0
Validation results

Root

Root

WordPress 4.9 theme
0
  • THEME TYPEWordPress theme 4.9
  • FILE NAMEroot.zip
  • FILE SIZE990389 bytes
  • MD53091dde05a1767390f6b210deb35a5fb
  • SHA191f834f05fd4fc4117612137339599a3798e72f5
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, HTML, Bitmap images
  • THEME URIhttps://wpshop.ru/themes/root
  • VERSION2.1.4
  • AUTHOR URI
  • TAGSpremium, adaptive, seo
  • CREATION DATE2017-11-08
  • LAST FILE UPDATE2017-11-08
  • LAST VALIDATION2017-11-08 12:27
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Security breaches : Use of base64_decode() Found base64_decode in file metaboxes.php.
    Line 205: $fields_to_save = json_decode( base64_decode( $_POST[ $this->prefix . 'fields_to_save' ] ) );
  3. Security breaches : Use of base64_encode() Found base64_encode in file content-single.php.
     echo '<span class='ps-link' data-uri=''. base64_encode( $source_link ) .''>' . __( 'Source', 'root' ) . '</span>';
    Found base64_encode in file top-commentators.php.
     if ($result->comment_author_url) $comment_author_url = base64_encode( $result->comment_author_url );
    Found base64_encode in file pseudo-links.php.
     $href = base64_encode( $href );
    Found base64_encode in file metaboxes.php.
     echo '<input type='hidden' name='' . $this->prefix . 'fields_to_save' value='' . esc_attr(base64_encode(json_encode( $this->to_save ))) . ''>';
  4. Admin menu : Themes should use add_theme_page() for adding admin pages. File admin-ad.php :
    Line 241: add_submenu_page( 'themes.php', 'Реклама', 'Реклама', 'manage
    File admin.php :
    Line 49: add_options_page( 'Root', 'Root', 'manage_options', 'revelation', 'revelati
  5. Inapropriate constants : Use of HEADER_TEXTCOLOR Constant HEADER_TEXTCOLOR was found in the file custom-header.php. add_theme_support( 'custom-header' ) should be used instead.
    Line 63: if ( HEADER_TEXTCOLOR === $header_text_color ) {
  6. Deprecated functions : get_bloginfo get_bloginfo('template_url') was found in the file customizer-css.php. Use get_template_directory_uri() instead.
    Line 23: if ( ! empty( $pattern_url ) ) echo 'body { background-image: url(' . get_bloginfo('template_url') . '/images/backgrounds/' . $pattern_url . ') }
    get_bloginfo('template_url') was found in the file smiles.php. Use get_template_directory_uri() instead.
    Line 32: return get_bloginfo('template_url') . '/images/smilies/' . $img;
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag premium in style.css header.Found wrong tag adaptive in style.css header.Found wrong tag seo in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Если Вам необходимо повторять фоновое изображение шапки, Вы можете задать это в поле ниже' in file customizer.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Your comment is awaiting moderation.' in file comments.php.Found a translation function that is missing a text-domain. Function esc_attr__, with the arguments in file metaboxes.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are root, widget-css-classes.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  5. PHP short tags : Presence of PHP short tagsPHP short tags were found in file contact-form.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.
    Line 98: <div class='errors'><?=$nameError;?></div>
    Line 105: <div class='errors'><?=$emailError;?></div>
    Line 111: <div class='errors'><?=$themeError;?></div>
    Line 120: <div class='errors'><?=$commentError;?></div>
  6. I18N implementation : Proper use of ___all(Possible variable $value found in translation function in metaboxes.php. Translation function calls should not contain PHP variables.
    Line 485: echo '			<input type='text' id=''. $name .'' name=''. $name .'' class=''. $name .'_field vetteo-color-picker' placeholder='' value='' . esc_attr__( $value ) . ''>';
  7. I18N implementation : Proper use of esc_attr___all(Possible variable $value found in translation function in metaboxes.php. Translation function calls should not contain PHP variables.
    Line 485: echo '			<input type='text' id=''. $name .'' name=''. $name .'' class=''. $name .'_field vetteo-color-picker' placeholder='' value='' . esc_attr__( $value ) . ''>';
  8. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  9. CSS files : Presence of .sticky class.sticky css class is needed in theme css.
  10. Date and time implementation : Use of the_time()At least one hard coded date was found in the file content-single.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content-page.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content-card.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file wpshopbiz.php.
    Line 39: echo 'Если у Вас появились вопросы или предложения по использованию тем от <a href='https://wpshop.ru/?utm_source=admin&utm_medium=dashboard&utm_campaign=root'
    Line 52: 'Сайт разработан <a href='https://wpshop.ru/?utm_source=admin&utm_medium=footer&utm_campaign=root' ta
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : urlspan.php
    Line 50: require_once(TEMPLATEPATH . '/inc/urlspan/urlspan.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes