Appointment Booking Calendar

Use placeholders and $wpdb->prepare(); found $field

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$message".

Use placeholders and $wpdb->prepare(); found CPABC_TDEAPP_CONFIG_WORKINGDATES

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 64:\n $sql = "CREATE TABLE `".$wpdb->prefix.CPABC_APPOINTMENTS_CONFIG_TABLE_NAME."` (`".CPABC_TDEAPP_CONFIG_ID."` int(10) unsigned NOT NULL auto_increment, `".CPABC_TDEAPP_CONFIG_TITLE."` varchar(255) NOT NULL default '',`".CPABC_TDEAPP_CONFIG_USER."` varchar(100) default NULL,`".CPABC_TDEAPP_CONFIG_PASS."` varchar(100) default NULL,`".CPABC_TDEAPP_CONFIG_LANG."` varchar(5) default NULL,`".CPABC_TDEAPP_CONFIG_CPAGES."` tinyint(3) unsigned default NULL,`".CPABC_TDEAPP_CONFIG_TYPE."` tinyint(3) unsigned default NULL,`".CPABC_TDEAPP_CONFIG_MSG."` varchar(255) NOT NULL default '',`".CPABC_TDEAPP_CONFIG_WORKINGDATES."` varchar(255) NOT NULL default '',`".CPABC_TDEAPP_CONFIG_RESTRICTEDDATES."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES0."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES1."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES2."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES3."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES4."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES5."` text,`".CPABC_TDEAPP_CONFIG_TIMEWORKINGDATES6."` text,`".CPABC_TDEAPP_CALDELETED_FIELD."` tinyint(3) unsigned default NULL,PRIMARY KEY (`".CPABC_TDEAPP_CONFIG_ID."`)) ".$charset_collate."; "\n$sql assigned unsafely at line 37:\n $sql = "CREATE TABLE $table_name (\n id int(10) NOT NULL AUTO_INCREMENT,\n time datetime DEFAULT CURRENT_TIMESTAMP NOT NULL,\n booked_time VARCHAR(250) DEFAULT '' NOT NULL,\n booked_time_unformatted VARCHAR(250) DEFAULT '' NOT NULL,\n name VARCHAR(250) DEFAULT '' NOT NULL,\n email VARCHAR(250) DEFAULT '' NOT NULL,\n phone VARCHAR(250) DEFAULT '' NOT NULL,\n question mediumtext,\n quantity VARCHAR(30) DEFAULT '1' NOT NULL,\n buffered_date text,\n\t\t\t who_added VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t who_edited VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t who_cancelled VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t is_cancelled VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t is_verified VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t verified_required VARCHAR(25) DEFAULT '' NOT NULL,\n\t\t\t cancelled_reason text,\n UNIQUE KEY id (id)\n ) ".$charset_collate.";"\n$sql assigned unsafely at line 22:\n $sql = "CREATE TABLE ".$wpdb->prefix.CPABC_APPOINTMENTS_DISCOUNT_CODES_TABLE_NAME_NO_PREFIX." (\n id mediumint(9) NOT NULL AUTO_INCREMENT,\n cal_id mediumint(9) NOT NULL DEFAULT 1,\n code VARCHAR(250) DEFAULT '' NOT NULL,\n discount VARCHAR(250) DEFAULT '' NOT NULL,\n expires datetime DEFAULT CURRENT_TIMESTAMP NOT NULL,\n availability int(10) unsigned NOT NULL DEFAULT 0,\n used int(10) unsigned NOT NULL DEFAULT 0,\n UNIQUE KEY id (id)\n ) ".$charset_collate.";"

Use placeholders and $wpdb->prepare(); found $sql

Use placeholders and $wpdb->prepare(); found CPABC_APPOINTMENTS_CALENDARS_TABLE_NAME

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$message".

Using cURL functions is highly discouraged. Use wp_remote_get() instead.

Unescaped parameter $sql used in $wpdb->query($sql)\n$sql assigned unsafely at line 598:\n $sql = "ALTER TABLE `".$table."` ADD `".$field."` ".$type\n$field used without escaping.