10% dx-watermark

Code Review | DX-Watermark

WordPress plugin DX-Watermark scored10%from 54 tests.

About plugin

  • Plugin page: dx-watermark
  • Plugin version: 1.0.4
  • PHP version: 7.4.16
  • WordPress compatibility: 3.1-3.8
  • WordPress version: 6.3.1
  • First release: Nov 29, 2012
  • Latest release: Dec 12, 2013
  • Number of updates: 18
  • Update frequency: every 21.0 days
  • Top authors: daxiawp (100%)

Code review

54 tests

User reviews

4 reviews

Install metrics

1,000+ active /47,484 total downloads
Download (1.65 MB)

Benchmarks

Plugin footprint 58% from 16 tests

Installer 0% from 1 test

🔺 Critical test (weight: 50) | The install procedure must perform silently
You still need to fix the following installer errors
  • The plugin did not install without errors
    • > Deprecated in wp-includes/class-wp-hook.php+310
    Non-static method DX_Watermark::make_dir() should not be called statically

Server metrics [RAM: ▲0.00MB] [CPU: ▼8.88ms] Passed 4 tests

Analyzing server-side resources used by DX-Watermark
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /3.47 ▲0.0140.99 ▲1.56
Dashboard /wp-admin3.32 ▼0.0347.47 ▼15.76
Posts /wp-admin/edit.php3.37 ▲0.0147.90 ▼3.62
Add New Post /wp-admin/post-new.php5.90 ▲0.0185.82 ▼16.24
Media Library /wp-admin/upload.php3.24 ▲0.0137.23 ▲0.11
daxiawp主题商城 /wp-admin/admin.php?page=daxiawp_theme3.2031.38
DX-Watermark /wp-admin/admin.php?page=DX-Watermark3.2632.21

Server storage [IO: ▲2.74MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
This plugin was installed successfully
Filesystem: 24 new files
Database: no new tables, 6 new options
New WordPress options
widget_theysaidso_widget
theysaidso_admin_options
db_upgraded
widget_recent-posts
can_compress_scripts
widget_recent-comments

Browser metrics Passed 4 tests

An overview of browser requirements for DX-Watermark
There were no issues detected in relation to browser resource usage
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,815 ▲4414.72 ▲0.511.64 ▼0.1641.17 ▲0.50
Dashboard /wp-admin2,224 ▲565.60 ▼0.0791.34 ▲4.7572.75 ▲29.76
Posts /wp-admin/edit.php2,123 ▲181.99 ▼0.0235.93 ▼8.0640.22 ▲1.53
Add New Post /wp-admin/post-new.php1,568 ▲4223.14 ▼0.09767.23 ▲90.4155.66 ▼1.19
Media Library /wp-admin/upload.php1,420 ▲204.28 ▲0.14101.96 ▼13.7478.51 ▲28.59
daxiawp主题商城 /wp-admin/admin.php?page=daxiawp_theme1,0544.34122.6658.55
DX-Watermark /wp-admin/admin.php?page=DX-Watermark1,1181.9538.1636.28

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces
It is recommended to fix the following
  • Zombie WordPress options detected upon uninstall: 6 options
    • can_compress_scripts
    • db_upgraded
    • widget_theysaidso_widget
    • theysaidso_admin_options
    • widget_recent-comments
    • widget_recent-posts

Smoke tests 0% from 4 tests

Server-side errors 0% from 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)
These errors were triggered by the plugin
  • 38 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=DX-Watermark
    • > Notice in wp-content/plugins/dx-watermark/preview.php+60
    Trying to access array offset on value of type bool
    • > GET request to /wp-admin/admin.php?page=DX-Watermark
    • > Notice in wp-content/plugins/dx-watermark/dx-watermark.php+280
    Undefined variable: fonts
    • > GET request to /wp-admin/admin.php?page=DX-Watermark
    • > Warning in wp-content/plugins/dx-watermark/preview.php+66
    Declaration of DX_Watermark_Preview::make_image($im) should be compatible with DX_Watermark::make_image($im, $mime, $im_file)
    • > GET request to /wp-admin/admin.php?page=DX-Watermark
    • > Warning in wp-content/plugins/dx-watermark/preview.php+9
    Declaration of DX_Watermark_Preview::do_watermark() should be compatible with DX_Watermark::do_watermark($metadata)

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
The following issues need your attention
  • 1× GET requests to PHP files return non-empty strings:
    • > /wp-content/plugins/dx-watermark/preview.php
  • 3× PHP files trigger server errors when accessed directly:
    • > PHP Fatal error
      Uncaught Error: Using $this when not in object context in wp-content/plugins/dx-watermark/options-form.php:4
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/dx-watermark/theme.php:4
    • > PHP Fatal error
      Uncaught Error: Call to undefined function register_activation_hook() in wp-content/plugins/dx-watermark/dx-watermark.php:420

