There has recently been a discussion on the WP-Forums mailing list concerning the following sticky thread. In a nutshell, there are two questions being considered. The first is whether decoding should be allowed on the forums. The second is whether this type of behaviour on the forum promotes the use of so called pirated themes. I say so called due to the fact that if the theme is licensed under the GPL, no pirating actually occurs.
Unfortunately, there are more bad places to download themes than good. Case in point, take a look at this screenshot from a Google search I performed looking for ‘Free WordPress Themes‘. The first two results are filled with base64 encrypted themes.
Poor SEO, or too many sites using themes with public facing links with encrypted code? Whatever the case may be, it’s evident that many users within the community are getting a hold of these themes and using them on their site, possibly not even knowing about the encrypted code within the footer.php or other files within the theme. In my opinion, I think that support of any kind for commercial themes should not be allowed on the WordPress.org support forum. Not only does it not make sense, but it’s a common courtesy to those companies that provide support as part of their value. While browsing through the Welcome Message that all new forum members should read upon signing up, I didn’t see any mention of commercial theme support. This would also make it very easy to just lock or delete threads concerning obfuscated code within commercial themes.
As for free themes that have been downloaded from the official theme repository and redistributed with the encrypted code or free themes in general, I’m not sure if decrypting those themes should continue on the forum or not. On one hand, it’s an opportunity to educate that user and explain why that code within a theme is bad news while on the other hand, it’s a never ending problem with no hard solution. I think education here is our best bet to fight against this with a detailed post on the WordPress.org blog but it’s not as if that will solve the problem, it will only make folks more aware.
There is no law saying you can’t place obfuscated code within a WordPress theme but it’s considered very bad mojo within the WordPress community. Obviously, these sorts of themes are not allowed within the theme repository but outside of the WordPress.org domain, it’s the wild wild west. It’s reached the point now where if a developer is releasing free themes, their best bet for trustworthy exposure is to have the theme on the WordPress theme repository. I suppose it’s a trade off. You can get a theme from the repository which doesn’t have the best variety and selection and know that it won’t have encrypted code or any other junk in it, or you can take your chances by finding a theme somewhere out on the net.
I’m interested in hearing what you folks have to say regarding the issue of themes, obfuscated code, and the WordPress support forum.