Showing 251 of 251 total issues
Use Yoda Condition checks, you must. Open
Open
$doaction = $_POST['action'] != -1 ? $_POST['action'] : $_POST['action2'];- Exclude checks
Detected usage of a non-validated input variable: $_POST Open
Open
if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) {- Exclude checks
Overriding WordPress globals is prohibited. Found assignment to $menu Open
Open
$menu[ "$position" ] = $networks_menu;- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<th scope="row"><label for="global_name"><?php _e( 'Global Title', 'wp-global-admin' ) ?></label></th>- Exclude checks
Inline PHP statement must end with a semicolon Open
Open
<input name="admin_email" type="email" id="admin_email" aria-describedby="admin-email-desc" class="regular-text" value="<?php echo esc_attr( get_global_option( 'admin_email', '' ) ) ?>" />- Exclude checks
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open
Open
wp_die( __( 'Multinetwork support is not enabled.', 'wp-global-admin' ) );- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<p><?php _e( 'Global administrator privileges cannot be removed because this user has the global admin email.', 'wp-global-admin' ); ?></p>- Exclude checks
Missing wp_unslash() before sanitization. Open
Open
$user_ids = (array) $_POST['allusers'];- Exclude checks
Missing file doc comment Open
Open
<?php- Exclude checks
Each array item in a multi-line array declaration must end in a comma Open
Open
'content' => $quick_tasks- Exclude checks
There must be no blank line following an inline comment Open
Open
//require_once( ABSPATH . 'wp-admin/includes/menu.php' );- Exclude checks
Inline PHP statement must end with a semicolon Open
Open
?><div id="message" class="updated notice is-dismissible"><p><?php _e( 'Settings saved.' ) ?></p></div><?php- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
?><div id="message" class="updated notice is-dismissible"><p><?php _e( 'Settings saved.' ) ?></p></div><?php- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<?php _e( 'Allow network administrators to delete users', 'wp-global-admin' ); ?>- Exclude checks
Missing wp_unslash() before sanitization. Open
Open
confirm_delete_users( $_POST['allusers'] );- Exclude checks
Detected usage of a non-sanitized input variable: $_POST Open
Open
$doaction = $_POST['action'] != -1 ? $_POST['action'] : $_POST['action2'];- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<p><label><input type="checkbox" id="global_administrator" name="global_administrator"<?php checked( is_global_administrator( $user->ID ) ); ?> /> <?php _e( 'Grant this user global administrator privileges.', 'wp-global-admin' ); ?></label></p>- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<h1 id="add-new-user"><?php _e( 'Add New User' ); ?></h1>- Exclude checks
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open
Open
<td colspan="2"><?php _e( 'A password reset link will be sent to the user via email.' ); ?></td>- Exclude checks
Use Yoda Condition checks, you must. Open
Open
if ( $id != '0' && $id != '1' ) {- Exclude checks