[wp-trac] [WordPress Trac] #22192: update_metadata() and update_option() strict checks can cause false negatives

WordPress Trac noreply at wordpress.org
Tue Jan 20 20:17:59 UTC 2015


#22192: update_metadata() and update_option() strict checks can cause false
negatives
-----------------------------------+-----------------------------
 Reporter:  nacin                  |       Owner:
     Type:  defect (bug)           |      Status:  new
 Priority:  normal                 |   Milestone:  Future Release
Component:  Options, Meta APIs     |     Version:
 Severity:  normal                 |  Resolution:
 Keywords:  has-patch 2nd-opinion  |     Focuses:  performance
-----------------------------------+-----------------------------

Comment (by boonebgorges):

 [attachment:22192.5.diff] is a more comprehensive solution (again, for the
 case of options). I've added unit tests that demonstrate the difference
 between the way types are juggled when set directly from `add_option()`
 and when pulled from the database.

 I've also added the logic that would be necessary to get all the tests to
 pass - that is, to get `1 == '1' == true` and `0 == '0' == false`. It's
 pretty ugly. The fact that `(string) false` evaluates to an empty string
 means, in part, that `add_option( 'foo', false )` results in a db row
 where the 'value' field is an empty string. So, in order for
 `update_option( 'foo', $value )` to result in a cache hit when `$value` is
 falsey, we need to do a special check against empty strings. This will
 result in false cache hits when an option has been explicitly set to an
 empty string that is not meant to be falsey, which suggests that we should
 be fixing this on the way into the database (ie `false` should be
 converted to `0`). But this latter suggestion would likely cause even more
 breakage, which is why I'm recommending limiting the empty-string/false
 equivalence only when doing the cache check. (The remaining option is to
 exclude booleans from the type juggling, which is what I suggested
 earlier. Anyone saving booleans through these functions is asking for
 trouble.)

--
Ticket URL: <https://core.trac.wordpress.org/ticket/22192#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list