[wp-trac] [WordPress Trac] #26077: check_ajax_referer $result from wp_verify_nonce should use identical comparison operator

WordPress Trac noreply at wordpress.org
Sat Nov 16 23:39:09 UTC 2013


#26077: check_ajax_referer $result from wp_verify_nonce should use identical
comparison operator
--------------------------+-----------------------------
 Reporter:  toddlahman    |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Plugins       |    Version:
 Severity:  normal        |   Keywords:  has-patch
--------------------------+-----------------------------
 In the check_ajax_referer() function it gets the following value:

 {{{
 $result = wp_verify_nonce( $nonce, $action );
 }}}

 The value is then tested as follows:

 {{{
 if ( $die && false == $result ) {
 }}}

 The correct test should use the identical comparison operator since
 wp_verify_nonce returns false if it fails to verify:


 {{{
 if ( $die && false === $result ) {
 }}}

--
Ticket URL: <http://core.trac.wordpress.org/ticket/26077>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list