Name: Code Review: PassBy[ME] Two-Factor Authentication
Brand: Passbyme
SKU: wp.org/plugin/passbyme-two-factor-authentication
Availability: InStock
Rating: 5 (1 reviews)

Benchmarks

Plugin footprint 23% from 16 tests

Installer 0% from 1 test

🔺 Critical test (weight: 50) | It is important to correctly install your plugin, without throwing errors or notices

Please fix the following installer errors

Install procedure validation failed for this plugin
- > Warning in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/Plugin/Admin/Functions.php+23
Use of undefined constant MCRYPT_RIJNDAEL_128 - assumed 'MCRYPT_RIJNDAEL_128' (this will throw an Error in a future version of PHP)

Server metrics [RAM: ▼0.01MB] [CPU: ▼8.69ms] Passed 4 tests

Server-side resources used by PassBy[ME] Two-Factor Authentication

This plugin does not affect your website's performance

Page	Memory (MB)	CPU Time (ms)
Home /	3.47 ▲0.00	37.14 ▼6.03
Dashboard /wp-admin	3.31 ▼0.04	44.98 ▼16.25
Posts /wp-admin/edit.php	3.36 ▲0.00	46.94 ▲0.32
Add New Post /wp-admin/post-new.php	5.89 ▲0.00	88.46 ▼12.79
Media Library /wp-admin/upload.php	3.23 ▲0.00	36.03 ▲2.10

Server storage [IO: ▲4.84MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint

The plugin installed successfully

Filesystem: 484 new files

Database: no new tables, 6 new options

New WordPress options
theysaidso_admin_options
db_upgraded
can_compress_scripts
widget_recent-comments
widget_theysaidso_widget
widget_recent-posts

Browser metrics Passed 4 tests

PassBy[ME] Two-Factor Authentication: an overview of browser usage

This plugin renders optimally with no browser resource issues detected

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,800 ▲54	13.66 ▼0.73	1.78 ▼0.12	43.91 ▲1.92
Dashboard /wp-admin	2,206 ▲18	4.90 ▼0.97	112.80 ▲0.75	41.90 ▲0.29
Posts /wp-admin/edit.php	2,089 ▼0	1.99 ▲0.03	40.02 ▲3.88	34.14 ▲0.44
Add New Post /wp-admin/post-new.php	1,533 ▲5	23.23 ▲4.85	608.40 ▼10.79	49.38 ▼6.23
Media Library /wp-admin/upload.php	1,391 ▲3	4.31 ▲0.12	95.01 ▼8.58	42.85 ▼2.56

Uninstaller [IO: ▲4.84MB] [DB: ▲0.00MB] 25% from 4 tests

🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces

It is recommended to fix the following

This plugin cannot be uninstalled
- > Warning in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/Plugin/Admin/Functions.php+23
Use of undefined constant MCRYPT_RIJNDAEL_128 - assumed 'MCRYPT_RIJNDAEL_128' (this will throw an Error in a future version of PHP)
The plugin did not uninstall correctly, leaving 484 files (4.84MB) in the plugin directory
- (new file) src/Microsec/PassByME/Log/Logger.php
- (new file) src/Microsec/PassByME/Plugin/Admin/Functions.php
- (new file) src/Microsec/PassByME/Plugin/Admin/Actions.php
- (new file) src/Microsec/PassByME/Autoloader.php
- (new file) src/Microsec/PassByME/Log/ILogger.php
- (new file) passbyme-2factor-authentication.php
- (new file) readme.txt
- (new file) gpl-2.0.txt
- (new file) src/Microsec/PassByME/Methods/Management.php
- (new file) src/Microsec/PassByME/Methods/Messaging.php
- ...
This plugin did not uninstall successfully, leaving 7 options in the database
- theysaidso_admin_options
- db_upgraded
- widget_theysaidso_widget
- widget_recent-posts
- widget_recent-comments
- recovery_mode_email_last_sent
- can_compress_scripts

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no server-side errors were triggered

The smoke test was a success, however most plugin functionality was not tested

SRP 50% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle: PHP files have to remain inert when accessed directly, throwing no errors and performing no actions

