72% loginizer

Code Review | Loginizer

WordPress plugin Loginizer scored72%from 54 tests.

About plugin

  • Plugin page: loginizer
  • Plugin version: 1.8.2
  • PHP compatiblity: 5.5+
  • PHP version: 7.4.16
  • WordPress compatibility: 3.0-6.4
  • WordPress version: 6.3.1
  • First release: Jan 27, 2016
  • Latest release: Nov 21, 2023
  • Number of updates: 158
  • Update frequency: every 18.1 days
  • Top authors: loginizer (91.14%)softaculous (9.49%)

Code review

54 tests

User reviews

947 reviews

Install metrics

1,000,000+ active /19,062,514 total downloads
Download (272.22 KB)

Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Checking the installer triggered no errors
The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.76MB] [CPU: ▲5.08ms] Passed 4 tests

A check of server-side resources used by Loginizer
Server-side resource usage in normal parameters
Page Memory (MB) CPU Time (ms)
Home / 4.21 ▲0.74 50.33 ▲7.62
Dashboard /wp-admin 4.12 ▲0.82 53.86 ▲8.41
Posts /wp-admin/edit.php 4.18 ▲0.81 57.88 ▲7.79
Add New Post /wp-admin/post-new.php 6.64 ▲0.75 91.48 ▼3.49
Media Library /wp-admin/upload.php 3.99 ▲0.75 48.11 ▲14.37
Single Sign On Update /wp-admin/admin.php?page=loginizer_sso 3.99 42.80
PasswordLess /wp-admin/admin.php?page=loginizer_passwordless 4.00 43.06
Dashboard /wp-admin/admin.php?page=loginizer 4.06 40.51
File Checksums /wp-admin/admin.php?page=loginizer_checksums 4.02 42.85
Brute Force /wp-admin/admin.php?page=loginizer_brute_force 4.29 42.46
Security Settings /wp-admin/admin.php?page=loginizer_security 4.17 42.02
Two Factor Auth /wp-admin/admin.php?page=loginizer_2fa 4.14 43.34
reCAPTCHA /wp-admin/admin.php?page=loginizer_recaptcha 4.09 41.81

Server storage [IO: ▲0.70MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
There were no storage issued detected upon installing this plugin
Filesystem: 29 new files
Database: 1 new table, 16 new options
New tables
wp_loginizer_logs
New WordPress options
loginizer_last_reset
loginizer_version
loginizer_backuply_promo_time
loginizer_promo_time
widget_recent-posts
theysaidso_admin_options
widget_theysaidso_widget
can_compress_scripts
loginizer_blacklist
loginizer_ins_time
...

Browser metrics Passed 4 tests

This is an overview of browser requirements for Loginizer
Normal browser usage
Page Nodes Memory (MB) Script (ms) Layout (ms)
Home / 2,843 ▲81 14.34 ▼0.00 1.72 ▼0.08 39.48 ▼6.05
Dashboard /wp-admin 2,251 ▲74 5.63 ▼0.02 94.51 ▲4.39 42.57 ▲1.88
Posts /wp-admin/edit.php 2,150 ▲50 2.03 ▲0.07 39.53 ▲0.03 35.00 ▲1.05
Add New Post /wp-admin/post-new.php 1,568 ▲42 22.98 ▼0.01 690.60 ▲56.68 51.34 ▼5.73
Media Library /wp-admin/upload.php 1,450 ▲47 4.15 ▼0.05 94.96 ▼2.64 42.46 ▲0.75
Single Sign On Update /wp-admin/admin.php?page=loginizer_sso 1,425 1.67 28.56 48.59
PasswordLess /wp-admin/admin.php?page=loginizer_passwordless 1,364 1.93 27.32 40.26
Dashboard /wp-admin/admin.php?page=loginizer 1,605 3.42 99.93 59.82
File Checksums /wp-admin/admin.php?page=loginizer_checksums 1,456 1.53 31.02 40.28
Brute Force /wp-admin/admin.php?page=loginizer_brute_force 1,929 1.72 27.87 39.24
Security Settings /wp-admin/admin.php?page=loginizer_security 2,008 1.70 28.18 59.20
Two Factor Auth /wp-admin/admin.php?page=loginizer_2fa 1,910 1.62 30.18 46.42
reCAPTCHA /wp-admin/admin.php?page=loginizer_recaptcha 1,849 1.58 29.13 33.84

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | All plugins must uninstall correctly, removing their source code and extra database tables they might have created
You still need to fix the following
  • Zombie WordPress options detected upon uninstall: 6 options
    • theysaidso_admin_options
    • can_compress_scripts
    • db_upgraded
    • widget_recent-posts
    • widget_theysaidso_widget
    • widget_recent-comments

Smoke tests 25% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A smoke test targeting server-side errors
The smoke test was a success, however most plugin functionality was not tested

