moodle
diff --git a/‎admin/config.html‎
Lines changed: 34 additions & 0 deletions b/‎admin/config.html‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎admin/handlevirus.php‎
Lines changed: 99 additions & 0 deletions b/‎admin/handlevirus.php‎
Lines changed: 99 additions & 0 deletions
diff --git a/‎lang/en/glossary.php‎
Lines changed: 2 additions & 0 deletions b/‎lang/en/glossary.php‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎lang/en/moodle.php‎
Lines changed: 33 additions & 1 deletion b/‎lang/en/moodle.php‎
Lines changed: 33 additions & 1 deletion
@@ -476,6 +476,40 @@
     <?php print_string("configmaxbytes") ?>
     </td>
 </tr>
+<tr valign=top>
+    <td align=right><p>runclamonupload:</p></td>
+    <td>
+    <?php
+      unset($options);
+      $options[0] = get_string("no");
+      $options[1] = get_string("yes");
+      
+      choose_from_menu($options,"runclamonupload",$config->runclamonupload,"","","");
+      ?>
+      </td>
+      <td><?php print_string("configrunclamonupload") ?></td>
+</tr>
+<tr valign=top>
+    <td align=right><p>pathtoclam:</p></td>
+    <td><input type="text" name="pathtoclam" size="30" value="<?php echo $config->pathtoclam ?>" /></td>
+    <td><?php print_string("configpathtoclam") ?></td>
+</tr>
+<tr valign=top>
+    <td align=right><p>quarantinedir:</p></td>
+    <td><input type="text" name="quarantinedir" size="30" value="<?php echo $config->quarantinedir ?>" /></td>
+    <td><?php print_string("configquarantinedir") ?></td>
+</tr>
+<tr valign=top>
+    <td align=right><p>clamfailureonupload</p></td>
+    <td><?php
+     unset($options);
+     $options['donothing'] = get_string('configclamdonothing');
+     $options['actlikevirus'] = get_string('configclamactlikevirus');
+  
+    choose_from_menu($options,"clamfailureonupload",$config->clamfailureonupload,"","","");
+    ?></td>  
+    <td><?php print_string("configclamfailureonupload"); ?></td>
+</tr>
 <tr valign="top">
     <td align="right"><p>fullnamedisplay:</td>
     <td>
 
@@ -0,0 +1,99 @@
+<?
+/** This expects the output from a command like
+ * clamscan -r --infected --no-summary <files> 2>&1 | php thisfile.php 
+ * also it's important that the output of clamscan prints the FULL PATH to each infected file, so use absolute paths for area to scan
+ */
+
+
+$fd = fopen('php://stdin','r');
+if (!$fd) {
+    exit();
+}
+
+$FULLME='cron';
+require_once(dirname(dirname(__FILE__)).'/config.php');
+require_once($CFG->dirroot.'/lib/uploadlib.php'); // contains virus handling stuff.
