[wp-trac] [WordPress Trac] #28315: update_user_meta() updates user with ID1 if WP_Error is passed as first argument
WordPress Trac
noreply at wordpress.org
Tue Jul 29 18:59:12 UTC 2014
#28315: update_user_meta() updates user with ID1 if WP_Error is passed as first
argument
-------------------------------------+-----------------------
Reporter: javorszky | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: Options, Meta APIs | Version: 3.9.1
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+-----------------------
Changes (by javorszky):
* status: closed => reopened
* resolution: wontfix =>
Comment:
It doesn't make sense. Yes, the onus should be on the developer, but bugs
happen because theme / plugin / core / generally developers are of varying
skill. Because user 1 is the admin of the site, changing meta info on user
1 instead of the intended user, because that user fails for some reason,
is just bad.
Especially so when we know about the possibility that this could happen.
I'd expect WordPress to exit with an error if I passed a non-integer. The
change needed in core is tiny, and it would save a ton of headaches
further down the line. Defensive programming is a good thing, and bugs
that arise from PHP's type casting rules aren't fun to debug either.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28315#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list