0
Validation results

Digi Marsh

Digi Marsh

WordPress 6.6.2 theme
0
  • THEME TYPEWordPress theme 6.6.2
  • FILE NAMEdigimarsh4.zip
  • FILE SIZE5623583 bytes
  • MD59e409f43e4306a5d9a2d9932208ff136
  • SHA1dc85df44ad26fcb2802d9c13b967be4047617f17
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, Bitmap images, Adobe Photoshop
  • VERSION4.0
  • CREATION DATE2020-07-16
  • LAST FILE UPDATE2020-07-16
  • LAST VALIDATION2020-07-16 06:25
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file extension_customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  3. Security breaches : Modification of PHP server settings Found ini_set in file Extension.php. 142: @ini_set('display_errors', 'On');
  4. Security breaches : Use of base64_decode() Found base64_decode in file GitLabApi.php. 235: return base64_decode($response->content);Found base64_decode in file GitHubApi.php. 267: return base64_decode($response->content);
  5. Security breaches : Use of base64_encode() Found base64_encode in file OAuthSignature.php.
     $parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $stringToSign, $secret, true));
  6. Unwanted files : hidden file(s) or folder(s) .editorconfig was found.
  7. Malware : Operations on file system fopen was found in the file class.redux_helpers.php 670: //$fp = fopen( $file, 'r' );fread was found in the file class.redux_helpers.php 673: //$file_data = fread( $fp, 8192 );fclose was found in the file class.redux_helpers.php 676: //fclose( $fp );fopen was found in the file color-options.php 31: $FileHandle = fopen($FileName, 'w') or die('can't open file');fwrite was found in the file color-options.php 81: fwrite($FileHandle, $stringData);fclose was found in the file color-options.php 83: fclose($FileHandle);
  8. Admin menu : Themes should use add_theme_page() for adding admin pages. File welcome.php : 199: $page = 'add_management_page';File framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile framework.php : 1432: $this->page = call_user_func( 'add_menu_page', $this->args['page_title'], $this->args['menu_title'], $thisFile framework.php : 1355: // wrappers and need to be appened to using add_submenu_page.1406: $this->page = call_user_func( 'add_submenu_page', $page_parent, $page_title, $menu_title, $page_permission1457: call_user_func( 'add_submenu_page', $this->args['page_slug'], $section['title'], $section['tFile tk-options.php : 65: // For a full list of options, visit: http://codex.wordpress.org/Function_Reference/add_submenu_page#ParametersFile class-tgm-plugin-activation.php : 731: $this->page_hook = call_user_func( 'add_submenu_page', $args['parent_slug'], $args['page_title'], $args['menu_tFile settings.php : 63: add_action( $admin_menu_hook, array( $this, 'add_settings_page' ), 90 );69: public function add_settings_page() {File settings.php : 73: $page_hook = add_submenu_page(File about.php : 65: add_menu_page(File about.php : 80: $about = add_submenu_page(
  9. Included plugins : Zip file found Plugins are not allowed in themes. The zip file found was mb-term-meta.zip.
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in functions.php. Themes must not deregister core scripts. 198: wp_deregister_script( 'wc-add-to-cart-variation' );Found wp_deregister_script in init.php. Themes must not deregister core scripts. 139: wp_deregister_script( 'wc-add-to-cart-variation' );Found wp_deregister_script in enqueue.php. Themes must not deregister core scripts. 215: wp_deregister_script( 'jquerySelect2' );Found wp_deregister_script in framework.php. Themes must not deregister core scripts. 579: wp_deregister_script( 'wpb_ace' );
  2. theme tags : Presence of bad theme tagsFound wrong tag in style.css header.
  3. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is digi-marsh.
  4. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'View details' in file Ui.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'More information about %s' in file Ui.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'all' in file map.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Title:' in file class-widget.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'SearchWP Engine:' in file class-widget.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Configuration:' in file class-widget.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Placeholder:' in file class-widget.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Destination fallback URL (optional):' in file class-widget.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are digimarsh, woocommerce, yith-woocommerce-compare, yith-woocommerce-wishlist, plugin-update-checker, redux-framework, themecheck, mb-term-meta, meta-box, searchwp, swplas, dokan-lite, dokan, palora.
