0
Validation results

TheGem

TheGem

WordPress 6.4.3 theme
0
  • THEME TYPEWordPress theme 6.4.3
  • FILE NAMEthegem-5.0.0.zip
  • FILE SIZE6749986 bytes
  • MD547ed8a2ad7e3e0b53d28cd05e2d02b85
  • SHA1f1fd384ada789137aba926fbeb24d59a447fa790
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, HTML, XML, Bitmap images, Adobe Illustrator
  • THEME URIhttp://codex-themes.com/thegem/
  • VERSION5.0.0
  • TAGSone-column, two-columns, left-sidebar, right-sidebar, custom-background, custom-colors, custom-header, custom-menu, featured-images, flexible-header, full-width-template, theme-options, translation-ready
  • CREATION DATE2021-05-09
  • LAST FILE UPDATE2021-05-09
  • LAST VALIDATION2021-05-09 11:33
  • OTHER VERSIONS

    4.5.8.1 : 9%

    4.1.2 : 30%

    4.0.1 : 31%

    3.8.3.1 : 31%

    3.8.2.2 : 0%

This theme seems to be proprietary. Themecheck doesn't distribute commercial themes.
Critical alerts
  1. Security breaches : Use of base64_decode() Found base64_decode in file vc_row.php. 279: $output .= PHP_EOL.'<style>'.PHP_EOL.thegem_addPrefixToCssSelectors('#'.esc_attr( $el_id ), rawurldecode(base64_decode(wp_strip_all_tags($custom_css_code)))).PHP_EOL.'</style>'.PHPFound base64_decode in file theme-options.php. 1084: $result = wp_upload_bits('thegem_test.jpg',null,base64_decode('/9j/2wBDAAMCAgICAgMCAgIDAwMDBAYEBAQEBAgGBgUGCQgKCgkICQkKDA8M
  2. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src="https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJRjs" width="100%" height="480"> in file vc_gmaps.php. 6: 'link' => '<iframe src='https://www.google.com/maps/d/embed?mid=zy8g7PkInS5s.k1_kczfkJFound <iframe src="'.esc_url($link).'" frameborder="0"> in file content.php. 635: $video_block = '<iframe src=''.esc_url($link).'' frameborder='0'></iframe>';Found <iframe src="'.esc_url($link).'" frameborder="0" muted="muted" allowfullscreen> in file woocommerce.php. 377: $video_block = '<iframe src=''.esc_url($link).'' frameborder='0' muted='muted' allowfullscr
  3. Malware : Operations on file system file_get_contents was found in the file theme-options.php 498: $request = json_decode(file_get_contents('php://input'), true);728: $content=file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . 'dist' . DIRECTORY_SEPARA991: $css = file_get_contents(get_template_directory() . $filename);file_get_contents was found in the file theme-options.php 498: $request = json_decode(file_get_contents('php://input'), true);728: $content=file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . 'dist' . DIRECTORY_SEPARA991: $css = file_get_contents(get_template_directory() . $filename);file_get_contents was found in the file theme-options.php 498: $request = json_decode(file_get_contents('php://input'), true);728: $content=file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . 'dist' . DIRECTORY_SEPARA991: $css = file_get_contents(get_template_directory() . $filename);file_get_contents was found in the file functions.php 751: $font_json_file = file_get_contents(get_template_directory() . '/fonts/webfonts.json');
  4. Admin menu : Themes should use add_theme_page() for adding admin pages. File class-tgm-plugin-activation.php : 725: $this->page_hook = add_submenu_page( $args['parent_slug'], $args['page_title'], $args['menu_tiFile plugins.php : 478: add_submenu_page(null, esc_html__('Downgrade TheGem','thegem'), esc_html__(File theme-options.php : 114: add_menu_page(esc_html__('TheGem','thegem'), esc_html__('TheGem','thegem'),File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File theme-options.php : 115: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','116: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Theme Option117: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg118: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg119: //add_submenu_page('thegem-theme-options',esc_html__('TheGem Dashboard','theg120: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','121: add_submenu_page('thegem-dashboard-welcome',esc_html__('TheGem Dashboard','122: add_submenu_page(null, esc_html__('TheGem Importer','thegem'), esc_html__('File image-generator.php : 196: add_submenu_page(null, esc_html__('TheGem thumbnails','thegem'), esc_html__File functions.php : 152: $page = add_menu_page(esc_html__('TheGem','thegem'), esc_html__('TheGem','thegem'),File functions.php : 2002: $page = add_submenu_page('thegem-dashboard-welcome', esc_html__('Self-Hosted Fonts'2260: $page = add_submenu_page(NULL, esc_html__('Add new social network','thegem'), '', 'File functions.php : 2002: $page = add_submenu_page('thegem-dashboard-welcome', esc_html__('Self-Hosted Fonts'2260: $page = add_submenu_page(NULL, esc_html__('Add new social network','thegem'), '', '
