[theme-reviewers] Guidance on theme security
edward.caissie at gmail.com
Tue Oct 19 18:39:33 UTC 2010
This should be added to the
http://codex.wordpress.org/Theme_Review#Template_Tags_and_Hooks section ...
still currently in "draft" status.
On Tue, Oct 19, 2010 at 12:53 PM, Lance Willett <nanobar at gmail.com> wrote:
> > get_option('home') and get_option('siteurl') should *not* be used in
> > I believe the guidelines say so.
> I don't see this anywhere in the guidelines (nor in any of the Theme
> Standards docs). Thanks for bringing it up though—I had missed
> http://core.trac.wordpress.org/ticket/9008 somehow. :)
> I know there are lots of instances of both of get_option('home') in
> header.php across many themes, and get_option('siteurl') in
> comments.php. Also get_settings('home') which is in older themes
> should be moved to home_url(). I'll be doing a big cleanup for all of
> these for our WordPress.com themes.
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the theme-reviewers