Sākums Izpētīt Palīdzība
Pierakstīties
mirrors
/
mailcow-dockerized
spogulis no https://github.com/mailcow/mailcow-dockerized
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Koks: c39712af67
Atzari Tagi
mailcow-dockeri...
/
data
/
web
/
inc
/
ajax
/
dns_diagnostics.php

dns_diagnostics.php 16 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490 
  1. <?php
    2. 

  2. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
    3. 

  3. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/spf.inc.php';
    4. 

  4. 

  5. define('state_good', '<i class="bi bi-check-lg text-success"></i>');
    6. 

  6. define('state_missing', '<i class="bi bi-x-lg text-danger"></i>');
    7. 

  7. define('state_nomatch', "?");
    8. 

  8. define('state_optional', " <sup>2</sup>");
    9. 

  9. 

  10. if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin"|| $_SESSION['mailcow_cc_role'] == "domainadmin")) {
    11. 

  11. 

  12.   $alias_domains = array();
    13. 

  13. 

  14.   if (isset($_GET['domain'])) {
    15. 

  15.     $domain_details = mailbox('get', 'domain_details', $_GET['domain']);
    16. 

  16.     if ($domain_details !== false) {
    17. 

  17.       $domain = $_GET['domain'];
    18. 

  18.       $alias_domains = array_merge($alias_domains, mailbox('get', 'alias_domains', $domain));
    19. 

  19.     }
    20. 

  20.     else {
    21. 

  21.       echo "No such domain in context";
    22. 

  22.       exit();
    23. 

  23.     }
    24. 

  24.   }
    25. 

  25. 

  26.   $ch = curl_init('http://ip4.mailcow.email');
    27. 

  27.   curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
    28. 

  28.   curl_setopt($ch, CURLOPT_VERBOSE, false);
    29. 

  29.   curl_setopt($ch, CURLOPT_HEADER, false);
    30. 

  30.   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    31. 

  31.   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
    32. 

  32.   $ip = curl_exec($ch);
    33. 

  33.   curl_close($ch);
    34. 

  34. 

  35.   $ch = curl_init('http://ip6.mailcow.email');
    36. 

  36.   curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6);
    37. 

  37.   curl_setopt($ch, CURLOPT_VERBOSE, false);
    38. 

  38.   curl_setopt($ch, CURLOPT_HEADER, false);
    39. 

  39.   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    40. 

  40.   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
    41. 

  41.   $ip6 = curl_exec($ch);
    42. 

  42.   curl_close($ch);
    43. 

  43. 

  44.   $ptr = implode('.', array_reverse(explode('.', $ip))) . '.in-addr.arpa';
    45. 

  45.   if (!empty($ip6)) {
    46. 

  46.     $ip6_full = str_replace('::', str_repeat(':', 9-substr_count($ip6, ':')), $ip6);
    47. 

  47.     $ip6_full = str_replace('::', ':0:', $ip6_full);
    48. 

  48.     $ip6_full = str_replace('::', ':0:', $ip6_full);
    49. 

  49.     $ptr6 = '';
    50. 

  50.     foreach (explode(':', $ip6_full) as $part) {
    51. 

  51.       $ptr6 .= str_pad($part, 4, '0', STR_PAD_LEFT);
    52. 

  52.     }
    53. 

  53.     $ptr6 = implode('.', array_reverse(str_split($ptr6, 1))) . '.ip6.arpa';
    54. 

  54.   }
    55. 

  55. 

  56.   $https_port = strpos($_SERVER['HTTP_HOST'], ':');
    57. 

  57.   if ($https_port === FALSE) {
    58. 

  58.     $https_port = 443;
    59. 

  59.   }
    60. 

  60.   else {
    61. 

  61.     $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
    62. 

  62.   }
    63. 

  63. 

  64.   if (!isset($autodiscover_config['sieve'])) {
    65. 

  65.     $autodiscover_config['sieve'] = array(
    66. 

  66.       'server' => $mailcow_hostname,
    67. 

  67.       'port' => array_pop(explode(':', getenv('SIEVE_PORT')))
    68. 

  68.     );
    69. 

  69.   }
    70. 

  70. 

  71.   // Init records array
    72. 

  72.   $spf_link = '<a href="http://www.open-spf.org/SPF_Record_Syntax/" target="_blank">SPF Record Syntax</a><br />';
    73. 

  73.   $dmarc_link = '<a href="https://www.kitterman.com/dmarc/assistant.html" target="_blank">DMARC Assistant</a>';
    74. 

  74.   $mtasts_report_link = '<a href="https://mxtoolbox.com/dmarc/smtp-tls/how-to-setup-smtp-tls-reports" target="_blank">TLS Report Record Syntax</a>';
    75. 

  75. 

  76.   $records = array();
    77. 

  77. 

  78.   if ($_SESSION['mailcow_cc_role'] == "admin") {
    79. 

  79.     $records[] = array(
    80. 

  80.       $mailcow_hostname,
    81. 

  81.       'A',
    82. 

  82.       $ip
    83. 

  83.     );
    84. 

  84.     $records[] = array(
    85. 

  85.       $ptr,
    86. 

  86.       'PTR',
    87. 

  87.       $mailcow_hostname
    88. 

  88.     );
    89. 

  89.     if (!empty($ip6)) {
    90. 

  90.       $records[] = array(
    91. 

  91.         $mailcow_hostname,
    92. 

  92.         'AAAA',
    93. 

  93.         expand_ipv6($ip6)
    94. 

  94.       );
    95. 

  95.       $records[] = array(
    96. 

  96.         $ptr6,
    97. 

  97.         'PTR',
    98. 

  98.         $mailcow_hostname
    99. 

  99.       );
    100. 

  100.     }
    101. 

  101.     $records[] = array(
    102. 

  102.       '_25._tcp.' . $autodiscover_config['smtp']['server'],
    103. 

  103.       'TLSA',
    104. 

  104.       generate_tlsa_digest($autodiscover_config['smtp']['server'], 25, 1)
    105. 

  105.     );
    106. 

  106.   }
    107. 

  107. 

  108.   $records[] = array(
    109. 

  109.     $domain,
    110. 

  110.     'MX',
    111. 

  111.     $mailcow_hostname
    112. 

  112.   );
    113. 

  113. 

  114.   if (!in_array($domain, $alias_domains)) {
    115. 

  115.     $records[] = array(
    116. 

  116.       'autodiscover.' . $domain,
    117. 

  117.       'CNAME',
    118. 

  118.       $mailcow_hostname
    119. 

  119.     );
    120. 

  120.     $records[] = array(
    121. 

  121.       '_autodiscover._tcp.' . $domain,
    122. 

  122.       'SRV',
    123. 

  123.       $mailcow_hostname . ' ' . $https_port
    124. 

  124.     );
    125. 

  125.     $records[] = array(
    126. 

  126.       'autoconfig.' . $domain,
    127. 

  127.       'CNAME',
    128. 

  128.       $mailcow_hostname
    129. 

  129.     );
    130. 

  130.   }
    131. 

  131. 

  132.   $mta_sts = mailbox('get', 'mta_sts', $domain);
    133. 

  133.   if (count($mta_sts) > 0 && $mta_sts['active'] == 1) {
    134. 

  134.     if (!in_array($domain, $alias_domains)) {
    135. 

  135.       $records[] = array(
    136. 

  136.         'mta-sts.' . $domain,
    137. 

  137.         'CNAME',
    138. 

  138.         $mailcow_hostname
    139. 

  139.       );
    140. 

  140.     }
    141. 

  141.     $records[] = array(
    142. 

  142.         '_mta-sts.' . $domain,
    143. 

  143.         'TXT',
    144. 

  144.         "v={$mta_sts['version']};id={$mta_sts['id']};",
    145. 

  145.     );
    146. 

  146.     $records[] = array(
    147. 

  147.         '_smtp._tls.' . $domain,
    148. 

  148.         'TXT',
    149. 

  149.         $mtasts_report_link,
    150. 

  150.     );
    151. 

  151.   }
    152. 

  152. 

  153.   $records[] = array(
    154. 

  154.     $domain,
    155. 

  155.     'TXT',
    156. 

  156.     $spf_link,
    157. 

  157.     state_optional
    158. 

  158.   );
    159. 

  159. 

  160.   $records[] = array(
    161. 

  161.     '_dmarc.' . $domain,
    162. 

  162.     'TXT',
    163. 

  163.     $dmarc_link,
    164. 

  164.     state_optional
    165. 

  165.   );
    166. 

  166. 

  167.   if (!empty($dkim = dkim('details', $domain))) {
    168. 

  168.     $records[] = array(
    169. 

  169.       $dkim['dkim_selector'] . '._domainkey.' . $domain,
    170. 

  170.       'TXT',
    171. 

  171.       $dkim['dkim_txt']
    172. 

  172.     );
    173. 

