Fix date validation see BT#12100

main/work/edit_work.php

@@ -84,10 +84,27 @@ $form = getFormWork($form, $defaults, $workId);
 $form->addElement('hidden', 'work_id', $workId);
 $form->addButtonUpdate(get_lang('ModifyDirectory'));
 
+$currentUrl = api_get_path(WEB_CODE_PATH).'work/edit_work.php?id='.$workId.'&'.api_get_cidreq();
 if ($form->validate()) {
     $params = $form->getSubmitValues();
     $params['enableEndDate'] = isset($params['enableEndDate']) ? true : false;
     $params['enableExpiryDate'] = isset($params['enableExpiryDate']) ? true : false;
+
+    if ($params['enableExpiryDate'] &&
+        $params['enableEndDate']
+    ) {
+        if ($params['expires_on'] > $params['ends_on']) {
+            Display::addFlash(
+                Display::return_message(
+                    get_lang('DateExpiredNotBeLessDeadLine'),
+                    'warning'
+                )
+            );
+            header('Location: '.$currentUrl);
+            exit;
+        }
+    }
+
     $workId = $params['work_id'];
     $editCheck = false;
     $workData = get_work_data_by_id($workId);
@@ -103,7 +120,6 @@ if ($form->validate()) {
         updatePublicationAssignment($workId, $params, $courseInfo, $groupId);
         updateDirName($workData, $params['new_dir']);
 
-        $currentUrl = api_get_path(WEB_CODE_PATH).'work/edit_work.php?id='.$workId.'&'.api_get_cidreq();
         Display::addFlash(Display::return_message(get_lang('Updated'), 'success'));
         header('Location: '.$currentUrl);
         exit;

main/work/work.lib.php

@@ -3838,7 +3838,7 @@ function processWorkForm(
  * @param array $formValues
  * @param int $user_id
  * @param array $courseInfo
- * @param int $group_id
+ * @param int $groupId
  * @param int $session_id
  * @return bool|int
  * @note $params can have the following elements, but should at least have the 2 first ones: (
@@ -3874,6 +3874,21 @@ function addDir($formValues, $user_id, $courseInfo, $groupId, $session_id)
         return false;
     }
 
+    $enableEndDate = isset($formValues['enableEndDate']) ? true : false;
+    $enableExpiryDate = isset($formValues['enableExpiryDate']) ? true : false;
+
+    if ($enableEndDate && $enableExpiryDate ) {
+        if ($formValues['expires_on'] > $formValues['ends_on']) {
+            Display::addFlash(
+                Display::return_message(
+                    get_lang('DateExpiredNotBeLessDeadLine'),
+                    'warning'
+                )
+            );
+            return false;
+        }
+    }
+
     $dirName = '/'.$created_dir;
     $today = new DateTime(api_get_utc_datetime(), new DateTimeZone('UTC'));
 
@@ -4386,11 +4401,6 @@ function getFormWork($form, $defaults = array(), $workId = 0)
         </script>';
 
     $form->addHtml('</div>');
-
-    if (isset($defaults['enableExpiryDate']) && $defaults['enableExpiryDate'] &&
-        isset($defaults['enableEndDate']) && $defaults['enableEndDate']) {
-        $form->addRule(array('expires_on', 'ends_on'), get_lang('DateExpiredNotBeLessDeadLine'), 'comparedate');
-    }
     if (!empty($defaults)) {
         $form->setDefaults($defaults);
     }

main/work/work.php

@@ -163,10 +163,11 @@ switch ($action) {
         if (!$is_allowed_to_edit) {
             api_not_allowed();
         }
+        $addUrl = api_get_path(WEB_CODE_PATH) . 'work/work.php?action=create_dir&' . api_get_cidreq();
         $form = new FormValidator(
             'form1',
             'post',
-            api_get_path(WEB_CODE_PATH) . 'work/work.php?action=create_dir&' . api_get_cidreq()
+            $addUrl
         );
         $form->addElement('header', get_lang('CreateAssignment'));
         $form->addElement('hidden', 'action', 'add');
@@ -186,6 +187,7 @@ switch ($action) {
             if ($result) {
                 $message = Display::return_message(get_lang('DirectoryCreated'), 'success');
             } else {
+                $currentUrl = $addUrl;
                 $message = Display::return_message(get_lang('CannotCreateDir'), 'error');
             }