wp-global-admin/wp-admin/global/user-new.php from felixarntz/global-admin

wp-global-admin/wp-admin/global/user-new.php

Summary

Maintainability

0 mins

Test Coverage

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

            <th scope="row"><label for="email"><?php _e( 'Email' ); ?></label></th>

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

        wp_die( __( 'Cannot create an empty user.' ) );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Detected usage of a non-validated input variable: $_POST
Open

    if ( ! is_array( $_POST['user'] ) ) {

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Detected usage of a non-validated input variable: $_POST
Open

    $user = wp_unslash( $_POST['user'] );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'.
Open

        echo '<div id="message" class="updated notice is-dismissible"><p>' . $msg . '</p></div>';

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'global_admin_url'.
Open

    <form action="<?php echo global_admin_url( 'user-new.php?action=add-user' ); ?>" id="adduser" method="post" novalidate="novalidate">

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Detected usage of a non-validated input variable: $_SERVER
Open

                $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user_id_new ) ) );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

    wp_die( __( 'Multinetwork support is not enabled.', 'wp-global-admin' ) );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$message</p>"'.
Open

            echo "<p>$message</p>";

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

            <td colspan="2"><?php _e( 'A password reset link will be sent to the user via email.' ); ?></td>

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Detected usage of a non-sanitized input variable: $_POST
Open

    $user = wp_unslash( $_POST['user'] );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

    wp_die( __( 'Sorry, you are not allowed to add users to this setup.', 'wp-global-admin' ) );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

<h1 id="add-new-user"><?php _e( 'Add New User' ); ?></h1>

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

Detected usage of a non-sanitized input variable: $_SERVER
Open

                $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user_id_new ) ) );

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

            <th scope="row"><label for="username"><?php _e( 'Username' ); ?></label></th>

Found in wp-global-admin/wp-admin/global/user-new.php by phpcodesniffer

Exclude checks
- Disable engine
- Disable check

felixarntz/global-admin

Summary

Maintainability

Test Coverage

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

Detected usage of a non-validated input variable: $_POST
Open

Detected usage of a non-validated input variable: $_POST
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'global_admin_url'.
Open

Detected usage of a non-validated input variable: $_SERVER
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$message</p>"'.
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

Detected usage of a non-sanitized input variable: $_POST
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

Detected usage of a non-sanitized input variable: $_SERVER
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

There are no issues that match your filters.

Category

Status

felixarntz/global-admin

Summary

Maintainability

Test Coverage

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open

Detected usage of a non-validated input variable: $_POST Open

Detected usage of a non-validated input variable: $_POST Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'. Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'global_admin_url'. Open

Detected usage of a non-validated input variable: $_SERVER Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$message</p>"'. Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open

Detected usage of a non-sanitized input variable: $_POST Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open

Detected usage of a non-sanitized input variable: $_SERVER Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'. Open

There are no issues that match your filters.

Category

Status

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

Detected usage of a non-validated input variable: $_POST
Open

Detected usage of a non-validated input variable: $_POST
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$msg'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'global_admin_url'.
Open

Detected usage of a non-validated input variable: $_SERVER
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<p>$message</p>"'.
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

Detected usage of a non-sanitized input variable: $_POST
Open

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open

Detected usage of a non-sanitized input variable: $_SERVER
Open

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
Open