[wp-trac] [WordPress Trac] #63445: Replace value casting with ! empty() check for positive value validation
WordPress Trac
noreply at wordpress.org
Wed May 14 13:08:48 UTC 2025
#63445: Replace value casting with ! empty() check for positive value validation
-----------------------------------------+-------------------------------
Reporter: dilipbheda | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version:
Severity: normal | Resolution:
Keywords: has-patch changes-requested | Focuses: coding-standards
-----------------------------------------+-------------------------------
Comment (by siliconforks):
Note that these are not equivalent to the original code in handling
invalid input.
The original code:
{{{
$position = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ?
(int) $_POST['position'] : '-1';
}}}
The original code above guarantees that `$position` will never be zero.
{{{
$position = ! empty( $_POST['position'] ) ? (int) $_POST['position'] : -1;
}}}
The proposed code above will set `$position` to zero when
`$_POST['position']` contains a string like `'xyz'`.
{{{
$position = ( isset( $_POST['position'] ) && $_POST['position'] > 0 ) ?
(int) $_POST['position'] : -1;
}}}
That will also set `$position` to zero.
{{{
$position = (int) ($_POST['position'] ?? '-1');
}}}
Same here.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63445#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list