Please fix the following items

4× PHP files trigger server errors when accessed directly:
- > PHP Fatal error
  Uncaught Error: Class 'PassByME\\TwoFactor\\Send2FaRequest' not found in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/Methods/Management.php:44
- > PHP Fatal error
  Uncaught Error: Class 'PassByME\\TwoFactor\\Send2FaRequest' not found in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/Methods/Messaging.php:45
- > PHP Fatal error
  Uncaught Error: Interface 'PassByME\\Log\\ILogger' not found in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/Log/Logger.php:8
- > PHP Fatal error
  Uncaught Error: Class 'PassByME\\TwoFactor\\Curl' not found in wp-content/plugins/passbyme-two-factor-authentication/src/Microsec/PassByME/TwoFactor/Send2FaRequest.php:9

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues

No browser issues were found

Optimizations

Plugin configuration 93% from 29 tests

readme.txt 94% from 16 tests

You should put a lot of thought into formatting readme.txt as it is used by WordPress.org to prepare the public listing of your plugin

These attributes need to be fixed:

Tags: Please delete some tags, you are using 22 tag instead of maximum 10

You can take inspiration from this readme.txt

passbyme-two-factor-authentication/passbyme-2factor-authentication.php 92% from 13 tests

The entry point to "PassBy[ME] Two-Factor Authentication" version 1.0.1 is a PHP file that has certain tags in its header comment area

It is important to fix the following:

Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("passbyme-two-factor-authentication.php" instead of "passbyme-2factor-authentication.php")

Code Analysis 5% from 3 tests

File types 0% from 1 test

🔸 Test weight: 35 | Executable files are not allowed as they can serve as attack vectors

Almost there! Just fix the following issues

You should never include executable (binary) or otherwise dangerous files in your plugin
- .ps1 - Windows PowerShell Cmdlet in Windows
  - ☣ wp-content/plugins/passbyme-two-factor-authentication/static/bower_components/bootstrap/nuget/MyGet.ps1

67,203 lines of code in 441 files:

Language	Files	Blank lines	Comment lines	Lines of code
JavaScript	274	10,086	12,939	42,932
CSS	47	219	425	12,300
LESS	71	1,175	1,542	5,590
JSON	15	0	0	3,446
PHP	22	278	845	2,372
SVG	1	0	0	288
Markdown	7	101	0	160
XML	2	0	0	56
YAML	1	11	16	55
PowerShell	1	2	2	4

PHP code Passed 2 tests

A short review of cyclomatic complexity and code structure

This plugin has no cyclomatic complexity problems

Cyclomatic complexity
Average complexity per logical line of code	0.23
Average class complexity	9.58
▷ Minimum class complexity	1.00
▷ Maximum class complexity	57.00
Average method complexity	1.97
▷ Minimum method complexity	1.00
▷ Maximum method complexity	27.00

Code structure
Namespaces	7
Interfaces	1
Traits	0
Classes	18
▷ Abstract classes	0	0.00%
▷ Concrete classes	18	100.00%
▷ Final classes	0	0.00%
Methods	171
▷ Static methods	8	4.68%
▷ Public methods	127	74.27%
▷ Protected methods	21	12.28%
▷ Private methods	23	13.45%
Functions	13
▷ Named functions	1	7.69%
▷ Anonymous functions	12	92.31%
Constants	0
▷ Global constants	0	0.00%
▷ Class constants	0	0.00%
▷ Public constants	0	0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin

14 PNG files occupy 0.04MB with 0.01MB in potential savings

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
static/bower_components/jquery-ui/themes/base/images/ui-icons_ffffff_256x240.png	6.33KB	4.18KB	▼ 33.99%
static/bower_components/datatables/media/images/sort_asc.png	0.16KB	0.25KB	0.00%
static/img/pbm-logo.png	6.74KB	3.03KB	▼ 55.09%
static/bower_components/datatables/media/images/sort_both.png	0.20KB	0.29KB	0.00%
static/bower_components/jquery-ui/themes/base/images/ui-icons_777777_256x240.png	6.94KB	4.18KB	▼ 39.78%

Code Review | PassBy[ME] Two-Factor Authentication

About plugin

Code review

User reviews

Install metrics