[wp-trac] [WordPress Trac] #54775: Allow int/float for esc_ functions
WordPress Trac
noreply at wordpress.org
Mon Jan 10 21:10:59 UTC 2022
#54775: Allow int/float for esc_ functions
-------------------------+-------------------------------
Reporter: malthert | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Resolution:
Keywords: close | Focuses: coding-standards
-------------------------+-------------------------------
Changes (by johnbillion):
* keywords: => close
* version: trunk =>
Comment:
I've also run into this with PHPStan scanning. I decided to use a mixture
of casting to string and using more appropriate escaping functions such as
`intval()`, `absint()`, and `floatval()`. I think widening the accepted
types for the escaping functions papers over the real issue which is
outputting values of an unknown type.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54775#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list