0
Validation results

Hotel Master

Hotel Master

WordPress 4.8 theme
0
    Error 8 : Undefined index: slug
    In /home/www/themecheck/themecheck/controllers/controller_results.php line 772
  • THEME TYPEWordPress theme 4.8
  • FILE NAMEHotel.Master.Hotel.Hostel.Booking.WordPress.Theme.v2.09.zip
  • FILE SIZE41505099 bytes
  • MD50fcc822932c53464c83220ecf8eb7b13
  • SHA16a61c5b7b7ef0345072c89a2810fb539b10605ec
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://themes.goodlayers.com/hotelmaster
  • VERSION2.09
  • AUTHOR URI
  • TAGSwhite, light, yellow, two-columns, fluid-layout, custom-background, custom-colors, featured-images, theme-options
  • CREATION DATE2016-05-07
  • LAST FILE UPDATE2017-03-05
  • LAST VALIDATION2017-03-05 10:20
  • OTHER VERSIONS

    3.01 : 0%

    3.00 : 0%

    2.07 : 0%

Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file gdlr-customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Security breaches : Use of base64_decode() Found base64_decode in file twitteroauth.php.
    Ligne208: $decoded_sig = base64_decode($signature);
  3. Security breaches : Use of base64_encode() Found base64_encode in file twitteroauth.php.
     return base64_encode(hash_hmac('sha1', $base_string, $key, true));
     return base64_encode($signature);
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="//www.youtube.com/embed/' . $id[1] . '?wmode=transparent' . $id[2] . '" width="' . $width . '" height="' . $height . '" > in file gdlr-media.php.
    Ligne55: return '<iframe src='//www.youtube.com/embed/' . $id[1] . '?wmode=transparent' . $i
  5. Malware : Operations on file system file_get_contents was found in the file gdlr-font-loader.php
    Ligne68: $google_fonts = json_decode(file_get_contents($google_font_file), true);
    file_get_contents was found in the file gdlr-function-regist.php
    Ligne84: $default_admin_option = unserialize(file_get_contents($default_file));
    fopen was found in the file gdlr-function-regist.php
    Ligne107: //$file_stream = @fopen($file_url, 'w');
    fwrite was found in the file gdlr-function-regist.php
    Ligne108: //fwrite($file_stream, serialize($theme_option));
    fclose was found in the file gdlr-function-regist.php
    Ligne109: //fclose($file_stream);
    fopen was found in the file gdlr-admin-option.php
    Ligne22: $file_stream = @fopen($file_url, 'w');
    fwrite was found in the file gdlr-admin-option.php
    Ligne57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 
    Ligne98: fwrite($file_stream, $style);
    Ligne103: fwrite($file_stream, $end_of_file);
    Ligne107: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-st
    fwrite was found in the file gdlr-admin-option.php
    Ligne57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 
    Ligne98: fwrite($file_stream, $style);
    Ligne103: fwrite($file_stream, $end_of_file);
    Ligne107: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-st
    fwrite was found in the file gdlr-admin-option.php
    Ligne57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 
    Ligne98: fwrite($file_stream, $style);
    Ligne103: fwrite($file_stream, $end_of_file);
    Ligne107: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-st
    fwrite was found in the file gdlr-admin-option.php
    Ligne57: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 
    Ligne98: fwrite($file_stream, $style);
    Ligne103: fwrite($file_stream, $end_of_file);
    Ligne107: fwrite($file_stream, str_replace('\r\n', '\n', $theme_option['additional-st
    fclose was found in the file gdlr-admin-option.php
    Ligne111: fclose($file_stream);
    file_get_contents was found in the file goodlayers-importer.php
    Ligne28: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne36: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne44: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne52: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne72: $widget_data = unserialize(file_get_contents($widget_file));
    file_get_contents was found in the file goodlayers-importer.php
    Ligne28: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne36: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne44: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne52: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne72: $widget_data = unserialize(file_get_contents($widget_file));
    file_get_contents was found in the file goodlayers-importer.php
    Ligne28: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne36: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne44: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne52: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne72: $widget_data = unserialize(file_get_contents($widget_file));
    file_get_contents was found in the file goodlayers-importer.php
    Ligne28: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne36: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne44: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne52: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne72: $widget_data = unserialize(file_get_contents($widget_file));
    file_get_contents was found in the file goodlayers-importer.php
    Ligne28: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne36: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne44: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne52: $default_admin_option = unserialize(file_get_contents($default_file));
    Ligne72: $widget_data = unserialize(file_get_contents($widget_file));
    fopen was found in the file goodlayers-importer.php
    Ligne103: //$file_stream = @fopen($widget_file, 'w');
    fwrite was found in the file goodlayers-importer.php
    Ligne104: //fwrite($file_stream, serialize($widget_data));
    fclose was found in the file goodlayers-importer.php
    Ligne105: //fclose($file_stream);	
    file_get_contents was found in the file twitteroauth.php
    Ligne278: file_get_contents(self::$POST_INPUT)
  6. Malware : Network operations curl_init was found in the file twitteroauth.php
    Ligne1069: $ci = curl_init();
    curl_exec was found in the file twitteroauth.php
    Ligne1095: $response = curl_exec($ci);
  7. Admin menu : Themes should use add_theme_page() for adding admin pages. File gdlr-admin-panel.php :
    Ligne49: $page = add_menu_page($this->setting['page_title'], $this->setting['menu_title'], 
    File class-tgm-plugin-activation.php :
    Ligne412: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
  8. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was gdlr-portfolio.zip masterslider.zip gdlr-hostel.zip gdlr-hotel.zip goodlayers-importer.zip gdlr-shortcode.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag white has been deprecated, it must be removed from style.css header.The tag light has been deprecated, it must be removed from style.css header.The tag yellow has been deprecated, it must be removed from style.css header.The tag fluid-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is hotel-master.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file gdlr-plugin-activation.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are gdlr_translate, gdlr-hotel, tgmpa.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file gdlr-page-options.php.Found a mix of \r\n and \n line endings in file gdlr-page-item.php.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  8. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file twitteroauth.php.
    Ligne1134: echo '<strong>'.$tweets->errors[0]->message.'!</strong><br />You\'ll need to regenerate it <a href='https://dev.twitter.com/apps' target='_blank'>here</a>!' . $after_widget;
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : gdlr-framework.php
    Ligne10: include_once('function/gdlr-sidebar-generator.php');
    Ligne13: include_once('function/gdlr-admin-panel.php');	
    Ligne14: include_once('function/gdlr-admin-panel-html.php');	
    Ligne17: include_once('function/gdlr-customizer.php');	
    Ligne20: include_once('function/gdlr-page-builder.php');	
    Ligne21: include_once('function/gdlr-page-builder-html.php');	
    Ligne24: include_once('function/gdlr-page-options.php');	
    Ligne27: include_once('function/gdlr-tax-meta.php');		
    Ligne30: include_once('function/gdlr-include-script.php');	
    Ligne33: include_once('function/gdlr-font-loader.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : gdlr-plugin-activation.php
    Ligne2: require_once(GDLR_LOCAL_PATH . '/include/plugin/class-tgm-plugin-activation
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes