.htaccess validator

htaccess-check.php

<?php

$email = '[email protected]';
$path = '/home/*';

$folders = glob($path, GLOB_ONLYDIR);
foreach($folders as $folder){
    // skip non-client directories
    if(fileowner($folder) < 1001) continue;

    $account = pathinfo($folder)['filename'];
    $file = $folder.'/public_html/.htaccess';
    $backup = $folder.'/public_html/.htaccess-backup';
    $modified = $folder.'/public_html/.htaccess-modified';

    $file_size = filesize($file);
    $modified_size = filesize($modified);

    // if our stored modified file is more than a day old, let's remove it so we can re-notify admin
    if($modified_size) {
        $modified_time = filemtime($modified);
        $now = time();
        if($now - $modified_time > 86400)
            unlink($modified);
    }

    // only copy if we have a valid .htaccess file
    if(!file_exists($backup) && $file_size > 0) {
        copy($file, $backup);
        chown($backup, $account);
        chgrp($backup, $account);

        // notify admin
        send_mail($email, $account, 'backup');
    }
    $backup_size = file_exists($backup) ? filesize($backup) : 'n/a';

    if($file_size != $backup_size) {
        if($file_size == 0 && $backup_size > 0) {
            // restore backup
            copy($backup, $file);
            chown($file, $account);
            chgrp($file, $account);

            // notify admin
            send_mail($email, $account, 'empty');
        } else {
            // if we already have a modified version stored, ignore everything
            if($modified_size) continue;

            // if the file is changed, store the modified version then restore the backup and notify admin
            copy($file, $modified);
            chown($modified, $account);
            chgrp($modified, $account);

            // toyed with the idea of restoring the backup by default,
            // but that could create issues if a legit plugin made a change
            //copy($backup, $file);
            //chown($file, $account);
            //chgrp($file, $account);

            $file_contents = file_get_contents($modified);
            $backup_contents = file_get_contents($backup);

            // notify admin
            send_mail($email, $account, 'modified', $file_contents, $backup_contents);
        }
    }
}


// putting this in a function isn't necessary, but it makes reading the code above easier
function send_mail($email, $account, $type, $file_contents = '', $backup_contents = '') {

    switch($type) {
        case 'empty':
            $subject = ".htaccess file EMPTY for: $account!";
            $message = <<<EOQ
.htaccess file found empty for: $account !!!

Backup has been restored.
EOQ;
            break;

        case 'backup':
            $subject = ".htaccess backup created for: $account!";
            $message = <<<EOQ
Backup .htaccess file created for: $account

Backup file: .htaccess-backup
EOQ;
            break;

        case 'modified':
            $subject = ".htaccess file modified for: $account";
            $message = <<<EOQ
Modified .htaccess file for: $account

Modified version stored as .htaccess-modified

There will be no further emails about this for 24 hours.

To accept the modified version, copy .htaccess to .htaccess-backup and delete .htaccess-modified

Until this has been done, there will be no further checks for modified content for this account unless the file becomes empty.

New Content:
--------------------------------------------------------
$file_contents
--------------------------------------------------------

Backup:
--------------------------------------------------------
$backup_contents
--------------------------------------------------------
EOQ;
    }
    mail($email, $subject, $message);
}