<blockquote style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;" class="gmail_quote">There's no good reason to use fopen in a theme. Any reason you can<br>
think of has better ways of doing it.<br></blockquote><br>I am curious as to what qualifies as a better way of doing things. E.g. I have code where depending on selections certain stylesheets are grouped together, then either they are compressed and/or minified. This requires a call to fopen to spit out all the contents of a local file into a buffer, then operate on that buffer. I cannot think of a way other than the one implemented for this purpose. Functions like include or get_template_part will fail to do what is intended because the contents of the files need to be altered on the fly. And if you are loading a collection of CSS files through PHP using the "link" tag, the PHP goes out of WP's context, so native WP functions will not be available in that PHP, unless you use wp-load.php, which is absolutely not recommended (I did read your post on wp-load, BTW).<br>
<br>I also checked WP's native loader files - they incidentally use file_get_contents(), which is another function apparently blacklisted as "fishy code" by the theme upload checker.<br><br>Regards,<br>Sayontan.<br>
<br><div class="gmail_quote">On Sun, Nov 28, 2010 at 9:23 AM, Otto <span dir="ltr"><<a href="mailto:otto@ottodestruct.com">otto@ottodestruct.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Actually, fopen is checked for, and yes, that triggers the "fishy" code.<br>
<br>
There's no good reason to use fopen in a theme. Any reason you can<br>
think of has better ways of doing it.<br>
<font color="#888888"><br>
-Otto<br>
</font><div><div></div><div class="h5"><br>
<br>
<br>
On Sun, Nov 28, 2010 at 7:42 AM, Simon Prosser <<a href="mailto:pross@pross.org.uk">pross@pross.org.uk</a>> wrote:<br>
> fopen isnt checked for, many themes use it for caching remember<br>
><br>
> On 28 November 2010 13:39, Philip M. Hofer (Frumph) <<a href="mailto:philip@frumph.net">philip@frumph.net</a>> wrote:<br>
>> Hrm.. probably the fopen in the paypal transaction IPN then. /shrug nothing<br>
>> I can do about that, at least it still pushed it through.<br>
>><br>
>> - Phil<br>
>><br>
>> ----- Original Message ----- From: "Jon Cave" <<a href="mailto:jon@lionsgoroar.co.uk">jon@lionsgoroar.co.uk</a>><br>
>> To: <<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a>><br>
>> Sent: Sunday, November 28, 2010 5:37 AM<br>
>> Subject: Re: [theme-reviewers] Theme Scan Failing<br>
>><br>
>><br>
>>> On Sun, Nov 28, 2010 at 1:18 PM, Philip M. Hofer (Frumph)<br>
>>> <<a href="mailto:philip@frumph.net">philip@frumph.net</a>> wrote:<br>
>>>><br>
>>>> Soo Otto what exactly are you caring about here that it causes a fail?<br>
>>><br>
>>> My guess (based on the last themecheck code I've seen) is that it's<br>
>>> the warning of suspicious code that's failing it. The other two are<br>
>>> just notifications but don't cause a fail.<br>
>>><br>
>>>> What specific 'malicious' code? .. I dont use base64 anywhere, at all.<br>
>>>> Everything necessary is protected with evaluators and nonce's.<br>
>>><br>
>>> I think that warning is for file_get_contents(__FILE__) or fopen,<br>
>>> again based on the last I saw of the theme checks.<br>
>>><br>
>>>> Don't care about editor styles, at all; won't create one.<br>
>>><br>
>>> It's a recommended guideline so the check is just highlighting it,<br>
>>> doubt it's a cause of failure.<br>
>>><br>
>>>> I use includes & get_template_parts() in appropriate places, I won't use<br>
>>>> get_template_part because of the performance of checking both the child<br>
>>>> theme and root theme and it always needs to just load the parent themes<br>
>>>> functions and not overriden by child themes functions of the same name.<br>
>>>><br>
>>>> Although included *in* parsed to output functions use get_template_part()<br>
>>>> as<br>
>>>> necessary<br>
>>><br>
>>> As above doubt it's cause of failure, just picking up of possible<br>
>>> violation of required guideline.<br>
>>><br>
>>> Just my thoughts, will need Otto to confirm or deny.<br>
>>> _______________________________________________<br>
>>> theme-reviewers mailing list<br>
>>> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
>>> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
>>><br>
>><br>
>><br>
>> _______________________________________________<br>
>> theme-reviewers mailing list<br>
>> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
>> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
>><br>
><br>
><br>
><br>
> --<br>
> My Blog: <a href="http://www.pross.org.uk/" target="_blank">http://www.pross.org.uk/</a><br>
> Plugins : <a href="http://www.pross.org.uk/plugins/" target="_blank">http://www.pross.org.uk/plugins/</a><br>
> Themes: <a href="http://wordpress.org/extend/themes/profile/pross" target="_blank">http://wordpress.org/extend/themes/profile/pross</a><br>
> _______________________________________________<br>
> theme-reviewers mailing list<br>
> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
><br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Sayontan Sinha<br><a href="http://mynethome.net" target="_blank">http://mynethome.net</a> | <a href="http://mynethome.net/blog" target="_blank">http://mynethome.net/blog</a><br>
--<br>Beating Australia in Cricket is like killing a celebrity. The death gets more coverage than the crime.<br><br>