0
Validation results

Canvas

Canvas

WordPress 6.5.2 theme
0
  • THEME TYPEWordPress theme 6.5.2
  • FILE NAMEcanvas.zip
  • FILE SIZE1745366 bytes
  • MD5005d6db204e78e88090e40fdce403e23
  • SHA1df4b23a13f0415e97d073c80849e85a017367f17
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://www.woothemes.com/
  • VERSION5.12.0
  • AUTHOR URI
  • TAGScanvas, woothemes
  • CREATION DATE2019-08-14
  • LAST FILE UPDATE2019-08-14
  • LAST VALIDATION2019-08-14 12:10
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Security breaches : Use of base64_decode() Found base64_decode in file admin-functions.php. 1025: $cred = unserialize(base64_decode($_POST['woo_ftp_cred']));1103: $cred = unserialize( base64_decode( $_POST['woo_ftp_cred'] ) );
  3. Security breaches : Use of base64_encode() Found base64_encode in file admin-functions.php. 
     <input type='hidden' name='woo_ftp_cred' value='<?php echo esc_attr( base64_encode(serialize($_POST))); ?>' />
  4. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="' . esc_url( $src_url ) . '" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:' . esc_attr( $widthpx ) . '; height:' . esc_attr( $height ) . 'px;"> in file admin-shortcodes.php. 644: <iframe src='' . esc_url( $src_url ) . '' frameborder='0' allowTransparency
  5. Malware : Operations on file system file_get_contents was found in the file class-wf-backup.php 189: $upload = file_get_contents( $_FILES['woothemes-import-file']['tmp_name'] );
  6. Admin menu : Themes should use add_theme_page() for adding admin pages. File admin-functions.php : 3553: $timthumb_retire_page = add_submenu_page( 'woothemes', 'Remove Timthumb', 'Remove Timthumb', 'managFile class-wf-screen-welcome.php : 37: $about = add_submenu_page( 'woothemes', $this->_theme_data['theme_name'], $this->_thFile class-wf-backup.php : 53: $this->_admin_page = add_submenu_page( 'woothemes', __( 'WooThemes Settings Backup', 'woothemes'File class-wf-screen-framework.php : 43: $framework = add_submenu_page( 'woothemes', __( 'Framework', 'woothemes' ), __( 'FramewoFile class-wf-settings.php : 91: add_menu_page( __( 'Settings', 'woothemes' ), esc_html( $theme_name ), 'edFile class-wf-settings.php : 92: $wf_settings_screen_hook = add_submenu_page( 'woothemes', esc_html( $theme_name ), __( 'Settings', 'woFile admin-interface.php : 168: $framework_update_page = add_submenu_page( 'woothemes', 'WooFramework Update', 'Update Framework', 'File woo-hooks.class.php : 199: if ( function_exists( 'add_submenu_page' ) ) {200: $this->admin_page = add_submenu_page('woothemes', __( 'Hooks', 'woothemes' ), __( 'Hooks', 'wooFile woo-hooks.class.php : 199: if ( function_exists( 'add_submenu_page' ) ) {200: $this->admin_page = add_submenu_page('woothemes', __( 'Hooks', 'woothemes' ), __( 'Hooks', 'wooFile woo-meta.class.php : 230: if ( function_exists( 'add_submenu_page' ) ) {231: $this->admin_page = add_submenu_page( 'woothemes', __( 'Filters', 'woothemes' ), __( 'Filters',File woo-meta.class.php : 230: if ( function_exists( 'add_submenu_page' ) ) {231: $this->admin_page = add_submenu_page( 'woothemes', __( 'Filters', 'woothemes' ), __( 'Filters',File woo-layout.class.php : 136: if ( function_exists( 'add_submenu_page' ) ) {137: $this->admin_page = add_submenu_page('woothemes', __( 'Layouts', 'woothemes' ), __( 'Layouts', File woo-layout.class.php : 136: if ( function_exists( 'add_submenu_page' ) ) {137: $this->admin_page = add_submenu_page('woothemes', __( 'Layouts', 'woothemes' ), __( 'Layouts',
Warning
  1. special URIs : Presence of bad theme tagsTheme URI and Author URI should not be the same.
  2. theme tags : Presence of bad theme tagsFound wrong tag canvas in style.css header.Found wrong tag woothemes in style.css header.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cheatin&#8217; huh?' in file class-wf.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Cheatin&#8217; huh?' in file class-wf.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'http://codex.wordpress.org/Child_Themes' in file class-wf-screen-welcome.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Below you can control settings for the Magazine page template. Please refer to <a href="%s">documentation</a> on how to setup the page template.' in file theme-options.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Below you can control settings for the Business page template. Please refer to <a href="%s">documentation</a> on how to setup the page template. You can add slider posts with the <strong><em>Slides</em></strong> custom post type.' in file theme-options.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Home' in file functions.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are woothemes, woocommerce.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Unwanted files : hidden file(s) or folder(s).ds_store was found.