  5. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : options.php.
Warning
  1. Text domain : Incorrect use of translation functions.Found a translation function that is missing a text-domain. Function __, with the arguments 'Save my name, email, and website in this browser for the next time I comment.' in file single-product-reviews.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments 'WARNING: custom.css file is missing in your TheGem installation. Custom.css is important for proper functioning of TheGem. <a href="', #/extras/panel.extra_options:regenerateCss>Please regenerate it now.</a> All your settings will remain, this action will not affect your setup., 'thegem' in file options.php.Found a translation function that is missing a text-domain. Function __, with the arguments "Activation failed. Please try again." in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments "Activated" in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments "Not activated" in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Specify description for this portfolio item to show in portfolio list / grid.' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Specify description for this blog post to show in blog list / grid / slider and featured posts slider.' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Font Preload' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Icon Fonts' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Self Hosted Fonts' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Short Description/Excerpt' in file messages.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Short Description/Excerpt' in file messages.php.Found a translation function that has an incorrect number of arguments. Function __, with the arguments ' ', settings applied successfully., 'thegem' in file theme-options.php.Found a translation function that is missing a text-domain. Function __, with the arguments 'Save my name, email, and website in this browser for the next time I comment.' in file comments.php.More than one text-domain is being used in this theme. This means the theme will not be compatible with WordPress.org language packs. The domains found are thegem, woocommerce, yith-woocommerce-wishlist, tgmpa, default, admin.php?page=thegem-theme-options, #/extras/panel.extra_options:regenerateCss>Please regenerate it now.</a> All your settings will remain, this action will not affect your setup., contact-form-7, settings applied successfully..
  2. PHP short tags : Presence of PHP short tagsPHP short tags were found in file content-single-product.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.52: <div class='single-product-content-left <?=$left_classes?> <?=$product_gallery_data['product_gallery'] == 'native' PHP short tags were found in file plugins.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.439: <img src='<?= get_template_directory_uri() . '/images/elementor-logo.svg' ?>' width='443: <p><b><?= __('TheGem for Elementor released!', 'thegem')?></b></p>444: <p><?= __('100% compatibility with Elementor and Elementor Pro. With all 400+ 445: <p><a href='//democontent.codex-themes.com/plugins/thegem/theme/elementor_update.html' class='thegem-elementor-notice-link'><b><?= __('Learn more...', 'thegem') ?></b></a> | <a href='#' class='thegem-no463: let name = '<?= esc_attr('thegem_elementor_available_notice'); ?>';464: let value = encodeURIComponent('<?= esc_attr('1.0.0'); ?>') + ('; expires=' + dt.toUTCString());PHP short tags were found in file lazy-items.class.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.56: visibilityOffset: <?=floatval($this->visibilityOffset)?>,PHP short tags were found in file woocommerce.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.300: <div class='product-gallery-slider-item' data-image-id='<?= esc_attr( $attachments_id ); ?>'>301: <div class='product-gallery-image <?=$product_gallery_data['product_gallery_zoom'] ? 'init-zoom' : null?>'>303: <a href='<?= esc_url( $full_image_url[0] ); ?>' class='fancy-product-gallery'304: data-fancybox-group='product-gallery-<?= esc_attr( $gallery_uid ); ?>'305: data-fancybox='product-gallery-<?= esc_attr( $gallery_uid ); ?>'306: data-full-image-url='<?= esc_url( $full_image_url[0] ); ?>'>307: <img src='<?= esc_url( $full_image_url[0] ); ?>' alt='' class='img-responsive'>310: <img src='<?= esc_url( $full_image_url[0] ); ?>' alt='' class='img-responsive'>316: <div class='product-gallery-thumb-item' data-image-id='<?= esc_attr( $attachments_id ); ?>'>397: <div class='product-gallery-slider-item <?php if (!$poster || $video_type == 'self'): ?>video-block<?php endif; ?>' data-video-type='<?=$video_type?>'>399: <a href='<?= $link ?>'401: data-fancybox-group='product-gallery-<?= esc_attr( $gallery_uid ); ?>'402: data-fancybox='product-gallery-<?= esc_attr( $gallery_uid ); ?>'>405: <i class='icon-play <?= $video_type ?>'></i>407: <?= $video_block ?>411: <?= $video_block ?>435: <img src='<?=get_stylesheet_directory_uri()?>/images/dummy/dummy.png' alt='' class='i437: <i class='icon-play <?=$video_type?>' style='color: <?=$poster ? '#ffffff' : '#dfe5e8'?>'></i>477: <div class='product-gallery-slider-item' data-image-id='<?= esc_attr( $attachments_id ); ?>'>479: <img src='<?= esc_url( $preview_image_url[0] ); ?>' alt='' class='img-responsive'>513: <div class='product-gallery-slider-item video-block' data-video-type='<?= $video_type ?>'><?= $video_block ?></div>1123: <div class='single-product' data-product-page-preselected-id='<?php echo esc_attr( $preselected_id ); ?>' data-quick-view='<?=thegem_get_option('product_gallery')?>'>PHP short tags were found in file custom-css.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.9222: color: <?=thegem_get_option('widget_triangle_color')?>;9236: <?=thegem_get_option('gradient_hover_angle')?>deg,9237: <?=thegem_get_option('gradient_hover_point1_color')?> <?=thegem_get_option(9238: <?=thegem_get_option('gradient_hover_point2_color')?> <?=thegem_get_option(9244: at <?=thegem_get_option('gradient_hover_position')?>,9245: <?=thegem_get_option('gradient_hover_point1_color')?> <?=thegem_get_option(9246: <?=thegem_get_option('gradient_hover_point2_color')?> <?=thegem_get_option(9261: <?=thegem_get_option('circular_overlay_hover_angle')?>deg,9262: <?=thegem_get_option('circular_overlay_hover_point1_color')?> <?=thegem_get9263: <?=thegem_get_option('circular_overlay_hover_point2_color')?> <?=thegem_get9269: at <?=thegem_get_option('circular_overlay_hover_position')?>,9270: <?=thegem_get_option('circular_overlay_hover_point1_color')?> <?=thegem_get9271: <?=thegem_get_option('circular_overlay_hover_point2_color')?> <?=thegem_get
  3. Line endings consistency : Both DOS and UNIX style line endingsFound a mix of \r\n and \n line endings in file custom-LB95ExzQ.css.Found a mix of \r\n and \n line endings in file style-editor.css.Found a mix of \r\n and \n line endings in file thegem-itemsAnimations.css.Found a mix of \r\n and \n line endings in file thegem-itemsAnimations.js.
  4. Hidden admin bar : Hidden admin Bar in CSSThemes should not hide admin bar. Detected in file style.css.
  5. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  6. Custom elements : Presence of custom backgroundNo reference to custom background was found in the theme.
  7. I18N implementation : Proper use of ___all(Possible variable $typeName found in translation function in theme-options.php. Translation function calls should not contain PHP variables.
  8. I18N implementation : Proper use of _x(Possible variable $v found in translation function in functions.php. Translation function calls should not contain PHP variables.
  9. CSS files : Presence of Author URICould not find Author URI.
  10. Date and time implementation : Use of the_date()At least one hard coded date was found in the file content.php. Function get_option( 'date_format' ) should be used instead.
  11. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of front page template file front-page.phpThis theme does not contain optional file front-page.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of archive template file archive.phpThis theme does not contain optional file archive.php.
  9. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  10. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  11. Use of includes : Use of include or requireThe theme appears to use include or require : plugins.php 497: require_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : content.php 544: include(locate_template('content-news-carousel-item.php'));554: include(locate_template('gem-templates/blog/content-blog-item-slider.php'))573: include(locate_template(array('gem-templates/blog/content-blog-item-masonry575: include(locate_template(array('gem-templates/blog/content-blog-item-justifi577: include(locate_template(array('gem-templates/blog/content-blog-item-'.$blog If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : theme-options.php 756: 'messages' => require('messages.php') If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : megamenu.class.php 321: include_once( get_template_directory() . '/inc/megamenu//edit-megamenu-walk If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.The theme appears to use include or require : search.php 77: include(locate_template(array('gem-templates/blog/content-blog-item-masonry If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes