#/bin/bash

diff_folder='/var/log/phpmalwarefinder/'
stdout=false

SCAN_CMD='./yara -r ./malwares.yara -f'

show_help() {
    cat << EOF
Usage ${0##*/} [-dhw]
	-d  Path to the diff folder (defaults to ${diff_folder})
    -h  Show this help message
    -w  Provide a whitelist file, containing one path per line
	-s  Show diff on stdout
EOF
}

OPTIND=1
while getopts "hw:d:" opt; do
    case "$opt" in
        h)
            show_help
            exit 0
            ;;
        d)
            diff_folder="$OPTARG"
            ;;
		s)
			stdout=true
			;;
        '?')
            show_help
            exit 1
            ;;
    esac
done
shift "$((OPTIND-1))"

if [ ! -d "$diff_folder" ]; then
    echo "[-] Invalid previous_scan directory: " "$diff_folder"
    exit 1
fi

previous_scan="$(ls -t "$diff_folder" | head -1)"
if [ -z "$previous_scan" ]; then
    echo "[*] No previous scan found: This will be the first one."
    $SCAN_CMD "$@" | sort | tee > "$diff_folder/$(date +%s)"
    exit 0
fi

if [ ${stdout} = true ]; then
	diff <($SCAN_CMD "$@" | sort | tee "$diff_folder/$(date +%s)") <(cat "$diff_folder"/"$previous_scan")
else
	$SCAN_CMD "$@" | sort > "$diff_folder/$(date +%s)"
fi

exit 0