0
Validation results

Photography

Photography

WordPress 4.9.1 theme
0
Critical alerts
  1. Unwanted files : hidden file(s) or folder(s) .github .codeclimate.yml .gitignore .travis.yml .jshintrc .jshintignore .editorconfig .jscsrc .simplecov .csslintrc .coveralls.yml was found.
  2. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe id="ppb_preview_frame" src="<?php echo esc_url($preview_url); ?> in file functions.php.
    Line 1802: <iframe id='ppb_preview_frame' src='<?php echo esc_url($preview_url); ?>'><
    Found <iframe src="//www.youtube.com/embed/<?php echo esc_attr($portfolio_video_id); ?> in file single-portfolio-youtube.php.
    Line 25: <iframe src='//www.youtube.com/embed/<?php echo esc_attr($portfolio_video_i
    Found <iframe frameborder="0" src="//player.vimeo.com/video/<?php echo esc_attr($portfolio_video_id); ?> in file single-portfolio-vimeo.php.
    Line 25: <iframe frameborder='0' src='//player.vimeo.com/video/<?php echo esc_attr($
    Found <iframe frameborder="0" src="//player.vimeo.com/video/<?php echo esc_attr($page_ft_vimeo); ?> in file page-vimeo.php.
    Line 30: <iframe frameborder='0' src='//player.vimeo.com/video/<?php echo esc_attr($
    Found <iframe src="//www.youtube.com/embed/<?php echo esc_attr($page_ft_youtube); ?> in file page-youtube.php.
    Line 30: <iframe src='//www.youtube.com/embed/<?php echo esc_attr($page_ft_youtube);
  3. Malware : Operations on file system file_get_contents was found in the file functions.php
    Line 2287: $import_customizer_serialize = file_get_contents($default_dat_customizer);
    file_get_contents was found in the file custom.lib.php
    Line 370: $file = file_get_contents($flickr_cache_path);
    file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 296: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    file_get_contents was found in the file parsers.php
    Line 66: $success = $dom->loadXML( file_get_contents( $file ) );
    Line 296: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {
    fopen was found in the file parsers.php
    Line 442: $fp = $this->fopen( $file, 'r' );
    Line 668: function fopen( $filename, $mode = 'r' ) {
    Line 671: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 491: $this->fclose($fp);
    Line 686: function fclose( $fp ) {
    Line 689: return fclose( $fp );
    fopen was found in the file parsers.php
    Line 442: $fp = $this->fopen( $file, 'r' );
    Line 668: function fopen( $filename, $mode = 'r' ) {
    Line 671: return fopen( $filename, $mode );
    fopen was found in the file parsers.php
    Line 442: $fp = $this->fopen( $file, 'r' );
    Line 668: function fopen( $filename, $mode = 'r' ) {
    Line 671: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Line 491: $this->fclose($fp);
    Line 686: function fclose( $fp ) {
    Line 689: return fclose( $fp );
    fclose was found in the file parsers.php
    Line 491: $this->fclose($fp);
    Line 686: function fclose( $fp ) {
    Line 689: return fclose( $fp );
    file_put_contents was found in the file instagram.php
    Line 159: file_put_contents($cachefile, $request);
    file_get_contents was found in the file instagram.php
    Line 168: $query = json_decode(file_get_contents($cachefile));
    file_get_contents was found in the file page.fields.php
    Line 282: $import_options_json = file_get_contents($cache_dir.'/'.$new_filename);
    Line 299: $import_options_json = file_get_contents(get_template_directory().'/cache/demos/pages/'.$_POST['pp
    Line 315: $import_options_json = file_get_contents($_FILES['ppb_import_current_file']['tmp_name']);
    file_get_contents was found in the file page.fields.php
    Line 282: $import_options_json = file_get_contents($cache_dir.'/'.$new_filename);
    Line 299: $import_options_json = file_get_contents(get_template_directory().'/cache/demos/pages/'.$_POST['pp
    Line 315: $import_options_json = file_get_contents($_FILES['ppb_import_current_file']['tmp_name']);
    file_get_contents was found in the file page.fields.php
    Line 282: $import_options_json = file_get_contents($cache_dir.'/'.$new_filename);
    Line 299: $import_options_json = file_get_contents(get_template_directory().'/cache/demos/pages/'.$_POST['pp
    Line 315: $import_options_json = file_get_contents($_FILES['ppb_import_current_file']['tmp_name']);
  4. Malware : Network operations curl_init was found in the file envato.lib.php
    Line 95: $ch = curl_init($url);
    curl_exec was found in the file envato.lib.php
    Line 106: $data = curl_exec($ch);
  5. Deprecated functions : screen_icon screen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1120: screen_icon();
  6. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ._revslider.zip ._home3-slider.zip ._home9-slider.zip revslider.zip envato-market.zip photography-custom-post.zip about-me-header.zip home-5-slider.zip home-4-slider.zip home-8-slider.zip home-11-slider.zip service-slider.zip home9-slider.zip home3-slider.zip.
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in theme.filter.lib.php. Themes must not deregister core scripts.
    Line 841: wp_deregister_script('heartbeat');
  2. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are photography-translation, tgmpa, wordpress-importer, envato, textdomain, kirki, photography, grandnews.
  3. Unwanted directories : GIT revision control directoryGIT revision control directory.git was found.
  4. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file ._portfolio-2-contained-classic.php.Found a mix of \r\n and \n line endings in file ._portfolio-split-screen.php.Found a mix of \r\n and \n line endings in file config.lib.php.
  5. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file functions.css.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Deprecated functions : screen_iconscreen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1120: screen_icon();
  8. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file footer.php.
    Line 522: <a href='http://themegoods.theme-demo.net/photographyresponsivephotographytheme' cla
    Line 524: <a href='http://themes.themegoods.com/photography/landing2/customers-sites/' class='
    Line 526: <a href='http://themes.themegoods.com/photography/doc' class='demotip' title='Theme 
    Possible hard-coded links were found in the file admin.lib.php.
    Line 240: <a href='https://themegoods.ticksy.com/submit/' target='_blank'>
    Line 291: $product_registration_html.='<br style='clear:both;'/><div style='height:20px'></div><div class='tg_error'><span class='dashicons dashicons-warning'></span> We can\'t find your purchase of '.THEMENAME.' theme. Please make sure you enter correct Envato Token. If you are sure you enter correct one. <a href='https://themegoods.ticksy.com' target='_blank'>Please open a ticket</a> to 
    Line 628: 'desc' => 'Enter Google Maps API Key <a href=\'https://themegoods.ticksy.com/article/7785/\' target=\'_blank\'>How to get 
    Line 322: <div class='getting_started_desc'>To enable auto update feature. You first must <a href=''.admin_url('themes.php?page=install-required-plugins').''>install Envato Market plugin</a> and enter your purchase code there. <a href='https://help.market.envato.com/hc/en-us/articles/202822600-Where-Is-My-Purc
    Possible hard-coded links were found in the file widgets.lib.php.
    Line 299: <p><label for='<?php echo esc_attr($this->get_field_id('flickr_id')); ?>'>Flickr ID <a href='http://idgettr.com/'>Find your Flickr ID here</a>: <input class='widefat' i
    Line 461: <p><label for='<?php echo esc_attr($this->get_field_id('lat')); ?>'>Latitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 463: <p><label for='<?php echo esc_attr($this->get_field_id('long')); ?>'>Longitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 461: <p><label for='<?php echo esc_attr($this->get_field_id('lat')); ?>'>Latitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 463: <p><label for='<?php echo esc_attr($this->get_field_id('long')); ?>'>Longitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Possible hard-coded links were found in the file shortcode_generator.php.
    Line 304: 'lat' => 'Map latitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 305: 'long' => 'Map longitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 304: 'lat' => 'Map latitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 305: 'long' => 'Map longitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 487: 'icon' => 'Enter icon class name ex. fa-star. <a href='http://fontawesome.io/cheatsheet/'>See all possible here</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : admin.lib.php
    Line 172: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : config.lib.php
    Line 46: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-envato-wordpress-theme-upgrader.php
    Line 11: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
    Line 13: include_once( 'class-envato-protected-api.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : script-responsive-css.php
    Line 24: require_once(get_template_directory().'/css/grid.css');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : test-kirki-add_config.php
    Line 9: require_once( ABSPATH . WPINC . '/class-wp-customize-manager.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-control-fontawesome.php
    Line 42: include( $json_path );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-helper.php
    Line 83: require_once( ABSPATH . '/wp-admin/includes/file.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : js-wp-editor.php
    Line 35: require( ABSPATH . WPINC . '/class-wp-editor.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

13
Critical alerts
  1. Unwanted files : hidden file(s) or folder(s) .github .codeclimate.yml .gitignore .travis.yml .jshintrc .jshintignore .editorconfig .jscsrc .simplecov .csslintrc .coveralls.yml was found.
