84% square-bracket-hack-prevention

Code Review | Square Bracket Hack Prevention

WordPress plugin Square Bracket Hack Prevention scored 84% from 54 tests.

About plugin

  • Plugin page: square-bracket-ha...
  • Plugin version: 1.0
  • PHP version: 7.4.16
  • WordPress compatibility: 3.0.1-4.4.2
  • WordPress version: 6.3.1
  • First release: Aug 21, 2015
  • Latest release: Feb 6, 2016
  • Number of updates: 5
  • Update frequency: every 33.8 days
  • Top authors: stubgo (100%)

Code review

54 tests

User reviews

1 review

Install metrics

10+ active / 1,239 total downloads

Benchmarks

Plugin footprint 82% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Checking the installer triggered no errors
The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.01MB] [CPU: ▼2.22ms] Passed 4 tests

This is a short check of server-side resources used by Square Bracket Hack Prevention
No issues were detected with server-side resource usage
PageMemory (MB)CPU Time (ms)
Home /3.47 ▲0.0137.91 ▼0.65
Dashboard /wp-admin3.32 ▲0.0146.93 ▼6.36
Posts /wp-admin/edit.php3.37 ▲0.0149.35 ▲2.50
Add New Post /wp-admin/post-new.php5.90 ▲0.0194.24 ▼1.67
Media Library /wp-admin/upload.php3.24 ▲0.0134.54 ▼0.18

Server storage [IO: ▲0.00MB] [DB: ▲0.00MB] 67% from 3 tests

Filesystem and database footprint
Just a few items left to fix
  • There were 1 file (0.82KB) illegally modified outside of "wp-content/plugins/square-bracket-hack-prevention/" and "wp-content/uploads/"
    • (modified) .htaccess
Filesystem: 2 new files
Database: no new tables, 6 new options
New WordPress options
can_compress_scripts
theysaidso_admin_options
db_upgraded
widget_recent-posts
widget_theysaidso_widget
widget_recent-comments

Browser metrics Passed 4 tests

Checking browser requirements for Square Bracket Hack Prevention
This plugin renders optimally with no browser resource issues detected
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,800 ▲6513.26 ▼1.491.76 ▼0.1736.91 ▼11.43
Dashboard /wp-admin2,206 ▲155.91 ▼0.03106.39 ▲9.0039.64 ▼3.03
Posts /wp-admin/edit.php2,089 ▼01.99 ▼0.0039.33 ▼0.2035.73 ▼2.40
Add New Post /wp-admin/post-new.php1,544 ▲218.36 ▲0.11579.81 ▼21.3757.76 ▲1.56
Media Library /wp-admin/upload.php1,382 ▼94.18 ▼0.0695.32 ▼7.9640.00 ▼2.41

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
It is recommended to fix the following
  • Zombie WordPress options detected upon uninstall: 6 options
    • can_compress_scripts
    • widget_recent-comments
    • theysaidso_admin_options
    • widget_recent-posts
    • widget_theysaidso_widget
    • db_upgraded

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors
Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Please fix the following items
  • 1× PHP files trigger server-side errors or warnings when accessed directly:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_filter() in wp-content/plugins/square-bracket-hack-prevention/square-bracket-hack-prevention.php:24

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
No browser issues were found

Optimizations

Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

Don't ignore readme.txt as it is the file that instructs WordPress.org on how to present your plugin to the world
7 plugin tags: protection, htaccess, protect, hack, wpsos...

square-bracket-hack-prevention/square-bracket-hack-prevention.php Passed 13 tests

This is the main PHP file of "Square Bracket Hack Prevention" version 1.0, providing information about the plugin in the header fields and serving as the principal entry point to the plugin's functions
81 characters long description:
The Square Bracket Hack Prevention prevents hackers from adding a "[" to the URL.

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short review of files and their extensions; it is not recommended to include executable files
There were no executable files found in this plugin43 lines of code in 1 file:
LanguageFilesBlank linesComment linesLines of code
PHP193243

PHP code Passed 2 tests

Analyzing logical lines of code, cyclomatic complexity, and other code metrics
There were no cyclomatic complexity issued detected
Cyclomatic complexity
Average complexity per logical line of code0.30
Average class complexity0.00
▷ Minimum class complexity0.00
▷ Maximum class complexity0.00
Average method complexity0.00
▷ Minimum method complexity0.00
▷ Maximum method complexity0.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes0
▷ Abstract classes00.00%
▷ Concrete classes00.00%
▷ Final classes00.00%
Methods0
▷ Static methods00.00%
▷ Public methods00.00%
▷ Protected methods00.00%
▷ Private methods00.00%
Functions4
▷ Named functions4100.00%
▷ Anonymous functions00.00%
Constants0
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

All PNG images should be compressed to minimize bandwidth usage for end users
No PNG images were found in this plugin