Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | It is important to correctly install your plugin, without throwing errors or notices

Install script ran successfully

Server metrics [RAM: ▲1.11MB] [CPU: ▲7.36ms] Passed 4 tests

This is a short check of server-side resources used by True Factor Auth

Normal server usage

Page	Memory (MB)	CPU Time (ms)
Home /	4.47 ▲1.01	53.12 ▲17.16
Dashboard /wp-admin	4.45 ▲1.11	67.74 ▲7.34
Posts /wp-admin/edit.php	4.50 ▲1.14	56.79 ▲10.56
Add New Post /wp-admin/post-new.php	7.05 ▲1.16	106.63 ▼0.00
Media Library /wp-admin/upload.php	4.41 ▲1.19	47.01 ▲11.55
SMS Settings /wp-admin/admin.php?page=tfa_sms	4.51	48.24
Phone Number Confirmation /wp-admin/admin.php?page=tfa_tel_confirmation	4.45	45.50
Access Rules /wp-admin/admin.php?page=tfa_rules	4.33	42.25
Verification /wp-admin/admin.php?page=tfa_verification_handlers	4.45	42.49
Two-Factor Login /wp-admin/admin.php?page=tfa_login_2fa	4.44	44.27
Edit Rule /wp-admin/admin.php?page=tfa-action-edit	4.43	46.33
Modules /wp-admin/admin.php?page=true-factor-auth	4.39	45.64

Server storage [IO: ▲18.18MB] [DB: ▲0.07MB] Passed 3 tests

Filesystem and database footprint

The plugin installed successfully

Filesystem: 4,248 new files

Database: 1 new table, 7 new options

New tables
wp_truefactor_rule

New WordPress options
db_upgraded
widget_recent-comments
trufauth_db_version
can_compress_scripts
theysaidso_admin_options
widget_theysaidso_widget
widget_recent-posts

Browser metrics Passed 4 tests

An overview of browser requirements for True Factor Auth

Minimal impact on browser resources

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	3,251 ▲490	16.23 ▲1.83	9.28 ▲7.58	41.37 ▲3.60
Dashboard /wp-admin	2,484 ▲306	5.97 ▲0.25	99.10 ▲1.04	44.71 ▼1.41
Posts /wp-admin/edit.php	2,351 ▲251	3.17 ▲1.18	37.18 ▲1.06	35.99 ▼2.58
Add New Post /wp-admin/post-new.php	1,617 ▲80	22.97 ▲4.70	647.60 ▲8.85	34.15 ▼27.11
Media Library /wp-admin/upload.php	1,727 ▲327	5.73 ▲1.38	104.54 ▲4.64	46.09 ▲3.31
SMS Settings /wp-admin/admin.php?page=tfa_sms	1,224	2.81	31.61	30.98
Phone Number Confirmation /wp-admin/admin.php?page=tfa_tel_confirmation	1,201	2.83	30.32	34.73
Access Rules /wp-admin/admin.php?page=tfa_rules	1,255	2.90	32.58	25.23
Verification /wp-admin/admin.php?page=tfa_verification_handlers	1,159	2.99	32.76	33.15
Two-Factor Login /wp-admin/admin.php?page=tfa_login_2fa	1,136	2.97	30.41	26.70
Edit Rule /wp-admin/admin.php?page=tfa-action-edit	1,255	2.81	31.95	32.23
Modules /wp-admin/admin.php?page=true-factor-auth	1,279	3.12	33.90	26.89

Uninstaller [IO: ▲0.00MB] [DB: ▲0.07MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces

You still need to fix the following

This plugin does not fully uninstall, leaving 7 options in the database
- widget_recent-posts
- trufauth_db_version
- widget_recent-comments
- can_compress_scripts
- db_upgraded
- theysaidso_admin_options
- widget_theysaidso_widget

Smoke tests 50% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a short smoke test looking for server-side errors

Everything seems fine, however this is by no means an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly

Please fix the following

8× GET requests to PHP files return non-empty strings:
- > /wp-content/plugins/true-factor-auth/templates/admin/tabs.php
- > /wp-content/plugins/true-factor-auth/vendor/mustache/mustache/bin/build_bootstrap.php
- > /wp-content/plugins/true-factor-auth/templates/admin/template-vars.php
- > /wp-content/plugins/true-factor-auth/trunk/vendor/mustache/mustache/bin/build_bootstrap.php
- > /wp-content/plugins/true-factor-auth/trunk/templates/admin/template-vars.php
- > /wp-content/plugins/true-factor-auth/trunk/templates/admin/footer-support.php
- > /wp-content/plugins/true-factor-auth/templates/admin/footer-support.php
- > /wp-content/plugins/true-factor-auth/trunk/templates/admin/tabs.php
3812× PHP files trigger errors when accessed directly with GET requests (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\InstanceResource' not found in wp-content/plugins/true-factor-auth/trunk/vendor/twilio/sdk/src/Twilio/Rest/Serverless/V1/Service/Environment/VariableInstance.php:32
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\InstanceContext' not found in wp-content/plugins/true-factor-auth/trunk/vendor/twilio/sdk/src/Twilio/Rest/Chat/V1/Service/ChannelContext.php:30
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\Options' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Api/V2010/Account/Sip/IpAccessControlList/IpAddressOptions.php:45
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\Options' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Preview/DeployedDevices/Fleet/DeviceOptions.php:52
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\Options' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Video/V1/Room/Participant/SubscribeRulesOptions.php:25
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\Options' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Api/V2010/Account/Usage/Record/AllTimeOptions.php:32
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\ListResource' not found in wp-content/plugins/true-factor-auth/trunk/vendor/twilio/sdk/src/Twilio/Rest/Autopilot/V1/Assistant/StyleSheetList.php:18
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\InstanceResource' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Preview/Sync/Service/Document/DocumentPermissionInstance.php:29
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\Page' not found in wp-content/plugins/true-factor-auth/trunk/vendor/twilio/sdk/src/Twilio/Rest/Wireless/V1/Sim/UsageRecordPage.php:16
- > PHP Fatal error
  Uncaught Error: Class 'Twilio\\ListResource' not found in wp-content/plugins/true-factor-auth/vendor/twilio/sdk/src/Twilio/Rest/Preview/Sync/Service/SyncList/SyncListItemList.php:23

User-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for browser errors

Everything seems fine on the user side

Optimizations

Plugin configuration 90% from 29 tests

readme.txt Passed 16 tests

The readme.txt file uses markdown syntax to describe your plugin to the world

9 plugin tags: authentication, otp, authorisation, security, google authenticator...

true-factor-auth/true-factor-auth.php 77% from 13 tests

Analyzing the main PHP file in "True Factor Auth" version 1.0.4

It is important to fix the following:

Text Domain: The text domain is optional since WordPress version 4.6; if you do specify it, it must be the same as the plugin slug
Description: Please don't use more than 140 characters for the plugin description (currently 249 characters long)
Domain Path: The domain path folder does not exist ("/languages/")

Code Analysis 5% from 3 tests

File types 0% from 1 test

🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed

Almost there! Just fix the following issues

Even if your plugin relies on executable files (for example a companion app), never distribute executable files with your plugin
- .ms - Maxwell Script in Maxwell Render
  - ☣ wp-content/plugins/true-factor-auth/trunk/vendor/mustache/mustache/test/fixtures/templates/alpha.ms
  - ☣ wp-content/plugins/true-factor-auth/vendor/mustache/mustache/test/fixtures/templates/alpha.ms
  - ☣ wp-content/plugins/true-factor-auth/vendor/mustache/mustache/test/fixtures/templates/beta.ms
  - ☣ wp-content/plugins/true-factor-auth/trunk/vendor/mustache/mustache/test/fixtures/templates/beta.ms

108,369 lines of code in 2,087 files:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	2,012	28,294	108,509	100,286
JavaScript	22	753	678	4,350
CSS	8	1,005	10	3,267
JSON	1	0	0	149
Mustache	36	1	0	145
Markdown	3	39	0	100
YAML	2	6	0	38
XML	2	2	0	26
Dockerfile	1	3	0	8

PHP code Passed 2 tests

An short overview of logical lines of code, cyclomatic complexity, and other code metrics

Great job! No cyclomatic complexity issues were detected in this plugin

Cyclomatic complexity
Average complexity per logical line of code	0.13
Average class complexity	2.67
▷ Minimum class complexity	1.00
▷ Maximum class complexity	87.00
Average method complexity	1.30
▷ Minimum method complexity	1.00
▷ Maximum method complexity	26.00

Code structure
Namespaces	198
Interfaces	16
Traits	2
Classes	4,918
▷ Abstract classes	542	11.02%
▷ Concrete classes	4,376	88.98%
▷ Final classes	4	0.09%
Methods	26,644
▷ Static methods	1,320	4.95%
▷ Public methods	23,924	89.79%
▷ Protected methods	2,614	9.81%
▷ Private methods	106	0.40%
Functions	320
▷ Named functions	4	1.25%
▷ Anonymous functions	316	98.75%
Constants	224
▷ Global constants	18	8.04%
▷ Class constants	206	91.96%
▷ Public constants	206	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin

4 PNG files occupy 0.47MB with 0.30MB in potential savings

Potential savings

Compression of 4 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
assets/img/flags.png	69.20KB	23.42KB	▼ 66.16%
trunk/assets/img/flags.png	69.20KB	23.42KB	▼ 66.16%
assets/img/flags@2x.png	170.28KB	68.04KB	▼ 60.04%
trunk/assets/img/flags@2x.png	170.28KB	68.04KB	▼ 60.04%

Code Review | True Factor Auth

About plugin

Code review

User reviews

Install metrics