[serversetup-bwlp-ipxe] Disallow editing .special entries

author: Simon Rettberg 2021-04-27 16:15:06 +0200
committer: Simon Rettberg 2021-04-27 16:15:06 +0200
commit: de08fc1f317317d807317ddc6e5122f41fd48759 (patch)
tree: 18e7303d65e0947ddd3dad49f994d24163bd9747 /modules-available/serversetup-bwlp-ipxe/page.inc.php
parent: [serversetup-bwlp-ipxe] Fix localboot via exit (diff)
download: slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.tar.gz
slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.tar.xz
slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.zip
1 files changed, 14 insertions, 4 deletions
diff --git a/modules-available/serversetup-bwlp-ipxe/page.inc.php b/modules-available/serversetup-bwlp-ipxe/page.inc.php
index f0422fd3..8fd6fd49 100644
--- a/modules-available/serversetup-bwlp-ipxe/page.inc.php
+++ b/modules-available/serversetup-bwlp-ipxe/page.inc.php
@@ -531,6 +531,10 @@ class Page_ServerSetup extends Page
 				Message::addError('invalid-boot-entry', $id);
 				Util::redirect('?do=serversetup');
 			}
+			if ($row['module'] === '.special') {
+				Message::addError('cannot-edit-special', $id);
+				Util::redirect('?do=serversetup');
+			}
 			if ($row['module'][0] === '.') {
 				// either script or exec entry
 				$json = json_decode($row['data'], true);
@@ -873,7 +877,6 @@ class Page_ServerSetup extends Page
 			Message::addError('missing-bootentry-data');
 			return;
 		}
-		$module = false;
 		$type = Request::post('type', false, 'string');
 		if ($type[0] === '.') {
 			// Exec or script
@@ -881,6 +884,8 @@ class Page_ServerSetup extends Page
 				$entry = BootEntry::newStandardBootEntry($data);
 			} elseif ($type === '.script') {
 				$entry = BootEntry::newCustomBootEntry($data);
+			} else {
+				$entry = null;
 			}
 			if ($entry === null) {
 				Message::addError('main.empty-field');
@@ -924,10 +929,15 @@ class Page_ServerSetup extends Page
 		} else {
 			// Edit existing entry
 			$params['oldid'] = $oldEntryId;
-			Database::exec('UPDATE serversetup_bootentry SET
+			// Ignore .special, must never update
+			$aff = Database::exec("UPDATE serversetup_bootentry SET
 				entryid = If(builtin = 0, :entryid, entryid), title = :title, module = :module, data = :data
-				WHERE entryid = :oldid', $params);
-			Message::addSuccess('boot-entry-updated', $newId);
+				WHERE entryid = :oldid AND module <> '.special'", $params);
+			if ($aff > 0) {
+				Message::addSuccess('boot-entry-updated', $newId);
+			} else {
+				Message::addWarning('nothing-changed-or-protected', $newId);
+			}
 		}
 		if (Request::post('next') === 'reload') {
 			Util::redirect('?do=serversetup&show=editbootentry&id=' . $newId);
author	Simon Rettberg	2021-04-27 16:15:06 +0200
committer	Simon Rettberg	2021-04-27 16:15:06 +0200
commit	de08fc1f317317d807317ddc6e5122f41fd48759 (patch)
tree	18e7303d65e0947ddd3dad49f994d24163bd9747 /modules-available/serversetup-bwlp-ipxe/page.inc.php
parent	[serversetup-bwlp-ipxe] Fix localboot via exit (diff)
download	slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.tar.gz slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.tar.xz slx-admin-de08fc1f317317d807317ddc6e5122f41fd48759.zip