From 5336d9e9653953b6b7f3c87397e5e912533c4b64 Mon Sep 17 00:00:00 2001
From: Romain Quetiez <romain.quetiez@combodo.com>
Date: Fri, 30 Sep 2016 14:22:13 +0000
Subject: [PATCH] Internal: improved the API robustness by throwing an
 exception as soon as DBObject::Set is called with a date badly formatted.
 This is in line with the assumption that internal DBObject values are always
 safe.

SVN:trunk[4435]
---
 core/attributedef.class.inc.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/core/attributedef.class.inc.php b/core/attributedef.class.inc.php
index 7630ff5c9e..684a1353a5 100644
--- a/core/attributedef.class.inc.php
+++ b/core/attributedef.class.inc.php
@@ -3811,6 +3811,17 @@ class AttributeDateTime extends AttributeDBField
 		}
 		if (!is_numeric($proposedValue))
 		{
+			// Check the format
+			try
+			{
+				$oFormat = new DateTimeFormat($this->GetInternalFormat());
+				$oTrash = $oFormat->Parse($proposedValue);
+			}
+			catch (Exception $e)
+			{
+				throw new Exception('Wrong format for date attribute '.$this->GetCode().', expecting "'.$this->GetInternalFormat().'" and got "'.$proposedValue.'"');
+			}
+
 			return $proposedValue;
 		}