[wp-trac] [WordPress Trac] #13317: Code Impriovement in get_userdata
WordPress Trac
wp-trac at lists.automattic.com
Fri May 14 02:47:41 UTC 2010
#13317: Code Impriovement in get_userdata
------------------------------------+---------------------------------------
Reporter: hakre | Owner:
Type: defect (bug) | Status: reopened
Priority: high | Milestone: 3.0
Component: Security | Version:
Severity: major | Resolution:
Keywords: has-patch dev-feedback |
------------------------------------+---------------------------------------
Comment(by nacin):
I don't see why we need to protect against garbage inputs like `array(
'theee_admin();' )`. We're expecting an integer, so we absint() what we
get. If we get an object, we'll throw a notice.
Are you looking for an is_int()? Should we is_int() check every variable
before absint'ing it, when all we expect is an integer to begin with?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13317#comment:17>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list