[wp-trac] [WordPress Trac] #54877: Occasional PHP exception being thrown on WPDB/MySQLi connections
WordPress Trac
noreply at wordpress.org
Thu Jan 27 14:40:42 UTC 2022
#54877: Occasional PHP exception being thrown on WPDB/MySQLi connections
-----------------------------------+---------------------
Reporter: johnjamesjacoby | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 6.0
Component: Database | Version: 1.5
Severity: normal | Resolution:
Keywords: 2nd-opinion has-patch | Focuses:
-----------------------------------+---------------------
Comment (by johnjamesjacoby):
Hi @azouamauriac 👋
`absint()` is a tricky thing. It’s a good idea to prevent invalid values,
but it’s a bad idea to silently flip a negative user-supplied number into
a positive one.
In this case, negative port numbers do not exist (and `0` is technically a
“protected” port ID that no one should use) hence I went with `absint()`
over `(int)` to keep MySQLi happy (preventing an error) even if an
invalid (negative) port was attempted.
The `! empty()` check above my code change effectively avoids a `0` value
(or non-existent) port ID, but nothing checks for and avoids a negative
numeric value.
I consider `absint()` here to be a tiny bit of defensive application
protection, and I remain very open to alternative approaches and
perspectives 👐
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54877#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list