozanfar.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-05-07T08:21:41.000Z","updated_at":"2025-04-03T16:07:31.000Z","dependencies_parsed_at":"2023-05-20T18:00:24.188Z","dependency_job_id":null,"html_url":"https://github.com/FarzadForuozanfar/SecureUpload","commit_stats":null,"previous_names":["farzadforuozanfar/secureupload"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FarzadForuozanfar%2FSecureUpload","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FarzadForuozanfar%2FSecureUpload/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FarzadForuozanfar%2FSecureUpload/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FarzadForuozanfar%2FSecureUpload/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FarzadForuozanfar","download_url":"https://codeload.github.com/FarzadForuozanfar/SecureUpload/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248565063,"owners_count":21125416,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["clamav","php","python","secure","secure-upload","upload-files"],"created_at":"2024-11-25T19:18:36.359Z","updated_at":"2025-04-12T12:06:59.278Z","avatar_url":"https://github.com/FarzadForuozanfar.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SecureUpload\n\nSecureUpload is a secure file upload library for PHP that ensures files are safely uploaded to your server by performing a series of security validations. It includes checks for file existence, extension and MIME type validation, content scanning for malicious code, and optional antivirus scanning via ClamAV.\n\n## Features\n\n- **File Existence Check:** Ensures the uploaded file exists before processing.\n- **Extension \u0026 MIME Type Validation:** Verifies that files have valid extensions and corresponding MIME types.\n- **Content Scanning:** Detects and prevents malicious scripts or code embedded in files.\n- **Antivirus Integration:** Uses ClamAV (triggered via a Python script) to scan files for threats, with logging support if enabled.\n- **PSR-4 Autoloading:** Fully compliant with Composer autoloading standards for easy integration.\n\n## Requirements\n\n- **PHP:** Version 7.4 or higher. ([PHP Official Website](https://www.php.net))\n- **Python:** Required for antivirus scanning. ([Python Official Website](https://www.python.org))\n- **ClamAV:** For antivirus scanning:\n  - **macOS:** Install via [Homebrew](https://brew.sh) using:  \n    ```bash\n    brew install clamav\n    ```\n  - **Linux:** Install using your distribution's package manager. For Ubuntu, for example:  \n    ```bash\n    sudo apt-get install clamav\n    ```\n  - **Windows:** Download from the [ClamAV website](https://www.clamav.net/downloads#otherversions) and follow the installation instructions.\n\n## Installation\n\nSecureUpload is available via Composer. To install, run the following command in your project directory:\n\n```bash\ncomposer require farzad/secure-upload\n```\n\nAlternatively, clone the repository:\n1.  Clone the repository:\n    \n   ```bash\n   git clone https://github.com/FarzadForuozanfar/SecureUpload.git\n   ```\n    \n2.  Navigate to the project directory:\n    \n   ```bash\n   cd SecureUpload\n   ```\n    \n3.  Install dependencies via Composer:\n    \n   ```bash\n   composer install\n   ```\n\n## Configuration\n\n1.  **Environment Variables:**  \n    Create or update your `.env` file with the necessary configuration settings.\n    \n2.  **Language Files:**  \n    Place your language files in the `lang/` directory (e.g., `lang/lang-en.php` or `lang/lang-fa.php`).\n    \n3.  **Web Server Setup:**  \n    Configure your web server to serve the `public/` directory as the document root.\n\n## Usage\nTo use SecureUpload, simply include the Composer autoloader in your project and instantiate the uploader in your application code. For example, in your `public/index.php`\n\n```php\n\u003c?php \nrequire_once __DIR__ . '/../vendor/autoload.php';\nuse SecureUpload\\FileTypes\\ImageTypes; \nuse SecureUpload\\Interfaces\\FileSize; \nuse SecureUpload\\Uploader\\SecureUploader; \n\nif (!empty($_FILES['uploaded_file'])) \n{\n    // Define the allowed extensions and file size limits\n    $allowedExtensions = ImageTypes::getAllExtensions(); // Get all allowed extensions for images\n    $maxFileNameLength = 50; // Maximum file name length\n    $maxFileSize = FileSize::TEN_MG; // Max file size (10MB)\n    \n    // Instantiate the SecureUploader with the configuration\n    $uploader = new SecureUploader($allowedExtensions, $maxFileNameLength, $maxFileSize); \n    // Reorganize the files array for processing\n    $files = []; \n    foreach ($_FILES['uploaded_file'] as $key =\u003e $items) \n    { \n        foreach ($items as $index =\u003e $item) \n        {\n            $files[$index][$key] = $item; \n        } \n    }\n     \n    // Validate each uploaded file\n    foreach ($files as $file) \n    { \n        $result = $uploader-\u003evalidate($file['tmp_name'], $file['name']); \n        if (isset($result['error'])) \n        { // Print the error message if validation fails\n            echo \"Error: \" . $result['error']; die(); \n        } \n        else \n        { // Print the success message if validation passes\n            echo \"File uploaded successfully: \" . $file['name']; \n        } \n    } \n\nelse \n{\n    echo \"No file uploaded.\";\n} \n?\u003e\n```\n\n## Usage via CLI\nThis package also provides a CLI tool that you can use for quick testing and configuration.\n\n### 🔧 Publish `.env` file\nTo publish the default `.env` configuration file into your project root:\n\n   ```bash\n   php vendor/bin/secure-upload publish-env\n   ```\n### 🧪 Test File Upload Validation\nYou can quickly test the validation logic via CLI using a file path:\n\n   ```bash\n   php vendor/bin/secure-upload test-upload --file=path/to/your/file.jpg\n   ```\n\n## Contributing\nContributions are welcome! If you encounter a bug or have a feature request, please open an issue on the [GitHub repository](https://github.com/FarzadForuozanfar/SecureUpload/issues). To contribute code, fork the repository and submit a pull request.\n\n## License\nSecureUpload is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.\n![image_2025-04-06_14-34-264](https://github.com/user-attachments/assets/2562e0a2-4e72-4e80-a077-e6936bf285b4)\n\n![image_2025-04-06_14-34-26](https://github.com/user-attachments/assets/e57a43b3-cbac-48fe-9007-513887a8df8c)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffarzadforuozanfar%2Fsecureupload","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffarzadforuozanfar%2Fsecureupload","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffarzadforuozanfar%2Fsecureupload/lists"}