WordPress.org

Make WordPress Core

Changeset 19634


Ignore:
Timestamp:
12/30/11 19:34:59 (4 years ago)
Author:
ryan
Message:

Don't cast objects to int.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.3/wp-includes/capabilities.php

    r19325 r19634  
    488488        global $wpdb; 
    489489 
    490         if ( 'id' == $field ) 
     490        if ( 'id' == $field ) { 
     491            // Make sure the value is numeric to avoid casting objects, for example, 
     492            // to int 1. 
     493            if ( ! is_numeric( $value ) ) 
     494                return false; 
    491495            $value = absint( $value ); 
    492         else 
     496        } else { 
    493497            $value = trim( $value ); 
     498        } 
    494499 
    495500        if ( !$value ) 
Note: See TracChangeset for help on using the changeset viewer.