Flaws in the code
-
Hello Developer,
I like this approach for deleting all orders, it’s a good start to clean out an entire shop. But there are a few improvements to be made, to make it more secure and accessible for everyone.
1. In your code you have put on line 41 – 43 “DELETE from wp_”, however if your database doesn’t start with wp_ this won’t work. And most advanced wordpress users won’t name their database wp_.
2. This is more a security concern, I noticed that the sql queries are running through the entire database on the server. I have had once it deleted all orders from 2 other databases who share the same server and started with the same wp_. This needs to be improved, I think you can tackle this by adding database info related to the current store, like:
$host = ‘localhost’;
$username = ‘user’;
$password = ‘password’;
$db = ‘dbname’;I am not a specialist in plugin coding, otherwise I could be of better help, but I hope you will consider these 2 flaws.
Thanks and keep up the good work.
- The topic ‘Flaws in the code’ is closed to new replies.