Weblogtoolscollection News » New Wordpress Themes

Insomnia - Free Magazine/Blog WordPress Theme

  • Topic started 3 years ago
  • 8 posts so far
  • Latest reply from gestroud

  1. The Insomnia theme is great for online magazines and personal blogs. The stunning design and clean grid layout will make a perfect backdrop for any content. Plenty of layout and customization options will help you personalize to suit your needs. Oh yeah… and it’s free!

    Insomnia Theme Screenshot
    Insomnia Theme Demo
    Insomnia Theme Details/Download
    Theme License: GPL

    • Homepage Featured Slider
    • Automatic Post Thumbnails
    • Grid/List View Layout Options
    • Random Posts Loader
    • Dark and Light Skins
    • Optional Homepage-only Sidebar
    • Full translation support
    • Banner ad management
    • Custom page templates
    • Built-in AJAX contact form
    • Custom logo/branding
    • Breadcrumb navigation
    • Numbered pagination
    Posted: 3 years #
  2. Unfortunately, I cannot include your theme in our theme digest as your copy of thumb.php contains base64 encoded elements which present a security risk to our readers. Even if the encoded elements are safe, there is no reason to disguise code like this.

    Posted: 3 years #
  3. @jhuff

    Our thumb.php file is an unedited copy of the official TimThumb script here... http://code.google.com/p/timthumb/.

    Here is the actual file...

    The base64 part is in there and reads:

    if(BLOCK_EXTERNAL_LEECHERS && array_key_exists('HTTP_REFERER', $_SERVER) && (! preg_match('/^https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $_SERVER['HTTP_REFERER']))){
    // base64 encoded red image that says 'no hotlinkers'
    // nothing to worry about! :)
    $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAABQAAwAAAJpjI+py+0Po5y0OgAMjjv01YUZ\nOGplhWXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb\nDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs=");
    header('Content-Type: image/gif');
    header('Content-Length: ' . sizeof($imgData));
    header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
    header("Pragma: no-cache");
    header('Expires: ' . gmdate ('D, d M Y H:i:s', time()));
    echo $imgData;
    return false;

    Any theme that has a current copy of TimThumb also has this.

    Posted: 3 years #
  4. The mere inclusion of it (Timthumb or not) is pretty much against some of the recommended security practices, as end users who do not have the tools to decode it themselves won't know if it's benign (and therefore shouldn't be encoded anyway) or malicious.

    Since you're including the copy of the file (why change the name anyway?) you could consider decoding the value in the file, as there's still no reason to hide the code itself, but I actually recommend using WordPress's built-in resizing functions instead.

    Posted: 3 years #
  5. Understand and totally agree.

    I removed the code from our included copy of TimThumb. http://designerthemes.com/demo/insomnia/wp-content/themes/insomnia/changelog.txt

    Also, added an issue comment to the TimThumb site... http://code.google.com/p/timthumb/issues/detail?id=237#c4


    Posted: 3 years #
  6. Thank you!

    Posted: 3 years #
  7. Put together a post about the release with more info about the features...


    Posted: 3 years #
  8. Fantastic theme!

    One suggestion about the packaging, though. You may want to repack the zip file so that the individual theme files are contained within a folder named "insomnia," and then zip/compress that folder.

    The way it's set up presently, when the insomnia folder is unzipped, I get a group of files, but no main folder.

    Posted: 2 years #

RSS feed for this thread

This topic has been closed to new replies.

Back to top

0.132 - 12 queries