#6977 closed enhancement (fixed)
Audit all DB fetch methods to return integers where appropriate
Reported by: | r-a-y | Owned by: | |
---|---|---|---|
Milestone: | 2.7 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Core | Keywords: | |
Cc: |
Description
When we populate an item from the database, sometimes the incorrect data type is returned. For example, integers are returned as strings.
As a result, some functions that rely on strict type comparison can fail. #6969 is an example of this.
For 2.6, it might be a good idea to audit all our DB fetch methods so numeric strings are cast to integers.
Attached patch is an example that fixes up the BP_Friends_Friendship
class to do this.
Let me know what you think and whether you see any issues with this approach.
Attachments (5)
Change History (33)
#2
@
9 years ago
Also:
- We should be cognizant of null vs
0
vs'0'
as much as possible. 6977.BP_Friends_Friendship.patch will mean that a failed lookup results in aBP_Friends_Friendship
object where, eg,initiator_user_id
isnull
. I think this is good - better than0
, which would be misleading - but either way, we should try to be consistent.
#3
follow-up:
↓ 4
@
9 years ago
Thanks for the feedback, @boonebgorges!
6977.BP_Friends_Friendship.patch will mean that a failed lookup results in a BP_Friends_Friendship object where, eg, initiator_user_id is null.
How are you checking for a failed lookup? $f = new BP_Friends_Friendship( 0 )
?
If so, $f->initiator_user_id
will always return null
with or without the patch.
#4
in reply to:
↑ 3
@
9 years ago
How are you checking for a failed lookup?
$f = new BP_Friends_Friendship( 0 )
?
If so,
$f->initiator_user_id
will always returnnull
with or without the patch.
Yeah, or $f = new BP_Friends_Friendship( $foo )
for some $foo
corresponding to a non-existent friendship. In this specific case, because the get_row()
query will return nothing, fields like initiator_user_id
never get set. So, as you note, it's null
both before and after the patch. I think that's the correct behavior. My point was that we should be sensitive to that as we continue to patch these things - don't go casting empty results to 0
unless 0
is the semantically correct value.
#5
@
9 years ago
- Milestone changed from Awaiting Review to Future Release
I fear this is going to turn into one of those "let's do nothing because this involves changing everything" tickets, but it has my support!
#7
@
8 years ago
- Keywords has-patch added
01.patch
should handle the rest of the components. Hopefully, I didn't miss anything!
#8
@
8 years ago
// Omitting 'group_id' due to unit test failures. // Omitting 'parent_id' for safety.
This set off warning bells for me. If casting group_id
to an int makes unit tests fail, that doesn't mean we should skip it, it means we should fix the unit tests. If we had 100% coverage for return types, each one of the changes proposed in this patch would cause a unit test to fail. This demonstrates how the change we are making has the potential to break backward compatibility in some cases. I still think we can go ahead with the changes, but this is the reason why, after it's done, we need to put a post on bpdevel - there are probably plugins that will fail in the same way that our unit tests are.
What does "omitting 'parent_id' for safety" mean? It sounds scary :)
#9
@
8 years ago
If casting group_id to an int makes unit tests fail, that doesn't mean we should skip it, it means we should fix the unit tests.
When I uploaded 01.patch
, it was late in the day and I couldn't for the life of me figure out whereabouts the xprofile unit tests were failing :)
02.patch fixes this up. I forgot to cast some other properties in BP_XProfile_Group::get()
.
What does "omitting 'parent_id' for safety" mean? It sounds scary :)
Disregard my idiocy :)
#10
@
8 years ago
Wait, wait? I've just looked at this properly. Why the heck are we casting strings to integers EVERYWHERE instead of just fixing the relevant properties when we fetch stuff from the database? I think the work done so far, while well-intentioned, is the wrong approach.
For an example, see the new patch I've put up for the BP_Activity_Activity
which typecasts integer properties after we fetch results from the database cache (done it this way instead of before being cached because otherwise we have to force a cache flush after upgrade, but that's a trivial change to make if we wanted to do it that way.
#11
@
8 years ago
Why the heck are we casting strings to integers EVERYWHERE instead of just fixing the relevant properties when we fetch stuff from the database?
That's exactly what I'm doing. Please take a closer look at my patch.
Edit - I see a spot in the BP_Messages_Thread
and BP_XProfile_Group
class where I can do the casting better. Will fix this up. Thanks for looking into the patch!
For an example, see the new patch I've put up for the BP_Activity_Activity which typecasts integer properties after we fetch results from the database cache
I missed the BP_Activity_Activity
class in my patch so thanks for adding a patch for that.
This ticket was mentioned in Slack in #buddypress by dcavins. View the logs.
8 years ago
#18
@
8 years ago
- Keywords needs-refresh added; dev-feedback has-patch removed
See related effort on #7155 including an outstanding issue involving clear object cache.
Approach looks fine to me. A couple general notes -