Merge pull request #1634 from WordPress-Coding-Standards/feature/sniff-is-validated-check-variable-name

ValidatedSanitizedInput: only recognize a variable as validated if the correct variable is examined

Author: GaryJones

WordPress/Sniff.php

@@ -1772,6 +1772,10 @@ protected function is_validated( $stackPtr, $array_key = null, $in_condition_onl
 					continue;
 				}
 
+				if ( $this->tokens[ $stackPtr ]['content'] !== $this->tokens[ $i ]['content'] ) {
+					continue;
+				}
+
 				// If we're checking for a specific array key (ex: 'hello' in
 				// $_POST['hello']), that must match too. Quote-style, however, doesn't matter.
 				if ( isset( $array_key )

WordPress/Tests/Security/ValidatedSanitizedInputUnitTest.inc

@@ -85,7 +85,7 @@ echo array_map( array( $obj, 'sanitize_text_field' ), wp_unslash( $_GET['test']
 $foo = (int) $_POST['foo6']; // Bad.
 
 // Non-assignment checks are OK.
-if ( 'bar' === $_POST['foo'] ) {} // Ok.
+if ( isset( $_POST['foo'] ) && 'bar' === $_POST['foo'] ) {} // Ok.
 if ( $_GET['test'] != 'a' ) {} // Ok.
 if ( 'bar' === do_something( wp_unslash( $_POST['foo'] ) ) ) {} // Bad.
 
@@ -183,3 +183,8 @@ function barfoo() {
 if ( isset( $_POST[ 'currentid' ] ) ){
             $id = (int) $_POST[ "currentid" ]; // OK.
 }
+
+// Only recognize validation if the correct superglobal is examined.
+if ( isset ( $_POST['thisisnotget'] ) ) {
+	$get = (int) $_GET['thisisnotget']; // Bad.
+}

WordPress/Tests/Security/ValidatedSanitizedInputUnitTest.php

@@ -54,6 +54,7 @@ public function getErrorList() {
 			138 => 1,
 			150 => 2,
 			160 => 2,
+			189 => 1,
 		);
 	}