[wp-trac] [WordPress Trac] #54775: Allow int/float for esc_ functions

WordPress Trac noreply at wordpress.org
Mon Jan 10 21:10:59 UTC 2022

#54775: Allow int/float for esc_ functions
 Reporter:  malthert     |       Owner:  (none)
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Security     |     Version:
 Severity:  normal       |  Resolution:
 Keywords:  close        |     Focuses:  coding-standards
Changes (by johnbillion):

 * keywords:   => close
 * version:  trunk =>


 I've also run into this with PHPStan scanning. I decided to use a mixture
 of casting to string and using more appropriate escaping functions such as
 `intval()`, `absint()`, and `floatval()`. I think widening the accepted
 types for the escaping functions papers over the real issue which is
 outputting values of an unknown type.

Ticket URL: <https://core.trac.wordpress.org/ticket/54775#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list