0
Validation results

Planetshine Polaris

Planetshine Polaris

WordPress 4.9.4 theme
0
  • THEME TYPEWordPress theme 4.9.4
  • FILE NAMEpolaris.zip
  • FILE SIZE18915597 bytes
  • MD504cc3eadf671995b15e59e21e790da0a
  • SHA1543bd1a59032eb26c91ec226f2b57d667fe1246b
  • LICENSEGNU GPL 3
  • FILES INCLUDEDCSS, PHP, XML, Bitmap images, Adobe Illustrator
  • DEMO PAGEhttp://demo.planetshine.net/polaris-woo/
  • VERSION1.1.23
  • AUTHOR URI
  • CREATION DATE2017-08-16
  • LAST FILE UPDATE2017-08-16
  • LAST VALIDATION2017-08-16 08:24
Critical alerts
  1. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.
  2. Security breaches : Use of base64_decode() Found base64_decode in file admin-functions.php.
    Line 367: $page_data = unserialize(base64_decode($page['data']));
    Found base64_decode in file settings.class.php.
    Line 105: $settings = json_decode(base64_decode($data), true);
  3. Security breaches : Use of base64_encode() Found base64_encode in file settings.class.php.
     return base64_encode(json_encode($_SETTINGS->active));
    Found base64_encode in file lessc.inc.php.
     $url = sprintf('data:%s;base64,%s', $mime, base64_encode(file_get_contents($fullpath)));
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe class="iframe-250x250" scrolling="no" src="<?php echo esc_url($banner_data['ad_iframe_src']); ?> in file vc-content-blocks.php.
    Line 864: <iframe class='iframe-250x250' scrolling='no' src='<?php echo esc_url($bann
    Found <iframe class="iframe-250x250" scrolling="no" src="<?php echo esc_url($banner_data['ad_iframe_src']); ?> in file polaris-banner-large.php.
    Line 64: <iframe class='iframe-250x250' scrolling='no' src='<?php echo esc_url($bann
    Found <iframe class="support-iframe" src="<?php echo plsh_gs('support_url') ?> in file admin-templates.php.
    Line 36: <iframe class='support-iframe' src='<?php echo plsh_gs('support_url') ?>' h
    Found <iframe class="iframe-' . esc_attr($location_item['ad_size']) . '" scrolling="no" src="' . esc_url($banner['ad_iframe_src']) . '"> in file template-functions.php.
    Line 734: $return .= '<iframe class='iframe-' . esc_attr($location_item['ad_size']) . '' scrollin
  5. Malware : Operations on file system file_put_contents was found in the file wp-less.class.php
    Line 302: file_put_contents( $css_path, $file_contents );
    file_get_contents was found in the file lessc.inc.php
    Line 120: $root = $parser->parse(file_get_contents($realPath));
    Line 1012: $url = sprintf('data:%s;base64,%s', $mime, base64_encode(file_get_contents($fullpath)));
    Line 1922: $out = $this->compile(file_get_contents($fname), $fname);
    file_get_contents was found in the file lessc.inc.php
    Line 120: $root = $parser->parse(file_get_contents($realPath));
    Line 1012: $url = sprintf('data:%s;base64,%s', $mime, base64_encode(file_get_contents($fullpath)));
    Line 1922: $out = $this->compile(file_get_contents($fname), $fname);
    file_get_contents was found in the file lessc.inc.php
    Line 120: $root = $parser->parse(file_get_contents($realPath));
    Line 1012: $url = sprintf('data:%s;base64,%s', $mime, base64_encode(file_get_contents($fullpath)));
    Line 1922: $out = $this->compile(file_get_contents($fname), $fname);
    file_put_contents was found in the file lessc.inc.php
    Line 1927: return file_put_contents($outFname, $out);
  6. Malware : Network operations curl_init was found in the file shared-functions.php
    Line 805: $ch = curl_init();
    Line 830: $ch = curl_init();
    curl_exec was found in the file shared-functions.php
    Line 810: $content = curl_exec($ch);
    Line 836: $data = curl_exec($ch);
    curl_init was found in the file shared-functions.php
    Line 805: $ch = curl_init();
    Line 830: $ch = curl_init();
    curl_exec was found in the file shared-functions.php
    Line 810: $content = curl_exec($ch);
    Line 836: $data = curl_exec($ch);
  7. Admin menu : Themes should use add_theme_page() for adding admin pages. File woocommerce.php :
    Line 25: add_filter( 'body_class', array($this, 'add_quote_page_class'));
    Line 360: function add_quote_page_class($classes) {
    File admin-functions.php :
    Line 5: add_menu_page( plsh_gs('theme_name'), plsh_gs('theme_name'), 'administrator
    File admin-functions.php :
    Line 6: add_submenu_page( plsh_gs('theme_slug').'-admin', 'Theme Options', 'Theme O
    File tgmPluginActivation.class.php :
    Line 641: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
  8. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was planetshine-demo-import.zip ultimate_vc_addons.zip constellation.zip revslider.zip js_composer.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is planetshine-polaris.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments in file vc-content-blocks.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'woocommerce' in file review.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are polaris, _s, woocommerce, magellan, tgmpa, envato.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Unwanted files : Windows thumbnail storethumbs.db was found.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. I18N implementation : Proper use of _e(Possible variable $i found in translation function in polaris-dropdown-special-offers.php. Translation function calls should not contain PHP variables.
    Line 134: <h4><?php _e('Offer #' . $i, 'polaris'); ?></h4>
    Possible variable $ads_item found in translation function in ads-edit.php. Translation function calls should not contain PHP variables.
    Line 11: <h3><?php _e($ads_item['title'], 'polaris'); ?></h3>
    Possible variable $ads_item found in translation function in ads-locations.php. Translation function calls should not contain PHP variables.
    Line 13: <h3><?php _e($ads_item['title'], 'polaris'); ?></h3>
    Possible variable $str found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 101: $url = $this->compileValue($this->lib_e($str));
    Possible variable $arg found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1020: protected function lib_e($arg) {