  173.   }
    174. 

  174. 

  175.   if (!in_array($domain, $alias_domains)) {
    176. 

  176.     $current_records = (array)dns_get_record('_pop3._tcp.' . $domain, DNS_SRV);
    177. 

  177.     if (count($current_records) == 0 || $current_records[0]['target'] != '') {
    178. 

  178.       if ($autodiscover_config['pop3']['tlsport'] != '110') {
    179. 

  179.         $records[] = array(
    180. 

  180.           '_pop3._tcp.' . $domain,
    181. 

  181.           'SRV',
    182. 

  182.           $autodiscover_config['pop3']['server'] . ' ' . $autodiscover_config['pop3']['tlsport']
    183. 

  183.         );
    184. 

  184.       }
    185. 

  185.     }
    186. 

  186.     else {
    187. 

  187.       $records[] = array(
    188. 

  188.         '_pop3._tcp.' . $domain,
    189. 

  189.         'SRV',
    190. 

  190.         '. 0'
    191. 

  191.       );
    192. 

  192.     }
    193. 

  193. 

  194.     $current_records = (array)dns_get_record('_pop3s._tcp.' . $domain, DNS_SRV);
    195. 

  195. 

  196.     if (count($current_records) == 0 || $current_records[0]['target'] != '') {
    197. 

  197.       if ($autodiscover_config['pop3']['port'] != '995') {
    198. 

  198.         $records[] = array(
    199. 

  199.           '_pop3s._tcp.' . $domain,
    200. 

  200.           'SRV',
    201. 

  201.           $autodiscover_config['pop3']['server'] . ' ' . $autodiscover_config['pop3']['port']
    202. 

  202.         );
    203. 

  203.       }
    204. 

  204.     }
    205. 

  205.     else {
    206. 

  206.       $records[] = array(
    207. 

  207.         '_pop3s._tcp.' . $domain,
    208. 

  208.         'SRV',
    209. 

  209.         '. 0'
    210. 

  210.       );
    211. 

  211.     }
    212. 

  212. 

  213.     if ($autodiscover_config['imap']['tlsport'] != '143') {
    214. 

  214.       $records[] = array(
    215. 

  215.         '_imap._tcp.' . $domain,
    216. 

  216.         'SRV',
    217. 

  217.         $autodiscover_config['imap']['server'] . ' ' . $autodiscover_config['imap']['tlsport']
    218. 

  218.       );
    219. 

  219.     }
    220. 

  220. 

  221.     if ($autodiscover_config['imap']['port'] != '993') {
    222. 

  222.       $records[] = array(
    223. 

  223.         '_imaps._tcp.' . $domain,
    224. 

  224.         'SRV',
    225. 

  225.         $autodiscover_config['imap']['server'] . ' ' . $autodiscover_config['imap']['port']
    226. 

  226.       );
    227. 

  227.     }
    228. 

  228. 

  229.     if ($autodiscover_config['smtp']['tlsport'] != '587') {
    230. 

  230.       $records[] = array(
    231. 

  231.         '_submission._tcp.' . $domain,
    232. 

  232.         'SRV',
    233. 

  233.         $autodiscover_config['smtp']['server'] . ' ' . $autodiscover_config['smtp']['tlsport']
    234. 

  234.       );
    235. 

  235.     }
    236. 

  236. 

  237.     if ($autodiscover_config['smtp']['port'] != '465') {
    238. 

  238.       $records[] = array(
    239. 

  239.         '_smtps._tcp.' . $domain,
    240. 

  240.         'SRV',
    241. 

  241.         $autodiscover_config['smtp']['server'] . ' ' . $autodiscover_config['smtp']['port']
    242. 

  242.       );
    243. 

  243.     }
    244. 

  244. 

  245.     if ($autodiscover_config['sieve']['port'] != '4190') {
    246. 

  246.       $records[] = array(
    247. 

  247.         '_sieve._tcp.' . $domain,
    248. 

  248.         'SRV',
    249. 

  249.         $autodiscover_config['sieve']['server'] . ' ' . $autodiscover_config['sieve']['port']
    250. 

  250.       );
    251. 

  251.     }
    252. 

  252.   }
    253. 

  253. 

  254.   $record_types = array(
    255. 

  255.     'A' => DNS_A,
    256. 

  256.     'AAAA' => DNS_AAAA,
    257. 

  257.     'CNAME' => DNS_CNAME,
    258. 

  258.     'MX' => DNS_MX,
    259. 

  259.     'PTR' => DNS_PTR,
    260. 

  260.     'SRV' => DNS_SRV,
    261. 

  261.     'TXT' => DNS_TXT,
    262. 

  262.   );
    263. 

  263. 

  264.   $data_field = array(
    265. 

  265.     'A' => 'ip',
    266. 

  266.     'AAAA' => 'ipv6',
    267. 

  267.     'CNAME' => 'target',
    268. 

  268.     'MX' => 'target',
    269. 

  269.     'PTR' => 'target',
    270. 

  270.     'SRV' => 'data',
    271. 

  271.     'TLSA' => 'data',
    272. 

  272.     'TXT' => 'txt',
    273. 

  273.   );
    274. 

  274. 

  275.   ?>
    276. 

  276.   <div class="table-responsive" id="dnstable">
    277. 

  277.     <table class="table table-striped">
    278. 

  278.       <tr>
    279. 

  279.         <th><?=$lang['diagnostics']['dns_records_name'];?></th>
    280. 

  280.         <th><?=$lang['diagnostics']['dns_records_type'];?></th>
    281. 

  281.         <th><?=$lang['diagnostics']['dns_records_data'];?></th>
    282. 

  282.         <th><?=$lang['diagnostics']['dns_records_status'];?></th>
    283. 

  283.       </tr>
    284. 

  284.       <?php
    285. 

  285.       foreach ($records as &$record) {
    286. 

  286.         $record[1] = strtoupper($record[1]);
    287. 

  287.         $state = state_optional;
    288. 

  288. 

  289.         if ($record[1] == 'TLSA') {
    290. 

  290.           $currents = (array)dns_get_record($record[0], 52, $_, $_, TRUE);
    291. 

  291.           foreach ($currents as &$current) {
    292. 

  292.             $current['type'] = 'TLSA';
    293. 

  293.             $current['cert_usage'] = hexdec(bin2hex($current['data'][0]));
    294. 

  294.             $current['selector'] = hexdec(bin2hex($current['data'][1]));
    295. 

  295.             $current['match_type'] = hexdec(bin2hex($current['data'][2]));
    296. 

  296.             $current['cert_data'] = bin2hex(substr($current['data'], 3));
    297. 

  297.             $current['data'] = $current['cert_usage'] . ' ' . $current['selector'] . ' ' . $current['match_type'] . ' ' . $current['cert_data'];
    298. 

  298.           }
    299. 

  299.           unset($current);
    300. 

  300.         }
    301. 

  301.         else {
    302. 

  302.           $currents = (array)dns_get_record($record[0], $record_types[$record[1]]);
    303. 

  303.           if ($record[0] == $mailcow_hostname && ($record[1] == "A" || $record[1] == "AAAA")) {
    304. 

  304.             if (!empty((array)dns_get_record($record[0], DNS_CNAME))) {
    305. 

  305.               $currents[0]['ip'] = state_missing . ' <b>(CNAME)</b>';
    306. 

  306.               $currents[0]['ipv6'] = state_missing . ' <b>(CNAME)</b>';
    307. 

  307.             }
    308. 

  308.           }
    309. 

  309.           if ($record[1] == 'SRV') {
    310. 

  310.             foreach ($currents as &$current) {
    311. 

  311.               if ($current['target'] == '') {
    312. 

  312.                 $current['target'] = '.';
    313. 

  313.                 $current['port'] = '0';
    314. 

  314.               }
    315. 

  315.               $current['data'] = $current['target'] . ' ' . $current['port'];
    316. 

  316.             }
    317. 

  317.             unset($current);
    318. 

  318.           }
    319. 

  319.           elseif ($record[1] == 'TXT') {
    320. 

  320.             foreach ($currents as &$current) {
    321. 

  321.               unset($current);
    322. 

  322.             }
    323. 

  323.             unset($current);
    324. 

  324.           }
    325. 

  325.           elseif ($record[1] == 'AAAA') {
    326. 

  326.             foreach ($currents as &$current) {
    327. 

  327.               $current['ipv6'] = expand_ipv6($current['ipv6']);
    328. 

  328.             }
    329. 

  329.           }
    330. 

  330.         }
    331. 

  331. 

  332.         if ($record[1] == 'CNAME' && count($currents) == 0) {
    333. 

  333.           // A and AAAA are also valid instead of CNAME
    334. 

  334.           $a = (array)dns_get_record($record[0], DNS_A);
    335. 

  335.           $cname = (array)dns_get_record($record[2], DNS_A);
    336. 