  5. Plugin territory : Plugin territory functionalitiesThe theme uses the register_post_type() function, which is plugin-territory functionality.The theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  6. PHP short tags : Presence of PHP short tagsPHP short tags were found in file Parsedown.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.762: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))PHP short tags were found in file ParsedownLegacy.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.760: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))PHP short tags were found in file parsedown.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.772: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))
  7. Fundamental theme elements : Presence of add_theme_support()Could not find add_theme_support( 'automatic-feed-links' ).
  8. Fundamental theme elements : Presence of wp_link_pages()Could not find wp_link_pages.
  9. Fundamental theme elements : Presence of post_class()Could not find post_class.
  10. Comment reply : Declaration of comment replyCould not find the comment-reply script enqueued, however a reference to 'comment-reply' was found. Make sure that the comment-reply js script is being enqueued properly on singular pages.
  11. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  12. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  13. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  14. I18N implementation : Proper use of _e(Possible variable $domain found in translation function in comments.php. Translation function calls should not contain PHP variables.
  15. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  16. CSS files : Presence of .alignleft class.alignleft css class is needed in theme css.
  17. CSS files : Presence of .alignright class.alignright css class is needed in theme css.
  18. CSS files : Presence of .aligncenter class.aligncenter css class is needed in theme css.
  19. CSS files : Presence of .wp-caption class.wp-caption css class is needed in theme css.
  20. CSS files : Presence of .wp-caption-text class.wp-caption-text css class is needed in theme css.
  21. CSS files : Presence of .gallery-caption class.gallery-caption css class is needed in theme css.
  22. CSS files : Presence of .screen-reader-text class.screen-reader-text css class is needed in your theme css. See : the Codex for an example implementation.
  23. Date and time implementation : Use of the_time()At least one hard coded date was found in the file single.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file loop-post.php. Function get_option( 'date_format' ) should be used instead.
  24. Screenshot : Screenshot fileScreenshot dimensions are wrong! Detected: 1200x840px (10:7). Ratio of width to height should be 4:3.Screenshot size is 1200x840px. Screenshot size should be 1200x900, to account for HiDPI displays. Any 4:3 image size is acceptable, but 1200x900 is preferred.Bad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  8. Use of includes : Use of include or requireThe theme appears to use include or require : check.php 3: require_once(ABSPATH . '/wp-admin/includes/screen.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : UpgraderStatus.php 126: require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Autoloader.php 32: include ($this->libraryDir . $this->staticMap[$className]); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Package.php 144: require_once(ABSPATH . '/wp-admin/includes/plugin.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : readme-parser.php 251: require_once(dirname(__FILE__) . '/Parsedown' . (version_compare(PHP_VERSIO If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class.redux_api.php 541: include_once( $api_check ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : extension_customizer.php 753: require_once( $class_file ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : welcome.php 376: require_once 'views/about.php';391: require_once 'views/changelog.php';406: require_once 'views/extensions.php';422: require_once 'views/support.php';437: require_once 'views/credits.php';452: require_once 'views/status_report.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : framework.php 424: require_once 'core/dashboard.php';428: require_once 'core/newsflash.php';1700: require_once 'core/enqueue.php';2849: require_once 'core/enqueue.php';2907: require_once 'core/panel.php';3259: require_once 'core/panel.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : mb-term-meta.php 34: require 'vendor/autoload.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : map.php 3: require_once( ABSPATH . 'wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : searchwp-live-ajax-search.php 10: // include_once( dirname( __FILE__ ) . '/includes/class-widget.php' );44: include_once( dirname( __FILE__ ) . '/includes/class-client.php' );47: include_once( dirname( __FILE__ ) . '/includes/class-relevanssi-bridge.php'52: include_once( dirname( __FILE__ ) . '/includes/class-form.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-client.php 8: include_once( dirname( __FILE__ ) . '/class-template.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-widget.php 95: include_once( dirname( __FILE__ ) . '/class-form.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes