44Plugin URI: http://bestwebsoft.com/plugin/
55Description: Plugin for Contact Form.
66Author: BestWebSoft
7- Version: 3.81
7+ Version: 3.82
88Author URI: http://bestwebsoft.com/
99License: GPLv2 or later
1010*/
@@ -114,7 +114,8 @@ function cntctfrm_admin_init() {
114114 function cntctfrm_settings () {
115115 global $ wpmu , $ cntctfrm_options , $ cntctfrm_option_defaults , $ wpdb , $ bws_plugin_info , $ cntctfrm_plugin_info ;
116116 $ cntctfrm_db_version = "1.0 " ;
117-
117+ $ cntctfrm_plugin_info = get_plugin_data ( __FILE__ );
118+
118119 $ cntctfrm_option_defaults = array (
119120 'plugin_option_version ' => $ cntctfrm_plugin_info ["Version " ],
120121 'plugin_db_version ' => $ cntctfrm_db_version ,
@@ -407,10 +408,10 @@ function cntctfrm_settings_page() {
407408 /* Save data for settings page */
408409 if ( isset ( $ _POST ['cntctfrm_form_submit ' ] ) && check_admin_referer ( plugin_basename (__FILE__ ), 'cntctfrm_nonce_name ' ) ) {
409410 $ cntctfrm_options_submit ['cntctfrm_user_email ' ] = $ _POST ['cntctfrm_user_email ' ];
410- $ cntctfrm_options_submit ['cntctfrm_custom_email ' ] = stripslashes ( $ _POST ['cntctfrm_custom_email ' ] );
411+ $ cntctfrm_options_submit ['cntctfrm_custom_email ' ] = stripslashes ( esc_html ( $ _POST ['cntctfrm_custom_email ' ] ) );
411412 $ cntctfrm_options_submit ['cntctfrm_select_email ' ] = $ _POST ['cntctfrm_select_email ' ];
412413 $ cntctfrm_options_submit ['cntctfrm_from_email ' ] = $ _POST ['cntctfrm_from_email ' ];
413- $ cntctfrm_options_submit ['cntctfrm_custom_from_email ' ] = stripslashes ( $ _POST ['cntctfrm_custom_from_email ' ] );
414+ $ cntctfrm_options_submit ['cntctfrm_custom_from_email ' ] = stripslashes ( esc_html ( $ _POST ['cntctfrm_custom_from_email ' ] ) );
414415 $ cntctfrm_options_submit ['cntctfrm_additions_options ' ] = isset ( $ _POST ['cntctfrm_additions_options ' ]) ? $ _POST ['cntctfrm_additions_options ' ] : 0 ;
415416 if ( 0 == $ cntctfrm_options_submit ['cntctfrm_additions_options ' ] ) {
416417 $ cntctfrm_options_submit ['cntctfrm_attachment ' ] = 0 ;
@@ -493,7 +494,7 @@ function cntctfrm_settings_page() {
493494 } else {
494495
495496 $ cntctfrm_options_submit ['cntctfrm_mail_method ' ] = $ _POST ['cntctfrm_mail_method ' ];
496- $ cntctfrm_options_submit ['cntctfrm_from_field ' ] = $ _POST ['cntctfrm_from_field ' ];
497+ $ cntctfrm_options_submit ['cntctfrm_from_field ' ] = stripslashes ( esc_html ( $ _POST ['cntctfrm_from_field ' ] ) ) ;
497498 $ cntctfrm_options_submit ['cntctfrm_select_from_field ' ] = $ _POST ['cntctfrm_select_from_field ' ];
498499 $ cntctfrm_options_submit ['cntctfrm_display_name_field ' ] = isset ( $ _POST ['cntctfrm_display_name_field ' ]) ? 1 : 0 ;
499500 $ cntctfrm_options_submit ['cntctfrm_display_address_field ' ] = isset ( $ _POST ['cntctfrm_display_address_field ' ]) ? 1 : 0 ;
@@ -563,7 +564,7 @@ function cntctfrm_settings_page() {
563564 $ cntctfrm_options_submit ['cntctfrm_required_subject_field ' ] = isset ( $ _POST ['cntctfrm_required_subject_field ' ]) ? 1 : 0 ;
564565 $ cntctfrm_options_submit ['cntctfrm_required_message_field ' ] = isset ( $ _POST ['cntctfrm_required_message_field ' ]) ? 1 : 0 ;
565566
566- $ cntctfrm_options_submit ['cntctfrm_required_symbol ' ] = isset ( $ _POST ['cntctfrm_required_symbol ' ]) ? $ _POST ['cntctfrm_required_symbol ' ] : '* ' ;
567+ $ cntctfrm_options_submit ['cntctfrm_required_symbol ' ] = isset ( $ _POST ['cntctfrm_required_symbol ' ]) ? stripslashes ( esc_html ( $ _POST ['cntctfrm_required_symbol ' ] ) ) : '* ' ;
