[wp-trac] [WordPress Trac] #54877: Occasional PHP exception being thrown on WPDB/MySQLi connections

WordPress Trac noreply at wordpress.org
Thu Jan 27 19:59:29 UTC 2022


#54877: Occasional PHP exception being thrown on WPDB/MySQLi connections
-----------------------------------+---------------------
 Reporter:  johnjamesjacoby        |       Owner:  (none)
     Type:  enhancement            |      Status:  new
 Priority:  normal                 |   Milestone:  6.0
Component:  Database               |     Version:  1.5
 Severity:  normal                 |  Resolution:
 Keywords:  2nd-opinion has-patch  |     Focuses:
-----------------------------------+---------------------

Comment (by azouamauriac):

 Replying to [comment:6 johnjamesjacoby]:
 > Hi @azouamauriac 👋
 >
 > `absint()` is a tricky thing. It’s a good idea to prevent invalid
 values, but it’s a bad idea to silently flip a negative user-supplied
 number into a positive one.
 >
 > In this case, negative port numbers do not exist (and `0` is technically
 a “protected” port ID that no one should use) hence I went with `absint()`
 over `(int)`  to keep MySQLi happy (preventing an error) even if an
 invalid (negative) port was attempted.
 >
 > The `! empty()` check above my code change effectively avoids a `0`
 value (or non-existent) port ID, but nothing checks for and avoids a
 negative numeric value.
 >
 > I consider `absint()` here to be a tiny bit of defensive application
 protection, and I remain very open to alternative approaches and
 perspectives 👐

 ok get it.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/54877#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list