83% 2-factor

Code Review | Matoma Two-Factor Authentication

WordPress plugin Matoma Two-Factor Authentication scored83%from 54 tests.

About plugin

  • Plugin page: 2-factor
  • Plugin version: 1.0.3
  • PHP compatiblity: 7.2+
  • PHP version: 7.4.16
  • WordPress compatibility: 5.5-5.7
  • WordPress version: 6.3.1
  • First release: Nov 13, 2020
  • Latest release: Mar 25, 2021
  • Number of updates: 47
  • Update frequency: every 2.8 days
  • Top authors: matomagmbh (100%)

Code review

54 tests

User reviews

1 review

Install metrics

10+ active /1,030 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
This plugin's installer ran successfully

Server metrics [RAM: ▲0.03MB] [CPU: ▼8.51ms] Passed 4 tests

This is a short check of server-side resources used by Matoma Two-Factor Authentication
This plugin has minimal impact on server resources
PageMemory (MB)CPU Time (ms)
Home /3.50 ▲0.0438.02 ▼4.19
Dashboard /wp-admin3.34 ▼0.0046.21 ▼13.13
Posts /wp-admin/edit.php3.39 ▲0.0446.66 ▲3.99
Add New Post /wp-admin/post-new.php5.92 ▲0.0481.11 ▼12.15
Media Library /wp-admin/upload.php3.27 ▲0.0432.35 ▼4.58
Matoma 2FA /wp-admin/options-general.php?page=mtm-2F-settings3.2333.44

Server storage [IO: ▲0.07MB] [DB: ▲0.07MB] Passed 3 tests

Analyzing filesystem and database footprints of this plugin
This plugin installed successfully
Filesystem: 14 new files
Database: no new tables, 6 new options
New WordPress options

Browser metrics Passed 4 tests

An overview of browser requirements for Matoma Two-Factor Authentication
Minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,806 ▲3514.44 ▼0.241.77 ▼0.2444.14 ▼0.37
Dashboard /wp-admin2,210 ▲225.79 ▼0.0697.67 ▼21.5139.95 ▼3.91
Posts /wp-admin/edit.php2,090 ▲12.00 ▼0.0134.74 ▼4.1833.93 ▼2.44
Add New Post /wp-admin/post-new.php1,545 ▲1218.31 ▼4.81613.48 ▼5.0551.52 ▼0.54
Media Library /wp-admin/upload.php1,389 ▲74.17 ▼0.0795.86 ▼3.7239.21 ▼5.29
Matoma 2FA /wp-admin/options-general.php?page=mtm-2F-settings8952.0323.1527.85

Uninstaller [IO: ▲0.00MB] [DB: ▲0.07MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
It is recommended to fix the following
  • The uninstall procedure has failed, leaving 6 options in the database
    • widget_recent-posts
    • widget_recent-comments
    • can_compress_scripts
    • theysaidso_admin_options
    • widget_theysaidso_widget
    • db_upgraded

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A smoke test targeting server-side errors
Good news, no errors were detected

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Please fix the following items
  • 3× GET requests to PHP files trigger server-side errors or Error 500 responses:
    • > PHP Fatal error
      Uncaught Error: Class 'Mtm_2F_Methode' not found in wp-content/plugins/2-factor/includes/Mtm_2F_SMS.php:4
    • > PHP Fatal error
      Uncaught Error: Call to undefined function __() in wp-content/plugins/2-factor/mtm-2f.php:13
    • > PHP Fatal error
      Uncaught Error: Class 'Mtm_2F_Methode' not found in wp-content/plugins/2-factor/includes/Mtm_2F_EMail.php:4

User-side errors Passed 1 test

🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues
No browser errors were detected


Plugin configuration 90% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file is important because it is parsed by WordPress.org for the public listing of your plugin
These attributes need to be fixed:
  • Screenshots: Please add images for these screenshots: #1 (settings), #2 (login mask)
You can look at the official readme.txt

2-factor/mtm-2f.php 85% from 13 tests

"Matoma Two-Factor Authentication" version 1.0.3's primary PHP file adds more information about the plugin and serves as the entry point for WordPress
It is important to fix the following:
  • Main file name: The principal plugin file should be the same as the plugin slug ("2-factor.php" instead of "mtm-2f.php")
  • Text Domain: The text domain is optional since WordPress version 4.6; if you do specify it, it must be the same as the plugin slug

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed
Everything looks great! No dangerous files found in this plugin1,254 lines of code in 11 files:
LanguageFilesBlank linesComment linesLines of code

PHP code Passed 2 tests

A brief analysis of cyclomatic complexity and code structure for this plugin
All good! No complexity issues found
Cyclomatic complexity
Average complexity per logical line of code0.33
Average class complexity17.43
▷ Minimum class complexity1.00
▷ Maximum class complexity50.00
Average method complexity3.09
▷ Minimum method complexity1.00
▷ Maximum method complexity16.00
Code structure
▷ Abstract classes114.29%
▷ Concrete classes685.71%
▷ Final classes00.00%
▷ Static methods1322.03%
▷ Public methods5694.92%
▷ Protected methods11.69%
▷ Private methods23.39%
▷ Named functions3100.00%
▷ Anonymous functions00.00%
▷ Global constants4100.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
No PNG images were found in this plugin