[wp-trac] [WordPress Trac] #56516: calendar_week_mod function is not type safe
WordPress Trac
noreply at wordpress.org
Mon Sep 5 18:17:50 UTC 2022
#56516: calendar_week_mod function is not type safe
--------------------------+--------------------------------------------
Reporter: dingo_d | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: trunk
Severity: normal | Keywords: needs-patch needs-testing php8
Focuses: |
--------------------------+--------------------------------------------
While checking for the [https://github.com/WordPress/WordPress-Coding-
Standards/blob/develop/WordPress/Sniff.php#L115 list of
autoEscapedFunctions] in WPCS I noticed that the function
`calendar_week_mod` is not tested and not type safe.
If you pass a non-numeric string you'll get a fatal error on PHP 8+ and a
warning on PHP <8 (and a 0 returned): https://3v4l.org/SLlHH
The proposed action is to:
1. Write tests that will cover things like
[https://www.php.net/manual/en/language.types.numeric-strings.php numeric
strings], [https://www.php.net/manual/en/language.types.integer.php
integers], [https://www.php.net/manual/en/language.types.float.php
floats], [https://www.php.net/manual/en/language.types.string.php
strings], and all the other types
2. Refactor the function in a non-BC way (add type checks and gracefully
exit)
The core impact change of this refactor is small, since it's only used in
one place. The plugins directory search shows
[https://wpdirectory.net/search/01GC7DRTGCGHMBGSS7M1PCFDF7 193 matches]
and only [https://wpdirectory.net/search/01GC7DVBCWFW13X0XM8BG4REXH 10
matches] for themes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56516>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list