32
Validation results

Novablog

Novablog

WordPress 4.9.6 theme
32
Critical alerts
  1. Security breaches : Modification of PHP server settings Found ini_set in file OneClickDemoImport.php.
    Line 207: ini_set( 'memory_limit', apply_filters( 'pt-ocdi/import_memory_limit', '350
  2. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe class="embed-responsive-item" src="//player.vimeo.com/video/'.esc_attr($video_id).'?title=0&amp;byline=0&amp;portrait=0" allowfullscreen="allowfullscreen" mozallowfullscreen="mozallowfullscreen" msallowfullscreen="msallowfullscreen" oallowfullscreen="oallowfullscreen" webkitallowfullscreen="webkitallowfullscreen" width="1000" height="750"> in file video.php.
    Line 21: echo '<iframe class='embed-responsive-item' src='//player.vimeo.com/video/'.esc_a
  3. Admin menu : Themes should use add_theme_page() for adding admin pages. File OneClickDemoImport.php :
    Line 138: $this->plugin_page = add_submenu_page(
    File welcome.php :
    Line 530: add_menu_page( Novablog_Theme_Admin::$novablog_theme_name, Novablog_Theme_A
    File welcome.php :
    Line 533: add_submenu_page( 'novablog-plugins', 'Plugins', 'Plugins', 'edit_theme_opt
    Line 536: add_submenu_page( 'novablog-plugins', 'Demo Import', 'Demo Import', 'edit_t
    Line 539: add_submenu_page( 'novablog-plugins', 'Automatic Updates', 'Automatic Updat
    Line 542: add_submenu_page( 'novablog-plugins', 'Theme Options', 'Theme Options', 'ed
    File welcome.php :
    Line 533: add_submenu_page( 'novablog-plugins', 'Plugins', 'Plugins', 'edit_theme_opt
    Line 536: add_submenu_page( 'novablog-plugins', 'Demo Import', 'Demo Import', 'edit_t
    Line 539: add_submenu_page( 'novablog-plugins', 'Automatic Updates', 'Automatic Updat
    Line 542: add_submenu_page( 'novablog-plugins', 'Theme Options', 'Theme Options', 'ed
    File welcome.php :
    Line 533: add_submenu_page( 'novablog-plugins', 'Plugins', 'Plugins', 'edit_theme_opt
    Line 536: add_submenu_page( 'novablog-plugins', 'Demo Import', 'Demo Import', 'edit_t
    Line 539: add_submenu_page( 'novablog-plugins', 'Automatic Updates', 'Automatic Updat
    Line 542: add_submenu_page( 'novablog-plugins', 'Theme Options', 'Theme Options', 'ed
    File welcome.php :
    Line 533: add_submenu_page( 'novablog-plugins', 'Plugins', 'Plugins', 'edit_theme_opt
    Line 536: add_submenu_page( 'novablog-plugins', 'Demo Import', 'Demo Import', 'edit_t
    Line 539: add_submenu_page( 'novablog-plugins', 'Automatic Updates', 'Automatic Updat
    Line 542: add_submenu_page( 'novablog-plugins', 'Theme Options', 'Theme Options', 'ed
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'Theme Updates' in file envato_setup.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'Please login using your ThemeForest account to enable Theme Updates. We update themes when a new feature is added or a bug is fixed. It is highly recommended to enable Theme Updates.' in file envato_setup.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Something went wrong while trying to retrieve oauth token: %s' in file envato_setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cannot import auto-draft posts' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Skipping attachment "%s", fetching attachments disabled' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'note' in file requirements.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are novablog, pt-ocdi, wordpress-importer, woocommerce.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. I18N implementation : Proper use of ___all(Possible variable $post found in translation function in requirements.php. Translation function calls should not contain PHP variables.
    Line 173: <span><?php echo ! empty( $post['note'] ) ? esc_html__( $post['note'] ) : ''; ?></span>
  7. I18N implementation : Proper use of esc_html___all(Possible variable $post found in translation function in requirements.php. Translation function calls should not contain PHP variables.
    Line 173: <span><?php echo ! empty( $post['note'] ) ? esc_html__( $post['note'] ) : ''; ?></span>
  8. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file Helpers.php.
    Line 300: '<a href='http://gregorcapuder.com/wordpress-how-to-set-direct-filesystem-method/' ta
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-mega-menu.php
    Line 343: require_once( ABSPATH . 'wp-admin/includes/widgets.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-function.php
    Line 9: require_once 'main-menu/class-novablog-mobile-detect.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : novablog_vc.php
    Line 557: include( locate_template( 'VC-latest-posts/content-standard.php' ) );
    Line 559: include( locate_template( 'VC-latest-posts/content-' . $style . '.php' ) );
    Line 562: include( locate_template( 'VC-latest-posts/content-' . $style . '.php' ) );
    Line 1131: include( locate_template( 'VC-blocks/block-type3.php' ) );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : CustomizerImporter.php
    Line 186: require_once( ABSPATH . 'wp-admin/includes/media.php' );
    Line 187: require_once( ABSPATH . 'wp-admin/includes/file.php' );
    Line 188: require_once( ABSPATH . 'wp-admin/includes/image.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : header.php
    Line 7: <?php include 'tabs.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugins.php
    Line 2: <?php include 'header.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : updates.php
    Line 2: <?php include 'header.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-import.php
    Line 2: <?php include 'header.php'; ?>
    Line 16: include 'requirements.php'; 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

77
Critical alerts
  1. Security breaches : Modification of PHP server settings Found ini_set in file OneClickDemoImport.php.
    Line 207: ini_set( 'memory_limit', apply_filters( 'pt-ocdi/import_memory_limit', '350
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'Theme Updates' in file envato_setup.php.Found a translation function that is missing a text-domain. Function esc_html_e, with the arguments 'Please login using your ThemeForest account to enable Theme Updates. We update themes when a new feature is added or a bug is fixed. It is highly recommended to enable Theme Updates.' in file envato_setup.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'Something went wrong while trying to retrieve oauth token: %s' in file envato_setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cannot import auto-draft posts' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Skipping attachment "%s", fetching attachments disabled' in file src/WXRImporter.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'note' in file requirements.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are novablog, pt-ocdi, wordpress-importer, woocommerce.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  3. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file Helpers.php.
    Line 300: '<a href='http://gregorcapuder.com/wordpress-how-to-set-direct-filesystem-method/' ta
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : class-mega-menu.php
    Line 343: require_once( ABSPATH . 'wp-admin/includes/widgets.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : theme-function.php
    Line 9: require_once 'main-menu/class-novablog-mobile-detect.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : novablog_vc.php
    Line 557: include( locate_template( 'VC-latest-posts/content-standard.php' ) );
    Line 559: include( locate_template( 'VC-latest-posts/content-' . $style . '.php' ) );
    Line 562: include( locate_template( 'VC-latest-posts/content-' . $style . '.php' ) );
    Line 1131: include( locate_template( 'VC-blocks/block-type3.php' ) );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : CustomizerImporter.php
    Line 186: require_once( ABSPATH . 'wp-admin/includes/media.php' );
    Line 187: require_once( ABSPATH . 'wp-admin/includes/file.php' );
    Line 188: require_once( ABSPATH . 'wp-admin/includes/image.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : header.php
    Line 7: <?php include 'tabs.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : plugins.php
    Line 2: <?php include 'header.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : updates.php
    Line 2: <?php include 'header.php'; ?>
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : demo-import.php
    Line 2: <?php include 'header.php'; ?>
    Line 16: include 'requirements.php'; 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes