承接 farzad-forouzanfar/secure-upload 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

farzad-forouzanfar/secure-upload

Composer 安装命令:

composer require farzad-forouzanfar/secure-upload

包简介

A secure file upload package with validation and antivirus integration.

README 文档

README

SecureUpload is a secure file upload library for PHP that ensures files are safely uploaded to your server by performing a series of security validations. It includes checks for file existence, extension and MIME type validation, content scanning for malicious code, and optional antivirus scanning via ClamAV.

Features

  • File Existence Check: Ensures the uploaded file exists before processing.
  • Extension & MIME Type Validation: Verifies that files have valid extensions and corresponding MIME types.
  • Content Scanning: Detects and prevents malicious scripts or code embedded in files.
  • Antivirus Integration: Uses ClamAV (triggered via a Python script) to scan files for threats, with logging support if enabled.
  • PSR-4 Autoloading: Fully compliant with Composer autoloading standards for easy integration.

Requirements

  • PHP: Version 7.4 or higher. (PHP Official Website)
  • Python: Required for antivirus scanning. (Python Official Website)
  • ClamAV: For antivirus scanning:
    • macOS: Install via Homebrew using:
      brew install clamav
    • Linux: Install using your distribution's package manager. For Ubuntu, for example:
      sudo apt-get install clamav
    • Windows: Download from the ClamAV website and follow the installation instructions.

Installation

SecureUpload is available via Composer. To install, run the following command in your project directory:

composer require farzad-forouzanfar/secure-upload

Alternatively, clone the repository:

  1. Clone the repository:
git clone https://github.com/FarzadForuozanfar/SecureUpload.git
  1. Navigate to the project directory:
cd SecureUpload
  1. Install dependencies via Composer:
composer install

Configuration

  1. Environment Variables:
    Create or update your .env file with the necessary configuration settings.

  2. Language Files:
    Place your language files in the lang/ directory (e.g., lang/lang-en.php or lang/lang-fa.php).

  3. Web Server Setup:
    Configure your web server to serve the public/ directory as the document root.

Usage

To use SecureUpload, simply include the Composer autoloader in your project and instantiate the uploader in your application code. For example, in your public/index.php

<?php 
require_once __DIR__ . '/../vendor/autoload.php';
use SecureUpload\FileTypes\ImageTypes; 
use SecureUpload\Interfaces\FileSize; 
use SecureUpload\Uploader\SecureUploader; 

if (!empty($_FILES['uploaded_file'])) 
{
    // Define the allowed extensions and file size limits
    $allowedExtensions = ImageTypes::getAllExtensions(); // Get all allowed extensions for images
    $maxFileNameLength = 50; // Maximum file name length
    $maxFileSize = FileSize::TEN_MG; // Max file size (10MB)
    
    // Instantiate the SecureUploader with the configuration
    $uploader = new SecureUploader($allowedExtensions, $maxFileNameLength, $maxFileSize); 
    // Reorganize the files array for processing
    $files = []; 
    foreach ($_FILES['uploaded_file'] as $key => $items) 
    { 
        foreach ($items as $index => $item) 
        {
            $files[$index][$key] = $item; 
        } 
    }
     
    // Validate each uploaded file
    foreach ($files as $file) 
    { 
        $result = $uploader->validate($file['tmp_name'], $file['name']); 
        if (isset($result['error'])) 
        { // Print the error message if validation fails
            echo "Error: " . $result['error']; die(); 
        } 
        else 
        { // Print the success message if validation passes
            echo "File uploaded successfully: " . $file['name']; 
        } 
    } 

else 
{
    echo "No file uploaded.";
} 
?>

Usage via CLI

This package also provides a CLI tool that you can use for quick testing and configuration.

🔧 Publish .env file

To publish the default .env configuration file into your project root:

php vendor/bin/secure-upload publish-env

🧪 Test File Upload Validation

You can quickly test the validation logic via CLI using a file path:

php vendor/bin/secure-upload test-upload --file=path/to/your/file.jpg

Contributing

Contributions are welcome! If you encounter a bug or have a feature request, please open an issue on the GitHub repository. To contribute code, fork the repository and submit a pull request.

License

SecureUpload is licensed under the MIT License. See the LICENSE file for more details.

Screenshots

farzad-forouzanfar/secure-upload 适用场景与选型建议

farzad-forouzanfar/secure-upload 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 7 次下载、GitHub Stars 达 7, 最近一次更新时间为 2025 年 04 月 04 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「php」 「security」 「upload」 「validation」 「file-upload」 「antivirus」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 farzad-forouzanfar/secure-upload 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 farzad-forouzanfar/secure-upload 我们能提供哪些服务?
定制开发 / 二次开发

基于 farzad-forouzanfar/secure-upload 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 7
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 7
  • 点击次数: 28
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 7
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-04-04