+
+$site = get_site();
+
+while(!feof($fd)) {
+    $entry = fgets($fd);
+    if (strlen(trim($entry)) == 0) {
+        continue;
+    }
+    if (!$file = validate_line($entry)) {
+        continue;
+    }
+    $bits = explode('/',$file);
+    $a->filename = $bits[count($bits)-1];
+
+    if (!$log = get_record("log","module","upload","info",$file)) {
+        $a->action = clam_handle_infected_file($file,0,false);
+        clam_replace_infected_file($file);
+        notify_admins_unknown($file,$a);
+        continue;
+    }
+    $action = clam_handle_infected_file($file,$log->userid,true);
+    clam_replace_infected_file($file);
+    
+    $user = get_record("user","id",$log->userid);
+    $course = get_record("course","id",$log->course);
+    $subject = get_string('virusfoundsubject','moodle',$site->fullname);
+    $a->date = userdate($log->time);
+
+    $a->action = $action;
+    $a->course = $course->fullname;
+    $a->user = $user->firstname.' '.$user->lastname;
+
+    notify_user($user,$subject,$a);
+    notify_admins($user,$subject,$a);
+}
+fclose($fd);
+
+
+function notify_user($user,$subject,$a) {
+
+    if (!$user) {
+        return false;
+    }
+    $body = get_string('virusfoundlater','moodle',$a);
+    email_to_user($user,get_admin(),$subject,$body);
+}
+
+
+function notify_admins($user,$subject,$a) {
+
+    $admins = get_admins();
+
+    $body = get_string('virusfoundlateradmin','moodle',$a);
+    foreach ($admins as $admin) {
+        email_to_user($admin,$admin,$subject,$body);
+    }
+}
+
+function notify_admins_unknown($file,$a) {
+    
+    global $site;
+
+    $admins = get_admins();
+    $subject = get_string('virusfoundsubject','moodle',$site->fullname);
+    $body = get_string('virusfoundlateradminnolog','moodle',$a);
+    foreach ($admins as $admin) {
+        email_to_user($admin,$admin,$subject,$body);
+    }
+}
+
+function validate_line($line) {
+    if (strpos($line,"FOUND") === false) {
+        return false;
+    }
+    $index = strpos($line,":");
+    $file = substr($line,0,$index);
+    $file = preg_replace('/\/\//','/',$file);
+    if (!file_exists($file)) {
+        return false;
+    }
+    return $file;
+}
+
+?>
@@ -85,6 +85,8 @@
 $string['entryexported'] = 'Entry succesfully exported';
 $string['entryishidden'] = '(this entry is currently hidden)';
 $string['entryleveldefaultsettings'] = 'Entry Level Default Settings';
+$string['entrysaved'] = 'This entry has been saved';
+$string['entryupdated'] = 'This entry has been updated';
 $string['entryusedynalink'] = 'This entry should be automatically linked';
 $string['explainaddentry'] = 'Add a new entry to the current glossary.<br />Concept and definition are mandatory fields.';
 $string['explainall'] = 'Shows ALL entries on one page';
 
@@ -143,6 +143,17 @@
 $string['choosetheme'] = 'Choose theme';
 $string['chooseuser'] = 'Choose a user';
 $string['city'] = 'City/town';
+$string['clambroken'] = 'Your administrator has enabled virus checking for file uploads but has misconfigured something.<br />Your file upload was NOT successful. Your administrator has been emailed to notify them so they can fix it.';
+$string['clamdeletedfile'] = 'The file has been deleted';
+$string['clamdeletedfilefailed'] ='The file could not be deleted';
+$string['clamemailsubject'] = '$a :: Clam AV notification';
+$string['clamfailed'] = 'Clam AV has failed to run.  The return error message was $a. Here is the output from Clam:';
+$string['clamlost'] = 'Moodle is configured to run clam on file upload, but the path supplied to Clam AV, $a,  is invalid.';
+$string['clamlostandactinglikevirus'] = 'In addition, moodle is configured so that if clam fails to run, files are treated like viruses.  This essentially means that no student can upload a file successfully until you fix this.';
+$string['clammovedfile'] = 'The file has been moved to your specified quarantine directory, the new location is $a';
+$string['clammovedfilebasic'] = 'The file has been moved to a quarantine directory.';
+$string['clamquarantinedirfailed'] = 'Could not move the file into your specified quarantine directory, $a. You need to fix this as files are being deleted if they\'re found to be infected.';
+$string['clamunknownerror'] = 'There was an unknown error with clam.';
 $string['cleaningtempdata'] = 'Cleaning temp data';
 $string['clicktochange'] = 'Click to change';
