0
Validation results

Charity Hub

Charity Hub

WordPress 5.2.2 theme
0
  • THEME TYPEWordPress theme 5.2.2
  • FILE NAMEthemeforest-7481543-charity-hub-charity-nonprofit-fundraising-wp-wordpress-theme.zip
  • FILE SIZE25319021 bytes
  • MD5ecbba142514cba890563f56d43d768f7
  • SHA160a7467a75aea648753685d5d85444a247c32833
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • THEME URIhttp://themes.goodlayers2.com/charityhub
  • VERSION1.31
  • AUTHOR URI
  • TAGSwhite, light, Green, two-columns, fluid-layout, custom-background, custom-colors, featured-images, theme-options
  • CREATION DATE2019-05-20
  • LAST FILE UPDATE2019-05-20
  • LAST VALIDATION2019-05-20 01:27
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file gdlr-customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  3. Security breaches : Use of base64_decode() Found base64_decode in file twitteroauth.php. 208: $decoded_sig = base64_decode($signature);Found base64_decode in file ApiRequestor.php. 405: $derCert = base64_decode(implode('', $lines));
  4. Security breaches : Use of base64_encode() Found base64_encode in file twitteroauth.php.
     return base64_encode(hash_hmac('sha1', $base_string, $key, true));
     return base64_encode($signature);
  5. Unwanted files : hidden file(s) or folder(s) .travis.yml .gitignore was found.
  6. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.youtube' . ($theme_option['disable-cookie-youtube'] == 'enable'? '-nocookie': '') . '.com/embed/' . $id[1] . '?wmode=transparent' . $id[2] . '" width="' . $width . '" height="' . $height . '" > in file gdlr-media.php. 66: return '<iframe src='https://www.youtube' . ($theme_option['disable-cookie-youtube'Found <iframe src=|gq2|http://maps.google.com/maps?f=q&amp;source=s_q&amp;hl=en&amp;geocode=&amp;q=seattle&amp;aq=&amp;sll=22.447841,114.109497&amp;sspn=0.448038,0.550003&amp;vpsrc=0&amp;ie=UTF8&amp;hq=&amp;hnear=%E0%B8%8B%E0%B8%B5%E0%B9%81%E0%B8%AD%E0%B8%95%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%A5+King,+%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%A7%E0%B8%AD%E0%B8%8A%E0%B8%B4%E0%B8%87%E0%B8%95%E0%B8%B1%E0%B8%99+%E0%B8%AA%E0%B8%AB%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%AD%E0%B9%80%E0%B8%A1%E0%B8%A3%E0%B8%B4%E0%B8%81%E0%B8%B2&amp;t=m&amp;z=12&amp;ll=47.60621,-122.332071&amp;output=embed|gq2| height=|gq2|470|gq2| width=|gq2|100%|gq2| frameborder=|gq2|0|gq2| marginwidth=|gq2|0|gq2| marginheight=|gq2|0|gq2| scrolling=|gq2|no|gq2|> in file gdlr-demo-page.php. 104: 'above-sidebar'=>'[{'item-type':'wrapper','item-builder-title':'Full Size Wrapper','type':'full-size-wrapper','items':[{'item-type':'item','item-builder-title':'Content','type':'content','option':{'page-item-id':'','title-type':'none','icon':'','title':'','caption':'','content':'<iframe src=|gq2|http://maps.google.com/maps?f=q&amp;source=s_q&amp;hl=en&a
  7. Malware : Operations on file system file_get_contents was found in the file gdlr-function-regist.php 81: $default_admin_option = unserialize(file_get_contents($default_file));fopen was found in the file gdlr-function-regist.php 109: //$file_stream = @fopen($file_url, 'w');fwrite was found in the file gdlr-function-regist.php 110: //fwrite($file_stream, serialize($theme_option));fclose was found in the file gdlr-function-regist.php 111: //fclose($file_stream);fopen was found in the file gdlr-admin-option.php 21: $file_stream = @fopen($file_url, 'w');fwrite was found in the file gdlr-admin-option.php 52: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 91: fwrite($file_stream, $style);96: fwrite($file_stream, $end_of_file);100: fwrite($file_stream, $theme_option['additional-style']);fwrite was found in the file gdlr-admin-option.php 52: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 91: fwrite($file_stream, $style);96: fwrite($file_stream, $end_of_file);100: fwrite($file_stream, $theme_option['additional-style']);fwrite was found in the file gdlr-admin-option.php 52: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 91: fwrite($file_stream, $style);96: fwrite($file_stream, $end_of_file);100: fwrite($file_stream, $theme_option['additional-style']);fwrite was found in the file gdlr-admin-option.php 52: fwrite( $file_stream, str_replace('#gdlr#', $value, $option['selector']) . 91: fwrite($file_stream, $style);96: fwrite($file_stream, $end_of_file);100: fwrite($file_stream, $theme_option['additional-style']);fclose was found in the file gdlr-admin-option.php 104: fclose($file_stream);file_get_contents was found in the file twitteroauth.php 278: file_get_contents(self::$POST_INPUT)file_get_contents was found in the file paypal.php 250: $raw_post_data = file_get_contents('php://input');file_get_contents was found in the file goodlayers-importer.php 37: $widget_data = unserialize(file_get_contents($widget_file));fopen was found in the file goodlayers-importer.php 65: //$file_stream = @fopen($widget_file, 'w');fwrite was found in the file goodlayers-importer.php 66: //fwrite($file_stream, serialize($widget_data));fclose was found in the file goodlayers-importer.php 67: //fclose($file_stream); file_get_contents was found in the file gdlr-font-loader.php 68: $google_fonts = json_decode(file_get_contents($google_font_file), true);
