Post Snippets – Custom WordPress Code Snippets Customizer

Sample message

$_GET['order'] not unslashed before sanitization. Use wp_unslash() or similar

Sample message

Detected usage of a non-sanitized input variable: $_GET['order']

Sample message

Complex placeholders used for values in the query string in $wpdb->prepare() will NOT be quoted automagically. Found: %1s.

Sample message

Use placeholders and $wpdb->prepare(); found GROUP_TABLE_NAME

Sample message

Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$message'.

Sample message

unlink() is discouraged. Use wp_delete_file() to delete a file.

Sample message

In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.

Sample message

Attempting a database schema change is discouraged.

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "fs_plugins_api".

Sample message

Unescaped parameter $column used in $wpdb->get_var()\n$column assigned unsafely at line 971.

Sample message

Unescaped parameter $table_name used in $wpdb->get_results()

Sample message

The upgrade notice for "2.1" exceeds the limit of 300 characters.

Sample message

Simple placeholders should not be quoted in the query string in $wpdb->prepare(). Found: '%s'.

Sample message

Detected usage of a possibly undefined superglobal array index: $_REQUEST['snippet_content']. Check that the array index exists before using it.