• Hello Developer,

    I like this approach for deleting all orders, it’s a good start to clean out an entire shop. But there are a few improvements to be made, to make it more secure and accessible for everyone.

    1. In your code you have put on line 41 – 43 “DELETE from wp_”, however if your database doesn’t start with wp_ this won’t work. And most advanced wordpress users won’t name their database wp_.

    2. This is more a security concern, I noticed that the sql queries are running through the entire database on the server. I have had once it deleted all orders from 2 other databases who share the same server and started with the same wp_. This needs to be improved, I think you can tackle this by adding database info related to the current store, like:

    $host = ‘localhost’;
    $username = ‘user’;
    $password = ‘password’;
    $db = ‘dbname’;

    I am not a specialist in plugin coding, otherwise I could be of better help, but I hope you will consider these 2 flaws.

    Thanks and keep up the good work.

  • The topic ‘Flaws in the code’ is closed to new replies.