0
Validation results

Berliner

Berliner

WordPress 5.4.2 theme
0
  • THEME TYPEWordPress theme 5.4.2
  • FILE NAMEberliner.zip
  • FILE SIZE2156295 bytes
  • MD5337cbb532e75278675edb171a78f591e
  • SHA1aaf136deb0ebe2e069ab1b15ca2264e37f04462b
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • VERSION1.8.1
  • CREATION DATE2020-05-29
  • LAST FILE UPDATE2020-05-29
  • LAST VALIDATION2020-05-29 08:01
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file WP_OAuth.php.
    Ligne216: $decoded_sig = base64_decode($signature); // Completely Safe. Used for checking RSA-SHA1 s
  2. Security breaches : Use of base64_encode() Found base64_encode in file WP_OAuth.php.
     return base64_encode(hash_hmac('sha1', $base_string, $key, true)); // Completely S
     return base64_encode($signature); // Completely Safe. Builds RSA-SHA1 signature fo
  3. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="//www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fcssigniter&amp;width&amp;layout=button_count&amp;action=like&amp;show_faces=true&amp;share=false&amp;height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; height:21px;" allowTransparency="true"> in file ci_panel.php.
    Ligne179: <iframe src='//www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.fac
  4. Malware : Operations on file system file_get_contents was found in the file WP_OAuth.php
    Ligne286: file_get_contents(self::$POST_INPUT) // Completely Safe. Retrieves oAuth re
    readfile was found in the file downloads_handler.php
    Ligne74: readfile( $abs_file_path ); // Completely Safe. Forces browser to download 
  5. Malware : Network operations curl_init was found in the file wp_twitteroauth.php
    Ligne217: $ci = curl_init();
    curl_exec was found in the file wp_twitteroauth.php
    Ligne243: $response = curl_exec($ci);
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php :
    Ligne641: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_t
  7. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was soundmanager2_flash_xdomain.zip.
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  3. Fundamental theme elements : Presence of wp_link_pages()Could not find wp_link_pages.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  6. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  7. I18N implementation : Proper use of ___all(Possible variable $value found in translation function in localization.php. Translation function calls should not contain PHP variables.
  8. CSS files : Presence of .sticky class.sticky css class is needed in theme css.
  9. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  10. Date and time implementation : Use of date_i18n()At least one hard coded date was found in the file generic.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  5. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  6. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  9. Use of includes : Use of include or requireThe theme appears to use include or require : generic.php
    Ligne227: require( $_template_file );
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : wp_twitteroauth.php
    Ligne19: if(!class_exists('WP_OAuthException')) require_once('WP_OAuth.php');
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
    The theme appears to use include or require : widgets.php
    Ligne31: require_once($path.'/'.$file);
    If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes