Make WordPress Themes

Opened 18 months ago

Closed 18 months ago

Last modified 18 months ago

#10001 closed theme (not-approved)

THEME: iFeature - 4.5.30

Reported by: cyberchimps Owned by: mfields
Priority: Keywords: theme-ifeature
Cc: ifeaturepro@…


iFeature - 4.5.30

iFeature 4.5 is one of the easiest to use Premium WordPress Themes available, and was designed by CyberChimps WordPress Themes. iFeature includes a responsive mobile ready Apple-like design (which magically adjusts to mobile devices such as the iPhone and iPad), Responsive iFeature Slider, New Drag & Drop Header and Page Elements (for creating custom templates on a per-page basis), and intuitive iOS-like Theme Options. iFeature also includes support for several different languages, custom logo support, social icons, a widgetized sidebar and footer, custom typography options, and more.

Theme URL - http://cyberchimps.com/ifeature/
Author URL - http://cyberchimps.com

SVN - http://themes.svn.wordpress.org/ifeature/4.5.30
ZIP - http://wordpress.org/extend/themes/download/ifeature.4.5.30.zip?nostats=1

Diff with previous version: http://themes.trac.wordpress.org/changeset?old_path=/ifeature/4.5.9&new_path=/ifeature/4.5.30

All previous tickets for this theme: http://themes.trac.wordpress.org/query?col=id&col=summary&col=keywords&col=owner&col=status&col=resolution&keywords=~theme-ifeature&order=id


Change History (2)

comment:1 mfields18 months ago

  • Owner set to mfields
  • Status changed from new to assigned

comment:2 mfields18 months ago

  • Resolution set to not-approved
  • Status changed from assigned to closed

Hello! The updates look pretty good. I found a feww issues that need to be addressed before this version of the theme is approved. They are really easy fixes:


  1. L109 - Please use esc_attr() to escape dynamic data being include in the content attribute of meta tags.
  2. L157 - Please use esc_url() to escape the value of $url.
  3. L162 - Please use esc_url() to escape the value of $url.
  4. L308 - Please use esc_url() to escape the value of $url.


  1. Unsanitized user data is stored in the database in the event that the RW_Meta_Box_Validate class does not exist. Since RW_Meta_Box_Validate is the olny method of sanitization/validation at this point, I would strongly suggest that no data be saved in it's absence.

Google Fonts tip

I think it's awesome that you moved the style links to enqueues :) I just wanted to share a trick that I picked up from Twenty Eleven that might be helpful (This is not a blocker for approval btw). It's is best to use core functionality to detect the protocol before enqueueing/registering a google font. Something like this works rather well:

$protocol = is_ssl() ? 'https' : 'http';
wp_enqueue_style( 'mytheme-fonts', "$protocol://fonts.googleapis.com/css?myfont" ), array(), null );

Note: This review was performed by mostly by diff alone with a quick peak into core/actions/header-actions.php.

Last edited 18 months ago by mfields (previous) (diff)
Note: See TracTickets for help on using tickets.