[wp-trac] [WordPress Trac] #54160: sanitize_key() / _wp_customize_include() is not able to handle non-scalar values
WordPress Trac
noreply at wordpress.org
Fri Dec 10 22:08:25 UTC 2021
#54160: sanitize_key() / _wp_customize_include() is not able to handle non-scalar
values
----------------------------------------+-----------------------------
Reporter: dd32 | Owner: hellofromTonya
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 6.0
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-unit-tests | Focuses:
----------------------------------------+-----------------------------
Comment (by wppunk):
> The function is clear that sanitizes a string key. The documentation is
not incorrect. The usage is incorrect.
Not all WordPress developers will check PHPDoc before usage. To understand
that the function works only with strings, the function name isn't enough.
> If the data type is scalar but not a string, then you're right, it does
pass through without an error; else, a PHP Warning is thrown for `Warning:
strtolower() expects parameter 1 to be string`. In this case, a
`E_USER_NOTICE` could be triggered to alert of an incorrect data type
passed to it.
It worked for scalar and not string types without any messages.
I have the following logic:
- It worked with numbers a few years.
- PHP isn't a strict typing language (at least PHP5.6 which WordPress
supports).
To wrap up. I'm sure that a deprecation message should be added for scalar
but not string types. In such a way, the strict typing implementation will
be smooth.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54160#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list