From 59dd4b7d2b58357aca5bdc7f6e50f9821f153d70 Mon Sep 17 00:00:00 2001
From: Peter Westwood <westi@git.wordpress.org>
Date: Wed, 19 Sep 2012 21:43:35 +0000
Subject: [PATCH] Posting: Make it much harder to create posts with invalid
 dates by enforcing the post date tests in the UI and the backend code.

Previously you could quite easily send a new post into the back of beyond by specifying an invalid date like the 30th Feb and this was very confusing.
Sometimes it would seem to work and sometimes the post would end up very far in the past - depending on the mysql version and other factors.

Fixes #17180 props jkudish.


git-svn-id: https://develop.svn.wordpress.org/trunk@21921 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/post.php |  4 ++++
 wp-admin/js/post.js        | 10 ++++++++++
 wp-includes/post.php       |  9 +++++++++
 3 files changed, 23 insertions(+)

diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php
index 72de1e4fc4..223f1b9728 100644
--- a/wp-admin/includes/post.php
+++ b/wp-admin/includes/post.php
@@ -122,6 +122,10 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
 		$hh = ($hh > 23 ) ? $hh -24 : $hh;
 		$mn = ($mn > 59 ) ? $mn -60 : $mn;
 		$ss = ($ss > 59 ) ? $ss -60 : $ss;
+		$valid_date = apply_filters( '_wp_translate_postdata_valid_date', checkdate( $mm, $jj, $aa ), $post_data );
+		if ( !$valid_date ) {
+			return new WP_Error( 'invalid_date', __( 'Woops, the provided date is invalid.' ) );
+		}
 		$post_data['post_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss );
 		$post_data['post_date_gmt'] = get_gmt_from_date( $post_data['post_date'] );
 	}
diff --git a/wp-admin/js/post.js b/wp-admin/js/post.js
index a0bea0ec30..c61b9e5275 100644
--- a/wp-admin/js/post.js
+++ b/wp-admin/js/post.js
@@ -528,6 +528,16 @@ jQuery(document).ready( function($) {
 			return false;
 		});
 
+		$('#post').submit(function(e){
+			if ( !updateText() ) {
+				e.preventDefault();
+				$('#timestampdiv').show();
+				$('#publishing-action .ajax-loading').css('visibility', 'hidden');
+				$('#publish').prop('disabled', false).removeClass('button-primary-disabled');
+				return false;
+			}
+		});
+
 		$('#post-status-select').siblings('a.edit-post-status').click(function() {
 			if ($('#post-status-select').is(":hidden")) {
 				$('#post-status-select').slideDown('fast');
diff --git a/wp-includes/post.php b/wp-includes/post.php
index 21b8844806..ff544404f9 100644
--- a/wp-includes/post.php
+++ b/wp-includes/post.php
@@ -2633,6 +2633,15 @@ function wp_insert_post($postarr, $wp_error = false) {
 	if ( empty($post_date) || '0000-00-00 00:00:00' == $post_date )
 		$post_date = current_time('mysql');
 
+		// validate the date
+		$mm = substr( $post_date, 5, 2 );
+		$jj = substr( $post_date, 8, 2 );
+		$aa = substr( $post_date, 0, 4 );
+		$valid_date = apply_filters( 'wp_insert_post_validate_date', checkdate( $mm, $jj, $aa ), $post_date );
+		if ( !$valid_date ) {
+			return new WP_Error( 'invalid_date', __( 'Woops, the provided date is invalid.' ) );
+		}
+
 	if ( empty($post_date_gmt) || '0000-00-00 00:00:00' == $post_date_gmt ) {
 		if ( !in_array( $post_status, array( 'draft', 'pending', 'auto-draft' ) ) )
 			$post_date_gmt = get_gmt_from_date($post_date);