#!/usr/bin/perl
# /usr/sbin/se3-clamav
# This file is part of the samba-edu project
#  it is distributed under the terms of the Gnu GPL license
# 
# Report any bug or comment to laurent Cooper <swirly@slis.fr>

# This programm connects to the se3db to read the directorys to scan
# It store the results of the clamav scan in the satabase;

use DBI;
use strict;
use File::Temp;

###
#
# Config file opening
#
###

my $dbhost=`cat /var/www/se3/includes/config.inc.php | grep \"dbhost=\" | cut -d = -f 2 |cut -d \\\" -f 2`;
chomp $dbhost;
my $dbname=`cat /var/www/se3/includes/config.inc.php | grep \"dbname=\" | cut -d = -f 2 |cut -d \\\" -f 2`;
chomp $dbname;
my $dbuser=`cat /var/www/se3/includes/config.inc.php | grep \"dbuser=\" | cut -d = -f 2 |cut -d \\\" -f 2`;
chomp $dbuser;
my $dbpass=`cat /var/www/se3/includes/config.inc.php | grep \"dbpass=\" | cut -d = -f 2 |cut -d \\\" -f 2`;
chomp $dbpass;


###
#
# Determines which scan to make
#
###

my $frequency=shift;

my $dsn="DBI:mysql:$dbname:$dbhost";
my $dbd = DBI->connect($dsn,$dbuser,$dbpass);
my $sth= $dbd->prepare("SELECT * FROM clamav_dirs WHERE frequency=\'$frequency\' ");
$sth->execute;

my $ref_row;
while ($ref_row = $sth->fetchrow_hashref) {
           my $directory = $ref_row->{"directory"};
           my $remove = $ref_row->{"remove"};
           my $tmp_file=tmpnam();

#############################
#
# Now scan the directory appropriatly
#           
#############################
          
          if ($remove eq "0") {
             `/usr/bin/nice -n 15 /usr/bin/clamscan -ri -l $tmp_file  $directory >> /dev/null 2>&1`;
             } else {             
              `/usr/bin/nice -n 15 /usr/bin/clamscan --remove -ri -l $tmp_file  $directory >> /dev/null 2>&1`;
             }

#############################
#
# Flush the result
#
#############################
           

           open(CLAMSCAN,$tmp_file);
           my $line;
           my $summary="";
           my $scan_result="";
           my $mode="scan";
           while (defined ($line=<CLAMSCAN>)) {
              if ($mode eq "scan") {
                if( $line =~ /--\ssummary\s--/) {
                  $mode="summary";
                  } else {
                  $scan_result .= $line;}
              } else {
         $summary .= $line;
                    }
                }                       

#############################
#
# Put it in the database
#
#############################
          ## Added to  protect SQL syntax, thank to Jean Le Bail
          $summary =~ s/\'/\\\'/g;
          $scan_result =~ s/\'/\\\'/g;
          ##
          $dbd->do("INSERT INTO clamav_scan (directory,summary,result) VALUES ('".$directory."','".$summary."','".$scan_result."')");

#############################
#           
# Destroy temporary file
#
#############################
          unlink($tmp_file);
         }

$dbd->disconnect();