0
Validation results

Kratos

Kratos

WordPress 6.5.2 theme
0
  • THEME TYPEWordPress theme 6.5.2
  • FILE NAMEkratos-4.0.3.zip
  • FILE SIZE4007942 bytes
  • MD57335f555675a7a252ea72c2b038a332d
  • SHA1ce93ce9b4aeb0ef14ff1d923f2cd8a9e25ecc761
  • LICENSEGNU GPL 3
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • THEME URIhttps://github.com/vtrois/kratos
  • VERSION4.0.3
  • TAGS博客, 双栏, 响应式, 自定义背景, 自定义颜色, 自定义图标, 自定义菜单, 特色图像, 收录优化, 邮件中心, 主题选项, 小工具, 文章置顶, 无障碍友好
  • CREATION DATE2021-10-04
  • LAST FILE UPDATE2021-10-04
  • LAST VALIDATION2021-10-04 20:27
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Title : Title No reference to add_theme_support( "title-tag" ) was found in the theme.The theme needs to have <title> tags, ideally in the header.php file.The theme needs to have a call to wp_title(), ideally in the header.php file.
  2. Security breaches : Modification of PHP server settings Found ini_set in file Extension.php. 142: @ini_set('display_errors', 'On');
  3. Security breaches : Use of base64_decode() Found base64_decode in file GitLabApi.php. 247: return base64_decode($response->content);Found base64_decode in file GitHubApi.php. 274: return base64_decode($response->content);
  4. Security breaches : Use of base64_encode() Found base64_encode in file GitHubApi.php. 
     return 'Basic ' . base64_encode($this->userName . ':' . $this->accessToken);
    Found base64_encode in file OAuthSignature.php. 
     $parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $stringToSign, $secret, true));
    Found base64_encode in file ImageX.php. 
     return base64_encode(json_encode($token));
    Found base64_encode in file V4Curl.php. 
     $sts['SessionToken'] = 'STS2' . base64_encode(json_encode($innerToken));
     $accessKeyId = $prefix . base64_encode(bin2hex(random_bytes(16)));
     return base64_encode(bin2hex(random_bytes(30)));
     return base64_encode(openssl_encrypt($src, 'AES-128-CBC', $pwd, OPENSSL_RAW_DATA |
     $sign = base64_encode(hash_hmac('sha1', $data, $dateKey, true));
    Found base64_encode in file getallheaders.php. 
     $headers['Authorization'] = 'Basic ' . base64_encode($_SERVER['PHP_AUTH_USER'] . ':' . $basic_pass);
    Found base64_encode in file StreamHandler.php. 
     $auth = \base64_encode('{$parsed['user']}:{$parsed['pass']}');
    Found base64_encode in file Client.php. 
     . \base64_encode('$value[0]:$value[1]');
  5. Unwanted files : hidden file(s) or folder(s) .prettierignore .htaccess .pullapprove.yml .gitignore .eslintignore was found.
  6. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe style="width:100%" frameborder="no" border="0" marginwidth="0" marginheight="0" height=86 src="//music.163.com/outchain/player?type=2&id='; $return .= $content; $return .= '&auto=' . kratos_option('g_163mic', false) . '&height=66"> in file theme-shortcode.php.
  7. Malware : Operations on file system file_get_contents was found in the file ImageX.php 246: $content = file_get_contents($filePath);fopen was found in the file ImageX.php 249: $body = fopen($filePath, 'r');file_get_contents was found in the file V4Curl.php 40: $this->version = trim(file_get_contents(__DIR__ . '/../../VERSION'));92: $json = json_decode(file_get_contents(getenv('HOME') . '/.volc/config'), true);file_get_contents was found in the file V4Curl.php 40: $this->version = trim(file_get_contents(__DIR__ . '/../../VERSION'));92: $json = json_decode(file_get_contents(getenv('HOME') . '/.volc/config'), true);fopen was found in the file StreamFactoryInterface.php 22: * supported by the `fopen` function.24: * The `$filename` MAY be any string supported by `fopen()`.fwrite was found in the file platform_check.php 17: fwrite(STDERR, 'Composer detected issues in your platform:' . PHP_EOL.PHP_Efopen was found in the file RequestOptions.php 79: * fopen() enable debug output with the HTTP handler used to send afwrite was found in the file MockHandler.php 126: \fwrite($sink, $contents);file_put_contents was found in the file MockHandler.php 128: \file_put_contents($sink, $contents);fopen was found in the file StreamHandler.php 154: Fopen('php://temp', 'r+');317: $resource = @\fopen((string) $uri, 'r', false, $contextResource);fwrite was found in the file StreamHandler.php 553: \fwrite($value, $args[$i] . ': '' . $v . '' ');555: \fwrite($value, '\n');fwrite was found in the file StreamHandler.php 553: \fwrite($value, $args[$i] . ': '' . $v . '' ');555: \fwrite($value, '\n');file_put_contents was found in the file FileCookieJar.php 68: if (false === \file_put_contents($filename, $jsonStr, \LOCK_EX)) {file_get_contents was found in the file FileCookieJar.php 84: $json = \file_get_contents($filename);fwrite was found in the file Utils.php 291: fwrite($stream, (string) $resource);307: fwrite($stream, stream_get_contents($resource));fwrite was found in the file Utils.php 291: fwrite($stream, (string) $resource);307: fwrite($stream, stream_get_contents($resource));fopen was found in the file Utils.php 289: Fopen('php://temp', 'r+');306: Fopen('php://temp', 'w+');330: Fopen('php://temp', 'r+'), $options);343: * When fopen fails, PHP normally raises a warning. This function adds an353: Fopen(string $filename, string $mode)369: $handle = fopen($filename, $mode);fclose was found in the file Stream.php 112: fclose($this->stream);fread was found in the file Stream.php 232: $string = fread($this->stream, $length);fwrite was found in the file Stream.php 251: $result = fwrite($this->stream, $string);fopen was found in the file StreamWrapper.php 47: return fopen('guzzle://stream', $mode, false, self::createStreamContext($stream));fopen was found in the file theme-dogecloud.php 22: $file = fopen($file, 'rb');
  8. Malware : Network operations curl_exec was found in the file CurlHandler.php 44: \curl_exec($easy->handle);curl_init was found in the file CurlFactory.php 69: $easy->handle = $this->handles ? \array_pop($this->handles) : \curl_init();curl_init was found in the file theme-dogecloud.php 31: $curl = curl_init();curl_exec was found in the file theme-dogecloud.php 44: $response = curl_exec($curl);
  9. Admin menu : Themes should use add_theme_page() for adding admin pages. File admin-options.class.php : 433: $menu_page = call_user_func('add_submenu_page', $menu_parent, esc_attr($menu_title), esc_attr($menu_titl439: call_user_func('add_submenu_page', $menu_slug, esc_attr($sub_menu_title), esc_attr($sub_men446: call_user_func('add_submenu_page', $menu_slug, esc_attr($section['title']), esc_attr($sectFile admin-options.class.php : 436: $menu_page = call_user_func('add_menu_page', esc_attr($menu_title), esc_attr($menu_title), $menu_capabilFile admin-options.class.php : 433: $menu_page = call_user_func('add_submenu_page', $menu_parent, esc_attr($menu_title), esc_attr($menu_titl439: call_user_func('add_submenu_page', $menu_slug, esc_attr($sub_menu_title), esc_attr($sub_men446: call_user_func('add_submenu_page', $menu_slug, esc_attr($section['title']), esc_attr($sectFile admin-options.class.php : 433: $menu_page = call_user_func('add_submenu_page', $menu_parent, esc_attr($menu_title), esc_attr($menu_titl439: call_user_func('add_submenu_page', $menu_slug, esc_attr($sub_menu_title), esc_attr($sub_men446: call_user_func('add_submenu_page', $menu_slug, esc_attr($section['title']), esc_attr($sect
  10. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : theme-core.php.
  11. Comment reply : Declaration of comment reply Could not find the comment-reply js script enqueued.
  12. Content width : Proper definition of content_width No content width has been defined. Example: 
    if ( ! isset( $content_width ) ) $content_width = 900;
  13. Deprecated functions : get_bloginfo get_bloginfo('url') was found in the file theme-options.php. Use home_url() instead.54: $web_url = get_bloginfo('url');
  14. Deprecated functions : get_option get_option('home') was found in the file 404.php. Use home_url() instead.23: <a href='<?php echo get_option('home'); ?>' class='btn btn-outline-primary ml-3 back-index'><?pget_option('home') was found in the file header.php. Use home_url() instead.34: <a class='navbar-brand' href='<?php echo get_option('home'); ?>'>get_option('home') was found in the file theme-smtp.php. Use home_url() instead.44: <h1 style='color:#fff; font-size:25px;line-height:30px; margin:0;'><a href='' . get_option('home') . '' style='text-decoration: none;color: #FFF;'>' . html94: <h1 style='color:#fff; font-size:25px;line-height:30px; margin:0;'><a href='' . get_option('home') . '' style='text-decoration: none;color: #FFF;'>' . html
  15. Post pagination : Implementation The theme doesn't have post pagination code in it. Use posts_nav_link() or paginate_links() or the_posts_pagination() or the_posts_navigation() or next_posts_link() and previous_posts_link() to add post pagination.
Warning
  1. core scripts deregistered : Core scripts deregistrationFound wp_deregister_script in theme-core.php. Themes must not deregister core scripts. 81: wp_deregister_script('jquery');
  2. theme tags : Presence of bad theme tagsFound wrong tag 博客 in style.css header.Found wrong tag 双栏 in style.css header.Found wrong tag 响应式 in style.css header.Found wrong tag 自定义背景 in style.css header.Found wrong tag 自定义颜色 in style.css header.Found wrong tag 自定义图标 in style.css header.Found wrong tag 自定义菜单 in style.css header.Found wrong tag 特色图像 in style.css header.Found wrong tag 收录优化 in style.css header.Found wrong tag 邮件中心 in style.css header.Found wrong tag 主题选项 in style.css header.Found wrong tag 小工具 in style.css header.Found wrong tag 文章置顶 in style.css header.Found wrong tag 无障碍友好 in style.css header.
  3. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is kratos.
  4. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'A search form for your site.' in file theme-widgets.php.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Search', 'Search widget' in file theme-widgets.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Title:' in file theme-widgets.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'View details' in file Ui.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'More information about %s' in file Ui.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are kratos, csf, plugin-update-checker.
  5. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  6. Unwanted directories : GIT revision control directoryA.git was found.
  7. PHP short tags : Presence of PHP short tagsPHP short tags were found in file ParsedownModern.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.762: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))PHP short tags were found in file ParsedownLegacy.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.760: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))
  8. Fundamental theme elements : Presence of language_attributes()Could not find .
  9. Fundamental theme elements : Presence of add_theme_support()Could not find add_theme_support( 'automatic-feed-links' ).
  10. Fundamental theme elements : Presence of comment_form()Could not find comment_form.
  11. Fundamental theme elements : Presence of post_class()Could not find post_class.
  12. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  13. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  14. Editor style : Presence of editor styleNo reference to add_editor_style() was found in the theme. It is recommended that the theme implements editor styling, so as to make the editor content match the resulting post output in the theme, for a better user experience.
  15. Featured image : Use of the_post_thumbnail() instead of custom fields for thumbnailsNo reference to the_post_thumbnail was found in the theme.
  16. CSS files : Presence of .bypostauthor class.bypostauthor css class is needed in theme css.
  17. CSS files : Presence of .gallery-caption class.gallery-caption css class is needed in theme css.
  18. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of search results template file search.phpThis theme does not contain optional file search.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : setup.class.php 350: require_once($path); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : UpgraderStatus.php 126: require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Autoloader.php 46: include ($this->libraryDir . $this->staticMap[$className]); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Package.php 144: require_once(ABSPATH . '/wp-admin/includes/plugin.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : PucReadmeParser.php 258: require_once(dirname(__FILE__) . '/Parsedown' . (version_compare(PHP_VERSIO If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-volcengine.php 12: require_once 'volcengine-imagex/vendor/autoload.php'; If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
0

WordPress 6.5.2 theme

97

WordPress 6.5.2 theme

96

WordPress 6.5.2 theme