From 8144535b82ea68250edc8f61b92c7bc806699325 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Tue, 23 May 2017 21:59:47 -0500
Subject: [PATCH] Prevent invalid service tag names, ref #443

---
 CHANGELOG.md                                                    | 1 +
 app/Repositories/OptionRepository.php                           | 2 +-
 .../themes/pterodactyl/admin/services/options/new.blade.php     | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0219522ee..c5859e1b6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
 * API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
 * Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
+* Prevent using a service option tag that contains special chaacters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
 
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
diff --git a/app/Repositories/OptionRepository.php b/app/Repositories/OptionRepository.php
index fc887dd53..1a0ce4509 100644
--- a/app/Repositories/OptionRepository.php
+++ b/app/Repositories/OptionRepository.php
@@ -47,7 +47,7 @@ class OptionRepository
             'service_id' => 'required|numeric|exists:services,id',
             'name' => 'required|string|max:255',
             'description' => 'required|string',
-            'tag' => 'required|string|max:255|unique:service_options,tag',
+            'tag' => 'required|alpha_num|max:60|unique:service_options,tag',
             'docker_image' => 'sometimes|string|max:255',
             'startup' => 'sometimes|nullable|string',
             'config_from' => 'sometimes|required|numeric|exists:service_options,id',
diff --git a/resources/themes/pterodactyl/admin/services/options/new.blade.php b/resources/themes/pterodactyl/admin/services/options/new.blade.php
index 7c4da15ee..b69f539b9 100644
--- a/resources/themes/pterodactyl/admin/services/options/new.blade.php
+++ b/resources/themes/pterodactyl/admin/services/options/new.blade.php
@@ -66,7 +66,7 @@
                             <div class="form-group">
                                 <label for="pTag" class="form-label">Option Tag</label>
                                 <input type="text" id="pTag" name="tag" value="{{ old('tag') }}" class="form-control" />
-                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options.</p>
+                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options. Must be alpha-numeric and no more than 60 characters in length.</p>
                             </div>
                             <div class="form-group">
                                 <label for="pDockerImage" class="form-label">Docker Image</label>