0
Validation results

Th Shop Mania

Th Shop Mania

WordPress 6.7 theme
0
  • THEME TYPEWordPress theme 6.7
  • FILE NAMEth-shop-mania-test.zip
  • FILE SIZE963620 bytes
  • MD5fe9ce577ca9addc7d14dc03279b995e2
  • SHA1f39785bfce1fbe81d813d6251cdec8a247456861
  • LICENSEGNU GPL 3
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • THEME URIhttps://themehunk.com/th-shop-mania/
  • VERSION1.1.0
  • AUTHOR URI
  • TAGSe-commerce, blog, grid-layout, one-column, two-columns, three-columns, four-columns, left-sidebar, right-sidebar, custom-background, custom-colors, custom-logo, custom-menu, featured-image-header, featured-images, custom-header, footer-widgets, full-width-
  • CREATION DATE2022-05-16
  • LAST FILE UPDATE2022-05-16
  • LAST VALIDATION2022-05-16 11:02
This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Modification of PHP server settings Found ini_set in file key.php. 2: ini_set('display_errors', true);10: // ini_set('display_errors', true);Found ini_set in file Extension.php. 146: @ini_set('display_errors', 'On');
  2. Security breaches : Use of base64_decode() Found base64_decode in file license_key.php. 276: $ret = $c->decrypt(base64_decode($response));Found base64_decode in file LicenseChecker.php. 285: $ret = $c->decrypt(base64_decode($response));Found base64_decode in file GitLabApi.php. 323: return base64_decode($response->content);Found base64_decode in file GitHubApi.php. 274: return base64_decode($response->content);
  3. Security breaches : Use of base64_encode() Found base64_encode in file license_key.php.
     return base64_encode($ret);
    Found base64_encode in file LicenseChecker.php.
     return base64_encode($ret);
    Found base64_encode in file GitHubApi.php.
     return 'Basic ' . base64_encode($this->userName . ':' . $this->accessToken);
    Found base64_encode in file OAuthSignature.php.
     $parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $stringToSign, $secret, true));
  4. Unwanted files : hidden file(s) or folder(s) .editorconfig .gitignore was found.
  5. Malware : Operations on file system fwrite was found in the file license_key.php 354: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT359: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng363: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fwrite was found in the file license_key.php 354: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT359: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng363: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fwrite was found in the file license_key.php 354: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT359: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng363: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fclose was found in the file license_key.php 377: fclose($f);434: fclose($f);fopen was found in the file license_key.php 64: public $openurl_callbacks = [ // fsockopen, curl, fopen67: Fopen'],404: Fopen($method, $url, $params)420: $f = @fopen($url, 'r', false, $context);fclose was found in the file license_key.php 377: fclose($f);434: fclose($f);file_put_contents was found in the file key.php 35: // file_put_contents(DATA_DIR . '/key.txt', $license_key);101: // file_put_contents(DATA_DIR . '/activation-cache.txt', $activation_cache);file_get_contents was found in the file key.php 80: //$license_key = trim(file_get_contents(DATA_DIR . '/key.txt'));88: //$activation_cache = trim(file_get_contents(DATA_DIR . '/activation-cache.txt'));file_get_contents was found in the file key.php 80: //$license_key = trim(file_get_contents(DATA_DIR . '/key.txt'));88: //$activation_cache = trim(file_get_contents(DATA_DIR . '/activation-cache.txt'));file_put_contents was found in the file key.php 35: // file_put_contents(DATA_DIR . '/key.txt', $license_key);101: // file_put_contents(DATA_DIR . '/activation-cache.txt', $activation_cache);fwrite was found in the file LicenseChecker.php 363: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT368: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng372: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fwrite was found in the file LicenseChecker.php 363: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT368: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng372: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fwrite was found in the file LicenseChecker.php 363: fwrite($f, strtoupper($method) . ' ' . $url_parts['path'] . $query . ' HTT368: fwrite($f, 'Content-type: application/x-www-form-urlencoded\r\nContent-leng372: fwrite($f, 'Host: ' . $url_parts['host'] . '\r\nConnection: Close\r\n\r\n' fclose was found in the file LicenseChecker.php 386: fclose($f);442: fclose($f);fopen was found in the file LicenseChecker.php 72: public $openurl_callbacks = array( // fsockopen, curl, fopen75: Fopen'),412: Fopen($method, $url, $params)428: $f = @fopen($url, 'r', false, $context);fclose was found in the file LicenseChecker.php 386: fclose($f);442: fclose($f);
  6. Malware : Network operations fsockopen was found in the file license_key.php 64: public $openurl_callbacks = [ // fsockopen, curl, fopen65: Fsockopen'],338: Fsockopen($method, $url, $params)343: $f = fsockopen('ssl://'. $url_parts['host'], 443);345: $f = fsockopen('tcp://' . $url_parts['host'], 80);fsockopen was found in the file license_key.php 64: public $openurl_callbacks = [ // fsockopen, curl, fopen65: Fsockopen'],338: Fsockopen($method, $url, $params)343: $f = fsockopen('ssl://'. $url_parts['host'], 443);345: $f = fsockopen('tcp://' . $url_parts['host'], 80);curl_init was found in the file license_key.php 383: if (!function_exists('curl_init')) return385: $ch = curl_init();curl_exec was found in the file license_key.php 397: if (($body = curl_exec($ch)) === false)fsockopen was found in the file LicenseChecker.php 72: public $openurl_callbacks = array( // fsockopen, curl, fopen73: Fsockopen'),347: Fsockopen($method, $url, $params)352: $f = fsockopen('ssl://'. $url_parts['host'], 443);354: $f = fsockopen('tcp://' . $url_parts['host'], 80);fsockopen was found in the file LicenseChecker.php 72: public $openurl_callbacks = array( // fsockopen, curl, fopen73: Fsockopen'),347: Fsockopen($method, $url, $params)352: $f = fsockopen('ssl://'. $url_parts['host'], 443);354: $f = fsockopen('tcp://' . $url_parts['host'], 80);curl_init was found in the file LicenseChecker.php 392: if (!function_exists('curl_init')) return 394: $ch = curl_init();curl_exec was found in the file LicenseChecker.php 405: if (($body = curl_exec($ch)) === false)
Warning
  1. theme tags : Presence of bad theme tagsFound wrong tag custom-logo in style.css header.
  2. Text domain : Incorrect use of translation functions.Wrong installation directory for the theme name. The directory name must match the slug of the theme. This theme's correct slug and text-domain is th-shop-mania.
  3. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'View details' in file Ui.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'More information about %s' in file Ui.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are th-shop-mania, plugin-update-checker.
  4. Unwanted directories : GIT revision control directoryA.git was found.
  5. PHP short tags : Presence of PHP short tagsPHP short tags were found in file ParsedownModern.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.762: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))PHP short tags were found in file ParsedownLegacy.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.760: if (preg_match('/^\[(.+?)\]:[ ]*<?(\S+?)>?(?:[ ]+['\'(](.+)['\')])?[ ]*$/', $Line['text'], $matches))
  6. Comment pagination : Declaration of comment paginationThe theme doesn't have comment pagination code in it. Use paginate_comments_links() to add comment pagination, or older previous_comments_link() and next_comments_link() functions.
  7. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  4. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  5. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  6. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  7. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  8. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : tab-html.php 58: <?php include('welcome.php'); ?>100: <?php include('free-pro.php'); ?>115: <?php include('need-help.php'); ?>127: <?php include('sidebar.php'); ?> If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : th-option.php 2: include_once(ABSPATH . 'wp-admin/includes/plugin-install.php');173: include('tab-html.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : UpgraderStatus.php 126: require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Autoloader.php 46: include ($this->libraryDir . $this->staticMap[$className]); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : Package.php 144: require_once(ABSPATH . '/wp-admin/includes/plugin.php'); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : PucReadmeParser.php 258: require_once(dirname(__FILE__) . '/Parsedown' . (version_compare(PHP_VERSIO If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : class-customize.php 65: require_once( trailingslashit( get_template_directory() ) . 'customizer/pro If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes