DiogoRedinDevelopment
DiogoRedinDevelopment Recent Posts Threads Started
583 posts
  • Portugal
  • Wordsmith
  • Super Copyright Ninja
  • Author Level 4
+4 more
DiogoRedinDevelopment
says

Hi Everyone!

Today I was checking the code of my new theme using the theme check plugin and got some warnings related to the timthumb script. I have the most recent version of the script, so I don’t know if I should change the code of the script or … ignore the warnings.

Here are the warnings:

WARNING: Found base64_decode in the file scripts/timthumb.php. base64_decode() is not allowed.

Line 170: $imgData = base64_decode('R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0P

WARNING: fwrite was found in the file scripts/timthumb.php possible file operations.

Line 806: fwrite(self::$curlFH, $d);

WARNING: fread was found in the file scripts/timthumb.php possible file operations.

Line 823: $imgType = fread($fp, 3);

WARNING: fopen was found in the file scripts/timthumb.php possible file operations.

Line 636: $fp = fopen($tempfile,'r',0,$context);

Line 643: $fh = fopen($lockFile, 'w');

Line 756: self::$curlFH = fopen($tempfile, 'w');

Line 820: $fp = fopen($this->cachefile, 'rb');

WARNING: file_put_contents was found in the file scripts/timthumb.php possible file operations.

Line 637: file_put_contents($tempfile2, $this->filePrependSecurityBlock . $imgType . 

Line 638: file_put_contents($tempfile2, $fp, FILE_APPEND);

Line 785: if(! file_put_contents($tempfile, $img)){

WARNING: file_get_contents was found in the file scripts/timthumb.php possible file operations.

Line 778: $img = @file_get_contents ($this->src);

Line 781: $this->debug(3, 'Error trying to fetch remote image using file_get_contents: $err');

Line 836: $content = file_get_contents ($this->cachefile);

Line 840: $this->debug(3, 'Served using file_get_contents and echo');

WARNING: fclose was found in the file scripts/timthumb.php possible file operations.

Line 639: fclose($fp);

Line 651: fclose($fh);

Line 654: fclose($fh);

Line 768: fclose(self::$curlFH);

Line 832: fclose($fp);

WARNING: curl_init was found in the file scripts/timthumb.php possible file operations.

Line 754: if(function_exists('curl_init')){

Line 758: $curl = curl_init($this->src);

WARNING: curl_exec was found in the file scripts/timthumb.php possible file operations.

Line 766: $curlResult = curl_exec($curl);

Would my get approved with these errors? Will my customers have problems?

3256 posts
  • Affiliate Level 4
  • Author Level 9
  • Collector Level 2
  • Top Monthly Author
+11 more
ParkerAndKent
says

It would get approved, those aren’t errors but warnings. Then, the theme check plugin is specifically for WordPress.org themes, where they don’t allow base64 encoding because the code is gpl I guess.

I use base64, like many do, to backup the theme options… would be crazy to avoid this with premium themes.

Parker

DiogoRedinDevelopment
DiogoRedinDevelopment Recent Posts Threads Started
583 posts
  • Portugal
  • Wordsmith
  • Super Copyright Ninja
  • Author Level 4
+4 more
DiogoRedinDevelopment
says
ParkerAndKent said
It would get approved, those aren’t errors but warnings. Then, the theme check plugin is specifically for WordPress.org themes, where they don’t allow base64 encoding because the code is gpl I guess.

I use base64, like many do, to backup the theme options… would be crazy to avoid this with premium themes.

Parker

Thank you for the answer :bigsmile:

1149 posts
  • Affiliate Level 1
  • Author Level 3
  • Beta Tester
  • Collector Level 2
+3 more
fillerspace
says
ParkerAndKent said
they don’t allow base64 encoding because the code is gpl I guess.

I would think it’s because it is spammers use base64 and eval to hide links in their themes

by
by
by
by
by
by