0
Validation results

Uncode www.themesfreedownloader.com

Uncode www.themesfreedownloader.com

WordPress 4.9.2 theme
0
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file vc_gallery.php.
    Ligne152: $items = json_decode( base64_decode( strip_tags( $items ) ), true);
    Found base64_decode in file uncode_index.php.
    Ligne232: $items = json_decode( base64_decode( strip_tags( $items ) ), true);
    Found base64_decode in file radium-importer.php.
    Ligne548: $options = unserialize( base64_decode( $data ) );
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file elements.php.
    Ligne116: $content_html = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .
    Found <iframe width="100%" scrolling="no" frameborder="no" src="' . $iframe_url . '&color='.$accent_color.'&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false"> in file helpers.php.
    Ligne469: $media_oembed = '<iframe width='100%' scrolling='no' frameborder='no' src='' . $iframe_url .
  4. Malware : Operations on file system fopen was found in the file parsers.php
    Ligne261: if ( ! xml_parse( $xml, wp_remote_fopen( $file ), true ) ) {
    Ligne407: $fp = $this->fopen( $file, 'r' );
    Ligne625: function fopen( $filename, $mode = 'r' ) {
    Ligne628: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Ligne456: $this->fclose($fp);
    Ligne643: function fclose( $fp ) {
    Ligne646: return fclose( $fp );
    fopen was found in the file parsers.php
    Ligne261: if ( ! xml_parse( $xml, wp_remote_fopen( $file ), true ) ) {
    Ligne407: $fp = $this->fopen( $file, 'r' );
    Ligne625: function fopen( $filename, $mode = 'r' ) {
    Ligne628: return fopen( $filename, $mode );
    fopen was found in the file parsers.php
    Ligne261: if ( ! xml_parse( $xml, wp_remote_fopen( $file ), true ) ) {
    Ligne407: $fp = $this->fopen( $file, 'r' );
    Ligne625: function fopen( $filename, $mode = 'r' ) {
    Ligne628: return fopen( $filename, $mode );
    fclose was found in the file parsers.php
    Ligne456: $this->fclose($fp);
    Ligne643: function fclose( $fp ) {
    Ligne646: return fclose( $fp );
    fclose was found in the file parsers.php
    Ligne456: $this->fclose($fp);
    Ligne643: function fclose( $fp ) {
    Ligne646: return fclose( $fp );
    fopen was found in the file welcome.php
    Ligne76: if ( @fopen( $front_css, 'a' ) ) {
    Ligne92: if ( @fopen( $back_css, 'a' ) ) {
    Ligne236: <td data-export-label='Allow URL fopen'><?php esc_html_e( 'Allow URL fopen', 'uncode' ); ?>:</td>
    Ligne239: if ( !ini_get('allow_url_fopen') ) {
    Ligne240: echo '<mark class='error'>' . sprintf( wp_kses(__( 'Disabled - For the import of the demo data this value needs to be enabled. <a href='%s' target='_blank'>Please enabled it.</a>', 'uncode' ), array( 'a' => array( 'href' => array(),'target' => array() ) ) ), 'https://www.a2hosting.com/kb/developer-corner/php/using-php.ini-directives/php-allow-url-fopen-directive' ) . '</mark>';
    fopen was found in the file welcome.php
    Ligne76: if ( @fopen( $front_css, 'a' ) ) {
    Ligne92: if ( @fopen( $back_css, 'a' ) ) {
    Ligne236: <td data-export-label='Allow URL fopen'><?php esc_html_e( 'Allow URL fopen', 'uncode' ); ?>:</td>
    Ligne239: if ( !ini_get('allow_url_fopen') ) {
    Ligne240: echo '<mark class='error'>' . sprintf( wp_kses(__( 'Disabled - For the import of the demo data this value needs to be enabled. <a href='%s' target='_blank'>Please enabled it.</a>', 'uncode' ), array( 'a' => array( 'href' => array(),'target' => array() ) ) ), 'https://www.a2hosting.com/kb/developer-corner/php/using-php.ini-directives/php-allow-url-fopen-directive' ) . '</mark>';
    fopen was found in the file font-system.php
    Ligne1233: $ofp = fopen( trailingslashit($this->font_directory).$remote_file_info['basename']
    fwrite was found in the file font-system.php
    Ligne1242: fwrite( $ofp, fread($fp, 8192) );
    fread was found in the file font-system.php
    Ligne1242: fwrite( $ofp, fread($fp, 8192) );
    fclose was found in the file font-system.php
    Ligne1244: fclose($fp);
    Ligne1245: fclose($ofp);
    fclose was found in the file font-system.php
    Ligne1244: fclose($fp);
    Ligne1245: fclose($ofp);
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File radium-importer.php :
    Ligne87: add_submenu_page('uncode-menu', 'Install Demo', 'Install Demo', 'switch_the
    File class-tgm-plugin-activation.php :
    Ligne641: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
    File admin.php :
    Ligne9: add_menu_page( 'UNCODE', UNCODE_NAME, 'administrator', 'uncode-menu', 'unco
    File admin.php :
    Ligne10: add_submenu_page( 'uncode-menu', 'UNCODE', 'Welcome', 'administrator', 'unc
    Ligne656: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod
    File admin.php :
    Ligne10: add_submenu_page( 'uncode-menu', 'UNCODE', 'Welcome', 'administrator', 'unc
    Ligne656: add_submenu_page( 'tools.php', 'Export', 'Export', 'manage_options', 'uncod
    File media-enhanced.php :
    Ligne4: add_submenu_page( 'upload.php', esc_html__('Add oEmbed, external IMG, SVG c
    File font-system.php :
    Ligne53: $this->fonts_page_name = add_submenu_page('uncode-menu', 'Fonts', 'Fonts', 'edit_theme_options', 'un
