[theme-reviewers] Where can I learn more about theme security

Emil Uzelac emil at themeid.com
Mon Apr 18 07:14:34 UTC 2011 

No problem and knowledge of PHP Security in my opinion goes before that but
they are very much related ;) And that's just me. I am no expert.
*----*
*Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
emil at themeid.com | http://themeid.com
Make everything as simple as possible, but not simpler. - Albert Einstein



On Mon, Apr 18, 2011 at 2:06 AM, carolina n <myazalea at hotmail.com> wrote:

>  Thank you,
> I was thinking more theme specific, the likes of
>
> http://wordpress.stackexchange.com/questions/13539/what-are-security-best-practices-for-wordpress-plugins-and-themes
>
>
> ------------------------------
> From: emil at themeid.com
> Date: Sun, 17 Apr 2011 22:44:43 -0500
> To: theme-reviewers at lists.wordpress.org
> Subject: Re: [theme-reviewers] Where can I learn more about theme security
>
>
> You can start from basics such as http://php.net/manual/en/security.php and
> move on to  http://phpsec.org/projects/guide/ and also
> http://codex.wordpress.org/Hardening_WordPress there you will find an
> additional resources as well.
>  *----*
> *Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
> emil at themeid.com | http://themeid.com
> Make everything as simple as possible, but not simpler. - Albert Einstein
>
>
>
> On Sun, Apr 17, 2011 at 10:34 PM, myazalea at hotmail.com <
> myazalea at hotmail.com> wrote:
>
> As the title sais.
> Are there any mustreads, and what sources are reliable. There isnt alot on
> this on Wordpress.org or i missed it.
>
> or should I just learn more php?
>
>
> Skickat från min HTC
>
> ----- Reply message -----
> Från: "Emil Uzelac" <emil at themeid.com>
> Till: <theme-reviewers at lists.wordpress.org>
> Rubrik: [theme-reviewers] Join the team
> Datum: mån, apr 18, 2011 04:04
>
>
> menu is OK, widgetized menu is OK too ;)
> *----*
> *Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
> emil at themeid.com | http://themeid.com
> Make everything as simple as possible, but not simpler. - Albert Einstein
>
>
>
> On Sun, Apr 17, 2011 at 7:54 PM, Chip Bennett <chip at chipbennett.net>wrote:
>
> I actually disagree regarding the "Menu" Widget - maybe. :)
>
> If the Theme simply provides a Widgetized sidebar, and no "Navigation Menu"
> markup, then this approach is fine. However, if the Theme has what would
> reasonably considered to be the design intent of a Navigation Menu, then
> that implementation must support the core Nav Menu feature.
>
> Basically: Themes are not *required* to provide Navigation Menus, but if
> they *do* provide a Navigation Menu, then it must support the core
> functionality.
>
> Chip
>
>
> On Sun, Apr 17, 2011 at 7:13 PM, Emil Uzelac <emil at themeid.com> wrote:
>
>  1. The theme uses the text domain of Twenty Ten in a few spots. If I
> remember correctly from lurking on the list this is a reason for failure of
> the theme.
>  *Yes, Twenty Ten should be changed to i.e. silverville*
>  **
> 2. They use a widget for the menu and instruct the user to add the Pages
> widget. It seems to me that it's a much better option to use a WordPress
> menu which defaults to list pages. I don't believe this is an issue for a
> fail but probably a good suggestion as an update to the user.
>  *This part is just fine. As long as there are options for menu and being
> fully functional.*
>  **
> 3. The CSS fails on the background-color since it's value is set to 'none'
> when it should be set to 'transparent'. Would this typically be a reason for
> failure if all other CSS is okay?
>  *background-color: none; is invalid and it should be transparent.
> Recommendation would be background: none; or background-image: none; and not
> many people use the last one anymore. It's shortcoded via background.*
>  **
> 4. There are a number of other 'recommended' items in Theme Check but these
> are not a reason to fail a theme correct?
> *Recommended isn't required, if recommendations don't cause  problems, no
> need to fail.
> *
> Emil
> **
> *----*
> *Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
> emil at themeid.com | http://themeid.com
>  Make everything as simple as possible, but not simpler. - Albert Einstein
>
>
>
> On Sun, Apr 17, 2011 at 7:01 PM, Curtis McHale <curtis at curtismchale.ca>wrote:
>
> I have a few questions about my first theme review.
>
> 1. The theme uses the text domain of Twenty Ten in a few spots. If I
> remember correctly from lurking on the list this is a reason for failure of
> the theme..
> 2. They use a widget for the menu and instruct the user to add the Pages
> widget. It seems to me that it's a much better option to use a WordPress
> menu which defaults to list pages. I don't believe this is an issue for a
> fail but probably a good suggestion as an update to the user.
> 3. The CSS fails on the background-color since it's value is set to 'none'
> when it should be set to 'transparent'. Would this typically be a reason for
> failure if all other CSS is okay?
> 4. There are a number of other 'recommended' items in Theme Check but these
> are not a reason to fail a theme correct?
>
> I could probably go further in to the theme but I wanted to double check on
> the text domain item before I did.
>
> Curtis McHale
> PH: 604.751.3482
> http://www.curtismchale.ca
> Linkedin: http://www.linkedin.com/in/curtismchale
> Twitter: twitter.com/curtismchale
>
>
>
>   On Sat, Apr 16, 2011 at 4:39 PM, Edward Caissie <
> edward.caissie at gmail.com> wrote:
>
> Here ya go: http://themes.trac.wordpress.org/ticket/3320
> This will get you started ...
>
>
> Cais.
>
> On Sat, Apr 16, 2011 at 7:15 PM, Curtis McHale <curtis at curtismchale.ca>wrote:
>
> Figured I'd finally get off my butt and join the team after looking at the
> list for a few months. My trac name is curtismchale
>
> Curtis McHale
> PH: 604.751.3482
> http://www.curtismchale.ca
> Linkedin: http://www.linkedin.com/in/curtismchale
> Twitter: twitter.com/curtismchale
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________ theme-reviewers mailing
> list theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110418/f29e15b9/attachment.htm>

More information about the theme-reviewers mailing list