From: Tim Düsterhus <duesterhus@woltlab.com>
Date: Wed, 19 Aug 2020 14:16:19 +0000 (+0200)
Subject: Prevent adding *.woltlab.com update servers
X-Git-Tag: 5.3.0_Alpha_1~22^2~11
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=67eea8c1acc3b5b67a26e52e1b86410a8cc13e2e;p=GitHub%2FWoltLab%2FWCF.git

Prevent adding *.woltlab.com update servers
---

diff --git a/wcfsetup/install/files/lib/acp/form/PackageUpdateServerAddForm.class.php b/wcfsetup/install/files/lib/acp/form/PackageUpdateServerAddForm.class.php
index 932d8ce09b..3ba6f325e0 100755
--- a/wcfsetup/install/files/lib/acp/form/PackageUpdateServerAddForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/PackageUpdateServerAddForm.class.php
@@ -9,6 +9,7 @@ use wcf\system\request\LinkHandler;
 use wcf\system\WCF;
 use wcf\system\WCFACP;
 use wcf\util\StringUtil;
+use wcf\util\Url;
 
 /**
  * Shows the server add form.
@@ -79,6 +80,10 @@ class PackageUpdateServerAddForm extends AbstractForm {
 			throw new UserInputException('serverURL', 'invalid');
 		}
 		
+		if (preg_match('/^.*\.woltlab.com$/', Url::parse($this->serverURL)['host'])) {
+			throw new UserInputException('serverURL', 'woltlab');
+		}
+		
 		if (($duplicate = $this->findDuplicateServer())) {
 			throw new UserInputException('serverURL', [
 				'duplicate' => $duplicate,
diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml
index 79a862faf3..33d146ad06 100644
--- a/wcfsetup/install/lang/de.xml
+++ b/wcfsetup/install/lang/de.xml
@@ -2783,6 +2783,7 @@ Kein Abschnitt darf leer sein und alle Abschnitten dÃ¼rfen nur folgende Zeichen
 		<item name="wcf.acp.updateServer.packages"><![CDATA[Pakete]]></item>
 		<item name="wcf.acp.updateServer.serverURL"><![CDATA[Adresse]]></item>
 		<item name="wcf.acp.updateServer.serverURL.error.invalid"><![CDATA[Die eingetragene Adresse ist ungÃ¼ltig.]]></item>
+		<item name="wcf.acp.updateServer.serverURL.error.woltlab"><![CDATA[Die offiziellen Paketserver sind bereits hinterlegt und korrekt konfiguriert.]]></item>
 		<item name="wcf.acp.updateServer.serverURL.error.duplicate"><![CDATA[Dieser Paketserver ist bereits hinterlegt. {if LANGUAGE_USE_INFORMAL_VARIANT}Du kannst{else}Sie kÃ¶nnen{/if} <a href="{link controller="PackageUpdateServerEdit" id=$errorType[duplicate]->packageUpdateServerID}{/link}"><strong>den bestehenden Paketserver bearbeiten</strong></a>.]]></item>
 		<item name="wcf.acp.updateServer.status"><![CDATA[Status]]></item>
 		<item name="wcf.acp.updateServer.lastUpdateTime"><![CDATA[Letzter Zugriff]]></item>
diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml
index ed5600a9ff..9499a85669 100644
--- a/wcfsetup/install/lang/en.xml
+++ b/wcfsetup/install/lang/en.xml
@@ -2710,6 +2710,7 @@ If you have <strong>already bought the licenses for the listed apps</strong>, th
 		<item name="wcf.acp.updateServer.packages"><![CDATA[Packages]]></item>
 		<item name="wcf.acp.updateServer.serverURL"><![CDATA[Address]]></item>
 		<item name="wcf.acp.updateServer.serverURL.error.invalid"><![CDATA[The address is invalid.]]></item>
+		<item name="wcf.acp.updateServer.serverURL.error.woltlab"><![CDATA[The official servers are already stored and correctly configured.]]></item>
 		<item name="wcf.acp.updateServer.serverURL.error.duplicate"><![CDATA[The given server is already configured. You can <a href="{link controller="PackageUpdateServerEdit" id=$errorType[duplicate]->packageUpdateServerID}{/link}"><strong>edit the existing server</strong></a>.]]></item>
 		<item name="wcf.acp.updateServer.status"><![CDATA[Status]]></item>
 		<item name="wcf.acp.updateServer.lastUpdateTime"><![CDATA[Last Access]]></item>
