Code Snippets

An easy, clean and simple way to enhance your site with code snippets.

v3.9.6Code Snippets ProUpdated 2 months agoAdded 14 years ago1m+ installs94% rating0% support resolved

code css multisite php snippets

Score

Errors

203

Warnings

Change

Category Scores

Security0

Repo94

Performance100

Maintainability60

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

237 findings

Maintainability

121

11 issue groups

Security

112

9 issue groups

I18n

1 issue group

Repo Compliance

1 issue group

WARNINGSecurityRecommendedProcessing form data without nonce verification.76

Category: Security
Occurrences: 76
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Recommended

WARNINGMaintainabilityNon Prefixed Variable FoundGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$change".64

Category: Maintainability
Occurrences: 64
Severity: warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$change".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.22

Category: Maintainability
Occurrences: 22
Severity: warning

Sample message

Use of a direct database call is discouraged.

WordPress.DB.DirectDatabaseQuery.DirectQuery

ERRORMaintainabilitymissing direct file access protectionPHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;17

Category: Maintainability
Occurrences: 17
Severity: error

Sample message

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

missing_direct_file_access_protection Reference

WARNINGSecurityInterpolated Not PreparedUse placeholders and $wpdb->prepare(); found interpolated variable $extra_where at \t\t\t\tWHERE scope IN ($scopes_format) $extra_where\n10

Category: Security
Occurrences: 10
Severity: warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $extra_where at \t\t\t\tWHERE scope IN ($scopes_format) $extra_where\n

WordPress.DB.PreparedSQL.InterpolatedNotPrepared

WARNINGSecurityUnescaped DBParameterUnescaped parameter $table_name used in $wpdb->get_col()\n$table_name assigned unsafely at line 117.7

Category: Security
Occurrences: 7
Severity: warning

Sample message

Unescaped parameter $table_name used in $wpdb->get_col()\n$table_name assigned unsafely at line 117.

PluginCheck.Security.DirectDB.UnescapedDBParameter

WARNINGSecurityMissing Unslash$_GET['ids'] not unslashed before sanitization. Use wp_unslash() or similar6

Category: Security
Occurrences: 6
Severity: warning

Sample message

$_GET['ids'] not unslashed before sanitization. Use wp_unslash() or similar

WordPress.Security.ValidatedSanitizedInput.MissingUnslash

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().4

Category: Maintainability
Occurrences: 4
Severity: warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

WordPress.DB.DirectDatabaseQuery.NoCaching

ERRORMaintainabilitywp function not compatible with requires wpFunction "wp_get_default_update_php_url()" requires WordPress 5.1.0, but your plugin minimum supported version is WordPress 5.0.0.4

Category: Maintainability
Occurrences: 4
Severity: error

Sample message

Function "wp_get_default_update_php_url()" requires WordPress 5.1.0, but your plugin minimum supported version is WordPress 5.0.0.

wp_function_not_compatible_with_requires_wp Reference

ERRORSecurityOutput Not EscapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.3

Category: Security
Occurrences: 3
Severity: error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

WordPress.Security.EscapeOutput.OutputNotEscaped Reference

Show 12 more

WARNINGSecurityMissing3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Processing form data without nonce verification.

WordPress.Security.NonceVerification.Missing

WARNINGSecurityInput Not Sanitized3

Category: Security
Occurrences: 3
Severity: warning

Sample message

Detected usage of a non-sanitized input variable: $_POST['nonce']

WordPress.Security.ValidatedSanitizedInput.InputNotSanitized

ERRORI18nMissing Translators Comment3

Category: I18n
Occurrences: 3
Severity: error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

WordPress.WP.I18n.MissingTranslatorsComment Reference

ERRORMaintainabilityFound2

Category: Maintainability
Occurrences: 2
Severity: error

Sample message

The use of function eval() is forbidden

Generic.PHP.ForbiddenFunctions.Found

ERRORSecurityUnescaped DBParameter2

Category: Security
Occurrences: 2
Severity: error

Sample message

Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 40.

PluginCheck.Security.DirectDB.UnescapedDBParameter

ERRORSecurityNot Prepared2

Category: Security
Occurrences: 2
Severity: error

Sample message

Use placeholders and $wpdb->prepare(); found $sql

WordPress.DB.PreparedSQL.NotPrepared

WARNINGMaintainabilityNon Prefixed Hookname Found2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "import_upload_size_limit".

WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound

WARNINGMaintainabilityerror log error log2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

error_log() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_error_log

WARNINGMaintainabilityerror log var export2

Category: Maintainability
Occurrences: 2
Severity: warning

Sample message

var_export() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_var_export

WARNINGMaintainabilityerror log print r1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

print_r() found. Debug code should not normally be used in production.

WordPress.PHP.DevelopmentFunctions.error_log_print_r

WARNINGMaintainabilitymissing composer json file1

Category: Maintainability
Occurrences: 1
Severity: warning

Sample message

The "/vendor" directory using composer exists, but "composer.json" file is missing.

missing_composer_json_file Reference

ERRORRepo Complianceoutdated tested upto header1

Category: Repo Compliance
Occurrences: 1
Severity: error

Sample message

Tested up to: 6.9 < 7.0. The "Tested up to" value in your plugin is not set to the current version of WordPress. This means your plugin will not show up in searches, as we require plugins to be compatible and documented as tested up to the most recent version of WordPress.

outdated_tested_upto_header Reference

Score History

First score snapshot

2 days ago

v3.9.6

Latest

Findings: 237
Errors: 34
Warnings: 203
Check: 2.0.0

Scan	Score	Findings	Errors	Warnings	Plugin	Check
2 days agoLatest	36	237	34	203	v3.9.6	2.0.0

10k+ active installs

100

Code Embed

10k+ active installs

100

Customize Admin

4k+ active installs

Add Admin CSS

10k+ active installs

Multisite Language Switcher

4k+ active installs

Design Upgrade for LearnDash

7k+ active installs

Code Snippets

Category Scores

Issues to Review

Score History

Related Plugins