  8. Malware : Network operations curl_init was found in the file twitteroauth.php 1069: $ci = curl_init();curl_exec was found in the file twitteroauth.php 1095: $response = curl_exec($ci);curl_init was found in the file paypal.php 276: $ch = curl_init('https://ipnpb.paypal.com/cgi-bin/webscr');curl_exec was found in the file paypal.php 286: if( !($res = curl_exec($ch)) ) {curl_init was found in the file ApiRequestor.php 231: $curl = curl_init();curl_exec was found in the file ApiRequestor.php 264: $rbody = curl_exec($curl);281: $rbody = curl_exec($curl);curl_exec was found in the file ApiRequestor.php 264: $rbody = curl_exec($curl);281: $rbody = curl_exec($curl);
  9. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php : 412: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_tFile gdlr-admin-panel.php : 47: $page = add_menu_page($this->setting['page_title'], $this->setting['menu_title'],
  10. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was gdlr-portfolio.zip goodlayers-importer.zip layerslider.zip gdlr-cause.zip gdlr-shortcode.zip.
Warning
  1. theme tags : Presence of bad theme tagsThe tag white has been deprecated, it must be removed from style.css header.The tag light has been deprecated, it must be removed from style.css header.The tag Green has been deprecated, it must be removed from style.css header.The tag fluid-layout has been deprecated, it must be removed from style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is charity-hub.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme requires the following plugin: %1$s.', 'This theme requires the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'This theme recommends the following plugin: %1$s.', 'This theme recommends the following plugins: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to install the %s plugin. Contact the administrator of this site for help on getting the plugin installed.', 'Sorry, but you do not have the correct permissions to install the %s plugins. Contact the administrator of this site for help on getting the plugins installed.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following required plugin is currently inactive: %1$s.', 'The following required plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following recommended plugin is currently inactive: %1$s.', 'The following recommended plugins are currently inactive: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to activate the %s plugin. Contact the administrator of this site for help on getting the plugin activated.', 'Sorry, but you do not have the correct permissions to activate the %s plugins. Contact the administrator of this site for help on getting the plugins activated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'The following plugin needs to be updated to its latest version to ensure maximum compatibility with this theme: %1$s.', 'The following plugins need to be updated to their latest version to ensure maximum compatibility with this theme: %1$s.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Sorry, but you do not have the correct permissions to update the %s plugin. Contact the administrator of this site for help on getting the plugin updated.', 'Sorry, but you do not have the correct permissions to update the %s plugins. Contact the administrator of this site for help on getting the plugins updated.' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Begin installing plugin', 'Begin installing plugins' in file gdlr-plugin-activation.php.Found a translation function that is missing a text-domain. Function _n_noop, with the arguments 'Activate installed plugin', 'Activate installed plugins' in file gdlr-plugin-activation.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are gdlr_translate, tgmpa, gdlr, stripe.
  4. Plugin territory : Plugin territory functionalitiesThe theme uses the register_taxonomy() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  5. Unwanted directories : GIT revision control directoryA.git was found.
  6. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  7. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  8. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file twitteroauth.php.1134: echo '<strong>'.$tweets->errors[0]->message.'!</strong><br />You\'ll need to regenerate it <a href='https://dev.twitter.com/apps' target='_blank'>here</a>!' . $after_widget;
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : gdlr-plugin-activation.php 2: require_once(GDLR_LOCAL_PATH . '/include/plugin/class-tgm-plugin-activation If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : paypal.php 69: 72: If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Stripe.php 5: 'to require('lib/Stripe.php'); instead of this file\n';8: $ok = @include_once(dirname(__FILE__).$testURI);10: $ok = @include_once(dirname(__FILE__).'/../vendor/simpletest'.$testURI);29: require_once(dirname(__FILE__) . '/../lib/Stripe.php');31: require_once(dirname(__FILE__) . '/Stripe/TestCase.php');33: require_once(dirname(__FILE__) . '/Stripe/ApiRequestorTest.php');34: require_once(dirname(__FILE__) . '/Stripe/AuthenticationErrorTest.php');35: require_once(dirname(__FILE__) . '/Stripe/CardErrorTest.php');36: require_once(dirname(__FILE__) . '/Stripe/AccountTest.php');37: require_once(dirname(__FILE__) . '/Stripe/BalanceTest.php');38: require_once(dirname(__FILE__) . '/Stripe/BalanceTransactionTest.php');39: require_once(dirname(__FILE__) . '/Stripe/ChargeTest.php');40: require_once(dirname(__FILE__) . '/Stripe/CouponTest.php');41: require_once(dirname(__FILE__) . '/Stripe/CustomerTest.php');42: require_once(dirname(__FILE__) . '/Stripe/DiscountTest.php');43: require_once(dirname(__FILE__) . '/Stripe/Error.php');44: require_once(dirname(__FILE__) . '/Stripe/InvalidRequestErrorTest.php');45: require_once(dirname(__FILE__) . '/Stripe/InvoiceTest.php');46: require_once(dirname(__FILE__) . '/Stripe/ObjectTest.php');47: require_once(dirname(__FILE__) . '/Stripe/PlanTest.php');48: require_once(dirname(__FILE__) . '/Stripe/SubscriptionTest.php');49: require_once(dirname(__FILE__) . '/Stripe/Token.php');50: require_once(dirname(__FILE__) . '/Stripe/TransferTest.php');51: require_once(dirname(__FILE__) . '/Stripe/RecipientTest.php');52: require_once(dirname(__FILE__) . '/Stripe/RefundTest.php');53: require_once(dirname(__FILE__) . '/Stripe/ApplicationFeeTest.php');54: require_once(dirname(__FILE__) . '/Stripe/ApplicationFeeRefundTest.php');55: require_once(dirname(__FILE__) . '/Stripe/UtilTest.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Stripe.php 17: require(dirname(__FILE__) . '/Stripe/Stripe.php');20: require(dirname(__FILE__) . '/Stripe/Util.php');21: require(dirname(__FILE__) . '/Stripe/Util/Set.php');24: require(dirname(__FILE__) . '/Stripe/Error.php');25: require(dirname(__FILE__) . '/Stripe/ApiError.php');26: require(dirname(__FILE__) . '/Stripe/ApiConnectionError.php');27: require(dirname(__FILE__) . '/Stripe/AuthenticationError.php');28: require(dirname(__FILE__) . '/Stripe/CardError.php');29: require(dirname(__FILE__) . '/Stripe/InvalidRequestError.php');30: require(dirname(__FILE__) . '/Stripe/RateLimitError.php');33: require(dirname(__FILE__) . '/Stripe/Object.php');34: require(dirname(__FILE__) . '/Stripe/ApiRequestor.php');35: require(dirname(__FILE__) . '/Stripe/ApiResource.php');36: require(dirname(__FILE__) . '/Stripe/SingletonApiResource.php');37: require(dirname(__FILE__) . '/Stripe/AttachedObject.php');38: require(dirname(__FILE__) . '/Stripe/List.php');41: require(dirname(__FILE__) . '/Stripe/Account.php');42: require(dirname(__FILE__) . '/Stripe/Card.php');43: require(dirname(__FILE__) . '/Stripe/Balance.php');44: require(dirname(__FILE__) . '/Stripe/BalanceTransaction.php');45: require(dirname(__FILE__) . '/Stripe/Charge.php');46: require(dirname(__FILE__) . '/Stripe/Customer.php');47: require(dirname(__FILE__) . '/Stripe/Invoice.php');48: require(dirname(__FILE__) . '/Stripe/InvoiceItem.php');49: require(dirname(__FILE__) . '/Stripe/Plan.php');50: require(dirname(__FILE__) . '/Stripe/Subscription.php');51: require(dirname(__FILE__) . '/Stripe/Token.php');52: require(dirname(__FILE__) . '/Stripe/Coupon.php');53: require(dirname(__FILE__) . '/Stripe/Event.php');54: require(dirname(__FILE__) . '/Stripe/Transfer.php');55: require(dirname(__FILE__) . '/Stripe/Recipient.php');56: require(dirname(__FILE__) . '/Stripe/Refund.php');57: require(dirname(__FILE__) . '/Stripe/ApplicationFee.php');58: require(dirname(__FILE__) . '/Stripe/ApplicationFeeRefund.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : gdlr-framework.php 10: include_once('function/gdlr-sidebar-generator.php');13: include_once('function/gdlr-admin-panel.php'); 14: include_once('function/gdlr-admin-panel-html.php'); 17: include_once('function/gdlr-customizer.php'); 20: include_once('function/gdlr-page-builder.php'); 21: include_once('function/gdlr-page-builder-html.php'); 24: include_once('function/gdlr-page-options.php'); 27: include_once('function/gdlr-tax-meta.php'); 30: include_once('function/gdlr-include-script.php'); 33: include_once('function/gdlr-font-loader.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes