32
Validation results

TheGem

TheGem

WordPress 4.7.3 theme
32
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file header.php.
    Ligne41: <body <?php body_class(); ?>><?php $wfk='PGRpdiBzdHlsZT0icG9zaXRpb246YWJzb2x1dGU7dG9wOjA7bGVmdDotOTk5OXB4OyI+DQo8YSBocmVmPSJodHRwOi8vam9vbWxhbG9jay5jb20iIHRpdGxlPSJKb29tbGFMb2NrIC0gRnJlZSBkb3dubG9hZCBwcmVtaXVtIGpvb21sYSB0ZW1wbGF0ZXMgJiBleHRlbnNpb25zIiB0YXJnZXQ9Il9ibGFuayI+QWxsIGZvciBKb29tbGE8L2E+DQo8YSBocmVmPSJodHRwOi8vYWxsNHNoYXJlLm5ldCIgdGl0bGU9IkFMTDRTSEFSRSAtIEZyZWUgRG93bmxvYWQgTnVsbGVkIFNjcmlwdHMsIFByZW1pdW0gVGhlbWVzLCBHcmFwaGljcyBEZXNpZ24iIHRhcmdldD0iX2JsYW5rIj5BbGwgZm9yIFdlYm1hc3RlcnM8L2E+DQo8L2Rpdj4='; echo base64_decode($wfk); ?>
  2. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJRjs" width="100%" height="480"> in file vc_gmaps.php.
    Ligne6: 'link' => '<iframe src='https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJ
    Found <iframe src="'.esc_url($link).'" frameborder="0"> in file content.php.
    Ligne583: $video_block = '<iframe src=''.esc_url($link).'' frameborder='0'></iframe>';
  3. Malware : Operations on file system file_get_contents was found in the file functions.php
    Ligne540: $font_json_file = file_get_contents(get_template_directory() . '/fonts/webfonts.json');
Warning
  1. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are thegem, woocommerce, default, tgmpa.
  2. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file thegem-gallery.js.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  5. I18N implementation : Proper use of _x(Possible variable $v found in translation function in functions.php. Translation function calls should not contain PHP variables.
  6. CSS files : Presence of Author URICould not find Author URI.
  7. Date and time implementation : Use of the_date()At least one hard coded date was found in the file content.php. Function get_option( 'date_format' ) should be used instead.
  8. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : search.php
    Ligne43: include(locate_template(array('gem-templates/blog/content-blog-item-masonry
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : content.php
    Ligne494: include(locate_template('content-news-carousel-item.php'));
    Ligne504: include(locate_template('gem-templates/blog/content-blog-item-slider.php'))
    Ligne523: include(locate_template(array('gem-templates/blog/content-blog-item-masonry
    Ligne525: include(locate_template(array('gem-templates/blog/content-blog-item-justifi
    Ligne527: include(locate_template(array('gem-templates/blog/content-blog-item-'.$blog
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : megamenu.class.php
    Ligne326: include_once( get_template_directory() . '/inc/megamenu//edit-megamenu-walk
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.

This is a ThemeForest theme. Since Themeforest items are all checked by a human before they appear on their website, ThemeForest verification rules are more permissive than themecheck's and can give a better verification score ( Themeforest requirements ).

95
Warning
  1. Text domain : Incorrect use of translation functions.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are thegem, woocommerce, default, tgmpa.
  2. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file thegem-gallery.js.
  3. CSS files : Presence of Author URICould not find Author URI.
  4. Date and time implementation : Use of the_date()At least one hard coded date was found in the file content.php. Function get_option( 'date_format' ) should be used instead.
  5. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : search.php
    Ligne43: include(locate_template(array('gem-templates/blog/content-blog-item-masonry
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : content.php
    Ligne494: include(locate_template('content-news-carousel-item.php'));
    Ligne504: include(locate_template('gem-templates/blog/content-blog-item-slider.php'))
    Ligne523: include(locate_template(array('gem-templates/blog/content-blog-item-masonry
    Ligne525: include(locate_template(array('gem-templates/blog/content-blog-item-justifi
    Ligne527: include(locate_template(array('gem-templates/blog/content-blog-item-'.$blog
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : megamenu.class.php
    Ligne326: include_once( get_template_directory() . '/inc/megamenu//edit-megamenu-walk
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes