From 3e8e19e8dcc08204327a566ddf3a32f797bc684d Mon Sep 17 00:00:00 2001
From: Manuel Weiser <manuel.weiser@me.com>
Date: Thu, 13 Feb 2025 09:20:02 +0100
Subject: [PATCH] refactor Bambu credentials handling and improve input
 validation

---
 html/spoolman.html |  6 ------
 src/bambu.cpp      | 17 +++++++++++++----
 src/commonFS.cpp   |  3 ++-
 src/website.cpp    | 18 +++++++++++++++---
 4 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/html/spoolman.html b/html/spoolman.html
index 3faf19a..d5c19b6 100644
--- a/html/spoolman.html
+++ b/html/spoolman.html
@@ -32,12 +32,6 @@
                 .then(data => {
                     if (data.healthy) {
                         document.getElementById('bambuStatusMessage').innerText = 'Bambu Credentials saved!';
-                        // Erstelle und zeige den Reboot-Button
-                        const rebootBtn = document.createElement('button');
-                        rebootBtn.innerText = 'Reboot now';
-                        rebootBtn.className = 'reboot-button';
-                        rebootBtn.onclick = () => window.location.href = '/reboot';
-                        document.getElementById('bambuStatusMessage').appendChild(rebootBtn);
                     } else {
                         document.getElementById('bambuStatusMessage').innerText = 'Error while saving Bambu Credentials.';
                     }
diff --git a/src/bambu.cpp b/src/bambu.cpp
index 06b4612..cc5461c 100644
--- a/src/bambu.cpp
+++ b/src/bambu.cpp
@@ -30,17 +30,26 @@ int ams_count = 0;
 String amsJsonData;  // Speichert das fertige JSON für WebSocket-Clients
 AMSData ams_data[MAX_AMS];  // Definition des Arrays
 
-bool saveBambuCredentials(const String& bambu_ip, const String& bambu_serialnr, const String& bambu_accesscode) {
+bool saveBambuCredentials(const String& ip, const String& serialnr, const String& accesscode) {
+    if (BambuMqttTask) {
+        vTaskDelete(BambuMqttTask);
+    }
+    
     JsonDocument doc;
-    doc["bambu_ip"] = bambu_ip;
-    doc["bambu_accesscode"] = bambu_accesscode;
-    doc["bambu_serialnr"] = bambu_serialnr;
+    doc["bambu_ip"] = ip;
+    doc["bambu_accesscode"] = accesscode;
+    doc["bambu_serialnr"] = serialnr;
 
     if (!saveJsonValue("/bambu_credentials.json", doc)) {
         Serial.println("Fehler beim Speichern der Bambu-Credentials.");
         return false;
     }
 
+    // Dynamische Speicherallokation für die globalen Pointer
+    bambu_ip = ip.c_str();
+    bambu_accesscode = accesscode.c_str();
+    bambu_serialnr = serialnr.c_str();
+
     vTaskDelay(100 / portTICK_PERIOD_MS);
     if (!setupMqtt()) return false;
 
diff --git a/src/commonFS.cpp b/src/commonFS.cpp
index 368f614..1e5fcdd 100644
--- a/src/commonFS.cpp
+++ b/src/commonFS.cpp
@@ -7,12 +7,13 @@ bool saveJsonValue(const char* filename, const JsonDocument& doc) {
         Serial.println(filename);
         return false;
     }
-    return true;
+
     if (serializeJson(doc, file) == 0) {
         Serial.println("Fehler beim Serialisieren von JSON.");
         file.close();
         return false;
     }
+
     file.close();
     return true;
 }
diff --git a/src/website.cpp b/src/website.cpp
index fedbb9a..3a79a12 100644
--- a/src/website.cpp
+++ b/src/website.cpp
@@ -213,9 +213,16 @@ void setupWebserver(AsyncWebServer &server) {
 
         JsonDocument doc;
         if (loadJsonValue("/bambu_credentials.json", doc) && doc.containsKey("bambu_ip")) {
-            html.replace("{{bambuIp}}", doc["bambu_ip"].as<String>() ? doc["bambu_ip"].as<String>() : "");            
-            html.replace("{{bambuSerial}}", doc["bambu_serialnr"].as<String>() ? doc["bambu_serialnr"].as<String>() : "");
-            html.replace("{{bambuCode}}", doc["bambu_accesscode"].as<String>() ? doc["bambu_accesscode"].as<String>() : "");
+            String bambuIp = doc["bambu_ip"].as<String>();
+            String bambuSerial = doc["bambu_serialnr"].as<String>();
+            String bambuCode = doc["bambu_accesscode"].as<String>();
+            bambuIp.trim();
+            bambuSerial.trim();
+            bambuCode.trim();
+
+            html.replace("{{bambuIp}}", bambuIp ? bambuIp : "");            
+            html.replace("{{bambuSerial}}", bambuSerial ? bambuSerial : "");
+            html.replace("{{bambuCode}}", bambuCode ? bambuCode : "");
         }   
 
         request->send(200, "text/html", html);
@@ -251,6 +258,11 @@ void setupWebserver(AsyncWebServer &server) {
         bambu_serialnr.trim();
         bambu_accesscode.trim();
 
+        if (bambu_ip.length() == 0 || bambu_serialnr.length() == 0 || bambu_accesscode.length() == 0) {
+            request->send(400, "application/json", "{\"success\": false, \"error\": \"Empty parameter\"}");
+            return;
+        }
+
         bool success = saveBambuCredentials(bambu_ip, bambu_serialnr, bambu_accesscode);
 
         request->send(200, "application/json", "{\"healthy\": " + String(success ? "true" : "false") + "}");