3439 posts
  • Has sold $5,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Achieved the monthly Community Superstar Award
  • Located in United States
+2 more
organicbee
says



.... WordPress – April 23, 2013 – JavaScript files need to be placed at the bottom, barring critical exclusion. [Modernizr, for instance] You can do this with the $in_footer argument …..
thanx for the heads up, so in order to use $in_footer parameter, what do you specify for $deps and $ver params if you need those as default? jayc
array() for $deps and false for $ver.

not necessarily

if it requires a lib then the $dep would be something like array('jquery')

You want to put a $ver to help if its cached so if its a jQuery plugin, use the version number it has. if its doesnt have a version number or its a custom script use something like wp_get_theme()->display('Version')(WP 3.4+)

1558 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Made it to the Authors' Hall of Fame
+2 more
OriginalEXE
says




.... WordPress – April 23, 2013 – JavaScript files need to be placed at the bottom, barring critical exclusion. [Modernizr, for instance] You can do this with the $in_footer argument …..
thanx for the heads up, so in order to use $in_footer parameter, what do you specify for $deps and $ver params if you need those as default? jayc
array() for $deps and false for $ver.

not necessarily

if it requires a lib then the $dep would be something like array('jquery')

You want to put a $ver to help if its cached so if its a jQuery plugin, use the version number it has. if its doesnt have a version number or its a custom script use something like wp_get_theme()->display('Version')(WP 3.4+)

He asked for defaults, that’s exactly what I wrote.

10 posts
  • Has been part of the Envato Community for over 5 years
  • Has collected 10+ items on Envato Market
borisvs
says

2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation

My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

1558 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Made it to the Authors' Hall of Fame
+2 more
OriginalEXE
says


2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation
My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

Example:

wrong:
$postmeta = $_POST['fieldname'];
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
correct:
$postmeta = sanitize_text_field( $_POST['fieldname'] );
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );

That’s just an example, actual function depends on the type of data you are expecting.

651 posts WordPress Gurus!
  • Has sold $250,000+ on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Made it to the Authors' Hall of Fame
  • Had an item that became a weekly top seller
+7 more
ThemeBeans
says

1. Don’t unregister default widgets, even if they are replaced with better versions.

Yea this is pretty stupid imo.

709 posts
  • Has referred 10+ members
  • Has sold $10,000+ on Envato Market
  • Has been a beta tester for an Envato feature
  • Has collected 10+ items on Envato Market
+2 more
ChillThemes
says


1. Don’t unregister default widgets, even if they are replaced with better versions.
Yea this is pretty stupid imo.

The ‘rule’ or unregistering widgets?

2047 posts Don't Worry, Be Happy
  • Had an item that was trending
  • Had an item that became a weekly top seller
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
FinalDestiny
says

Your global variables should always be named in such a way as to NOT cause conflicts. Try to use a prefix for that. http://crappycode.wordpress.com/2012/12/30/global-data/

10 posts
  • Has been part of the Envato Community for over 5 years
  • Has collected 10+ items on Envato Market
borisvs
says



2. The WordPress theme should make use of the following inbuilt functions to validate or santize content on input or escape any questionable content for put. http://codex.wordpress.org/Data_Validation
My theme is soft rejected, and this is the message I’ve received from the reviewer. But I don’t have any idea what to fix. Does somebody has an example of what is wrong and what is the correct way? I would really appreciate it!

Example:

wrong:
$postmeta = $_POST['fieldname'];
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
correct:
$postmeta = sanitize_text_field( $_POST['fieldname'] );
update_post_meta( $post->ID, 'fieldkey', 'fieldname' );
That’s just an example, actual function depends on the type of data you are expecting.

Ok, thanks for the example. Do I also have to validate all the content from my theme options panel and meta boxes itself?

Example:
$tagline = get_post_meta($post->ID, 'meta_tagline', true);
echo $tagline;
Should this be something like this:
echo esc_html($tagline);
?? Or isn’t this required?
1558 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Made it to the Authors' Hall of Fame
+2 more
OriginalEXE
says

Yes, for any html output, use esc_html

163 posts
  • Has been part of the Envato Community for over 6 years
  • Has referred 10+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 10+ items on Envato Market
+6 more
starshade
says

Just a heads up here since no one posted for some time. Here is what our soft rejection contained:

wp_footer needs to be immediately before the end of the body tag. http://codex.wordpress.org/Function_Reference/wp_footer

All your styles and scripts must be enqueued in functions.php during the wp_enqueue_script action. http://codex.wordpress.org/Function_Reference/wp_enqueue_script

Enqueue the main stylesheet (style.css) during the wp_enqueue_script action:

/**
 * Enqueue main stylesheet.
 */
function mytheme_style() {
  wp_enqueue_style( 'mytheme-style', get_bloginfo( 'stylesheet_url' ), array(), '20130312' );
}
add_action( 'wp_enqueue_scripts', 'mytheme_style' );

Cheers to everyone and good luck wp-theming!

by
by
by
by
by
by