User-side errors 0% from 1 test

🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues
These are user-side errors you should fix
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454435&uuid=aaa4f8c7c59f6a24&dri=0&dis=0&dai=0&ps=204x64&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=daxiawp%E4%B8%BB%E9%A2%98&dbv=2&drs=1&pcs=800x585&pss=1038x585&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611631&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611632, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454451&uuid=610c29b5601ba847&dri=0&dis=0&dai=0&ps=204x386&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454435%22)%3B&dbv=2&drs=1&pcs=800x585&pss=1038x585&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611632&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611633, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454453&uuid=25e5da6559766eef&dri=0&dis=0&dai=0&ps=204x708&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454451%22)%3B&dbv=2&drs=1&pcs=800x585&pss=1038x585&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611633&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611633, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454454&uuid=a1decc249970f497&dri=0&dis=0&dai=0&ps=456x64&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454453%22)%3B&dbv=2&drs=1&pcs=800x585&pss=1038x585&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611633&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611634, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454455&uuid=aa46deab3adc4a6f&dri=0&dis=0&dai=0&ps=456x386&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454454%22)%3B&dbv=2&drs=1&pcs=785x585&pss=1038x768&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611633&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611634, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454457&uuid=b9daaee54250107c&dri=0&dis=0&dai=0&ps=456x708&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454455%22)%3B&dbv=2&drs=1&pcs=785x585&pss=1038x768&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611634&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611634, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454459&uuid=262072b9bf113594&dri=0&dis=0&dai=0&ps=708x64&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454457%22)%3B&dbv=2&drs=1&pcs=785x585&pss=1038x795&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611634&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611634, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454461&uuid=470de7d7478d1fac&dri=0&dis=0&dai=0&ps=708x386&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454459%22)%3B&dbv=2&drs=1&pcs=785x585&pss=1038x1020&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611634&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611635, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=daxiawp_theme
    • > Javascript (warning) in unknown
    http://cbjs.baidu.com/js/m.js 0 A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/vcrm?di=454462&uuid=d041cec4bd48df31&dri=0&dis=0&dai=0&ps=708x708&enu=encoding&exps=110011&ant=0&psi=9f5b15fb23d0c2c2&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1697611631565&ti=%E4%B8%BB%E9%A2%98%E5%95%86%E5%9F%8E%20%E2%80%B9%20Potrivit%20%E2%80%94%20WordPress&ari=2&ver=0830&vc=BAIDU_CLB_fillSlot(%22454461%22)%3B&dbv=2&drs=1&pcs=785x585&pss=1038x1020&cfv=0&cpl=0&chi=14&cce=true&cec=UTF-8&tlm=1697611634&prot=2&rw=600&ltu=http%3A%2F%2Fwp.com%2Fwp-admin%2Fadmin.php%3Fpage%3Ddaxiawp_theme&ecd=1&dft=0&uc=800x600&pis=-1x-1&sr=800x600&tcn=1697611635, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Optimizations

Plugin configuration 97% from 29 tests

readme.txt 94% from 16 tests

Perhaps the most important file in your plugin readme.txt gets parsed in order to generate the public listing of your plugin
Please fix the following attributes:
  • Plugin Name: Please replace "Plugin Name" with the name of your plugin on the first line ( === dx-watermark === )
You can take inspiration from this readme.txt

dx-watermark/dx-watermark.php Passed 13 tests

This is the main PHP file of "DX-Watermark" version 1.0.4, providing information about the plugin in the header fields and serving as the principal entry point to the plugin's functions
69 characters long description:
The pictures automatically add watermark. 图片自动添加水印。

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | There should be no dangerous file extensions present in any WordPress plugin
Success! There were no dangerous files found in this plugin617 lines of code in 6 files:
LanguageFilesBlank linesComment linesLines of code
PHP46358545
PO File1262671
JavaScript11111

PHP code Passed 2 tests

An overview of cyclomatic complexity and code structure
This plugin has no cyclomatic complexity problems
Cyclomatic complexity
Average complexity per logical line of code0.27
Average class complexity42.50
▷ Minimum class complexity18.00
▷ Maximum class complexity67.00
Average method complexity4.32
▷ Minimum method complexity1.00
▷ Maximum method complexity15.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes2
▷ Abstract classes00.00%
▷ Concrete classes2100.00%
▷ Final classes00.00%
Methods25
▷ Static methods00.00%
▷ Public methods25100.00%
▷ Protected methods00.00%
▷ Private methods00.00%
Functions2
▷ Named functions2100.00%
▷ Anonymous functions00.00%
Constants0
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

PNG files should be compressed to save space and minimize bandwidth usage
5 PNG files occupy 0.03MB with 0.01MB in potential savings
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
icon.png0.75KB0.98KB0.00%
excolor/ok.png3.56KB0.68KB▼ 80.87%
excolor/hue.png8.55KB6.41KB▼ 24.95%
excolor/bg.png13.52KB7.09KB▼ 47.60%
excolor/shbg.png1.40KB2.59KB0.00%