[theme-reviewers] Where can I learn more about theme security
Emil Uzelac
emil at themeid.com
Mon Apr 18 03:44:43 UTC 2011
You can start from basics such as http://php.net/manual/en/security.php and
move on to http://phpsec.org/projects/guide/ and also
http://codex.wordpress.org/Hardening_WordPress there you will find an
additional resources as well.
*----*
*Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
emil at themeid.com | http://themeid.com
Make everything as simple as possible, but not simpler. - Albert Einstein
On Sun, Apr 17, 2011 at 10:34 PM, myazalea at hotmail.com <myazalea at hotmail.com
> wrote:
> As the title sais.
> Are there any mustreads, and what sources are reliable. There isnt alot on
> this on Wordpress.org or i missed it.
>
> or should I just learn more php?
>
>
> Skickat från min HTC
>
> ----- Reply message -----
> Från: "Emil Uzelac" <emil at themeid.com>
> Till: <theme-reviewers at lists.wordpress.org>
> Rubrik: [theme-reviewers] Join the team
> Datum: mån, apr 18, 2011 04:04
>
>
> menu is OK, widgetized menu is OK too ;)
> *----*
> *Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
> emil at themeid.com | http://themeid.com
> Make everything as simple as possible, but not simpler. - Albert Einstein
>
>
>
> On Sun, Apr 17, 2011 at 7:54 PM, Chip Bennett <chip at chipbennett.net>wrote:
>
>> I actually disagree regarding the "Menu" Widget - maybe. :)
>>
>> If the Theme simply provides a Widgetized sidebar, and no "Navigation
>> Menu" markup, then this approach is fine. However, if the Theme has what
>> would reasonably considered to be the design intent of a Navigation Menu,
>> then that implementation must support the core Nav Menu feature.
>>
>> Basically: Themes are not *required* to provide Navigation Menus, but if
>> they *do* provide a Navigation Menu, then it must support the core
>> functionality.
>>
>> Chip
>>
>>
>> On Sun, Apr 17, 2011 at 7:13 PM, Emil Uzelac <emil at themeid.com> wrote:
>>
>>> 1. The theme uses the text domain of Twenty Ten in a few spots. If I
>>> remember correctly from lurking on the list this is a reason for failure of
>>> the theme.
>>> *Yes, Twenty Ten should be changed to i.e. silverville*
>>> **
>>> 2. They use a widget for the menu and instruct the user to add the Pages
>>> widget. It seems to me that it's a much better option to use a WordPress
>>> menu which defaults to list pages. I don't believe this is an issue for a
>>> fail but probably a good suggestion as an update to the user.
>>> *This part is just fine. As long as there are options for menu and being
>>> fully functional.*
>>> **
>>> 3. The CSS fails on the background-color since it's value is set to
>>> 'none' when it should be set to 'transparent'. Would this typically be a
>>> reason for failure if all other CSS is okay?
>>> *background-color: none; is invalid and it should be transparent.
>>> Recommendation would be background: none; or background-image: none; and not
>>> many people use the last one anymore. It's shortcoded via background.*
>>> **
>>> 4. There are a number of other 'recommended' items in Theme Check but
>>> these are not a reason to fail a theme correct?
>>> *Recommended isn't required, if recommendations don't cause problems,
>>> no need to fail.
>>> *
>>> Emil
>>> **
>>> *----*
>>> *Emil Uzelac* | ThemeID | T: 224-444-0006 | Twitter: @EmilUzelac | E:
>>> emil at themeid.com | http://themeid.com
>>> Make everything as simple as possible, but not simpler. - Albert
>>> Einstein
>>>
>>>
>>>
>>> On Sun, Apr 17, 2011 at 7:01 PM, Curtis McHale <curtis at curtismchale.ca>wrote:
>>>
>>>> I have a few questions about my first theme review.
>>>>
>>>> 1. The theme uses the text domain of Twenty Ten in a few spots. If I
>>>> remember correctly from lurking on the list this is a reason for failure of
>>>> the theme..
>>>> 2. They use a widget for the menu and instruct the user to add the Pages
>>>> widget. It seems to me that it's a much better option to use a WordPress
>>>> menu which defaults to list pages. I don't believe this is an issue for a
>>>> fail but probably a good suggestion as an update to the user.
>>>> 3. The CSS fails on the background-color since it's value is set to
>>>> 'none' when it should be set to 'transparent'. Would this typically be a
>>>> reason for failure if all other CSS is okay?
>>>> 4. There are a number of other 'recommended' items in Theme Check but
>>>> these are not a reason to fail a theme correct?
>>>>
>>>> I could probably go further in to the theme but I wanted to double check
>>>> on the text domain item before I did.
>>>>
>>>> Curtis McHale
>>>> PH: 604.751.3482
>>>> http://www.curtismchale.ca
>>>> Linkedin: http://www.linkedin.com/in/curtismchale
>>>> Twitter: twitter.com/curtismchale
>>>>
>>>>
>>>>
>>>> On Sat, Apr 16, 2011 at 4:39 PM, Edward Caissie <
>>>> edward.caissie at gmail.com> wrote:
>>>>
>>>>> Here ya go: http://themes.trac.wordpress.org/ticket/3320
>>>>> This will get you started ...
>>>>>
>>>>>
>>>>> Cais.
>>>>>
>>>>> On Sat, Apr 16, 2011 at 7:15 PM, Curtis McHale <curtis at curtismchale.ca
>>>>> > wrote:
>>>>>
>>>>>> Figured I'd finally get off my butt and join the team after looking at
>>>>>> the list for a few months. My trac name is curtismchale
>>>>>>
>>>>>> Curtis McHale
>>>>>> PH: 604.751.3482
>>>>>> http://www.curtismchale.ca
>>>>>> Linkedin: http://www.linkedin.com/in/curtismchale
>>>>>> Twitter: twitter.com/curtismchale
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> theme-reviewers mailing list
>>>>>> theme-reviewers at lists.wordpress.org
>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> theme-reviewers mailing list
>>>>> theme-reviewers at lists.wordpress.org
>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> theme-reviewers mailing list
>>>> theme-reviewers at lists.wordpress.org
>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>
>>>>
>>>
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110417/fa503d47/attachment.htm>
More information about the theme-reviewers
mailing list