 $string['closewindow'] = 'Close this window';
@@ -152,6 +163,9 @@
 $string['configallusersaresitestudents'] = 'For activities on the front page of the site, should ALL users be considered as students?  If you answer \"Yes\", then any confirmed user account will be allowed to participate as a student in those activities.  If you answer \"No\", then only users who are already a participant in at least one course will be able to take part in those front page activities. Only admins and specially assigned teachers can act as teachers for these front page activities.';
 $string['configautologinguests'] = 'Should visitors be logged in as guests automatically when entering courses with guest access?';
 $string['configcachetext'] = 'For larger sites or sites that use text filters, this setting can really speed things up.  Copies of texts will be retained in their processed form for the time specified here.  Setting this too small may actually slow things down slightly,  but setting it too large may mean texts take too long to refresh (with new links, for example).';
+$string['configclamactlikevirus'] = 'Treat files like viruses';
+$string['configclamdonothing'] = 'Treat files as OK';
+$string['configclamfailureonupload'] = 'If you have configured clam to scan uploaded files, but it is configured incorrectly or fails to run for some unknown reason, how should it behave?  If you choose \'Treat files like viruses\', they\'ll be moved into the quarantine area, or deleted. If you choose \'Treat files as OK\', the files will be moved to the desination directory like normal. Either way, admins will be alerted that clam has failed.  If you choose \'Treat files like viruses\' and for some reason clam fails to run (usually because you have entered an invalid pathtoclam), ALL files that are uploaded will be moved to the given quarantine area, or deleted. Be careful with this setting.';
 $string['configcountry'] = 'If you set a country here, then this country will be selected by default on new user accounts.  To force users to choose a country, just leave this unset.';
 $string['configdebug'] = 'If you turn this on, then PHP\'s error_reporting will be increased so that more warnings are printed.  This is only useful for developers.';
 $string['configdeleteunconfirmed'] = 'If you are using email authentication, this is the period within which a response will be accepted from users.  After this period, old unconfirmed accounts are deleted.';
@@ -186,7 +200,10 @@
 $string['confignotifyloginfailures'] = 'If login failures have been recorded, email notifications can be sent out.  Who should see these notifications?';
 $string['confignotifyloginthreshold'] = 'If notifications about failed logins are active, how many failed login attempts by one user or one IP address is it worth notifying about?';
 $string['configopentogoogle'] = 'If you enable this setting, then Google will be allowed to enter your site as a Guest.  In addition, people coming in to your site via a Google search will automatically be logged in as a Guest.  Note that this only provides transparent access to courses that already allow guest access.';
-$string['configproxyhost'] = 'If this <b>server</b> needs to use a proxy computer (eg a firewall) to access the Internet, then provide the proxy hostname and port here.  Otherwise leave it blank.';
+$string['configpathtoclam'] = 'Path to clam AV.  Probably something like /usr/bin/clamscan or /usr/bin/clamdscan. You need this in order for clam AV to run.';
+$string['configproxyhost'] = 'If this <B>server</B> needs to use a proxy computer (eg a firewall) to access the Internet, then provide the proxy hostname and port here.  Otherwise leave it blank.';
+$string['configquarantinedir'] = 'If you want clam AV to move infected files to a quarantine directory, enter it here. It must be writable by the webserver.  If you leave this blank, or if you enter a directory that doesn\'t exit or isn\'t writable, infected files will be deleted.  Do not include a trailing slash.';
+$string['configrunclamonupload'] = 'Run clam AV on file upload? You will need a correct path in pathtoclam for this to work.  (Clam AV is a free virus scanner that you can get from http://www.clamav.net/)';