  2. Malware : Network operations curl_init was found in the file envato.lib.php
    Line 95: $ch = curl_init($url);
    curl_exec was found in the file envato.lib.php
    Line 106: $data = curl_exec($ch);
  3. Deprecated functions : screen_icon screen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1120: screen_icon();
  4. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ._revslider.zip ._home3-slider.zip ._home9-slider.zip revslider.zip envato-market.zip photography-custom-post.zip about-me-header.zip home-5-slider.zip home-4-slider.zip home-8-slider.zip home-11-slider.zip service-slider.zip home9-slider.zip home3-slider.zip.
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in theme.filter.lib.php. Themes must not deregister core scripts.
    Line 841: wp_deregister_script('heartbeat');
  2. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are photography-translation, tgmpa, wordpress-importer, envato, textdomain, kirki, photography, grandnews.
  3. Unwanted directories : GIT revision control directoryGIT revision control directory.git was found.
  4. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file ._portfolio-2-contained-classic.php.Found a mix of \r\n and \n line endings in file ._portfolio-split-screen.php.Found a mix of \r\n and \n line endings in file config.lib.php.
  5. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file functions.css.
  6. Deprecated functions : screen_iconscreen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Line 1120: screen_icon();
  7. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file footer.php.
    Line 522: <a href='http://themegoods.theme-demo.net/photographyresponsivephotographytheme' cla
    Line 524: <a href='http://themes.themegoods.com/photography/landing2/customers-sites/' class='
    Line 526: <a href='http://themes.themegoods.com/photography/doc' class='demotip' title='Theme 
    Possible hard-coded links were found in the file admin.lib.php.
    Line 240: <a href='https://themegoods.ticksy.com/submit/' target='_blank'>
    Line 291: $product_registration_html.='<br style='clear:both;'/><div style='height:20px'></div><div class='tg_error'><span class='dashicons dashicons-warning'></span> We can\'t find your purchase of '.THEMENAME.' theme. Please make sure you enter correct Envato Token. If you are sure you enter correct one. <a href='https://themegoods.ticksy.com' target='_blank'>Please open a ticket</a> to 
    Line 628: 'desc' => 'Enter Google Maps API Key <a href=\'https://themegoods.ticksy.com/article/7785/\' target=\'_blank\'>How to get 
    Line 322: <div class='getting_started_desc'>To enable auto update feature. You first must <a href=''.admin_url('themes.php?page=install-required-plugins').''>install Envato Market plugin</a> and enter your purchase code there. <a href='https://help.market.envato.com/hc/en-us/articles/202822600-Where-Is-My-Purc
    Possible hard-coded links were found in the file widgets.lib.php.
    Line 299: <p><label for='<?php echo esc_attr($this->get_field_id('flickr_id')); ?>'>Flickr ID <a href='http://idgettr.com/'>Find your Flickr ID here</a>: <input class='widefat' i
    Line 461: <p><label for='<?php echo esc_attr($this->get_field_id('lat')); ?>'>Latitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 463: <p><label for='<?php echo esc_attr($this->get_field_id('long')); ?>'>Longitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 461: <p><label for='<?php echo esc_attr($this->get_field_id('lat')); ?>'>Latitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 463: <p><label for='<?php echo esc_attr($this->get_field_id('long')); ?>'>Longitude (<a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Possible hard-coded links were found in the file shortcode_generator.php.
    Line 304: 'lat' => 'Map latitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 305: 'long' => 'Map longitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 304: 'lat' => 'Map latitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 305: 'long' => 'Map longitude <a href='http://www.tech-recipes.com/rx/5519/the-easy-way-to-find-latitude-and-longi
    Line 487: 'icon' => 'Enter icon class name ex. fa-star. <a href='http://fontawesome.io/cheatsheet/'>See all possible here</a>',
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : admin.lib.php
    Line 172: include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : config.lib.php
    Line 46: require_once(ABSPATH . 'wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-envato-wordpress-theme-upgrader.php
    Line 11: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
    Line 13: include_once( 'class-envato-protected-api.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : script-responsive-css.php
    Line 24: require_once(get_template_directory().'/css/grid.css');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : test-kirki-add_config.php
    Line 9: require_once( ABSPATH . WPINC . '/class-wp-customize-manager.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-control-fontawesome.php
    Line 42: include( $json_path );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-kirki-helper.php
    Line 83: require_once( ABSPATH . '/wp-admin/includes/file.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : js-wp-editor.php
    Line 35: require( ABSPATH . WPINC . '/class-wp-editor.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes