Over the last three months, I have been consistently asked what are the most common ThemeForest rejections that I have uncovered while reviewing WordPress themes on ThemeForest – so naturally, I wrote about them!
This post is a collection of 11 simple tips to getting your WordPress theme approved on ThemeForest. These tips undoubtably parallel the most common reasons WordPress themes are getting rejected.
Please note that these thoughts are entirely based on my personal experience reviewing WordPress themes and are not officially endorsed by Envato. Following these guidelines does not guarantee an approval – though you will probably have a much quicker time getting there!
1. Escape Everything
Ok, so your WordPress theme works, but is it safe and secure? Escaping both input and output is a critical aspect of proper development.
Nick Daugherty’s bottom-line on The Importance of Escaping All The Things summarizes escaping perfectly:
If it’s not escaped on output, it’s potentially exploitable. Never underestimate the abilities of an attacker – they’re experts at finding the way to make the ‘this should never, ever, be possible‘ things happen. For maximum security, we must escape all the things.
Double and triple check your WordPress theme to ensure that all the things are escaped as late as possible.
2. Run Theme Check
Theme Check is literally the easiest way to check your WordPress theme against the latest coding standards and techniques. While it does not cover everything, it’s a great tool that should be run before submitting a WordPress theme to ThemeForest. Honestly, you should perform a check every time a substantial theme update is released.
3. Check for PHP Errors and Warnings
One of the easiest errors to check for is standard PHP errors. Enable wp_debug and go to town self-reviewing your theme to ensure there are no PHP errors, notices or warnings anywhere. You should also check for errors every time you submit an update. It is not uncommon to see a newly introduced PHP error in an update coming through the queue.
4. Prefix Everything
All PHP function names, PHP class names, globals, actions, filters, script/style handles (that are not third-party) and even image sizes, all need to prefixed with themename_ or framework_ (where framework functions are used).
As Justin Tadlock mentions in Prefix all the things:
When building WordPress themes, there’s a rule that sits at the top of the list of rules. It’s something all developers should do out of habit, not as an afterthought. Prefix everything.
On the question of the specifications of a theme prefix, Stephen Cronin mentioned the following in this forum post:
The theme name has become the standard in many parts of the WordPress community, so that remains our [ThemeForest’s] preference. However, we understand this is not practical for those of you who reuse functions between themes and we’ll accept framework name in those circumstances.
For my WordPress themes, I use the themename_ prefix all around, as it is simple and clean. To make development easier, I have set up a Gulp task to find-and-replace my development prefix’s to the theme’s slug. Too easy.
5. Conduct the Theme Unit Test
There are many steps to developing WordPress themes – one of which is ensuring that every single general use case is covered from a functionality standpoint. That’s where the Theme Unit Test comes into play.
Installing the Theme Unit Test is not particularly gorgeous, but it’s imperative to creating a super-solid theme. When reviewing WordPress themes, I install the Theme Unit Test every single time. Do yourself a favor and setup a fresh local install, upload the unit tests and run through every post, page, and setting.
Common issues are table display errors, image alignments, responsive comments, pingbacks display errors, password-protected post styling issues, and search index mishaps.
6. Update TGMPA
Sometimes it’s inevitable that the TGM Plugin Activation library will be outdated. For new items, it entirely depends on how long your item has been in the queue, and how recently an update to TGMPA has been released.
Keep in mind that every time you release a new version of your theme, you should double check that the latest version of TGMPA is included.
Click here to check the latest release of TGMPA.
7. Properly Include Plugins Using TGMPA
When using the TGM Plugin Activation library to include pre-packaged WordPress plugins, you should be using get_template_directory(), instead of get_stylesheet_directory() for the plugin’s source.
Using get_template_directory() ensures that the plugins are also installable when a child theme is activated.
8. Disable TGMPA Force Actions
Every user should have free rein to activate or deactivate any WordPress plugins installed on their website. When plugins are auto-deactivated (or auto-activated) it lead to confusion and the user is left unsure as to what elements of their website are now either disabled or entirely broken.
9. Properly Include Scripts and Styles
First and foremost, scripts and styles should not be hard-coded anywhere in your WordPress theme. Using the wp_enqueue* hook is the only allowed method to correctly add any scripts or styles to your theme.
For inline styling, including Customizer style options, use wp_add_inline_style and for inline scripts, use wp_add_inline_script.
10. Do Not Prefix Third Party Scripts
All third-party styles and scripts used in your WordPress theme should NOT be prefixed. By not prefixing third-party assets, you are ensuring that those files do not load multiples times.
Check out WP Standard Handles, by Ulrich Pogson for more standard handles of conventional assets included in WordPress themes these days.
11. Provide Offline Documentation
Having offline documentation ensures that your customers are not hanging when there is not an Internet connection available or when your files are inaccessible – for any reason. Additionally, you do not have to ensure the assets will be infinitely accessible.
Just include your screenshots and other assets directly within the help guide and you’ll be in the clear. And if you are looking for a particularly beautiful documentation template, I built WPThemeDoc, a quick and easy documentation template for WordPress theme developers.
Conclusion
That sums it up. Generally speaking, if your theme complies with the following common mishaps, you’ll probably have a much quicker time getting your WordPress theme approved on ThemeForest.
Again, please remember that these tips are entirely based on my personal experience reviewing WordPress themes on ThemeForest and are not officially endorsed by Envato.
Edit: In addition to this post, I’ve published a piece on the three distinct principles to designing highly functional WordPress themes. Enjoy!