 $string['configsecureforms'] = 'Moodle can use an additional level of security when accepting data from web forms. If this is enabled, then the browser\'s HTTP_REFERER variable is checked against the current form address.  In a very few cases this can cause problems if the user is using a firewall (eg Zonealarm) configured to strip HTTP_REFERER from their web traffic.  Symptoms are getting \'stuck\' on a form. If your users are having problems with the login page (for example) you might want to disable this setting, although it might leave your site more open to brute-force password attacks.  If in doubt, leave this set to \'Yes\'.';
 $string['configsessioncookie'] = 'This setting customises the name of the cookie used for Moodle sessions.  This is optional, and only useful to avoid cookies being confused when there is more than one copy of Moodle running within the same web site.';
 $string['configsessiontimeout'] = 'If people logged in to this site are idle for a long time (without loading pages) then they are automatically logged out (their session is ended).  This variable specifies how long this time should be.';
@@ -996,12 +1013,20 @@
 $string['updatingain'] = 'Updating $a->what in $a->in';
 $string['upload'] = 'Upload';
 $string['uploadafile'] = 'Upload a file';
+$string['uploadedfile'] = 'File uploaded successfully';
+$string['uploadfailednotrecovering'] = 'Your file upload has failed because there was a problem with one of the files, $a->name.<br/> Here is a log of the problems:<br />$a->problem<br />Not recovering.';
+$string['uploadfilelog'] = 'Upload log for file $a';
 $string['uploadedfileto'] = 'Uploaded $a->file to $a->directory';
+$string['uploadedfiletoobig'] = 'Sorry, but that file is too big (limit is $a bytes)';
 $string['uploadformlimit'] = 'Uploaded file exceeded the maximum size limit set by the form';
+$string['uploadlabel'] = 'Title:';
 $string['uploadnofilefound'] = 'No file was found - are you sure you selected one to upload?';
 $string['uploadnotallowed'] = 'Uploads are not allowed';
+$string['uploadoldfilesdeleted'] = 'The old file(s) in your upload area have been deleted';
 $string['uploadpartialfile'] = 'File was only partially uploaded';
 $string['uploadproblem'] = 'An unknown problem occurred while uploading the file \'$a\' (perhaps it was too large?)';
+$string['uploadrenamedchars'] = 'File was renamed from $a->oldname to $a->newname because of invalid characters.';
+$string['uploadrenamedcollision'] = 'File was renamed from $a->oldname to $a->newname because there was a filename conflict.';
 $string['uploadserverlimit'] = 'Uploaded file exceeded the maximum size limit set by the server';
 $string['uploadthisfile'] = 'Upload this file';
 $string['uploadusers'] = 'Upload users';
@@ -1023,6 +1048,13 @@
 $string['usingexistingcourse'] = 'Using existing course';
 $string['version'] = 'Version';
 $string['view'] = 'View';
+$string['virusfoundsubject'] = '$a: Virus found!';
+$string['virusfound'] = 'Attention administrator! Clam AV has found a virus in a file uploaded by $a->user for the course $a->course. Here is the output of clamscan:';
+$string['virusfounduser'] = 'The file you have uploaded, $a->filename, has been scanned by a virus checker and found to be infected! Your file upload was NOT successful.';
+$string['virusfoundlater'] = 'A file you uploaded on $a->date with the filename $a->filename for the course $a->course has since been found to contain a virus.  Here is a summary of what has happened to your file:'."\n\n".'$a->action'."\n\n".'If this was submitted work, you may want to resubmit it so that your tutor can see it.';
+$string['virusfoundlateradmin'] = 'Attention administrator! A file that was uploaded on $a->date with the filename $a->filename for the course $a->course by the user $a->user has since been found to contain a virus.  Here is a summary of what has happened to the file:'."\n\n".'$a->action'."\n\n".'The user has also been notified.';
+$string['virusfoundlateradminnolog'] = 'Attention administrator! A file that was uploaded with the filename $a->filename has since been found to contain a virus. Moodle was unable to resolve this file back to the user that originally uploaded it.'."\n\n".'Here is a summary of what has happened to the file:'."\n\n".'$a->action';
+$string['virusplaceholder'] = 'This file that has been uploaded was found to contain a virus and has been moved or delted and the user notified.';
 $string['webpage'] = 'Web page';
 $string['week'] = 'Week';
 $string['weekhide'] = 'Hide this week from $a';