Showing 251 of 251 total issues
Overriding WordPress globals is prohibited. Found assignment to $menu Open
Open
$menu[5] = $networks_menu;
- Exclude checks
No space found before comment text; expected "// require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );" but found "//require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );" Open
Open
//require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );
- Exclude checks
Processing form data without nonce verification. Open
Open
if ( ! empty( $_POST['global_administrator'] ) ) {
- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'. Open
Open
echo '<div id="message" class="updated notice is-dismissible"><p>' . $msg . '</p></div>';
- Exclude checks
Inline comments must end in full-stops, exclamation marks, or question marks Open
Open
//require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );
- Exclude checks
A gettext call containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders. Open
Open
wp_die( sprintf( __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ) );
- Exclude checks
Expected 1 spaces after opening bracket; 0 found Open
Open
'<p>' . __('<a href="https://github.com/felixarntz/wp-global-admin/wiki/Global-Admin" target="_blank">Documentation on the Global Admin</a>', 'wp-global-admin' ) . '</p>'
- Exclude checks
Inline comments must end in full-stops, exclamation marks, or question marks Open
Open
//require_once( ABSPATH . 'wp-admin/includes/menu.php' );
- Exclude checks
Array item not aligned correctly; expected 4 spaces but found 8 Open
Open
'content' =>
- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<?php _e( 'This address is used for admin purposes.', 'wp-global-admin' ); ?>
- Exclude checks
Detected usage of a non-validated input variable: $_POST Open
Open
if ( ! is_array( $_POST['user'] ) ) {
- Exclude checks
Inline comments must end in full-stops, exclamation marks, or question marks Open
Open
$_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle with arrays
- Exclude checks
There must be no blank line following an inline comment Open
Open
//require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );
- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open
Open
wp_die( __( 'Multinetwork support is not enabled.', 'wp-global-admin' ) );
- Exclude checks
No space found before comment text; expected "// TODO: what do we need here? What makes sense?" but found "//TODO: what do we need here? What makes sense?" Open
Open
//TODO: what do we need here? What makes sense?
- Exclude checks
Inline PHP statement must end with a semicolon Open
Open
<th scope="row"><label for="admin_email"><?php _e( 'Global Admin Email', 'wp-global-admin' ) ?></label></th>
- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open
Open
wp_die( __( 'Cannot create an empty user.' ) );
- Exclude checks
Detected usage of a non-validated input variable: $_POST Open
Open
confirm_delete_users( $_POST['allusers'] );
- Exclude checks
Detected usage of a non-sanitized input variable: $_POST Open
Open
confirm_delete_users( $_POST['allusers'] );
- Exclude checks
Missing wp_unslash() before sanitization. Open
Open
$doaction = $_POST['action'] != -1 ? $_POST['action'] : $_POST['action2'];
- Exclude checks