From 15a98b52c93746e54bd40812f0a9f8c0229a5457 Mon Sep 17 00:00:00 2001
From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com>
Date: Sun, 29 Mar 2026 01:24:08 +0530
Subject: [PATCH] fix(validation): add input validation for
 server_disk_usage_check_frequency on API

---
 app/Http/Controllers/Api/ServersController.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/Http/Controllers/Api/ServersController.php b/app/Http/Controllers/Api/ServersController.php
index 930879d80..beba33a8c 100644
--- a/app/Http/Controllers/Api/ServersController.php
+++ b/app/Http/Controllers/Api/ServersController.php
@@ -702,6 +702,13 @@ public function update_server(Request $request)
             ]);
         }
 
+        if ($request->has('server_disk_usage_check_frequency') && ! validate_cron_expression($request->server_disk_usage_check_frequency)) {
+            return response()->json([
+                'message' => 'Validation failed.',
+                'errors' => ['server_disk_usage_check_frequency' => ['Invalid Cron / Human expression for Disk Usage Check Frequency.']],
+            ], 422);
+        }
+
         $advancedSettings = $request->only(['concurrent_builds', 'dynamic_timeout', 'deployment_queue_limit', 'server_disk_usage_notification_threshold', 'server_disk_usage_check_frequency']);
         if (! empty($advancedSettings)) {
             $server->settings()->update(array_filter($advancedSettings, fn ($value) => ! is_null($value)));