[wp-hackers] Re: [wp-svn] [3310] trunk: Don't treat a numeric user
name as an id.
Nikolay Bachiyski
nbachiyski at developer.bg
Fri Dec 16 11:44:20 GMT 2005
m at wordpress.org wrote:
> Revision
> 3310
> Author
> ryan
> Date
> 2005-12-15 16:45:20 +0000 (Thu, 15 Dec 2005)
>
>
> Log Message
>
> Don't treat a numeric user name as an id.
>
> Modified: trunk/wp-includes/capabilities.php (3309 => 3310)
>
> ...
>
> - if ( is_numeric($id) ) {
> - $this->data = get_userdata($id);
> - } else {
> - $this->data = get_userdatabylogin($id);
> + if ( ! is_numeric($id) ) {
> + $name = $id;
> + $id = 0;
> }
is_numeric tests if the string is numeric, which allows negative or
float numbers to be used as an id. For example -666.66e8 is a valid
numeric.
Wouldn't it be better if also intval is used. It returns 0 if the string
is not a valid integer. We just have to check whether intval($id) is
greater than zero.
Nikolay.
>
> + if ( ! empty($id) )
> + $this->data = get_userdata($id);
> + else
> + $this->data = get_userdatabylogin($name);
> +
> if ( empty($this->data->ID) )
> return;
>
More information about the wp-hackers
mailing list