    Ligne54: $this->settings_page_name = add_submenu_page('uncode-menu', 'Font Sources', 'Font Sources', 'edit_theme
    File font-system.php :
    Ligne53: $this->fonts_page_name = add_submenu_page('uncode-menu', 'Fonts', 'Fonts', 'edit_theme_options', 'un
    Ligne54: $this->settings_page_name = add_submenu_page('uncode-menu', 'Font Sources', 'Font Sources', 'edit_theme
    File ot-cleanup-api.php :
    Ligne82: $theme_check_bs = 'add_menu_page';
    File ot-settings-api.php :
    Ligne99: $theme_check_bs   = 'add_menu_page';
    File ot-settings-api.php :
    Ligne100: $theme_check_bs2  = 'add_submenu_page';
  6. Deprecated functions : screen_icon screen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Ligne1109: screen_icon();
  7. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was layersliderwp-5.6.2.installable.zip revslider.zip uncode-core.zip js_composer.zip envato-wordpress-toolkit-master.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is uncode-www-themesfreedownloader-com.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments in file footer.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.Found a translation function that is missing a text-domain. Function __, with the arguments in file headers.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are uncode, woocommerce, js_composer, radium, wordpress-importer, tgmpa, dot, uncodefont, option-tree.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Deprecated functions : screen_iconscreen_icon found in file wordpress-importer.php. Deprecated since version 3.8.
    Ligne1109: screen_icon();
  6. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  7. I18N implementation : Proper use of ___all(Possible variable $footer_content found in translation function in footer.php. Translation function calls should not contain PHP variables. Possible variable $uncode_block found in translation function in headers.php. Translation function calls should not contain PHP variables. Possible variable $revslider_id found in translation function in headers.php. Translation function calls should not contain PHP variables. Possible variable $layerslider_id found in translation function in headers.php. Translation function calls should not contain PHP variables.
  8. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  9. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file footer.php.
    Ligne143: <p class='tfd'>Themes by <a href='http://www.themesfreedownloader.com/' rel='follow'>www.themesfreedownloader
    Ligne144: <p class='cou'><a href='http://www.couponslay.com' rel='follow'>www.couponslay.com</a></p>
    Possible hard-coded links were found in the file single.php.
    Ligne434: <p class='tfd'>Themes by <a href='http://www.themesfreedownloader.com/' rel='follow'>www.themesfreedownloader
    Ligne435: <p class='cou'><a href='http://www.couponslay.com' rel='follow'>www.couponslay.com</a></p>
    Possible hard-coded links were found in the file media-enhanced.php.
    Ligne292: <h2><?php esc_html_e('Add oEmbed, external IMG, SVG code, HTML or Shortcode','uncode'); ?> <a href='upload.php?page=add-other' class='add-new-h2'><?php esc_html_e('Add New','u
    Ligne370: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other'; ?>' value='<?php esc_html_e('Save','uncode'); ?
    Ligne374: <input name='save' type='submit' class='button button-primary button-large' id='publish' data-url='<?php echo get_site_url().'/wp-admin/upload.php?page=add-other&postid='.$_REQUEST['postid'].'&updated=1'; ?>' va
    Possible hard-coded links were found in the file font-system.php.
    Ligne371: You will need to create a <a href='http://fontdeck.com'>Fontdeck</a> Project to access your fonts from Fontdec
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : init.php
    Ligne14: require_once( dirname( __FILE__ ) . '/importer/radium-importer.php' ); //lo
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : radium-importer.php
    Ligne461: require_once($class_wp_importer);
    Ligne476: require_once($class_wp_import);
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : customizer-woocommerce.php
    Ligne204: include_once( get_template_directory() . '/woocommerce/widgets/widget-price
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : welcome.php
    Ligne70: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : admin.php
    Ligne4: require_once 'admin-pages/welcome.php';
    Ligne59: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Ligne345: require_once ('edit_custom_walker.php');
    Ligne676: require_once( 'export/uncode_export_template.php' );
    Ligne772: require_once(ABSPATH . 'wp-admin/includes/file.php');
    Ligne837: require_once( ABSPATH . 'wp-admin/includes/image.php' );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : main.php
    Ligne183: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : font-system.php
    Ligne1152: require_once (ABSPATH . '/wp-admin/includes/file.php');
    Ligne1313: require_once (ABSPATH . '/wp-admin/includes/file.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : ot-loader.php
    Ligne553: include_once( $file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes