From b9cf5fdbf9a15a30042bdeb36f9ca2891913fc90 Mon Sep 17 00:00:00 2001
From: Andrew <mcdeweykp@gmail.com>
Date: Tue, 11 Jan 2022 17:41:46 -0500
Subject: [PATCH] Fix so bad cron characters will not destroy DB.

---
 app/classes/shared/tasks.py      | 14 ++++++++++++--
 app/classes/web/panel_handler.py |  9 ++++++---
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/app/classes/shared/tasks.py b/app/classes/shared/tasks.py
index 52859146..9545a983 100644
--- a/app/classes/shared/tasks.py
+++ b/app/classes/shared/tasks.py
@@ -188,7 +188,12 @@ class TasksManager:
         if job_data['enabled']:
             if job_data['cron_string'] != "":
                 cron = job_data['cron_string'].split(' ')
-                self.scheduler.add_job(management_helper.add_command, 'cron', minute = cron[0],  hour = cron[1], day = cron[2], month = cron[3], day_of_week = cron[4], id=str(sch_id), args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
+                try:
+                    self.scheduler.add_job(management_helper.add_command, 'cron', minute = cron[0],  hour = cron[1], day = cron[2], month = cron[3], day_of_week = cron[4], id=str(sch_id), args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
+                except Exception as e:
+                    console.error("Failed to schedule task with error: {}.".format(e))
+                    console.info("Removing failed task from DB.")
+                    management_helper.delete_scheduled_task(sch_id)
             else:
                 if job_data['interval_type'] == 'hours':
                     self.scheduler.add_job(management_helper.add_command, 'cron', minute = 0,  hour = '*/'+str(job_data['interval']), id=str(sch_id), args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
@@ -208,7 +213,12 @@ class TasksManager:
             self.scheduler.remove_job(str(sch_id))
             if job_data['cron_string'] != "":
                 cron = job_data['cron_string'].split(' ')
-                self.scheduler.add_job(management_helper.add_command, 'cron', minute = cron[0],  hour = cron[1], day = cron[2], month = cron[3], day_of_week = cron[4], args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
+                try:
+                    self.scheduler.add_job(management_helper.add_command, 'cron', minute = cron[0],  hour = cron[1], day = cron[2], month = cron[3], day_of_week = cron[4], args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
+                except Exception as e:
+                    console.error("Failed to schedule task with error: {}.".format(e))
+                    console.info("Removing failed task from DB.")
+                    management_helper.delete_scheduled_task(sch_id)
             else:
                 if job_data['interval_type'] == 'hours':
                     self.scheduler.add_job(management_helper.add_command, 'cron', minute = 0,  hour = '*/'+str(job_data['interval']), id=str(sch_id), args=[job_data['server_id'], self.users_controller.get_id_by_name('system'), '127.0.0.1', job_data['command']])
diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py
index 3f21decf..79211b1e 100644
--- a/app/classes/web/panel_handler.py
+++ b/app/classes/web/panel_handler.py
@@ -946,8 +946,10 @@ class PanelHandler(BaseHandler):
             else:
                 interval_type = ''
                 cron_string = bleach.clean(self.get_argument('cron', ''))
-                if len(cron_string.split(' ')) != 5:
-                    self.redirect("/panel/error?error=INVALID FORMAT: Invalid Cron Format. Cron must have a space between each character and only have a max of 5 characters * * * * *")
+                cron_split = cron_string.split(' ')
+                if len(cron_split) != 5:
+                    self.redirect("/panel/error?error=INVALID FORMAT: Invalid Cron Format. Cron must have a space between each character and only have a max of 5 characters         * * * * *")
+                    return
                 action = bleach.clean(self.get_argument('action', None))
                 if action == "command":
                     command = bleach.clean(self.get_argument('command', None))
@@ -1062,7 +1064,8 @@ class PanelHandler(BaseHandler):
                 cron_string = bleach.clean(self.get_argument('cron', ''))
                 sch_id = self.get_argument('sch_id', None)
                 if len(cron_string.split(' ')) != 5:
-                    self.redirect("/panel/error?error=INVALID FORMAT: Invalid Cron Format. Cron must have a space between each character and only have a max of 5 characters * * * * *")
+                    self.redirect("/panel/error?error=INVALID FORMAT: Invalid Cron Format. Cron must have a space between each character and only have a max of 5 characters           * * * * *")
+                    return
                 action = bleach.clean(self.get_argument('action', None))
                 if action == "command":
                     command = bleach.clean(self.get_argument('command', None))