Benchmarks

Plugin footprint 65% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors

Installer ran successfully

Server metrics [RAM: ▼0.92MB] [CPU: ▼32.30ms] Passed 4 tests

A check of server-side resources used by Hack me if you can

No issues were detected with server-side resource usage

Page	Memory (MB)	CPU Time (ms)
Home /	3.50 ▲0.04	35.03 ▼7.43
Dashboard /wp-admin	3.03 ▼0.28	22.94 ▼26.12
Posts /wp-admin/edit.php	3.03 ▼0.33	26.00 ▼19.20
Add New Post /wp-admin/post-new.php	3.03 ▼2.86	22.75 ▼71.77
Media Library /wp-admin/upload.php	3.03 ▼0.20	21.98 ▼12.12
Hack me if you can /wp-admin/options-general.php?page=hack-me-if-you-can/hack_me_if_you_can.php	3.03	22.07

Server storage [IO: ▲0.01MB] [DB: ▲0.00MB] Passed 3 tests

Input-output and database impact of this plugin

This plugin installed successfully

Filesystem: 2 new files

Database: no new tables, 9 new options

New WordPress options
widget_theysaidso_widget
current_lang
db_upgraded
can_compress_scripts
widget_recent-posts
fa_text
wp_admin
theysaidso_admin_options
widget_recent-comments

Browser metrics Passed 4 tests

A check of browser resources used by Hack me if you can

There were no issues detected in relation to browser resource usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,804 ▲69	13.75 ▼0.81	1.73 ▼0.10	40.67 ▼8.29
Dashboard /wp-admin	2,213 ▲22	4.83 ▼1.08	99.24 ▼15.46	40.81 ▼4.78
Posts /wp-admin/edit.php	2,093 ▲4	1.98 ▼0.05	39.61 ▲2.73	35.54 ▲2.26
Add New Post /wp-admin/post-new.php	1,517 ▼19	17.66 ▼5.60	659.65 ▼4.84	49.00 ▼15.31
Media Library /wp-admin/upload.php	1,392 ▲1	4.18 ▼0.06	92.48 ▼11.23	40.80 ▼6.76
Hack me if you can /wp-admin/options-general.php?page=hack-me-if-you-can/hack_me_if_you_can.php	875	2.19	23.26	28.92

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 50% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables

It is recommended to fix the following

The plugin did not uninstall gracefully
- > User deprecated in wp-includes/functions.php+5737
Function has_cap was called with an argument that is deprecated since version 2.0.0! Usage of user levels is deprecated. Use capabilities instead.
This plugin does not fully uninstall, leaving 6 options in the database
- widget_theysaidso_widget
- theysaidso_admin_options
- db_upgraded
- widget_recent-comments
- widget_recent-posts
- can_compress_scripts

Smoke tests 50% from 4 tests

Server-side errors 0% from 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors

These server-side errors were triggered

2 occurences, only the last one shown
- > GET request to /wp-admin/options-general.php?page=hack-me-if-you-can/hack_me_if_you_can.php
- > User deprecated in wp-includes/functions.php+5737
Function has_cap was called with an argument that is deprecated since version 2.0.0! Usage of user levels is deprecated. Use capabilities instead.
- > GET request to /wp-admin/options-general.php?page=hack-me-if-you-can/hack_me_if_you_can.php
- > Notice in wp-content/plugins/hack-me-if-you-can/hack_me_if_you_can.php+169
Undefined index: cmd

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser

The following issues need your attention

1× GET requests to PHP files trigger server-side errors or Error 500 responses:
- > PHP Fatal error
  Uncaught Error: Call to undefined function add_action() in wp-content/plugins/hack-me-if-you-can/hack_me_if_you_can.php:29

User-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)

Everything seems fine on the user side

Optimizations

Plugin configuration 96% from 29 tests

readme.txt Passed 16 tests

The readme.txt file uses markdown syntax to describe your plugin to the world

4 plugin tags: brutforce, secure, plugin, admin

hack-me-if-you-can/hack_me_if_you_can.php 92% from 13 tests

The main PHP file in "Hack me if you can" ver. 1.2 adds more information about the plugin and also serves as the entry point for this plugin

The following require your attention:

Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("hack-me-if-you-can.php" instead of "hack_me_if_you_can.php")

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed

There were no executable files found in this plugin219 lines of code in 1 file:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	1	27	24	219

PHP code Passed 2 tests

A brief analysis of cyclomatic complexity and code structure for this plugin

All good! No complexity issues found

Cyclomatic complexity
Average complexity per logical line of code	0.30
Average class complexity	0.00
▷ Minimum class complexity	0.00
▷ Maximum class complexity	0.00
Average method complexity	0.00
▷ Minimum method complexity	0.00
▷ Maximum method complexity	0.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	0
▷ Abstract classes	0	0.00%
▷ Concrete classes	0	0.00%
▷ Final classes	0	0.00%
Methods	0
▷ Static methods	0	0.00%
▷ Public methods	0	0.00%
▷ Protected methods	0	0.00%
▷ Private methods	0	0.00%
Functions	9
▷ Named functions	9	100.00%
▷ Anonymous functions	0	0.00%
Constants	0
▷ Global constants	0	0.00%
▷ Class constants	0	0.00%
▷ Public constants	0	0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage

There were not PNG files found in your plugin

Code Review | Hack me if you can

About plugin

Code review

User reviews

Install metrics