[theme-reviewers] Simple-Blue-Dashed 1.0

Joseph Scott joseph at automattic.com
Fri Jun 11 16:41:24 UTC 2010


On Thu, Jun 10, 2010 at 7:25 PM,  <chip at chipbennett.net> wrote:
> Of course, getting feedback based on the aesthetics of other theme
> developers is important and useful (and helps one know if one's own design
> sense is too far off-base).


There is a line between recognizing that a theme is just plain
unattractive and themes that have different, individual styles.  If a
theme falls into the completely unattractive category then it isn't
really a good fit for the theme directory.  This is an area where good
judgement needs to come into play.



> But, that said: should our reviews focus more on the public-facing theme
> design/rendering, or should we focus more on the code structure, proper
> use of WP functions and tags, security, etc.?
>
> (I mainly ask, as I am getting ready to start my own assigned review.)


All of the above :-)

Security is a big item, themes mis-use any external data ($_GET,
$_POST, $_REQUEST, $_COOKIE, $_SERVER) must be addressed, no two ways
about it.  Direct DB queries must properly escape data in the query
(and if there is a WP function to do the same thing the direct DB
query should be replaced with the function call).  Those are the
basic, *minimum* things that every theme needs to address security
wise.

Sometimes the theme author just isn't aware of specific functions or
services in WordPress, so some hints and reference URLs for more info
are helpful there.


-- 
Joseph Scott
joseph at josephscott.org
http://josephscott.org/


More information about the theme-reviewers mailing list