3220 posts
    Has sold $5,000+ on Envato Market Has collected 10+ items on Envato Market Located in United States Has been part of the Envato Community for over 4 years
+1 more
organicbee says



.... WordPress – April 23, 2013 – JavaScript files need to be placed at the bottom, barring critical exclusion. [Modernizr, for instance] You can do this with the $in_footer argument …..
thanx for the heads up, so in order to use $in_footer parameter, what do you specify for $deps and $ver params if you need those as default? jayc
array() for $deps and false for $ver.

not necessarily

if it requires a lib then the $dep would be something like array('jquery')

You want to put a $ver to help if its cached so if its a jQuery plugin, use the version number it has. if its doesnt have a version number or its a custom script use something like wp_get_theme()->display('Version')(WP 3.4+)

1471 posts
    Has referred 1+ members Has sold $10,000+ on Envato Market Has collected 10+ items on Envato Market Made it to the Authors' Hall of Fame
+3 more
OriginalEXE says




.... WordPress – April 23, 2013 – JavaScript files need to be placed at the bottom, barring critical exclusion. [Modernizr, for instance] You can do this with the $in_footer argument …..
thanx for the heads up, so in order to use $in_footer parameter, what do you specify for $deps and $ver params if you need those as default? jayc
array() for $deps and false for $ver.

not necessarily

if it requires a lib then the $dep would be something like array('jquery')

You want to put a $ver to help if its cached so if its a jQuery plugin, use the version number it has. if its doesnt have a version number or its a custom script use something like wp_get_theme()->display('Version')(WP 3.4+)

He asked for defaults, that’s exactly what I wrote.

10 posts
    Has been part of the Envato Community for over 4 years Has collected 10+ items on Envato Market
borisvs says

2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation

My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

1471 posts
    Has referred 1+ members Has sold $10,000+ on Envato Market Has collected 10+ items on Envato Market Made it to the Authors' Hall of Fame
+3 more
OriginalEXE says


2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation
My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

Example:

wrong:
$postmeta = $_POST['fieldname'];
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
correct:
$postmeta = sanitize_text_field( $_POST['fieldname'] );
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );

That’s just an example, actual function depends on the type of data you are expecting.

455 posts WordPress Gurus!
    Has referred 200+ members Has sold $125,000+ on Envato Market Has collected 50+ items on Envato Market Elite Author: Sold more than $75,000 on Envato Market
+3 more
ThemeBeans says

1. Don’t unregister default widgets, even if they are replaced with better versions.

Yea this is pretty stupid imo.

707 posts
    Has referred 10+ members Has sold $10,000+ on Envato Market Has been a beta tester for an Envato feature Has collected 10+ items on Envato Market
+2 more
ChillThemes says


1. Don’t unregister default widgets, even if they are replaced with better versions.
Yea this is pretty stupid imo.

The ‘rule’ or unregistering widgets?

1749 posts Don't Worry, Be Happy
    Has referred 200+ members Has sold $250,000+ on Envato Market Has been a beta tester for an Envato feature Has collected 10+ items on Envato Market
+8 more
FinalDestiny says

Your global variables should always be named in such a way as to NOT cause conflicts. Try to use a prefix for that. http://crappycode.wordpress.com/2012/12/30/global-data/

10 posts
    Has been part of the Envato Community for over 4 years Has collected 10+ items on Envato Market
borisvs says



2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation
My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

Example:

wrong:
$postmeta = $_POST['fieldname'];
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
correct:
$postmeta = sanitize_text_field( $_POST['fieldname'] );
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
That’s just an example, actual function depends on the type of data you are expecting.

Ok, thanks for the example. Do I also have to validate all the content from my theme options panel and meta boxes itself?

Example:
$tagline = get_post_meta($post->ID, 'meta_tagline', true);
echo $tagline;
Should this be something like this:
echo esc_html($tagline);
?? Or isn’t this required?
1471 posts
    Has referred 1+ members Has sold $10,000+ on Envato Market Has collected 10+ items on Envato Market Made it to the Authors' Hall of Fame
+3 more
OriginalEXE says

Yes, for any html output, use esc_html

151 posts
    Has been part of the Envato Community for over 5 years Has referred 10+ members Has sold $125,000+ on Envato Market Has collected 10+ items on Envato Market
+5 more
starshade says

Just a heads up here since no one posted for some time. Here is what our soft rejection contained:

wp_footer needs to be immediately before the end of the body tag. http://codex.wordpress.org/Function_Reference/wp_footer

All your styles and scripts must be enqueued in functions.php during the wp_enqueue_script action. http://codex.wordpress.org/Function_Reference/wp_enqueue_script

Enqueue the main stylesheet (style.css) during the wp_enqueue_script action:

/**
 * Enqueue main stylesheet.
 */
function mytheme_style() {
  wp_enqueue_style( 'mytheme-style', get_bloginfo( 'stylesheet_url' ), array(), '20130312' );
}
add_action( 'wp_enqueue_scripts', 'mytheme_style' );

Cheers to everyone and good luck wp-theming!

by
by
by
by
by
by