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Please fix the following items
  • 12× PHP files output non-empty strings when accessed directly via GET requests (only 10 are shown):
    • > /wp-content/plugins/loginizer/main/admin.php
    • > /wp-content/plugins/loginizer/main/settings/checksum.php
    • > /wp-content/plugins/loginizer/main/settings/recaptcha.php
    • > /wp-content/plugins/loginizer/main/ajax.php
    • > /wp-content/plugins/loginizer/main/settings/passwordless.php
    • > /wp-content/plugins/loginizer/main/settings/sso.php
    • > /wp-content/plugins/loginizer/loginizer.php
    • > /wp-content/plugins/loginizer/init.php
    • > /wp-content/plugins/loginizer/main/settings/dashboard.php
    • > /wp-content/plugins/loginizer/main/settings/security.php
  • 3× PHP files trigger server-side errors or warnings when accessed directly:
    • > PHP Warning
      include_once(): Failed opening 'LOGINIZER_DIR/lib/IPv6/IPv6.php' for inclusion (include_path='.:/usr/share/php') in wp-content/plugins/loginizer/functions.php on line 3
    • > PHP Warning
      Use of undefined constant LOGINIZER_DIR - assumed 'LOGINIZER_DIR' (this will throw an Error in a future version of PHP) in wp-content/plugins/loginizer/functions.php on line 3
    • > PHP Warning
      include_once(LOGINIZER_DIR/lib/IPv6/IPv6.php): failed to open stream: No such file or directory in wp-content/plugins/loginizer/functions.php on line 3

User-side errors 0% from 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)
There are user-side issues you should fix
    • > GET request to /wp-admin/admin.php?page=loginizer_sso
    • > Network (severe)
    wp-content/plugins/loginizer/assets/js/loginizer-admin.js?ver=1 - Failed to load resource: the server responded with a status of 404 (Not Found)
    • > GET request to /wp-admin/admin.php?page=loginizer_checksums
    • > Network (severe)
    wp-content/plugins/loginizer/assets/css/jquery-clockpicker.min.css?ver=0.0.7 - Failed to load resource: the server responded with a status of 404 (Not Found)
    • > GET request to /wp-admin/admin.php?page=loginizer_checksums
    • > Network (severe)
    wp-content/plugins/loginizer/assets/js/jquery-clockpicker.min.js?ver=0.0.7 - Failed to load resource: the server responded with a status of 404 (Not Found)
    • > GET request to /wp-admin/admin.php?page=loginizer_checksums
    • > Console-api (warning) in unknown
    /wp-admin/load-scripts.php?c=0&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.3.1 1:28609 "jQuery.Deferred exception: $(...).clockpicker is not a function" "TypeError: $(...).clockpicker is not a function\n at /wp-admin/admin.php?page=loginizer_checksums:248:26\n at HTMLDocument.\u003Canonymous> (/wp-admin/admin.php?page=loginizer_checksums:249:9)\n at e (/wp-admin/load-scripts.php?c=0&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.3.1:2:26990)\n at t (/wp-admin/load-scripts.php?c=0&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.3.1:2:27292)" undefined
    • > GET request to /wp-admin/admin.php?page=loginizer_checksums
    • > Javascript (severe) in unknown
    /wp-admin/load-scripts.php?c=0&load%5Bchunk_0%5D=jquery-core,jquery-migrate,utils&ver=6.3.1 1:28721 Uncaught TypeError: $(...).clockpicker is not a function

Optimizations

Plugin configuration 93% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file uses markdown syntax to describe your plugin to the world
These attributes need to be fixed:
  • Tags: Please reduce the number of tags, currently 22 tag instead of maximum 10
Please take inspiration from this readme.txt

loginizer/loginizer.php 92% from 13 tests

The principal PHP file in "Loginizer" v. 1.8.2 is loaded by WordPress automatically on each request
Please take the time to fix the following:
  • Description: Please keep the plugin description shorter than 140 characters (currently 212 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short review of files and their extensions; it is not recommended to include executable files
Success! There were no dangerous files found in this plugin7,158 lines of code in 18 files:
Language Files Blank lines Comment lines Lines of code
PHP 16 2,030 1,737 7,023
JavaScript 2 24 37 135

PHP code Passed 2 tests

This is a short overview of cyclomatic complexity and code structure for this plugin
Everything seems fine, there were no complexity issues found
Cyclomatic complexity
Average complexity per logical line of code 0.39
Average class complexity 366.00
▷ Minimum class complexity 366.00
▷ Maximum class complexity 366.00
Average method complexity 6.29
▷ Minimum method complexity 1.00
▷ Maximum method complexity 45.00
Code structure
Namespaces 0
Interfaces 0
Traits 0
Classes 1
▷ Abstract classes 0 0.00%
▷ Concrete classes 1 100.00%
▷ Final classes 0 0.00%
Methods 69
▷ Static methods 0 0.00%
▷ Public methods 69 100.00%
▷ Protected methods 0 0.00%
▷ Private methods 0 0.00%
Functions 93
▷ Named functions 93 100.00%
▷ Anonymous functions 0 0.00%
Constants 25
▷ Global constants 25 100.00%
▷ Class constants 0 0.00%
▷ Public constants 0 0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
7 PNG files occupy 0.10MB with 0.04MB in potential savings
Potential savings
Compression of 5 random PNG files using pngquant
File Size - original Size - compressed Savings
assets/images/pagelayer_product.png 3.28KB 3.06KB ▼ 6.73%
assets/images/loginizer-200.png 13.61KB 5.39KB ▼ 60.39%
assets/images/wpcentral_product.png 9.33KB 3.89KB ▼ 58.27%
assets/images/facebook.png 0.71KB 0.71KB ▼ 0.82%
assets/images/backuply-square.png 42.99KB 13.97KB ▼ 67.50%