Reviewing themes is a crucial aspect of Theme Wrangling, and we dedicate significant time to examining themes in detail. Below are some common theme development errors encountered during reviews, along with tips to avoid them.

Incompatible Licensing with GPL

A “free” theme isn’t necessarily open source. If you base your theme on a framework or starter theme, or if you’re working on child theme development, ensure the foundation or parent theme is GPL or GPL-compatible.
Besides checking the theme’s license, scrutinise the licenses for any bundled resources such as images, scripts, fonts, or icon sets to ensure they align with GPL. Always include their respective licenses in the theme’s README file. If unsure, contact the original author for clarification and encourage them to adopt a GPL-compatible license if needed.
For more insights on GPL and theming, refer to the WordPress Codex:

• WordPress and GPL
• Theme Licensing
• GPL-Compatible Font Licenses
• GPL-Compatible Icon Sets

Subpar Code Quality

Poor code quality, characterised by inconsistent styles and lack of spacing, can make debugging and maintenance challenging. Adhering to WordPress Coding Standards for PHP, CSS, and JavaScript simplifies the process, making your theme’s code easier to read, understand, and maintain.

Failing the Theme Unit Test

The Theme Unit Test uses specific data to identify visual bugs and inconsistencies. Before sharing your theme, test it thoroughly with the provided dummy content. This practice helps identify common issues early, expediting the review process.

Copy-Paste Code

Copying a script from another site without understanding it can lead to problems. It’s crucial to comprehend the code’s functionality, source, and license for security, usability, and compatibility reasons. While sharing open-source code is encouraged, merely copying a script doesn’t aid your growth as a developer and may not benefit your theme in the long run.

Improper Data Validation and Sanitation

Ensuring your theme’s security is vital. Allowing users to change settings increases the potential entry points for harmful data. A common error is failing to validate data entering the database and sanitise data retrieved from it, exposing your theme and users to malicious code. Follow the Codex guidelines on:

• Security and Privacy Requirements
• Data Validation

It’s also advisable to use the Settings API or the Customiser for theme options, adhering to proper validation and sanitation procedures. For more information, explore:

• Settings API
• Theme Customization API
• Otto’s tutorial on leveraging the Customizer in your themes

For a secure, stable, properly coded, and GPL-compatible base theme, consider using our _s starter theme. _s addresses many of these concerns, streamlining the theme development process and reducing the likelihood of errors. We hope this guide enhances the quality of your future themes!