Does the Theme documentation even disclose that it includes this tracking code? If not, it&#39;s a double-whammy: no user disclosure, and no user consent.<div><br></div><div>Note that this *should* have come up in Theme Check already, under INFO, due to the http:// links. Adding an explicit test to Theme Check would probably be okay, but perhaps not scalable, if other similar services start cropping up.</div>
<div><br></div><div>On a related note: doesn&#39;t it rather defeat the purpose of API and auth keys, to have those keys in clear-text, in a freely available, open-source product? That&#39;s really more of a question for PressTrends, I guess.</div>
<div><br></div><div>Chip<br><br><div class="gmail_quote">On Thu, Mar 8, 2012 at 9:00 AM, Yulian Yordanov <span dir="ltr">&lt;<a href="mailto:yul.yordanov@gmail.com">yul.yordanov@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

  
    
  
  <div bgcolor="#FFFFFF" text="#333333">
    <font size="-1"><font face="Trebuchet MS">Understood. In this
        particular case there is no such options just that code, which
        frankly speaking I found by chance. There might be other themes
        with it as well, especially if the theme-package has a lot of
        files. <br>
        It may be useful if Theme Checker prints some info about
        presence of this function, so the reviewer will be aware to
        check how it&#39;s implemented. <br>
      </font></font><div><div class="h5"> <br>
    On 08.3.2012 15:35, Chip Bennett wrote:
    <blockquote type="cite">Exactly: user-configurable, and disabled by default
      (i.e. OPT-IN).
      <div><br>
      </div>
      <div>(I wondered when we&#39;d see our first PressTrends
        implementation get submitted...)</div>
      <div><br>
      </div>
      <div>Chip<br>
        <br>
        <div class="gmail_quote">
          On Thu, Mar 8, 2012 at 6:25 AM, George Mamadashvili <span dir="ltr">&lt;<a href="mailto:georgemamadashvili@gmail.com" target="_blank">georgemamadashvili@gmail.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            I think it should be disabled by default, and theme author
            may include option to enable it if user want to share data.<br>
            <br>
            <div class="gmail_quote">
              <div>
                <div>On Thu, Mar 8, 2012 at 4:12 PM, yulian
                  yordanov <span dir="ltr">&lt;<a href="mailto:yul.yordanov@gmail.com" target="_blank">yul.yordanov@gmail.com</a>&gt;</span>
                  wrote:<br>
                </div>
              </div>
              <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                <div>
                  <div>Currently reviewing a theme which has
                    tracking code in its functions from a service called
                    &quot;PressTrends&quot; <a href="http://presstrends.io/" target="_blank">http://presstrends.io/</a>
                    This service fetches details about users to theme&#39;s
                    author for statistical purposes, but I&#39;m wondering
                    is it&#39;s OK for a theme in WP repository?<br>
                    <br>
                    That&#39;s how the code looks like:<br>
                    <br>
                    <span style="font-family:courier new,monospace">//
                      Add your PressTrends and Theme API Keys</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$api_key
                      = &#39;-----&#39;;</span> (deleted by me)<br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$auth
                      = &#39;------&#39;;</span> (deleted by me)<br style="font-family:courier new,monospace">
                    <br>
                    <span style="font-family:courier new,monospace">$data
                      = get_transient( &#39;presstrends_data&#39; );</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">if
                      (!$data || $data == &#39;&#39;){</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$api_base
                      = &#39;<a href="http://api.presstrends.io/index.php/api/sites/add/auth/" target="_blank">http://api.presstrends.io/index.php/api/sites/add/auth/</a>&#39;;</span><br style="font-family:courier new,monospace">

                    <span style="font-family:courier new,monospace">$url
                      = $api_base . $auth . &#39;/api/&#39; . $api_key . &#39;/&#39;;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data
                      = array();</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$count_posts
                      = wp_count_posts();</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$count_pages
                      = wp_count_posts(&#39;page&#39;);</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$comments_count
                      = wp_count_comments();</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$theme_data
                      = get_theme_data(get_stylesheet_directory() .
                      &#39;/style.css&#39;);</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$plugin_count
                      = count(get_option(&#39;active_plugins&#39;));</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$all_plugins
                      = get_plugins();</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">foreach($all_plugins
                      as $plugin_file =&gt; $plugin_data) {</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$plugin_name
                      .= $plugin_data[&#39;Name&#39;];</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$plugin_name
                      .= &#39;&amp;&#39;;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">}</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;url&#39;]
                      = stripslashes(str_replace(array(&#39;<a>http://</a>&#39;, &#39;/&#39;,
                      &#39;:&#39; ), &#39;&#39;, site_url()));</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;posts&#39;]
                      = $count_posts-&gt;publish;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;pages&#39;]
                      = $count_pages-&gt;publish;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;comments&#39;]
                      = $comments_count-&gt;total_comments;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;approved&#39;]
                      = $comments_count-&gt;approved;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;spam&#39;]
                      = $comments_count-&gt;spam;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;theme_version&#39;]
                      = $theme_data[&#39;Version&#39;];</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;theme_name&#39;]
                      = $theme_data[&#39;Name&#39;];</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;site_name&#39;]
                      = str_replace( &#39; &#39;, &#39;&#39;, get_bloginfo( &#39;name&#39; ));</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;plugins&#39;]
                      = $plugin_count;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;plugin&#39;]
                      = urlencode($plugin_name);</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$data[&#39;wpversion&#39;]
                      = get_bloginfo(&#39;version&#39;);</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">foreach
                      ( $data as $k =&gt; $v ) {</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$url
                      .= $k . &#39;/&#39; . $v . &#39;/&#39;;</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">}</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">$response
                      = wp_remote_get( $url );</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">set_transient(&#39;presstrends_data&#39;,
                      $data, 60*60*24);</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">}}</span><br style="font-family:courier new,monospace">
                    <span style="font-family:courier new,monospace">add_action(&#39;admin_init&#39;,
                      &#39;if_presstrends&#39;);</span><span><font color="#888888"><br clear="all">
                        <br>
                        <br>
                        -- <br>
                        <font style="font-family:trebuchet ms,sans-serif" size="2">Yulian Yordanov<br>
                          <a href="http://post-scriptum.info/" target="_blank">post-scriptum.info</a></font><br>
                        <br>
                      </font></span><br>
                  </div>
                </div>
                _______________________________________________<br>
                theme-reviewers mailing list<br>
                <a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
                <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
                <br>
              </blockquote>
            </div>
            <br>
            <br>
            _______________________________________________<br>
            theme-reviewers mailing list<br>
            <a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
            <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
theme-reviewers mailing list
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a>
</pre>
    </blockquote>
    <br>
    </div></div><span class="HOEnZb"><font color="#888888"><div>-- <br>
      <font><span style="font-family:Trebuchet MS,sans-serif">Yulian
          Yordanov
          <br>
          <br>
          <a href="mailto:yul.yordanov@gmail.com" target="_blank">yul.yordanov@gmail.com</a></span>
        <br>
        <a style="font-family:Trebuchet MS,sans-serif" href="http://post-scriptum.info/" target="_blank">post-scriptum.info</a></font></div>
  </font></span></div>

<br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br></div>