From 22cfc99ceb0f901f1029622a13fb4461fb881b31 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 24 Jun 2016 11:31:45 +0200
Subject: [exams] Unify add/edit template; check date ranges; other small fixes

---
 modules-available/exams/page.inc.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'modules-available/exams/page.inc.php')

diff --git a/modules-available/exams/page.inc.php b/modules-available/exams/page.inc.php
index 211ae5ac..4b626483 100644
--- a/modules-available/exams/page.inc.php
+++ b/modules-available/exams/page.inc.php
@@ -116,6 +116,15 @@ class Page_Exams extends Page
         return $out;
     }
 
+    private function dateSane($time)
+    {
+        if ($time < strtotime('-1 day'))
+            return false;
+        if ($time > strtotime('+90 day'))
+            return false;
+        return true;
+    }
+
     private function saveExam()
     {
         if (!Request::isPost()) {
@@ -133,6 +142,18 @@ class Page_Exams extends Page
         $starttime   = strtotime(Request::post('starttime_date') . " " . Request::post('starttime_time'));
         $endtime     = strtotime(Request::post('endtime_date') . " " . Request::post('endtime_time'));
         $description = Request::post('description');
+        if (!$this->dateSane($starttime)) {
+            Message::addError('starttime-invalid', Request::post('starttime_date') . " " . Request::post('starttime_time'));
+            Util::redirect('?do=exams');
+        }
+        if (!$this->dateSane($endtime)) {
+            Message::addError('endtime-invalid', Request::post('endtime_date') . " " . Request::post('endtime_time'));
+            Util::redirect('?do=exams');
+        }
+        if ($endtime <= $starttime) {
+            Message::addError('end-before-start');
+            Util::redirect('?do=exams');
+        }
 
         if ($examid === 0) {
             // No examid given, is add
-- 
cgit v1.2.3-55-g7522