function validate_domains($domains) { $errors = array(); $domains = explode("\n", $domains); $domains = array_map('strtolower', $domains); $domains = array_filter($domains); $domains = array_unique($domains); foreach ($domains as $key => $value) { $value = trim(mb_strtolower($value)); // check if reasonably valid domain if (!preg_match("/^([a-z\\d](-*[a-z\\d])*)(\\.([a-z\\d](-*[a-z\\d])*))*\$/i", $value) && !preg_match("/^.{1,253}\$/", $value) && !preg_match("/^[^\\.]{1,63}(\\.[^\\.]{1,63})*\$/", $value)) { $errors[] = "Invalid domain name: " . htmlspecialchars($value) . "."; } // check valid dns record $ips = dns_get_record($value, DNS_A + DNS_AAAA); sort($ips); if (count($ips) >= 1) { if (!empty($ips[0]['type'])) { if ($ips[0]['type'] === "AAAA") { $ip = $ips[0]['ipv6']; if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { $errors[] = "Invalid domain AAAA record for: " . htmlspecialchars($value) . "."; } } elseif ($ips[0]['type'] === "A") { $ip = $ips[0]['ip']; if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { $errors[] = "Invalid domain A record for: " . htmlspecialchars($value) . "."; } } } else { $errors[] = "No DNS A/AAAA records for: " . htmlspecialchars($value) . "."; } } else { $errors[] = "Error resolving domain: " . htmlspecialchars($value) . "."; } } if (is_array($errors) && count($errors) == 0) { foreach ($domains as $key => $value) { $raw_chain = get_raw_chain(trim($value)); if (!$raw_chain) { $errors[] = "Domain has invalid or no certificate: " . htmlspecialchars($value) . "."; } else { foreach ($raw_chain['chain'] as $raw_key => $raw_value) { $cert_expiry = cert_expiry($raw_value); $cert_subject = cert_subject($raw_value); if ($cert_expiry['cert_expired']) { $errors[] = "Domain has expired certificate in chain: " . htmlspecialchars($value) . ". Cert Subject: " . htmlspecialchars($cert_subject) . "."; } } } } } if (is_array($errors) && count($errors) >= 1) { $result = array(); foreach ($errors as $key => $value) { $result['errors'][] = $value; } return $result; } else { $result = array(); foreach ($domains as $key => $value) { $result['domains'][] = $value; } return $result; } }
function send_expires_in_email($days, $domain, $email, $raw_cert) { global $current_domain; global $check_file; $domain = trim($domain); echo "\t\tDomain " . $domain . " expires in " . $days . " days.\n"; $file = file_get_contents($check_file); if ($file === FALSE) { echo "\t\tCan't open database.\n"; return false; } $json_a = json_decode($file, true); if ($json_a === null && json_last_error() !== JSON_ERROR_NONE) { echo "\t\tCan't read database.\n"; return false; } foreach ($json_a as $key => $value) { if ($value["domain"] == $domain && $value["email"] == $email) { $id = $key; $cert_cn = cert_cn($raw_cert); $cert_subject = cert_subject($raw_cert); $cert_serial = cert_serial($raw_cert); $cert_expiry_date = cert_expiry_date($raw_cert); $cert_validfrom_date = cert_valid_from($raw_cert); $now = time(); $datefromdiff = $now - $cert_validfrom_date; $datetodiff = $cert_expiry_date - $now; $cert_valid_days_ago = floor($datefromdiff / (60 * 60 * 24)); $cert_valid_days_ahead = floor($datetodiff / (60 * 60 * 24)); $unsublink = "https://" . $current_domain . "/unsubscribe.php?id=" . $id; $to = $email; $subject = "A certificate for " . htmlspecialchars($domain) . " expires in " . htmlspecialchars($days) . " days"; $message = "Hello,\r\n\r\nYou have a subscription to monitor the certificate of " . htmlspecialchars($domain) . " with the the Certificate Expiry Monitor. This is a service which monitors an SSL certificate on a website, and notifies you when it is about to expire. This extra notification helps you remember to renew your certificate on time.\r\n\r\nWe've noticed that the following domain has a certificate in it's chain that will expire in " . htmlspecialchars($days) . " days:\r\n\r\nDomain: " . htmlspecialchars($domain) . "\r\nCertificate Common Name: " . htmlspecialchars($cert_cn) . "\r\nCertificate Subject: " . htmlspecialchars($cert_subject) . "\r\nCertificate Serial: " . htmlspecialchars($cert_serial) . "\r\nCertificate Valid From: " . htmlspecialchars(date("Y-m-d H:i:s T", $cert_validfrom_date)) . " (" . $cert_valid_days_ago . " days ago)\r\nCertificate Valid Until: " . htmlspecialchars(date("Y-m-d H:i:s T", $cert_expiry_date)) . " (" . $cert_valid_days_ahead . " days left)\r\n\r\nYou should renew and replace your certificate before it expires. If you haven't set up the certificate yourself, please forward this email to the person/company that did this for you.\r\n\r\nNot replacing your certificate before the expiry date will result in a non-functional website with errors.\r\n\r\nTo unsubscribe from notifications for this domain please click or copy and paste the below link in your browser:\r\n\r\n" . $unsublink . "\r\n\r\n\r\n Have a nice day,\r\nThe Certificate Expiry Monitor Service.\r\nhttps://" . $current_domain . ""; $message = wordwrap($message, 70, "\r\n"); $headers = 'From: noreply@' . $current_domain . "\r\n" . 'Reply-To: noreply@' . $current_domain . "\r\n" . 'Return-Path: noreply@' . $current_domain . "\r\n" . 'X-Visitor-IP: ' . $visitor_ip . "\r\n" . 'X-Coffee: Black' . "\r\n" . 'List-Unsubscribe: <https://' . $current_domain . "/unsubscribe.php?id=" . $id . ">" . "\r\n" . 'X-Mailer: PHP/4.1.1'; if (mail($to, $subject, $message, $headers) === true) { echo "\t\tEmail sent to {$to}.\n"; return true; } else { echo "\t\tCan't send email.\n"; return false; } } } }