From 6f6ddfc80ffe6cb911da1b3ae2e3f478dae2dcab Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov.ru@gmail.com>
Date: Mon, 25 Nov 2024 19:03:18 +0000
Subject: [PATCH] Coding Standards: Cast `$expired` to an integer in
 `wp_validate_auth_cookie()`.

This resolves an issue where the string `$expired` value is used both in a comparison and addition with integer values.

Follow-up to [6387], [28424], [45590].

Props justlevine.
See #52217.
Built from https://develop.svn.wordpress.org/trunk@59459


git-svn-id: http://core.svn.wordpress.org/trunk@58845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/pluggable.php | 3 ++-
 wp-includes/version.php   | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index cc16e8c8bd..3dd629fa19 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -710,9 +710,10 @@ if ( ! function_exists( 'wp_validate_auth_cookie' ) ) :
 		$username   = $cookie_elements['username'];
 		$hmac       = $cookie_elements['hmac'];
 		$token      = $cookie_elements['token'];
-		$expired    = $cookie_elements['expiration'];
 		$expiration = $cookie_elements['expiration'];
 
+		$expired = (int) $expiration;
+
 		// Allow a grace period for POST and Ajax requests.
 		if ( wp_doing_ajax() || 'POST' === $_SERVER['REQUEST_METHOD'] ) {
 			$expired += HOUR_IN_SECONDS;
diff --git a/wp-includes/version.php b/wp-includes/version.php
index feebff78b9..31e7f0ea95 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '6.8-alpha-59458';
+$wp_version = '6.8-alpha-59459';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.