Opened 15 years ago
Closed 15 years ago
#11393 closed defect (bug) (fixed)
class-ftp.php doesn't check correctly for IP validity under PHP5
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 2.9 | Priority: | normal |
| Severity: | minor | Version: | |
| Component: | General | Keywords: | has-patch |
| Focuses: | Cc: |
Description
http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/class-ftp.php#L281
if(ip2long($ip) === -1) {
ip2long() never returns int(-1) in PHP5, except on 32-bit servers.
Attachments (1)
Change History (7)
#1
@
15 years ago
- Keywords has-patch added
Attached is a simple fix is to allow for both. Pretty sure that's exactly what the PHP docs suggest.
#2
@
15 years ago
Just for reference, Akismet is using
if ( $ip && long2ip(ip2long($ip)) ) {
Checking FALSE is much easier to read, so nacin's patch has my vote.
#3
@
15 years ago
Yea, I was going to reference Akismet's use of long2ip & ip2long together. I'm pretty sure that's to correct to whether an IP is valid, not to check whether it is valid, if that makes sense, though I suppose both would work here.
Both examples appear in the PHP docs: http://php.net/ip2long.
#4
@
15 years ago
- Summary changed from class-ftp.php Using a PHP4 Return Value to class-ftp.php doesn't check correctly for IP validity under PHP5
#5
@
15 years ago
The check in akismet won't actually work anyway.
For Example "Howdy" && long2ip(ip2long("Howdy")) will evaluate to true as the string evaluates to true and the false returned by ip2long will cast to an int(0) fine which becomes an ip address of "0.0.0.0" which as a string with evaluate to true.
Checks for false in addition to -1.