0
Validation results

MediCenter

MediCenter

WordPress 4.9.5 theme
0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of PHP sytem calls Found shell_exec in file tmhUtilities.php.
    Line 235: $style = shell_exec('stty -g');
    Line 238: shell_exec('stty -echo');
    Line 241: shell_exec('stty -icanon -echo min 1 time 0');
    Line 260: shell_exec('stty ' . $style);
  3. Security breaches : Use of base64_encode() Found base64_encode in file tmhOAuth.php.
     base64_encode(
  4. Malware : Operations on file system fopen was found in the file tmhUtilities.php
    Line 219: $handle = fopen('php://stdin','r');
    fwrite was found in the file tmhUtilities.php
    Line 249: fwrite(STDOUT, '\x08 \x08');
    Line 253: fwrite(STDOUT, '*');
    fwrite was found in the file tmhUtilities.php
    Line 249: fwrite(STDOUT, '\x08 \x08');
    Line 253: fwrite(STDOUT, '*');
    file_get_contents was found in the file theme-options.php
    Line 370: $json_data = file_get_contents($json_file);
    file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 269: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 269: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fopen was found in the file parsers.php
    Line 415: $fp = $this->fopen( $file, 'r' );
    Line 641: function fopen( $filename, $mode = 'r' ) {
    Line 644: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
    fclose was found in the file parsers.php
    Line 464: $this->fclose($fp);
    Line 659: function fclose( $fp ) {
    Line 662: return fclose( $fp );
  5. Malware : Network operations curl_init was found in the file tmhOAuth.php
    Line 635: $c = curl_init();
    curl_exec was found in the file tmhOAuth.php
    Line 703: $response = curl_exec($c);
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php :
    Line 737: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
    File theme-options.php :
    Line 7: add_submenu_page('themes.php', ucfirst('medicenter'), 'Theme Options', 'edi
  7. Deprecated functions : screen_icon screen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1118: screen_icon();
  8. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.
    Line 991: $headers = wp_get_http( $url, $upload['file'] );
  9. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was revslider.zip css3_web_pricing_tables_grids.zip js_composer.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag light has been deprecated, it must be removed from style.css header.The tag white has been deprecated, it must be removed from style.css header.The tag flexible-width has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments "medicenter" in file functions.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are medicenter, tgmpa, woocommerce, wordpress-importer.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. Fundamental theme elements : Presence of add_theme_support()Could not find add_theme_support( 'automatic-feed-links' ).
  5. Fundamental theme elements : Presence of wp_link_pages()Could not find wp_link_pages.
  6. Comment reply : Declaration of comment replyCould not find the comment-reply script enqueued, however a reference to 'comment-reply' was found. Make sure that the comment-reply js script is being enqueued properly on singular pages.
  7. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  8. Deprecated functions : screen_iconscreen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1118: screen_icon();
  9. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  10. I18N implementation : Proper use of ___all(Possible variable $value found in translation function in photostream.php. Translation function calls should not contain PHP variables.
    Line 48: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in photostream.php. Translation function calls should not contain PHP variables.
    Line 48: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in small_slider.php. Translation function calls should not contain PHP variables.
    Line 80: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in small_slider.php. Translation function calls should not contain PHP variables.
    Line 80: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in slider.php. Translation function calls should not contain PHP variables.
    Line 147: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in carousel.php. Translation function calls should not contain PHP variables.
    Line 107: //$value = __($value, 'js_composer');
    Possible variable $value found in translation function in carousel.php. Translation function calls should not contain PHP variables.
    Line 107: //$value = __($value, 'js_composer');
    Possible variable $text_val found in translation function in functions.php. Translation function calls should not contain PHP variables.
    Line 280: $text_val = __($text_val, 'medicenter');
  11. I18N implementation : Proper use of _x(Possible variable $themename found in translation function in sidebars.php. Translation function calls should not contain PHP variables.
    Line 10: 'add_new' => _x('Add New', $themename . '_sidebar', 'medicenter'),
    Possible variable $themename found in translation function in post-type-weekdays.php. Translation function calls should not contain PHP variables.
    Line 10: 'add_new' => _x('Add New', $themename . '_weekdays', 'medicenter'),
  12. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  13. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file widget-twitter.php.
    Line 144: 1. <a href='https://dev.twitter.com/apps/new' target='_blank'>Add a new Twitter applica
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : sidebar-header.php
    Line 3: include('searchform.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : index.php
    Line 29: require_once(get_template_directory() . '/shortcodes/blog.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-options.php
    Line 287: require_once('importer/importer.php');
    Line 311: require_once('importer/importer.php');
    Line 471: require_once('importer/importer.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : shortcodes.php
    Line 57: //require_once('accordion.php');
    Line 59: //require_once('nested_tabs.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : importer.php
    Line 14: require_once($class_wp_importer);
    Line 23: require_once($class_wp_import);
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugins_activator.php
    Line 2: require_once('class-tgm-plugin-activation.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of PHP sytem calls Found shell_exec in file tmhUtilities.php.
    Line 235: $style = shell_exec('stty -g');
    Line 238: shell_exec('stty -echo');
    Line 241: shell_exec('stty -icanon -echo min 1 time 0');
    Line 260: shell_exec('stty ' . $style);
  3. Malware : Network operations curl_init was found in the file tmhOAuth.php
    Line 635: $c = curl_init();
    curl_exec was found in the file tmhOAuth.php
    Line 703: $response = curl_exec($c);
  4. Deprecated functions : screen_icon screen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1118: screen_icon();
  5. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.
    Line 991: $headers = wp_get_http( $url, $upload['file'] );
  6. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was revslider.zip css3_web_pricing_tables_grids.zip js_composer.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag light has been deprecated, it must be removed from style.css header.The tag white has been deprecated, it must be removed from style.css header.The tag flexible-width has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments "medicenter" in file functions.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are medicenter, tgmpa, woocommerce, wordpress-importer.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. Fundamental theme elements : Presence of add_theme_support()Could not find add_theme_support( 'automatic-feed-links' ).
  5. Fundamental theme elements : Presence of wp_link_pages()Could not find wp_link_pages.
  6. Comment reply : Declaration of comment replyCould not find the comment-reply script enqueued, however a reference to 'comment-reply' was found. Make sure that the comment-reply js script is being enqueued properly on singular pages.
  7. Deprecated functions : screen_iconscreen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1118: screen_icon();
  8. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  9. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file widget-twitter.php.
    Line 144: 1. <a href='https://dev.twitter.com/apps/new' target='_blank'>Add a new Twitter applica
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : sidebar-header.php
    Line 3: include('searchform.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : index.php
    Line 29: require_once(get_template_directory() . '/shortcodes/blog.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-options.php
    Line 287: require_once('importer/importer.php');
    Line 311: require_once('importer/importer.php');
    Line 471: require_once('importer/importer.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : shortcodes.php
    Line 57: //require_once('accordion.php');
    Line 59: //require_once('nested_tabs.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : importer.php
    Line 14: require_once($class_wp_importer);
    Line 23: require_once($class_wp_import);
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugins_activator.php
    Line 2: require_once('class-tgm-plugin-activation.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes