[wp-trac] [WordPress Trac] #13317: Code Impriovement in get_userdata
WordPress Trac
wp-trac at lists.automattic.com
Sun May 16 00:29:09 UTC 2010
#13317: Code Impriovement in get_userdata
------------------------------------+---------------------------------------
Reporter: hakre | Owner:
Type: defect (bug) | Status: closed
Priority: high | Milestone: 3.0
Component: Security | Version:
Severity: major | Resolution: fixed
Keywords: has-patch dev-feedback |
------------------------------------+---------------------------------------
Changes (by nacin):
* status: reopened => closed
* resolution: => fixed
Comment:
absint() isn't going anywhere.
Not only is it way more readable -- you'd have to sneak it into a larger
patch for me to commit that -- but we also use it throughout core for
array_map callbacks.
We want to encourage integer casting for security. Let's not make it more
difficult. It is also easier to document and teach a function than casting
or coercion.
Additionally, it is *not* a "better way." That is your opinion. Both work
quite well.
> You should not concentrate too much why to not make a change but why.
I am firmly and proudly in the 'why not' camp. Changes should be sensical
and not based on a "just because we can" philosophy.
Finally, there is a difference between returning an admin user object ''on
error'' and stuffing absolute garbage into functions.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13317#comment:20>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list