Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms

Send Contact Form 7, WPForms, Elementor, Ninja Forms, Contact Form Entries Plugin and many other contact form submissions to Google Sheets.

v1.1.4CRM PerksUpdated Added 1k+ installs100% rating
28
Score
641
Errors
348
Warnings
+0
Change

Category Scores

Security0
Repo89
Performance100
Maintainability24

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

989 findings

I18n

507

4 issue groups

Maintainability

260

9 issue groups

Security

210

12 issue groups

ERRORI18nText Domain MismatchMismatched text domain. Expected 'integration-for-contact-form-7-and-google-sheets' but got 'contact-form-entries'.448
Category
I18n
Occurrences
448
Severity
error

Sample message

Mismatched text domain. Expected 'integration-for-contact-form-7-and-google-sheets' but got 'contact-form-entries'.

WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_log_id".152
Category
Maintainability
Occurrences
152
Severity
warning

Sample message

Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$_log_id".

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"' $sel >"'.63
Category
Security
Occurrences
63
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"' $sel >"'.

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.48
Category
Security
Occurrences
48
Severity
warning

Sample message

Processing form data without nonce verification.

ERRORI18nMissing Translators CommentA function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.34
Category
I18n
Occurrences
34
Severity
error

Sample message

A function call to __() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

ERRORSecuritySQL query is not preparedUse placeholders and $wpdb->prepare(); found $id33
Category
Security
Occurrences
33
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $id

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.32
Category
Maintainability
Occurrences
32
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().30
Category
Maintainability
Occurrences
30
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORI18nUnordered Placeholders TextMultiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Contact Form Entries is installed but not active. %sActivate Contact Form Entries%s to use the Contact Form Google Sheets Plugin'.24
Category
I18n
Occurrences
24
Severity
error

Sample message

Multiple placeholders in translatable strings should be ordered. Expected "%1$s, %2$s", but got "%s, %s" in 'Contact Form Entries is installed but not active. %sActivate Contact Form Entries%s to use the Contact Form Google Sheets Plugin'.

WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'add_page_html_'.$this->id".23
Category
Maintainability
Occurrences
23
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "'add_page_html_'.$this->id".

Show 15 more
ERRORSecurityDatabase parameter is not escaped16
Category
Security
Occurrences
16
Severity
error

Sample message

Unescaped parameter $sql used in $wpdb->get_results()\n$sql assigned unsafely at line 107.

ERRORMaintainabilitydate date14
Category
Maintainability
Occurrences
14
Severity
error

Sample message

date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.

WARNINGSecurityRequest data is not unslashed10
Category
Security
Occurrences
10
Severity
warning

Sample message

$_REQUEST[$key] not unslashed before sanitization. Use wp_unslash() or similar

WARNINGSecurityInput is not sanitized9
Category
Security
Occurrences
9
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_REQUEST[$key]

WARNINGSecurityDatabase parameter is not escaped8
Category
Security
Occurrences
8
Severity
warning

Sample message

Unescaped parameter $table used in $wpdb->get_results()\n$table assigned unsafely at line 390.

WARNINGSecurityInterpolated SQL is not prepared7
Category
Security
Occurrences
7
Severity
warning

Sample message

Use placeholders and $wpdb->prepare(); found interpolated variable $active_clause at "SELECT * FROM $table_name WHERE form_id=%s $active_clause ORDER BY sort"

WARNINGSecurityInput is not validated6
Category
Security
Occurrences
6
Severity
warning

Sample message

Detected usage of a possibly undefined superglobal array index: $_POST["action_argument"]. Check that the array index exists before using it.

WARNINGSecurityMissing nonce verification5
Category
Security
Occurrences
5
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilitySchema Change3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Attempting a database schema change is discouraged.

WARNINGSecuritywp redirect wp redirect3
Category
Security
Occurrences
3
Severity
warning

Sample message

wp_redirect() found. Using wp_safe_redirect(), along with the "allowed_redirect_hosts" filter if needed, can help avoid any chances of malicious redirects within code. It is also important to remember to call exit() after a redirect so that no other unwanted code is executed.

WARNINGMaintainabilityMissing Version3
Category
Maintainability
Occurrences
3
Severity
warning

Sample message

Resource version not set in call to wp_register_style(). This means new versions of the style may not always be loaded due to browser caching.

WARNINGMaintainabilityNon-prefixed class2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Classes declared by a theme/plugin should start with the theme/plugin prefix. Found: "vx_crmperks_cf".

ERRORSecurityUnsafe printing function2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

WARNINGI18nDiscouraged text-domain loading1
Category
I18n
Occurrences
1
Severity
warning

Sample message

load_plugin_textdomain() has been discouraged since WordPress version 4.6. When your plugin is hosted on WordPress.org, you no longer need to manually include this function call for translations under your plugin slug. WordPress will automatically load the translations for you as needed.

WARNINGMaintainabilityDynamic hook name1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "$this->id.'_show_manual_export_button'".

External Connections

Potential connections found in static code analysis.

15 domains

Outbound calls

41

External assets

0

Incoming endpoints

9

Notable Domains

crmperks.com9 · outbound
googleapis.com7 · outbound
accounts.google.com3 · outbound
fontawesome.io2 · outbound
jqueryui.com2 · outbound

Platform / Reference Domains

wordpress.org9 · platform/reference
downloads.wordpress.org1 · platform/reference
github.com1 · platform/reference
gnu.org1 · platform/reference
opensource.org1 · platform/reference
w3.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Admin AJAX endpoints9
wp_ajax_get_field_map_authenticated

wp_ajax

wp_ajax_get_field_map_object_authenticated

wp_ajax

wp_ajax_get_objects_authenticated

wp_ajax

wp_ajax_log_detail_authenticated

wp_ajax

wp_ajax_refresh_data_authenticated

wp_ajax

wp_ajax_review_dismiss_authenticated

wp_ajax

wp_ajax_send_to_crm_authenticated

wp_ajax

wp_ajax_update_feed_authenticated

wp_ajax

wp_ajax_update_feed_sort_authenticated

wp_ajax

Score History

First score snapshot

v1.1.4

28

Latest

Findings
989
Errors
641
Warnings
348
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

37 nodes

Related

Related Plugins