Showing 251 of 251 total issues
Detected usage of a non-sanitized input variable: $_SERVER Open
preg_match( '#/wp-admin/global/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches );
- Exclude checks
Missing wp_unslash() before sanitization. Open
$usersearch = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : '';
- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$network'. Open
echo '<span class="network-' . $network->id . '" >';
- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$sentence'. Open
<p class="youhave"><?php echo $sentence; ?></p>
- Exclude checks
A gettext call containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. Open
$admin_title = sprintf( __( '%1$s ‹ %2$s — WordPress' ), $title, $new_admin_title );
- Exclude checks
Missing class import via use statement (line '109', column '25'). Open
$wp_user_search = new WP_User_Query( $args );
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '30', column '20'). Open
$user_query = new WP_User_Query( array(
- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}
Source http://phpmd.org/rules/cleancode.html#MissingImport
Function is_multinetwork
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
function is_multinetwork() {
if ( ! is_multisite() ) {
return false;
}
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function wp_schedule_update_global_counts
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
function wp_schedule_update_global_counts() {
if ( ! is_main_network() || ! is_main_site() ) {
return;
}
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function _ga_maybe_display_global_administrator_checkbox
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
function _ga_maybe_display_global_administrator_checkbox( $user ) {
if ( is_multinetwork() && is_global_admin() && ! IS_PROFILE_PAGE && current_user_can( 'manage_global_options' ) ) {
?>
</table>
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid unused parameters such as '$old_user_count'. Open
function _ga_fix_network_user_counts( $user_count, $old_user_count, $option, $network_id ) {
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
Avoid unused parameters such as '$option'. Open
function _ga_fix_network_user_counts( $user_count, $old_user_count, $option, $network_id ) {
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
Avoid unused parameters such as '$list_url'. Open
function _ga_adjust_multinetwork_list_url( $list_url ) {
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
Avoid unused local variables such as '$wpdb'. Open
global $usersearch, $role, $wpdb, $mode;
- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused parameters such as '$user_id'. Open
function _ga_adjust_edit_profile_url( $url, $user_id, $scheme ) {
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
Avoid unused local variables such as '$plugin_file'. Open
$plugin_file = plugin_basename( __FILE__ );
- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
The method prepare_items() has an NPath complexity of 1728. The configured NPath complexity threshold is 200. Open
public function prepare_items() {
global $usersearch, $role, $wpdb, $mode;
$usersearch = isset( $_REQUEST['s'] ) ? wp_unslash( trim( $_REQUEST['s'] ) ) : '';
- Read upRead up
- Exclude checks
NPathComplexity
Since: 0.1
The NPath complexity of a method is the number of acyclic execution paths through that method. A threshold of 200 is generally considered the point where measures should be taken to reduce complexity.
Example
class Foo {
function bar() {
// lots of complicated code
}
}
Source https://phpmd.org/rules/codesize.html#npathcomplexity
The function wp_global_dashboard_setup() contains an exit expression. Open
exit;
- Read upRead up
- Exclude checks
ExitExpression
Since: 0.2
An exit-expression within regular code is untestable and therefore it should be avoided. Consider to move the exit-expression into some kind of startup script where an error/exception code is returned to the calling environment.
Example
class Foo {
public function bar($param) {
if ($param === 42) {
exit(23);
}
}
}
Source https://phpmd.org/rules/design.html#exitexpression
Avoid unused local variables such as '$edit'. Open
$edit = "<a href=\"{$edit_link}\">{$user->user_login}</a>";
- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused parameters such as '$edit_url'. Open
function _ga_adjust_multinetwork_edit_url( $edit_url, $network_id ) {
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}