0
Validation results

Root

Root

WordPress 6.5.2 theme
0
  • THEME TYPEWordPress theme 6.5.2
  • FILE NAMEroot-v2.3.2.zip
  • FILE SIZE1152659 bytes
  • MD5bc74827d8388a02482d640d1e31a518e
  • SHA1743208059d407a529150696b856694c2d0371832
  • LICENSENone
  • FILES INCLUDEDCSS, PHP, HTML, Bitmap images
  • THEME URIhttps://wpshop.ru/themes/root
  • VERSION2.3.2
  • AUTHOR URI
  • TAGSpremium, adaptive, seo
  • CREATION DATE2019-10-20
  • LAST FILE UPDATE2019-10-20
  • LAST VALIDATION2019-10-20 18:04
  • OTHER VERSIONS

    2.4.1 : 0%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Customizer : Sanitization of Customizer settings Found a Customizer setting that did not have a sanitization callback function in file customizer.php. Every call to the add_setting() method needs to have a sanitization callback function passed.
  2. Security breaches : Use of base64_decode() Found base64_decode in file metaboxes.php. 175: $fields_to_save = json_decode( base64_decode( $_POST[ $this->prefix . 'fields_to_save' ] ) );
  3. Security breaches : Use of base64_encode() Found base64_encode in file content-single.php. 
     echo '<span class='ps-link' data-uri=''. base64_encode( $source_link ) .''>' . __( 'Source', 'root' ) . '</span>';
    Found base64_encode in file top-commentators.php. 
     if ($result->comment_author_url) $comment_author_url = base64_encode( $result->comment_author_url );
    Found base64_encode in file metaboxes.php. 
     echo '<input type='hidden' name='' . $this->prefix . 'fields_to_save' value='' . esc_attr(base64_encode(json_encode( $this->to_save ))) . ''>';
    Found base64_encode in file pseudo-links.php. 
     $href = base64_encode( $href );
  4. Malware : Operations on file system file_get_contents was found in the file simple_html_dom.php 75: $contents = file_get_contents($url, $use_include_path, $context, $offset);1081: $this->load(call_user_func_array('file_get_contents', $args), true);file_put_contents was found in the file simple_html_dom.php 1105: if ($filepath!=='') file_put_contents($filepath, $ret, LOCK_EX);
  5. Admin menu : Themes should use add_theme_page() for adding admin pages. File admin.php : 50: add_options_page( 'Root', 'Root', 'manage_options', 'revelation', 'revelatiFile admin-ad.php : 432: add_submenu_page( 'themes.php', 'Реклама', 'Реклама', 'manage
  6. Inapropriate constants : Use of HEADER_TEXTCOLOR Constant HEADER_TEXTCOLOR was found in the file custom-header.php. add_theme_support( 'custom-header' ) should be used instead. 63: if ( HEADER_TEXTCOLOR === $header_text_color ) {
  7. Deprecated functions : get_bloginfo get_bloginfo('template_url') was found in the file smiles.php. Use get_template_directory_uri() instead.32: return get_bloginfo('template_url') . '/images/smilies/' . $img;get_bloginfo('template_url') was found in the file customizer-css.php. Use get_template_directory_uri() instead.52: if ( ! empty( $pattern_url ) ) echo 'body { background-image: url(' . get_bloginfo('template_url') . '/images/backgrounds/' . $pattern_url . ') }get_bloginfo( 'url' ) was found in the file functions.php. Use home_url() instead.492: $out .= '<meta itemprop='address' content='' . apply_filters( 'wpshop_microdata_publisher_address', get_bloginfo( 'url' ) ) . ''>';
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag premium in style.css header.Found wrong tag adaptive in style.css header.Found wrong tag seo in style.css header.
  2. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function _x, with the arguments 'Comment', 'noun' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Name' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Email' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Website' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Save my name, email, and website in this browser for the next time I comment.' in file comments.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'You can be first.' in file top-commentators.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'A thumbnail will be displayed on the page for the full width of the site. Recommended size %s' in file thumbnails.php.Found a translation function that is missing a text-domain. Function esc_html__, with the arguments 'A thumbnail will be displayed on the page for the full width of the site. Recommended size %s' in file thumbnails.php.Found a translation function that is missing a text-domain. Function _e, with the arguments 'Your comment is awaiting moderation.' in file comments.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Если Вам необходимо повторять фоновое изображение шапки, Вы можете задать это в поле ниже' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Размер, px' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Межстрочный' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Название сайта' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Размер, px' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Межстрочный' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Описание сайта' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Размер шрифта, px' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Шрифт заголовков' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Будут выводиться последние записи с миниатюрами. 0 - чтобы отключить, максимум 15' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'ID записей для слайдера' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Вы можете указать ID записей через запятую, для вывода определенных постов в слайдере. Недостающие будут заполнены последними записями.' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Показывать на страницах пагинации' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Показывать рубрику' in file customizer.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Показывать отрывок' in file customizer.php.Found a translation function that is missing a text-domain. Function esc_attr__, with the arguments in file metaboxes.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'average' in file functions.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'from' in file functions.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are root, widget-css-classes.
  3. Plugin territory : Plugin territory functionalitiesThe theme uses the add_shortcode() function. Custom post-content shortcodes are plugin-territory functionality.
  4. PHP short tags : Presence of PHP short tagsPHP short tags were found in file contact-form.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.99: <div class='errors'><?=$nameError;?></div>105: <div class='errors'><?=$emailError;?></div>111: <div class='errors'><?=$themeError;?></div>120: <div class='errors'><?=$commentError;?></div>
  5. I18N implementation : Proper use of _e(Possible variable $domain_localization found in translation function in top-commentators.php. Translation function calls should not contain PHP variables.
  6. I18N implementation : Proper use of ___all(Possible variable $value found in translation function in metaboxes.php. Translation function calls should not contain PHP variables.
  7. I18N implementation : Proper use of esc_attr___all(Possible variable $value found in translation function in metaboxes.php. Translation function calls should not contain PHP variables.
  8. CSS files : Presence of license urlLicense URI: is missing from style.css header.
  9. CSS files : Presence of .sticky class.sticky css class is needed in theme css.
  10. Date and time implementation : Use of the_time()At least one hard coded date was found in the file content-card.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content-card-one.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content-page.php. Function get_option( 'date_format' ) should be used instead.At least one hard coded date was found in the file content-single.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Static links : Presence of hard-coded linksPossible hard-coded links were found in the file wpshopbiz.php.39: echo 'Если у Вас появились вопросы или предложения по использованию тем от <a href='https://wpshop.ru/?utm_source=admin&utm_medium=dashboard&utm_campaign=root'52: 'Сайт разработан <a href='https://wpshop.ru/?utm_source=admin&utm_medium=footer&utm_campaign=root' ta
  2. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  3. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  4. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  5. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  6. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  7. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  8. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  9. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  10. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  11. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  12. Use of includes : Use of include or requireThe theme appears to use include or require : urlspan.php 50: require_once(TEMPLATEPATH . '/inc/urlspan/urlspan.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes
95

WordPress 6.5.2 theme

38

WordPress 6.5.2 theme

73

WordPress 6.5.2 theme