0
Validation results

Construction

Construction

WordPress 5.2.2 theme
0
  • THEME TYPEWordPress theme 5.2.2
  • FILE NAMEconstruction.zip
  • FILE SIZE4413562 bytes
  • MD5da134fa4aaebb15b4c6ec46d1a23be62
  • SHA195fb06b31959eb49614dc8ca9b682006c751e676
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • DEMO PAGEhttp://premiumlayers.net/demo/wp/construction/
  • VERSION1.7
  • TAGSthreaded-comments, theme-options, sticky-post, full-width-template, flexible-header, featured-images, custom-menu, custom-header, custom-colors, custom-background
  • CREATION DATE2019-07-31
  • LAST FILE UPDATE2019-07-31
  • LAST VALIDATION2019-07-31 16:44
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  3. Security breaches : Use of base64_decode() Found base64_decode in file twitteroauth.php. 212: $decoded_sig = base64_decode($signature);Found base64_decode in file admin-functions.php. 164: $data = unserialize(base64_decode( $data['weblusive_import'] ));Found base64_decode in file radium-importer.php. 331: $data = unserialize(base64_decode( $data));
  4. Security breaches : Use of base64_encode() Found base64_encode in file twitteroauth.php.
     return base64_encode(hash_hmac('sha1', $base_string, $key, true));
     return base64_encode($signature);
    Found base64_encode in file admin-ui.php.
     <textarea style='width:100%' rows='7'><?php echo $currentsettings = base64_encode( serialize( $current_options )); ?></textarea>
  5. Unwanted files : PHP error log error_log was found.
  6. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe width="'.$width.'" height="'.$height.'" src="'.$src.'" class="vid iframe-'.$site.'"> in file shortcode.php. 504: return '<div class='flex-video '.$anim.' '.$class.''><iframe width=''.$width.'' height=''.$height.'' src=''.$src.'' class='vid iFound <iframe src="http://player.vimeo.com/video/<?php echo $video?> in file page-head.php. 73: <iframe src='http://player.vimeo.com/video/<?php echo $video?>' width='500'
  7. Malware : Operations on file system file_get_contents was found in the file twitteroauth.php 282: file_get_contents(self::$POST_INPUT)file_get_contents was found in the file parsers.php 252: if ( ! xml_parse( $xml, file_get_contents( $file ), true ) ) {fopen was found in the file parsers.php 398: $fp = $this->fopen( $file, 'r' );624: function fopen( $filename, $mode = 'r' ) {627: return fopen( $filename, $mode );fclose was found in the file parsers.php 447: $this->fclose($fp);642: function fclose( $fp ) {645: return fclose( $fp );fopen was found in the file parsers.php 398: $fp = $this->fopen( $file, 'r' );624: function fopen( $filename, $mode = 'r' ) {627: return fopen( $filename, $mode );fopen was found in the file parsers.php 398: $fp = $this->fopen( $file, 'r' );624: function fopen( $filename, $mode = 'r' ) {627: return fopen( $filename, $mode );fclose was found in the file parsers.php 447: $this->fclose($fp);642: function fclose( $fp ) {645: return fclose( $fp );fclose was found in the file parsers.php 447: $this->fclose($fp);642: function fclose( $fp ) {645: return fclose( $fp );file_get_contents was found in the file radium-importer.php 329: $data = file_get_contents( $file );411: $data = file_get_contents( $file );file_get_contents was found in the file radium-importer.php 329: $data = file_get_contents( $file );411: $data = file_get_contents( $file );
  8. Malware : Network operations curl_init was found in the file twitteroauth.php 1089: $ci = curl_init();curl_exec was found in the file twitteroauth.php 1115: $response = curl_exec($ci);
  9. Admin menu : Themes should use add_theme_page() for adding admin pages. File post-types.php : 95: add_submenu_page(File admin-functions.php : 180: add_menu_page(theme_name.' Settings', theme_name ,'switch_themes', 'panel' File admin-functions.php : 181: $theme_page = add_submenu_page('panel',theme_name.' Settings', theme_name.' Settings','sw182: //add_submenu_page('panel', theme_name, 'Pricing Tables', 'switch_themes', 'pFile admin-functions.php : 181: $theme_page = add_submenu_page('panel',theme_name.' Settings', theme_name.' Settings','sw182: //add_submenu_page('panel', theme_name, 'Pricing Tables', 'switch_themes', 'pFile radium-importer.php : 87: add_submenu_page('panel', 'Import Demo Data', 'Import Demo Data', 'switch_t
  10. Deprecated functions : wp_get_http wp_get_http found in file wordpress-importer.php. Deprecated since version 4.4. Use WP_Http instead.871: $headers = wp_get_http( $url, $upload['file'] );
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'construction' in file shipping-calculator.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'construction' in file cart-totals.php.Found a translation function that is missing a text-domain. Function esc_attr_e, with the arguments 'construction' in file customizer.php.
  2. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  3. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  4. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  5. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  6. I18N implementation : Proper use of _e(Possible variable $control found in translation function in customizer.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of ___all(Possible variable $cvalue found in translation function in shipping-calculator.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of esc_attr_e(Possible variable $control found in translation function in customizer.php. Translation function calls should not contain PHP variables.
  9. Screenshot : Screenshot fileScreenshot size is 880x660px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : search.php 50: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : shortcode.php 2056: if(!require_once(get_template_directory() . '/library/functions/twitteroauth.ph If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : ui.php 4: require_once( $parse_uri[0] . 'wp-load.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : widgets.php 808: if(!require_once('twitteroauth.php')){ If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : admin-functions.php 90: require ('google-fonts.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : google_font_list.php 5: require ('google-fonts.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : customizer.php 802: require_once('google_font_list.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : taxonomy-portfolio_category.php 152: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : blog-template.php 33: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : dynamic-styles.php 3: require_once( $parse_uri[0] . 'wp-load.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : portfolio_loop.php 190: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : archive.php 53: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : footer.php 41: include('browscap.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : index.php 44: <?php include(construction_PLUGINS . '/wp-pagenavi.php' ); wp_pagenavi(); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : init.php 6: require_once( dirname( __FILE__ ) .'/importer/radium-importer.php' ); //lo If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : radium-importer.php 253: require_once($class_wp_importer);268: require_once($class_wp_import); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes