78% two-factor-2fa-via-email

Code Review | Two Factor (2FA) Authentication via Email

WordPress plugin Two Factor (2FA) Authentication via Email scored78%from 54 tests.

About plugin

  • Plugin page: two-factor-2fa-vi...
  • Plugin version: 1.5.1
  • PHP compatiblity: 5.6+
  • PHP version: 7.4.16
  • WordPress compatibility: 4.1-6.3
  • WordPress version: 6.3.1
  • First release: Mar 15, 2023
  • Latest release: Aug 8, 2023
  • Number of updates: 18
  • Update frequency: every 8.1 days
  • Top authors: SS88_UK (100%)

Code review

54 tests

User reviews

1 review

Install metrics

100+ active /1,067 total downloads

Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | All plugins must install correctly, without throwing any errors, warnings, or notices
The plugin installed gracefully, with no errors

Server metrics [RAM: ▼0.00MB] [CPU: ▼6.63ms] Passed 4 tests

An overview of server-side resources used by Two Factor (2FA) Authentication via Email
This plugin has minimal impact on server resources
PageMemory (MB)CPU Time (ms)
Home /3.47 ▲0.0145.28 ▼0.23
Dashboard /wp-admin3.31 ▼0.0347.14 ▼19.84
Posts /wp-admin/edit.php3.37 ▲0.0151.29 ▲4.40
Add New Post /wp-admin/post-new.php5.92 ▲0.0387.31 ▼10.86
Media Library /wp-admin/upload.php3.24 ▲0.0140.94 ▲4.76

Server storage [IO: ▲0.03MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
The plugin installed successfully
Filesystem: 6 new files
Database: no new tables, 6 new options
New WordPress options
widget_recent-posts
widget_theysaidso_widget
can_compress_scripts
theysaidso_admin_options
widget_recent-comments
db_upgraded

Browser metrics Passed 4 tests

Two Factor (2FA) Authentication via Email: an overview of browser usage
This plugin has a minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,833 ▲8713.64 ▼0.741.71 ▼0.0645.32 ▼2.90
Dashboard /wp-admin2,233 ▲485.86 ▼0.01106.97 ▼12.6838.07 ▼5.88
Posts /wp-admin/edit.php2,124 ▲352.02 ▲0.0237.28 ▲2.2535.44 ▲1.39
Add New Post /wp-admin/post-new.php1,542 ▲2823.22 ▲5.63685.50 ▼8.6078.09 ▲27.15
Media Library /wp-admin/upload.php1,424 ▲364.17 ▼0.01113.82 ▲10.3048.35 ▲4.18

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
It is recommended to fix the following
  • Zombie WordPress options were found after uninstall: 6 options
    • widget_theysaidso_widget
    • theysaidso_admin_options
    • widget_recent-comments
    • can_compress_scripts
    • widget_recent-posts
    • db_upgraded

Smoke tests 50% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a short smoke test looking for server-side errors
Everything seems fine, however this is by no means an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | It is important to ensure that your PHP files perform no action when accessed directly, respecting the single-responsibility principle
The following issues need your attention
  • 2× PHP files perform the task of outputting text when accessed with GET requests:
    • > /wp-content/plugins/two-factor-2fa-via-email/assets/html/login-email.php
    • > /wp-content/plugins/two-factor-2fa-via-email/assets/html/2fa-page.php
  • 3× PHP files trigger server-side errors or warnings when accessed directly:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function wp_kses_post() in wp-content/plugins/two-factor-2fa-via-email/assets/html/2fa-page.php:42
    • > PHP Fatal error
      Uncaught Error: Call to undefined function sanitize_text_field() in wp-content/plugins/two-factor-2fa-via-email/assets/html/login-email.php:104
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/two-factor-2fa-via-email/ss88-two-factor-via-email.php:294

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
Everything seems fine, but this is not an exhaustive test

Optimizations

Plugin configuration 93% from 29 tests

readme.txt Passed 16 tests

It's important to format your readme.txt file correctly as it is parsed for the public listing of your plugin
6 plugin tags: 2fa email, two factor, authentication, two-factor authentication, 2fa authentication...

two-factor-2fa-via-email/ss88-two-factor-via-email.php 85% from 13 tests

"Two Factor (2FA) Authentication via Email" version 1.5.1's main PHP file describes plugin functionality and also serves as the entry point to any WordPress functionality
It is important to fix the following:
  • Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("two-factor-2fa-via-email.php" instead of "ss88-two-factor-via-email.php")
  • Description: Keep the plugin description shorter than 140 characters (currently 167 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short review of files and their extensions; it is not recommended to include executable files
Success! There were no dangerous files found in this plugin428 lines of code in 5 files:
LanguageFilesBlank linesComment linesLines of code
PHP31189396
JavaScript117027
CSS1005

PHP code Passed 2 tests

An short overview of logical lines of code, cyclomatic complexity, and other code metrics
This plugin has no cyclomatic complexity problems
Cyclomatic complexity
Average complexity per logical line of code0.34
Average class complexity31.00
▷ Minimum class complexity31.00
▷ Maximum class complexity31.00
Average method complexity2.76
▷ Minimum method complexity1.00
▷ Maximum method complexity13.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes1
▷ Abstract classes00.00%
▷ Concrete classes1100.00%
▷ Final classes00.00%
Methods17
▷ Static methods15.88%
▷ Public methods17100.00%
▷ Protected methods00.00%
▷ Private methods00.00%
Functions0
▷ Named functions00.00%
▷ Anonymous functions00.00%
Constants0
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

All PNG images should be compressed to minimize bandwidth usage for end users
PNG images were not found in this plugin