Make WordPress Core

Changes between Initial Version and Version 3 of Ticket #55194


Ignore:
Timestamp:
02/18/2022 10:40:33 AM (3 years ago)
Author:
SergeyBiryukov
Comment:

Replying to azouamauriac:

I'm able to reproduce the issue, the function was introduce here [8728]. For what I understand it used to replace mt_rand RE https://www.php.net/manual/en/function.mt-rand.php. but "why" i don't know.

You can find more details in the WordPress 2.6.2 release post.

Looks like the current behavior is intentional, see for example this line added in [34981] / #28633:

$_max = ( 0 != $max ) ? $max : $max_random_number;

This is also consistent with mt_rand(), which returns a random integer and not 0 when parameters are omitted. So changing this behavior does not seem feasible due to security implications, but we can update the documentation to mention that the $max value is only taken into account if it's greater than zero.

Legend:

Unmodified
Added
Removed
Modified