  6. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file style.css.Found a mix of \r\n and \n line endings in file sensei.css.
  7. I18N implementation : Proper use of ___all(Possible variable $textdomain found in translation function in functions.php. Translation function calls should not contain PHP variables.
  8. CSS files : Presence of text domainText Domain: is missing from your style.css header.
  9. CSS files : Presence of .sticky class.sticky css class is needed in theme css.
  10. CSS files : Presence of .gallery-caption class.gallery-caption css class is needed in theme css.
  11. Date and time implementation : Use of the_time()At least one hard coded date was found in the file template-timeline.php. Function get_option( 'date_format' ) should be used instead.
  12. Screenshot : Screenshot fileScreenshot size is 600x450px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file admin-shortcode-generator.php.266: <p><?php echo __( 'Pick a fight: (1) If you already have a theme from WooThemes, install and activate it or (2) if you don\'t yet have one of the awesome WooThemes head over to the <a href='http://www.woothemes.com/themes/' target='_blank' title='WooThemes Gallery'Possible hard-coded links were found in the file admin-interface.php.264: $html = '<div id='wooframework_update' class='updated fade'><p>' . sprintf( __( 'WooFramework update is available (v%s). %sDownload new version%s (%sSee Changelog%s)', 'woothemes' ), $update_data['version'], '<a href='' . admin_url( 'admin.php?page=woothemes_framework_update' ) . ''>', '</a>', '<a href='http://www.woothemes.com/updates/functions-changelog.txt' target='_blank' t309: $html = '<div id='wooframework_important_update' class='error fade'><p>' . sprintf( __( 'An important WooFramework update is available (v%s). %sDownload new version%s (%sSee Changelog%s)', 'woothemes' ), $update_data['version'], '<a href='' . admin_url( 'admin.php?page=woothemes_framework_update' ) . ''>', '</a>', '<a href='http://www.woothemes.com/updates/functions-changelog.txt' target='_blank' t264: $html = '<div id='wooframework_update' class='updated fade'><p>' . sprintf( __( 'WooFramework update is available (v%s). %sDownload new version%s (%sSee Changelog%s)', 'woothemes' ), $update_data['version'], '<a href='' . admin_url( 'admin.php?page=woothemes_framework_update' ) . ''>', '</a>', '<a href='http://www.woothemes.com/updates/functions-changelog.txt' target='_blank' t309: $html = '<div id='wooframework_important_update' class='error fade'><p>' . sprintf( __( 'An important WooFramework update is available (v%s). %sDownload new version%s (%sSee Changelog%s)', 'woothemes' ), $update_data['version'], '<a href='' . admin_url( 'admin.php?page=woothemes_framework_update' ) . ''>', '</a>', '<a href='http://www.woothemes.com/updates/functions-changelog.txt' target='_blank' tPossible hard-coded links were found in the file theme-options.php.1433: 'desc' => __( 'This will enable the <a href='http://code.google.com/p/timthumb/'>TimThumb</a> (thumb.php) script which d1523: 'std' => sprintf( __( 'Tumblog will allow you to publish content using the WooTumblog functionality, including the Express for WordPress iPhone App. If you would like to use the iPhone app, you will need to enable XML-RPC publishing under Settings->Writing. Find out more at %s.', 'woothemes' ), '<a href='http://express-app.com/' target='_blank'>Express-App.com</a>' ),1671: 'desc' => __( 'Enter your <a href='http://www.twitter.com/'>Twitter</a> URL e.g. http://www.twitter.com/woothe1677: 'desc' => __( 'Enter your <a href='http://www.facebook.com/'>Facebook</a> URL e.g. http://www.facebook.com/woo1683: 'desc' => __( 'Enter your <a href='http://www.youtube.com/'>YouTube</a> URL e.g. http://www.youtube.com/woothe1689: 'desc' => __( 'Enter your <a href='http://www.flickr.com/'>Flickr</a> URL e.g. http://www.flickr.com/woothemes1695: 'desc' => __( 'Enter your <a href='http://www.www.linkedin.com.com/'>LinkedIn</a> URL e.g. http://www.linkedin1701: 'desc' => __( 'Enter your <a href='http://www.delicious.com/'>Delicious</a> URL e.g. http://www.delicious.com/1707: 'desc' => __( 'Enter your <a href='http://plus.google.com/'>Google+</a> URL e.g. https://plus.google.com/104561713: 'desc' => sprintf( __( 'Enter your %1$s URL e.g. http://dribbble.com/woothemes', 'woothemes' ), '<a href='http://dribbble.co1719: 'desc' => sprintf( __( 'Enter your %1$s URL e.g. http://instagram.com/woothemes', 'woothemes' ), '<a href='http://instagram.1725: 'desc' => sprintf( __( 'Enter your %1$s URL e.g. http://vimeo.com/woothemes', 'woothemes' ), '<a href='http://vimeo.com/'>'.1731: 'desc' => sprintf( __( 'Enter your %1$s URL e.g. http://pinterest.com/woothemes', 'woothemes' ), '<a href='http://pinterest.1925: 'desc' => sprintf( __( 'Enter an optional URL to show in the %s for this portfolio item.', 'woothemes' ), '<a href='http://www.no-margin-for-errors.com/projects/prettyphoto-jquery-lightbox-clPossible hard-coded links were found in the file widget-woo-flickr.php.187: <label for='<?php echo $this->get_field_id( 'id' ); ?>'><?php _e( 'Flickr ID (<a href='http://www.idgettr.com'>idGettr</a>):', 'woothemes' ); ?></label>Possible hard-coded links were found in the file widget-woo-blogauthor.php.197: <label for='<?php echo $this->get_field_id( 'custom_email' ); ?>'><?php _e( '<a href='http://www.gravatar.com/'>Gravatar</a> E-mail:', 'woothemes' ); ?></label>
