Affiliates Manager

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '" $year"'.

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$AffHomeMsg".

Processing form data without nonce verification.

$_COOKIE['wpam_id'] not unslashed before sanitization. Use wp_unslash() or similar

PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit;

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"Transaction type of '{$value}' is not supported!"'.

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

Use of a direct database call is discouraged.

Detected usage of a non-sanitized input variable: $_COOKIE['wpam_id']

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

Use placeholders and $wpdb->prepare(); found $deletedb

Unescaped parameter $deletedb used in $wpdb->query()\n$deletedb assigned unsafely at line 168.

Detected usage of a possibly undefined superglobal array index: $_FILES['resultsFile']['tmp_name']. Check that the array index exists before using it.

Use placeholders and $wpdb->prepare(); found interpolated variable $affiliates_table at "select * from $affiliates_table where affiliateId = '$referrers[$i]'"

Missing $domain parameter in function call to __().

Resource version not set in call to wp_enqueue_style(). This means new versions of the style may not always be loaded due to browser caching.

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'If you are not an affiliate, but wish to become one, you will need to apply. To apply, you must be a registered user on this blog. If you have an existing account on this blog, please <a href="%s">log in</a>. If not, please <a href="%s">register</a>.'.

Processing form data without nonce verification.

The parameter "NULL" at position #3 of add_option() has been deprecated since WordPress version 2.3.0. Use "" instead.

Function "has_shortcode()" requires WordPress 3.6.0, but your plugin minimum supported version is WordPress 3.5.0.

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: &quot;&#039;bulk_actions-&#039; . $screen-&gt;id&quot;.

print_r() found. Debug code should not normally be used in production.

In footer ($in_footer) is not set explicitly wp_register_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.