Benchmarks
Plugin footprint 83% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Checking the installer triggered no errors
This plugin's installer ran successfully
Server metrics [RAM: ▲0.03MB] [CPU: ▼6.68ms] Passed 4 tests
This is a short check of server-side resources used by Who's Hacking What?
Normal server usage
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.50 ▲0.03 | 39.04 ▼4.75 |
| Dashboard /wp-admin | 3.34 ▲0.03 | 48.62 ▲0.38 |
| Posts /wp-admin/edit.php | 3.39 ▲0.03 | 49.10 ▼0.84 |
| Add New Post /wp-admin/post-new.php | 5.92 ▲0.03 | 82.29 ▼21.52 |
| Media Library /wp-admin/upload.php | 3.26 ▲0.03 | 35.87 ▲3.66 |
| Who's Hacking What /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php | 3.23 | 33.51 |
Server storage [IO: ▲0.01MB] [DB: ▲0.00MB] Passed 3 tests
Filesystem and database footprint
The plugin installed successfully
Filesystem: 2 new files
Database: no new tables, 6 new options
| New WordPress options |
|---|
| can_compress_scripts |
| theysaidso_admin_options |
| widget_recent-posts |
| widget_recent-comments |
| widget_theysaidso_widget |
| db_upgraded |
Browser metrics Passed 4 tests
Who's Hacking What?: an overview of browser usage
Normal browser usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,996 ▲250 | 15.75 ▲1.39 | 9.16 ▲7.38 | 40.37 ▼0.30 |
| Dashboard /wp-admin | 2,265 ▲80 | 6.28 ▲1.38 | 121.50 ▲9.05 | 38.17 ▼4.60 |
| Posts /wp-admin/edit.php | 2,157 ▲68 | 2.94 ▲0.95 | 46.06 ▲8.02 | 48.45 ▲13.48 |
| Add New Post /wp-admin/post-new.php | 1,540 ▼2 | 23.11 ▲4.98 | 654.72 ▲37.89 | 58.44 ▲9.68 |
| Media Library /wp-admin/upload.php | 1,459 ▲68 | 5.67 ▲1.49 | 112.54 ▲9.14 | 42.15 ▼1.93 |
| Who's Hacking What /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php | 905 | 2.56 | 35.87 | 27.54 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests
🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces
It is recommended to fix the following
- Zombie WordPress options were found after uninstall: 6 options
- theysaidso_admin_options
- db_upgraded
- widget_recent-posts
- widget_recent-comments
- can_compress_scripts
- widget_theysaidso_widget
Smoke tests 50% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)
Good news, no errors were detected
SRP 50% from 2 tests
🔹 Tests weight: 20 | It is important to ensure that your PHP files perform no action when accessed directly, respecting the single-responsibility principle
Please take a closer look at the following
- 2× PHP files trigger server errors when accessed directly:
- > PHP Fatal error
Uncaught Error: Call to undefined function plugin_basename() in wp-content/plugins/whos-hacking-what/whos-hacking-what.php:27
- > PHP Warning
Use of undefined constant ABSPATH - assumed 'ABSPATH' (this will throw an Error in a future version of PHP) in wp-content/plugins/whos-hacking-what/whos-hacking-what.php on line 25
- > PHP Fatal error
User-side errors 0% from 1 test
🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
These are user-side errors you should fix
- 2 occurences, only the last one shown
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/builder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/controls.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/slider.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
- > GET request to /wp-admin/tools.php?page=whos-hacking-what/whos-hacking-what.php
- > Javascript (warning) in unknown
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0 30 A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/sound.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
Optimizations
Plugin configuration Passed 29 tests
readme.txt Passed 16 tests
You should put a lot of thought into formatting readme.txt as it is used by WordPress.org to prepare the public listing of your plugin
4 plugin tags: version, multiple, development, plugins
whos-hacking-what/whos-hacking-what.php Passed 13 tests
The primary PHP file in "Who's Hacking What?" version 0.3 is used by WordPress to initiate all plugin functionality
96 characters long description:
A simple interface that notifies other administrators if you are hacking files on a live server.
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | A short check of programming languages and file extensions; no executable files are allowed
Success! There were no dangerous files found in this plugin217 lines of code in 1 file:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 1 | 33 | 30 | 217 |
PHP code Passed 2 tests
Cyclomatic complexity and code structure are the fingerprint of this plugin
This plugin has no cyclomatic complexity issues
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.78 |
| Average class complexity | 0.00 |
| ▷ Minimum class complexity | 0.00 |
| ▷ Maximum class complexity | 0.00 |
| Average method complexity | 0.00 |
| ▷ Minimum method complexity | 0.00 |
| ▷ Maximum method complexity | 0.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 0 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 0 | 0.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 0 | |
| ▷ Static methods | 0 | 0.00% |
| ▷ Public methods | 0 | 0.00% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 0 | 0.00% |
| Functions | 12 | |
| ▷ Named functions | 12 | 100.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 4 | |
| ▷ Global constants | 4 | 100.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
It is recommended to compress PNG files in your plugin to minimize bandwidth usage
There were not PNG files found in your plugin