    Possible variable $items found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1025: return $this->lib_e($items[0]);
    Possible variable $string found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1042: $template = $this->compileValue($this->lib_e($string));
    Possible variable $val found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1056: $rep = $this->compileValue($this->lib_e($val));
    Possible variable $newUnit found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1091: $this->compileValue($this->lib_e($newUnit)));
    Possible variable $res found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1458: if (empty($value[2])) $res = $this->lib_e($res);
    Possible variable $key found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1465: $key = $this->vPrefix . $this->compileValue($this->lib_e($key));
    Possible variable $part found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1490: if ($strip) $part = $this->lib_e($part);
    Possible variable $this found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
    Line 1496: return $this->lib_e($this->reduce($inner));
  8. I18N implementation : Proper use of ___all(Possible variable $section found in translation function in template-functions.php. Translation function calls should not contain PHP variables.
    Line 404: 'title'      => __( $section['name'] , 'polaris' ),
    Possible variable $item found in translation function in template-functions.php. Translation function calls should not contain PHP variables.
    Line 424: 'label'        => __( $item['title'], 'polaris' ),
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file demo-content-headers.php.
    Line 5: 'home' => array('name' => 'Homepage I', 'description' => 'Used in <a href='http://planetshine.net/demo/polaris/fashion/' target='_blank'>fashion demo<
    Line 6: 'home2' => array('name' => 'Homepage II', 'description' => 'Used in <a href='http://planetshine.net/demo/polaris/coffee/' target='_blank'>coffee demo</a
    Line 7: 'home3' => array('name' => 'Homepage III', 'description' => 'Used in <a href='http://planetshine.net/demo/polaris/tea/' target='_blank'>tea demo</a>. Sli
    Line 8: 'home4' => array('name' => 'Homepage IV', 'description' => 'Used in <a href='http://planetshine.net/demo/polaris/jewelry/' target='_blank'>jewelry demo<
    Line 9: 'home5' => array('name' => 'Homepage V', 'description' => 'Used in <a href='http://planetshine.net/demo/polaris/vintage/' target='_blank'>vintage demo<
    Possible hard-coded links were found in the file admin-layout.php.
    Line 82: <a href='http://eepurl.com/bxukK1' target='_blank' class='button'>Subscribe here</a>
    Possible hard-coded links were found in the file register-theme.php.
    Line 19: <li>Go to <a href='http://planetshine.net/support/?signup_page' target='_blank'>Planetshine Su
    Line 20: <li>Find your <a href='http://planetshine.net/where-can-i-find-my-themeforest-purchase-code/' targ
    Line 21: <li>Go to Themeforest and <a href='http://planetshine.net/where-to-find-my-themeforest-api-key/' target='_blan
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  11. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  12. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  13. Use of includes : Use of include or requireThe theme appears to use include or require : theme.php
    Line 92: include_once( get_template_directory() . '/theme/includes/' . 'vc-content-b
    Line 93: include_once( get_template_directory() . '/theme/includes/' . 'shortcodes.p
    Line 216: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-recen
    Line 217: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-conta
    Line 218: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-newsl
    Line 219: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-produ
    Line 220: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-dropd
    Line 221: require_once( get_template_directory() . '/theme/widgets/' . 'polaris-banne
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : admin-functions.php
    Line 86: include($path);
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : init.php
    Line 39: include_once( get_template_directory() . '/core/' . 'shared-functions.php' 
    Line 40: include_once( get_template_directory() . '/core/panel/' . 'admin-functions.
    Line 41: include_once( get_template_directory() . '/core/panel/' . 'admin-templates.
    Line 42: include_once( get_template_directory() . '/core/' . 'template-functions.php
    Line 43: include_once( get_template_directory() . '/core/lib/' . 'settings.class.php
    Line 44: include_once( get_template_directory() . '/core/lib/' . 'tgmPluginActivatio
    Line 45: include_once( get_template_directory() . '/core/lib/' . 'wpBootstrapNavwalk
    Line 46: include_once( get_template_directory() . '/core/lib/' . 'lessc.inc.php' );
    Line 47: include_once( get_template_directory() . '/core/lib/' . 'wp-less.class.php'
    Line 48: include_once( get_template_directory() . '/core/lib/' . 'themeStatus.class.
    Line 49: include_once( get_template_directory() . '/core/lib/' . 'envatoProtectedAPI
    Line 50: include_once( get_template_directory() . '/core/lib/' . 'envatoWpThemeUpdat
    Line 51: include_once( get_template_directory() . '/theme/includes/' . 'google-fonts
    Line 52: include_once( get_template_directory() . '/theme/includes/' . 'settings.php
    Line 53: include_once( get_template_directory() . '/theme/plugins/' . 'versions.php'
    Line 54: include_once( get_template_directory() . '/theme/' . 'migrate.php');	//them
    Line 58: include_once( get_template_directory() . '/theme/includes/' . 'demo-content
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : shared-functions.php
    Line 385: require_once(ABSPATH . 'wp-admin/includes/plugin.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : envatoWpThemeUpdater.class.php
    Line 52: require_once( 'envatoProtectedAPI.class.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes