save accesses the super-global variable $_POST. Open
public static function save($post_id, $post)
{
// Check the nonce (again).
if (empty(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce'])) ||
!wp_verify_nonce(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce']), 'woocommerce_save_data')) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
save accesses the super-global variable $_POST. Open
public static function save($post_id, $post)
{
// Check the nonce (again).
if (empty(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce'])) ||
!wp_verify_nonce(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce']), 'woocommerce_save_data')) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
save accesses the super-global variable $_POST. Open
public static function save($post_id, $post)
{
// Check the nonce (again).
if (empty(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce'])) ||
!wp_verify_nonce(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce']), 'woocommerce_save_data')) {
- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}
Source
Avoid using static access to class 'VindiPaymentGateways\VindiHelpers' in method 'save'. Open
if (empty(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce'])) ||
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class 'VindiPaymentGateways\VindiHelpers' in method 'save'. Open
!wp_verify_nonce(VindiHelpers::sanitize_xss($_POST['woocommerce_meta_nonce']), 'woocommerce_save_data')) {
- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}
Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid unused parameters such as '$post'. Open
public static function save($post_id, $post)
- Read upRead up
- Exclude checks
UnusedFormalParameter
Since: 0.2
Avoid passing parameters to methods or constructors and then not using those parameters.
Example
class Foo
{
private function bar($howdy)
{
// $howdy is not used
}
}
Source https://phpmd.org/rules/unusedcode.html#unusedformalparameter
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects, or it should execute logic with side effects, but should not do both. The first symbol is defined on line 14 and the first side effect is on line 8. Open
<?php
- Exclude checks
Expected 0 spaces before closing bracket; 1 found Open
if ( ! defined( 'ABSPATH' ) ) {
- Exclude checks
Opening brace of a class must be on the line after the definition Open
class CouponsMetaBox {
- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
exit; // Exit if accessed directly
- Exclude checks
Space after opening parenthesis of function call prohibited Open
if ( ! defined( 'ABSPATH' ) ) {
- Exclude checks
Expected 0 spaces after opening bracket; 1 found Open
if ( ! defined( 'ABSPATH' ) ) {
- Exclude checks
Expected 0 spaces before closing bracket; 1 found Open
if ( ! defined( 'ABSPATH' ) ) {
- Exclude checks