Flaws in the code

Hello Developer,

I like this approach for deleting all orders, it’s a good start to clean out an entire shop. But there are a few improvements to be made, to make it more secure and accessible for everyone.

1. In your code you have put on line 41 – 43 “DELETE from wp_”, however if your database doesn’t start with wp_ this won’t work. And most advanced wordpress users won’t name their database wp_.

2. This is more a security concern, I noticed that the sql queries are running through the entire database on the server. I have had once it deleted all orders from 2 other databases who share the same server and started with the same wp_. This needs to be improved, I think you can tackle this by adding database info related to the current store, like:

$host = ‘localhost’;
$username = ‘user’;
$password = ‘password’;
$db = ‘dbname’;

I am not a specialist in plugin coding, otherwise I could be of better help, but I hope you will consider these 2 flaws.

Thanks and keep up the good work.