  336.           if (count($a) > 0 && count($cname) > 0) {
    337. 

  337.             if ($a[0]['ip'] == $cname[0]['ip']) {
    338. 

  338.               $currents = array(
    339. 

  339.                 array(
    340. 

  340.                   'host' => $record[0],
    341. 

  341.                   'class' => 'IN',
    342. 

  342.                   'type' => 'CNAME',
    343. 

  343.                   'target' => $record[2]
    344. 

  344.                 )
    345. 

  345.               );
    346. 

  346.               $aaaa = (array)dns_get_record($record[0], DNS_AAAA);
    347. 

  347.               $cname = (array)dns_get_record($record[2], DNS_AAAA);
    348. 

  348.               if (count($aaaa) == 0 || count($cname) == 0 || expand_ipv6($aaaa[0]['ipv6']) != expand_ipv6($cname[0]['ipv6'])) {
    349. 

  349.                 $currents[0]['target'] = expand_ipv6($aaaa[0]['ipv6']) . ' <sup>1</sup>';
    350. 

  350.               }
    351. 

  351.             }
    352. 

  352.             else {
    353. 

  353.               $currents = array(
    354. 

  354.                 array(
    355. 

  355.                   'host' => $record[0],
    356. 

  356.                   'class' => 'IN',
    357. 

  357.                   'type' => 'CNAME',
    358. 

  358.                   'target' => $a[0]['ip'] . ' <sup>1</sup>'
    359. 

  359.                 )
    360. 

  360.               );
    361. 

  361.             }
    362. 

  362.           }
    363. 

  363.         }
    364. 

  364. 

  365.         foreach ($currents as &$current) {
    366. 

  366.           if ($current['type'] == "TXT" &&
    367. 

  367.               stripos(strtolower($current['txt']), 'v=sts') === 0) {
    368. 

  368.             if (strtolower($current[$data_field[$current['type']]]) == strtolower($record[2])) {
    369. 

  369.               $state = state_good;
    370. 

  370.             }
    371. 

  371.             else {
    372. 

  372.               $state = state_nomatch;
    373. 

  373.             }
    374. 

  374.             $state .= '<br />' . $current[$data_field[$current['type']]];
    375. 

  375.           }
    376. 

  376.           if ($current['type'] == 'TXT' &&
    377. 

  377.               stripos($current['txt'], 'v=dmarc') === 0 &&
    378. 

  378.               $record[2] == $dmarc_link) {
    379. 

  379.             $current['txt'] = str_replace(' ', '', $current['txt']);
    380. 

  380.             $state = $current[$data_field[$current['type']]] . state_optional;
    381. 

  381.           }
    382. 

  382.           elseif ($current['type'] == 'TXT' &&
    383. 

  383.                   stripos($current['txt'], 'v=spf') === 0 &&
    384. 

  384.                   $record[2] == $spf_link) {
    385. 

  385.             $state = state_nomatch;
    386. 

  386.             $rslt = get_spf_allowed_hosts($record[0], true);
    387. 

  387.             if (in_array($ip, $rslt) && in_array(expand_ipv6($ip6), $rslt)) {
    388. 

  388.               $state = state_good;
    389. 

  389.             }
    390. 

  390.             $state .= '<br />' . $current[$data_field[$current['type']]] . state_optional;
    391. 

  391.           }
    392. 

  392.           elseif ($current['type'] == 'TXT' &&
    393. 

  393.                   stripos($current['txt'], 'v=dkim') === 0 &&
    394. 

  394.                   stripos($record[2], 'v=dkim') === 0) {
    395. 

  395.             preg_match('/v=DKIM1;.*k=rsa;.*p=([^;]*).*/i', $current[$data_field[$current['type']]], $dkim_matches_current);
    396. 

  396.             preg_match('/v=DKIM1;.*k=rsa;.*p=([^;]*).*/i', $record[2], $dkim_matches_good);
    397. 

  397.             if ($dkim_matches_current[1] == $dkim_matches_good[1]) {
    398. 

  398.               $state = state_good;
    399. 

  399.             }
    400. 

  400.           }
    401. 

  401.           elseif ($current['type'] != 'TXT' &&
    402. 

  402.                   isset($data_field[$current['type']]) && $state != state_good) {
    403. 

  403.             $state = state_nomatch;
    404. 

  404.             if ($current[$data_field[$current['type']]] == $record[2]) {
    405. 

  405.               $state = state_good;
    406. 

  406.             }
    407. 