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : admin-init.php 42: require_once( $functions_path . 'deprecated.php' ); 43: require_once( $functions_path . 'admin-medialibrary-uploader.php' ); 46: require_once( $classes_path . 'class-wf.php' ); 47: require_once( $classes_path . 'class-wf-fields.php' ); 48: require_once( $classes_path . 'class-wf-fields-settings.php' ); 49: require_once( $classes_path . 'class-wf-fields-meta.php' ); 50: require_once( $classes_path . 'class-wf-settings.php' ); 51: require_once( $classes_path . 'class-wf-meta.php' ); 67: require_once( $functions_path . 'admin-functions.php' ); // Functions u68: require_once( $functions_path . 'admin-setup.php' ); // Set up the Woo69: require_once( $functions_path . 'admin-interface.php' ); // Administrat70: require_once( $functions_path . 'admin-seo.php' ); // SEO functions.71: require_once( $functions_path . 'admin-sbm.php' ); // Widget Area72: require_once( $functions_path . 'admin-hooks.php' ); // Contextual hoo75: require_once( $functions_path . 'admin-custom-nav.php' ); // Woo Custom 78: require_once ( $functions_path . 'admin-shortcodes.php' ); // Woo Short82: require_once( $classes_path . 'class-wf-screen-admin-base.php' ); // 83: require_once( $classes_path . 'class-wf-screen.php' ); // 84: require_once( $classes_path . 'class-wf-screen-welcome.php' ); // 85: require_once( $classes_path . 'class-wf-screen-framework.php' ); // 87: require_once( $classes_path . 'class-wf-backup.php' ); // 88: require_once( $functions_path . 'admin-backup.php' ); // 89: require_once( $functions_path . 'admin-shortcode-generator.php' ); // If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-hooks.class.php 223: include_once( $this->plugin_path . '/screens/admin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-hooks.php 2: require_once( 'classes/woo-hooks.class.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-plugin-integrations.php 19: require_once( get_template_directory() . '/includes/integrations/testimonia27: require_once( get_template_directory() . '/includes/integrations/our-team/o35: require_once( get_template_directory() . '/includes/integrations/projects/s36: require_once( get_template_directory() . '/includes/integrations/projects/t37: require_once( get_template_directory() . '/includes/integrations/projects/f46: require_once( get_template_directory() . '/includes/integrations/wooslider/55: require_once( get_template_directory() . '/includes/integrations/woocommerc56: require_once( get_template_directory() . '/includes/integrations/woocommerc57: require_once( get_template_directory() . '/includes/integrations/woocommerc65: require_once( get_template_directory() . '/includes/integrations/features/f73: require_once( get_template_directory() . '/includes/integrations/archives/a81: require_once( get_template_directory() . '/includes/integrations/subscribe-89: require_once( get_template_directory() . '/includes/integrations/sensei/set90: require_once( get_template_directory() . '/includes/integrations/sensei/tem91: require_once( get_template_directory() . '/includes/integrations/sensei/fun99: require_once( get_template_directory() . '/includes/integrations/gravity-fo107: require_once( get_template_directory() . '/includes/integrations/jetpack/je If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-meta.class.php 254: include_once( $this->plugin_path . '/screens/admin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-meta.php 2: require_once( 'classes/woo-meta.class.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-actions.php 2428: require_once ( $includes_path . 'tumblog/theme-tumblog.php' ); // Tumblog 2431: require_once( $includes_path . 'tumblog/wootumblog_postformat.class.php' );2433: require_once ( $includes_path . 'tumblog/theme-custom-post-types.php' ); // If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-layout.class.php 163: include_once( $this->plugin_path . '/screens/admin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : woo-layout.php 2: require_once( 'classes/woo-layout.class.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
77

WordPress 6.5.2 theme

35

WordPress 6.5.2 theme

0

WordPress 6.5.2 theme