Make WordPress Core

Opened 13 months ago

Closed 2 months ago

Last modified 2 months ago

#58061 closed enhancement (fixed)

Replace '==' with '===' in wp-admin/update-core.php

Reported by: wpfy's profile wpfy Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: 6.5 Priority: low
Severity: normal Version:
Component: Upgrade/Install Keywords: has-patch changes-requested
Focuses: coding-standards Cc:

Description

The WordPress PHP coding standards recommend using the strict equality operator '===' instead of '==' when checking conditions. This is because '==' performs type coercion, which can lead to unexpected results or security issues in some cases.

However, the WordPress core file wp-admin/update-core.php, on line 184, uses '=='. To ensure consistency with the WordPress coding standards and improve the security and stability of the code, I propose replacing '==' with '===' on this line.

This change will ensure that the comparison is performed using strict type checking, preventing any unexpected type coercion or security issues that may arise due to loose comparisons.

With this change, I will create a pull request to the WordPress core repository.

Change History (8)

This ticket was mentioned in PR #4292 on WordPress/wordpress-develop by @wpfy.


13 months ago
#1

  • Keywords has-patch added; needs-patch removed

The WordPress PHP coding standards recommend using the strict equality operator '===' instead of '==' when checking conditions. This is because '==' performs type coercion, which can lead to unexpected results or security issues in some cases.
However, the WordPress core file wp-admin/update-core.php, on line 184, uses '=='. To ensure consistency with the WordPress coding standards and improve the security and stability of the code, I propose replacing '==' with '===' on this line.
This change will ensure that the comparison is performed using strict type checking, preventing any unexpected type coercion or security issues that may arise due to loose comparisons.
With this change, I will create a pull request to the WordPress core repository.

Trac ticket: https://core.trac.wordpress.org/ticket/58061

#2 @mukesh27
13 months ago

  • Keywords changes-requested added
  • Priority changed from normal to low
  • Type changed from defect (bug) to enhancement
  • Version trunk deleted

Hi there! thanks for ticket and PR!

I left feedback on PR, take a look.

@wpfy commented on PR #4292:


13 months ago
#3

Thank you so much @mukeshpanchal27 for your feedback
Yeah, I have made the change on line 45 and committed again.
Though I am very new to this system, not sure is this commit only enough or not. If need any further action, please let me know.
Thanks again for your help!

@azaozz commented on PR #4292:


13 months ago
#4

$wp_version as returned by get_bloginfo( 'version' ) seems to always be a string. However not so sure about $update->partial_version. Also seems there is a chance that get_bloginfo() may return something else as it just returns the global $wp_version which may have been changed by plugins.

Imho to be able to use strict comparison with full confidence both sides will have to be cast to (string).

#5 @SergeyBiryukov
2 months ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 57529:

Coding Standards: Use strict comparison in wp-admin/update-core.php.

Follow-up to [11273], [25784], [54654].

Props wpfy, mukesh27, azaozz, viralsampat.
Fixes #58061, #60415.

#6 @SergeyBiryukov
2 months ago

  • Milestone changed from Awaiting Review to 6.5

#7 @SergeyBiryukov
2 months ago

  • Component changed from General to Upgrade/Install

@SergeyBiryukov commented on PR #4292:


2 months ago
#8

Thanks for the PR! Merged in r57529.

Note: See TracTickets for help on using tickets.