WordPress.org

Make WordPress Themes

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#22707 closed theme (live)

THEME: Esplanade - 1.1.5

Reported by: pseudoxiah Owned by: grapplerulrich
Priority: theme update Keywords: theme-esplanade
Cc: contact@…

Description

Esplanade - 1.1.5

A stylish, modern and flexible theme with responsive layout. Includes several custom templates, layouts and color schemes to choose from, 5 widget-ready areas and a user friendly options page to keep everything in control.

Theme URL - http://www.onedesigns.com/wordpress-themes/esplanade-free-wordpress-theme
Author URL - http://www.onedesigns.com/

SVN - https://themes.svn.wordpress.org/esplanade/1.1.5
ZIP - https://wordpress.org/themes/download/esplanade.1.1.5.zip?nostats=1

Diff with previous version: https://themes.trac.wordpress.org/changeset?old_path=/esplanade/1.1.4&new_path=/esplanade/1.1.5

History:

Ticket Summary Status Resolution Owner
#6868 THEME: Esplanade - 1.0 closed closed-newer-version-uploaded kobenland
#6955 THEME: Esplanade - 1.0.1 closed closed-newer-version-uploaded kobenland
#6958 THEME: Esplanade - 1.0.2 closed live kobenland
#6986 THEME: Esplanade - 1.0.3 closed live emiluzelac
#7077 THEME: Esplanade - 1.0.4 closed live kobenland
#7256 THEME: Esplanade - 1.0.5 closed live kobenland
#7551 THEME: Esplanade - 1.0.6 closed live chipbennett
#7818 THEME: Esplanade - 1.0.7 closed live kobenland
#8292 THEME: Esplanade - 1.0.8 closed closed-newer-version-uploaded
#8293 THEME: Esplanade - 1.0.9 closed live sixhours
#11688 THEME: Esplanade - 1.1.0 closed live jcastaneda
#12758 THEME: Esplanade - 1.1.1 closed live emiluzelac
#13027 THEME: Esplanade - 1.1.2 closed live tskk
#15000 THEME: Esplanade - 1.1.3 closed live tskk
#17437 THEME: Esplanade - 1.1.4 closed live tskk
#22707 THEME: Esplanade - 1.1.5 closed live grapplerulrich

(this ticket)

#25134 THEME: Esplanade best – 3.1.5 closed not-approved emiluzelac
#25135 THEME: Esplanade NEW – 4.1.5 closed not-approved emiluzelac


https://themes.svn.wordpress.org/esplanade/1.1.5/screenshot.png

Change History (7)

This ticket was mentioned in Slack in #themereview by pseudoxiah. View the logs.


3 years ago

#2 @grapplerulrich
3 years ago

  • Owner set to grapplerulrich
  • Status changed from new to reviewing

#3 @grapplerulrich
3 years ago

As the last update was over 10 months ago I need to do a full review.

As I was quickly looking through it I saw that the text is not internationalized in esplanade_widgets_init().

#4 @pseudoxiah
3 years ago

Hi,

This is security release. As you can see in the diff it patches an XSS vulnerability. The vulnerability was discovered by this website and since the issue was resolved I have given permission to disclose. I will appreciate if you release this version as is and you can go ahead with the full review and any issues found will be fixed within one week,

Thank you.

#5 @grapplerulrich
3 years ago

  • Resolution set to live
  • Status changed from reviewing to closed

#6 @pseudoxiah
3 years ago

Thank you. Should I expect a full review coming later?

#7 @grapplerulrich
3 years ago

Yes, I was on my mobile so I could not write much. Here is my full review.

Required

Style.css tags

  • four-columns - I could not find a layout with four columns. Please remove this tag.
  • fixed-layout - You seem to have a responsive design. This tag does not seem to match. Please remove this tag.
  • microformats - I could not find any microformats. Please remove this tag.

Rest

  • Please remove the http: from esplanade_register_styles() this stops issues on https sites
  • Please replace get_bloginfo( 'stylesheet_url' ) with get_stylesheet_uri()
  • I could not find where you registered the script wp_enqueue_script( 'swfobject' );. Also if you define a script as dependency then you do not need to enqueue separately.
  • Please escape the variables before output in esplanade_custom_styles() and theme-options.php e.g. esplanade_get_option( 'slider' )
  • Please escape $_POSTtwitter? in esplanade_save_extra_profile_fields()
  • Please internationalize all of the text in esplanade_widgets_init() and esplanade_layout_template()
  • Please include a un-minified version of jquery.flexslider.js and jquery.colorbox.js in the theme
  • Please delete jquery-migrate.js as WordPress core has a version.

Recommended

  • You could make esplanade_validate_theme_options() more readable by adding a few more spaces between the variable and the equal sign. e.g.
    $input['slider']      = ( isset( $input['slider'] ) ? true : false );
    $input['location']    = ( isset( $input['location'] ) ? true : false );
    $input['breadcrumbs'] = ( isset( $input['breadcrumbs'] ) ? true : false );
    $input['lightbox']    = ( isset( $input['lightbox'] ) ? true : false );
    

Notes

  • You had 100px in the "Layout Dimensions" in the settings. Did you not mean 100%?
  • You are loading html5.js but the code is commented out. Why?
Note: See TracTickets for help on using tickets.