[wp-trac] [WordPress Trac] #63975: wp_delete_auto_drafts passes post ID as string instead of as int
WordPress Trac
noreply at wordpress.org
Wed Oct 1 05:27:39 UTC 2025
#63975: wp_delete_auto_drafts passes post ID as string instead of as int
-------------------------------------------------+-------------------------
Reporter: kkmuffme | Owner:
| westonruter
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: Future
| Release
Component: Posts, Post Types | Version: 3.4
Severity: trivial | Resolution:
Keywords: has-test-info has-patch has-unit- | Focuses:
tests |
-------------------------------------------------+-------------------------
Comment (by westonruter):
While WP 1.5.0 included the cast:
{{{
$postid = (int) $postid;
}}}
And I found that it ended up getting removed in r6180
([https://github.com/WordPress/wordpress-
develop/commit/11e69b6820a921024570f2b64d952f1254ca78d0 11e69b6]) as part
of WP 2.5.0.
{{{#!diff
function wp_delete_post($postid = 0) {
global $wpdb, $wp_rewrite;
- $postid = (int) $postid;
-
- if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID =
$postid") )
+ if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM
$wpdb->posts WHERE ID = %d", $postid)) )
return $post;
}}}
It looks like previously the casting to `int` was used as a way to
construct safe SQL before `$wpdb->prepare()` was available, which has `%d`
that also does this casting.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63975#comment:43>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list