Function _ga_create_global_admin_menu has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.

Open

function _ga_create_global_admin_menu() {
    global $menu, $submenu, $_wp_real_parent_file, $pagenow;

    if ( ! is_global_admin() ) {
        return;

• Read up
  Read up

Function ga_init has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.

Open

function ga_init() {
    if ( function_exists( 'go_init' ) ) {
        require_once GA_PATH . 'wp-global-admin/wp-includes/load.php';
        require_once GA_PATH . 'wp-global-admin/wp-includes/capabilities.php';
        require_once GA_PATH . 'wp-global-admin/wp-includes/link-template.php';

• Read up
  Read up

Function is_global_administrator has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.

Open

    function is_global_administrator( $user_id = false ) {
        $user_id = (int) $user_id;

        if ( ! is_multinetwork() ) {
            return is_super_admin( $user_id );

• Read up
  Read up

Method _ga_create_global_admin_menu has 27 lines of code (exceeds 25 allowed). Consider refactoring.

Open

function _ga_create_global_admin_menu() {
    global $menu, $submenu, $_wp_real_parent_file, $pagenow;

    if ( ! is_global_admin() ) {
        return;

Method ga_requirements_notice has 26 lines of code (exceeds 25 allowed). Consider refactoring.

Open

function ga_requirements_notice() {
    $plugin_file = plugin_basename( __FILE__ );

    if ( ! current_user_can( 'deactivate_plugin', $plugin_file ) ) {
        return;

Function _ga_user_has_networks has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.

Open

function _ga_user_has_networks( $networks, $user_id ) {
    if ( ! is_multinetwork() ) {
        return $networks;
    }

• Read up
  Read up

Avoid variables with short names like $i. Configured minimum length is 3.

Open

            $i            = 0;

• Read up
  Read up
• Exclude checks
  • Disable engine
  • Disable check

class Something {
    private $q = 15; // VIOLATION - Field
    public static function main( array $as ) { // VIOLATION - Formal
        $r = 20 + $this->q; // VIOLATION - Local
        for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
            $r += $this->q;
        }
    }
}

Avoid deeply nested control flow statements.

Open

                                    if ( $details->userblog_id != get_network()->site_id ) { // main blog not a spam !
                                        update_blog_status( $details->userblog_id, 'spam', '1' );
                                    }

Avoid deeply nested control flow statements.

Open

                                if ( is_global_administrator( $user->ID ) || is_super_admin( $user->ID ) ) {
                                    wp_die( sprintf( __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ) );
                                }

Function global_site_url has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

    function global_site_url( $path = '', $scheme = null ) {
        if ( ! is_multinetwork() ) {
            return network_site_url( $path, $scheme );
        }

• Read up
  Read up

Avoid deeply nested control flow statements.

Open

                                if ( ! current_user_can( 'delete_users' ) ) {
                                    wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
                                }

Overriding WordPress globals is prohibited. Found assignment to $menu

Open

        $menu[5] = $networks_menu;

• Exclude checks
  • Disable engine
  • Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

Open

    wp_die( __( 'You do not have permission to access this page.' ), 403 );

• Exclude checks
  • Disable engine
  • Disable check

Opening PHP tag must be on a line by itself

Open

    ?><div id="message" class="updated notice is-dismissible"><p><?php _e( 'Settings saved.' ) ?></p></div><?php

• Exclude checks
  • Disable engine
  • Disable check

Inline PHP statement must end with a semicolon

Open

                    <input name="global_name" type="text" id="global_name" class="regular-text" value="<?php echo esc_attr( get_global_option( 'global_name', '' ) ) ?>" />

• Exclude checks
  • Disable engine
  • Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Open

                <th scope="row"><label for="admin_email"><?php _e( 'Global Admin Email', 'wp-global-admin' ) ?></label></th>

• Exclude checks
  • Disable engine
  • Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Open

                            <?php _e( 'Allow network administrators to edit users', 'wp-global-admin' ); ?>

• Exclude checks
  • Disable engine
  • Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Open

                        <p><?php _e( 'Global administrator privileges cannot be removed because this user has the global admin email.', 'wp-global-admin' ); ?></p>

• Exclude checks
  • Disable engine
  • Disable check

Detected usage of a non-validated input variable: $_POST

Open

            if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) {

• Exclude checks
  • Disable engine
  • Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

Open

                _e( 'Users marked as spam.' );

• Exclude checks
  • Disable engine
  • Disable check