  407.           }
    408. 

  408.         }
    409. 

  409.         unset($current);
    410. 

  410. 

  411.         if (isset($record[3]) &&
    412. 

  412.         $record[3] == state_optional &&
    413. 

  413.         ($state == state_missing || $state == state_nomatch)) {
    414. 

  414.           $state = state_optional;
    415. 

  415.         }
    416. 

  416. 

  417.         if ($state == state_nomatch) {
    418. 

  418.           $state = array();
    419. 

  419.           foreach ($currents as $current) {
    420. 

  420.             $state[] = $current[$data_field[$current['type']]];
    421. 

  421.           }
    422. 

  422.           $state = implode('<br />', $state);
    423. 

  423.         }
    424. 

  424.         echo sprintf('
    425. 

  425.         <tr>
    426. 

  426.           <td>%s</td>
    427. 

  427.           <td>%s</td>
    428. 

  428.           <td class="dns-found">%s</td>
    429. 

  429.           <td class="dns-recommended">%s</td>
    430. 

  430.         </tr>', $record[0], $record[1], $record[2], $state);
    431. 

  431.         $record[3] = explode('<br />', $state);
    432. 

  432.       }
    433. 

  433. 

  434.       unset($record);
    435. 

  435. 

  436.       $dns_data = sprintf("\$ORIGIN %s.\n", $domain);
    437. 

  437.       foreach ($records as $record) {
    438. 

  438.         if ($domain == substr($record[0], -strlen($domain))) {
    439. 

  439.           $label = substr($record[0], 0, -strlen($domain)-1);
    440. 

  440.           $val = $record[2];
    441. 

  441. 

  442.           if (strlen($label) == 0) {
    443. 

  443.             $label = "@";
    444. 

  444.           }
    445. 

  445. 

  446.           $vals = array();
    447. 

  447.           if (strpos($val, "<a") !== FALSE) {
    448. 

  448.             if (is_array($record[3]) && count($record[3]) == 1 && $record[3][0] == state_optional) {
    449. 

  449.               $record[3][0] = "**TODO**";
    450. 

  450.               $label = ';' . $label;
    451. 

  451.             }
    452. 

  452.             foreach ($record[3] as $val) {
    453. 

  453.               $val = str_replace(state_optional, '', $val);
    454. 

  454.               $val = str_replace(state_good, '', $val);
    455. 

  455.               if (strlen($val) > 0) {
    456. 

  456.                 $vals[] = sprintf("%s\tIN\t%s\t%s\n", $label, $record[1], $val);
    457. 

  457.               }
    458. 

  458.             }
    459. 

  459.           }
    460. 

  460.           else {
    461. 

  461.             $vals[] = sprintf("%s\tIN\t%s\t%s\n", $label, $record[1], $val);
    462. 

  462.           }
    463. 

  463. 

  464.           foreach ($vals as $val) {
    465. 

  465.             $dns_data .= str_replace($domain, $domain . '.', $val);
    466. 

  466.           }
    467. 

  467.         }
    468. 

  468.       }
    469. 

  469.       ?>
    470. 

  470.     </table>
    471. 

  471.     <a id='download-zonefile' class="btn btn-sm btn-secondary visible-xs-block visible-sm-inline visible-md-inline visible-lg-inline mb-4" style="margin-top:10px" data-zonefile="<?=base64_encode($dns_data);?>" download='<?=$_GET['domain'];?>.txt' type='text/csv'>Download</a>
    472. 

  472.     <script>
    473. 

  473.       var zonefile_dl_link = document.getElementById('download-zonefile');
    474. 

  474.       var zonefile = atob(zonefile_dl_link.getAttribute('data-zonefile'));
    475. 

  475.       var data = new Blob([zonefile]);
    476. 

  476.       var download_zonefile_link = document.getElementById('download-zonefile');
    477. 

  477.       download_zonefile_link.href = URL.createObjectURL(data);
    478. 

  478.     </script>
    479. 

  479.   </div>
    480. 

  480.   <p class="help-block">
    481. 

  481.     <sup>1</sup> <?=$lang['diagnostics']['cname_from_a'];?><br />
    482. 

  482.     <sup>2</sup> <?=$lang['diagnostics']['optional'];?>
    483. 

  483.   </p>
    484. 

  484.   <?php
    485. 

  485. }
    486. 

  486. else {
    487. 

  487.   echo "Session invalid";
    488. 

  488.   exit();
    489. 

  489. }
    490. 

  490. ?>
    491.