PHP 8.1: WP_User::get_data_by(): fix passing null to non-nullable deprecation #2133
Conversation
The value should be string or integer. If the field is 'id' or 'ID', checks already exist for numeric ID; else, `false` is returned. For the user email, login, or slug/nicename, these values are expected to be a string. The `trim()` for these field values results in the following: * string: trims * non-string scalar: coerces to string * `null`: empty string and on PHP 8.1, a deprecation notice * non-scalar: Warning on PHP 5.6 or TypeError on PHP 8+
costdev
left a comment
costdev
left a comment
There was a problem hiding this comment.
Some changes suggested for consistency with the test suite and readability.
Test coverage from other tests in the suite appear to have most lines covered. However, neither existing tests nor this test class currently cover the default branch of switch ( $field ) {. See Codecov - L237 or 241 of the PR. It would be good to cover this for completeness.
This should cover it:
public function test_unaccepted_field() {
$this->assertFalse( WP_User::get_data_by( 'user_url', 'http://tacos.com' ) );
}|
|
||
| $user = WP_User::get_data_by( 'id', $user_id ); | ||
| $this->assertInstanceOf( 'stdClass', $user, 'User is not an instance of stdClass' ); | ||
| $this->assertSame( self::$user_id, (int) $user->ID, 'User ID does not match the user generated by the factory' ); |
There was a problem hiding this comment.
This casts the $actual value to int rather than the $expected value to string. If the test is right, then the $actual type should not be corrected in the test, but in source.
However, if the $actual type is string and must be maintained for BC, I would suggest casting self::$user_id to string either in the assertion, or just once in wpSetUpBeforeClass() to save additional casts in other test methods (such as in test_alias_of_id).
This has been a common occurrence in the test suite, and we may benefit from casting the factory's $user_id to string since this has to be maintained for BC anyway.
| public function test_alias_of_id() { | ||
| $user = WP_User::get_data_by( 'ID', self::$user_id ); | ||
| $this->assertInstanceOf( 'stdClass', $user, 'User is not an instance of stdClass' ); | ||
| $this->assertSame( self::$user_id, (int) $user->ID, 'User ID does not match the user generated by the factory' ); |
There was a problem hiding this comment.
See above comment about $actual value being cast to int.
| return array( | ||
| 'id' => array( | ||
| 'field' => 'id', | ||
| 'value' => null, |
There was a problem hiding this comment.
I wonder if, given the subject of the test method, the $value here and in the next dataset might be better as 'REPL_USER_ID' for clarity in the test suite.
As null is not considered scalar by is_scalar() Docs, it initially looked to me as though null was being tested in test_scalar(). 'REPL_USER_ID' will continue to be overwritten by self::$user_id, so this is just for clarity when reading the tests.
hellofromtonya
force-pushed
the
fix/php81/trim-nonnullable-WP_User-get_data_by
branch
from
4853a93 to
139be5e
Compare
hellofromtonya
changed the title
2 participants
The PHP native
trim()function expects to be passed a string and it is not a nullable parameter. Passingnullto it will result in atrim(): Passing null to parameter #1 ($string) of type string is deprecatednotice on PHP 8.1.In the
WP_User::get_data_by()static method, the value given is expected to be int or string. However no input validation was done for fields other than the id field.This PR adds input validation for the field
$valueto ensure it is a scalar type and if no, bails out returningfalse. Whyis_scalar()? For backwards-compatible, the native behavior oftrim()is retained as it coerces non-string scalar types into a string.This PR also adds a new test class specifically for
WP_User::get_data_by()static method.Trac ticket: https://core.trac.wordpress.org/ticket/55656
Trac ticket: https://core.trac.wordpress.org/ticket/54730
References:
Notes:
This PR resolves these tests:
This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.