Traffic Monitor

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$my_table_prefix".

Unescaped parameter $sql used in $wpdb->get_results($wpdb->prepare( $sql, array_merge( $table_clauses, $params ) ))\n$sql assigned unsafely at line 449:\n $sql = "\n\t\t\tSELECT pr.id,\n\t\t\t\tpr.request_time,\n\t\t\t\trp.request_url,\n\t\t\t\tpr.request_query,\n\t\t\t\tpr.is_cached,\n\t\t\t\tpr.method,\n\t\t\t\trf.referrer_url,\n\t\t\t\tpr.referrer_query,\n\t\t\t\tpr.user_role,\n\t\t\t\tip.ip_address,\n\t\t\t\tfp.fingerprint_hash,\n\t\t\t\tpr.session_id_hash,\n\t\t\t\tua.user_agent,\n\t\t\t\tua.device,\n\t\t\t\tua.operating_system,\n\t\t\t\tua.browser,\n\t\t\t\tua.bot_name,\n\t\t\t\tua.bot_category,\n\t\t\t\tpr.ad_platform,\n\t\t\t\tpr.click_key,\n\t\t\t\tpr.click_value,\n\t\t\t\tpr.source,\n\t\t\t\tpr.status_code\n\t\t\tFROM %i pr\n\t\t\tINNER JOIN %i rp ON pr.page_id = rp.id\n\t\t\tLEFT JOIN %i rf ON pr.referrer_id = rf.id\n\t\t\tLEFT JOIN %i fp ON pr.fingerprint_id = fp.id\n\t\t\tLEFT JOIN %i ip ON fp.ip_id = ip.id\n\t\t\tLEFT JOIN %i ua ON fp.user_agent_id = ua.id\n\t\t\t$where_sql\n\t\t\tORDER BY $orderby_sql\n\t\t\tLIMIT %d OFFSET %d\n\t\t"\n$where_sql assigned unsafely at line 444:\n $where_sql = $where_clauses ? 'WHERE ' . implode( ' AND ', $where_clauses ) : ''\n$orderby_sql used without escaping.\n$where_clauses assigned unsafely at line 439:\n $where_clauses[] = 'pr.ad_platform = %s'\n$params[] used without escaping.\n$filters['ad_platform'] used without escaping.

Use placeholders and $wpdb->prepare(); found $sql

Use of heredoc and nowdoc syntax ("<<<") is not allowed; use standard strings or inline HTML instead

Use of heredoc and nowdoc syntax ("<<<") is not allowed; use standard strings or inline HTML instead

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$cache_check_nonce".

Unescaped parameter $sql used in $wpdb->get_var($wpdb->prepare( $sql, array_merge( $table_clauses, $params ) ))\n$sql assigned unsafely at line 558:\n $sql = "\n\t\t\tSELECT COUNT(*)\n\t\t\tFROM %i pr\n\t\t\tINNER JOIN %i rp ON pr.page_id = rp.id\n\t\t\tLEFT JOIN %i rf ON pr.referrer_id = rf.id\n\t\t\tLEFT JOIN %i fp ON pr.fingerprint_id = fp.id\n\t\t\tLEFT JOIN %i ip ON fp.ip_id = ip.id\n\t\t\tLEFT JOIN %i ua ON fp.user_agent_id = ua.id\n\t\t\t$where_sql\n\t\t"\n$where_sql assigned unsafely at line 556:\n $where_sql = $where_clauses ? 'WHERE ' . implode( ' AND ', $where_clauses ) : ''\n$where_clauses assigned unsafely at line 551:\n $where_clauses[] = 'pr.ad_platform = %s'\n$params[] used without escaping.\n$filters['ad_platform'] used without escaping.

Use placeholders and $wpdb->prepare(); found $sql

Unescaped parameter $placeholders used in $wpdb->query($wpdb->prepare(\n\t\t\t\t\t"INSERT INTO %i (`name`, category, `block`, log_request, total_requests) VALUES $placeholders",\n\t\t\t\t\t$prepare_values\n\t\t\t\t))\n$placeholders assigned unsafely at line 939:\n $placeholders = implode( ', ', $new_bots )\n$new_bots assigned unsafely at line 932:\n $new_bots[] = '( %s, %s, %d, %d, %d )'\n$values assigned unsafely at line 933:\n $values = array_merge( $values, array( $name, $category, $block, $log_request, 0 ) )\n$name assigned unsafely at line 922:\n $name = trim( strtolower( $data[0] ) )\n$category assigned unsafely at line 923:\n $category = isset( $data[1] ) ? trim( $data[1] ) : ''\n$data[0] used without escaping.\n$data[1] used without escaping.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "default_hidden_columns".