567568 $ cntctfrm_options_submit ['cntctfrm_html_email ' ] = isset ( $ _POST ['cntctfrm_html_email ' ]) ? 1 : 0 ;
568569 $ cntctfrm_options_submit ['cntctfrm_site_name_parameter ' ] = $ _POST ['cntctfrm_site_name_parameter ' ];
569570 $ cntctfrm_options_submit ['cntctfrm_display_add_info ' ] = isset ( $ _POST ['cntctfrm_display_add_info ' ]) ? 1 : 0 ;
@@ -667,13 +668,13 @@ function cntctfrm_settings_page() {
667668 }
668669 }
669670 $ cntctfrm_options_submit ['cntctfrm_action_after_send ' ] = $ _POST ['cntctfrm_action_after_send ' ];
670- $ cntctfrm_options_submit ['cntctfrm_redirect_url ' ] = $ _POST ['cntctfrm_redirect_url ' ];
671+ $ cntctfrm_options_submit ['cntctfrm_redirect_url ' ] = esc_url ( $ _POST ['cntctfrm_redirect_url ' ] );
671672 }
672673 $ cntctfrm_options = array_merge ( $ cntctfrm_options , $ cntctfrm_options_submit );
673674
674675 if ( 0 == $ cntctfrm_options_submit ['cntctfrm_action_after_send ' ]
675676 && ( "" == trim ( $ cntctfrm_options_submit ['cntctfrm_redirect_url ' ] )
676- || ! preg_match ( ' @^(?:http://)?([^/]+)@i ' , trim ( $ cntctfrm_options_submit ['cntctfrm_redirect_url ' ] ) ) ) ) {
677+ || ! filter_var ( $ cntctfrm_options_submit ['cntctfrm_redirect_url ' ], FILTER_VALIDATE_URL ) ) ) {
677678 $ error .=__ ( "If the 'Redirect to page' option is selected then the URL field should be in the following format " , 'contact_form ' )." <code>http://your_site/your_page</code> " ;
678679 $ cntctfrm_options ['cntctfrm_action_after_send ' ] = 1 ;
679680 }
@@ -686,13 +687,14 @@ function cntctfrm_settings_page() {
686687 $ error .= __ ( "Such user does not exist. Settings are not saved. " , 'contact_form ' );
687688 }
688689 } else {
689- if ( "" == $ cntctfrm_options_submit ['cntctfrm_custom_email ' ] || ! preg_match ( "/^((?:[a-z0-9_']+(?:[a-z0-9\-_\.']+)?@[a-z0-9]+(?:[a-z0-9\-\.]+)?\.[a-z]{2,5})[, ]*)+$/i " , trim ( $ cntctfrm_options_submit ['cntctfrm_custom_email ' ] ) ) ){
690- $ error .= __ ( "Please enter a valid email address in the 'FROM' field. Settings are not saved. " , 'contact_form ' );
690+ if ( "" == $ cntctfrm_options_submit ['cntctfrm_custom_email ' ]
691+ || ! is_email ( trim ( $ cntctfrm_options_submit ['cntctfrm_custom_email ' ] ) ) ) {
692+ $ error .= __ ( "Please enter a valid email address in the 'Use this email address' field. Settings are not saved. " , 'contact_form ' );
691693 }
692694 }
693695 if ( 'custom ' == $ cntctfrm_options_submit ['cntctfrm_from_email ' ] ) {
694696 if ( "" == $ cntctfrm_options_submit ['cntctfrm_custom_from_email ' ]
695- && ! preg_match ( " /^((?:[a-z0-9_']+(?:[a-z0-9\-_\.']+)?@[a-z0-9]+(?:[a-z0-9\-\.]+)?\.[a-z]{2,5})[, ]*)+$/i " , trim ( $ cntctfrm_options_submit ['cntctfrm_custom_from_email ' ] ) ) ) {
697+ || ! is_email ( trim ( $ cntctfrm_options_submit ['cntctfrm_custom_from_email ' ] ) ) ) {
696698 $ error .= __ ( "Please enter a valid email address in the 'FROM' field. Settings are not saved. " , 'contact_form ' );
697699 }
698700 }
@@ -740,14 +742,14 @@ function cntctfrm_settings_page() {
740742 if ( isset ( $ _GET ['action ' ] ) && 'go_pro ' == $ _GET ['action ' ] ) {
741743 global $ wpmu , $ bstwbsftwppdtplgns_options ;
742744
743- $ bws_license_key = ( isset ( $ _POST ['bws_license_key ' ] ) ) ? trim ( $ _POST ['bws_license_key ' ] ) : "" ;
745+ $ bws_license_key = ( isset ( $ _POST ['bws_license_key ' ] ) ) ? trim ( esc_html ( $ _POST ['bws_license_key ' ] ) ) : "" ;
744746
745747 if ( isset ( $ _POST ['bws_license_submit ' ] ) && check_admin_referer ( plugin_basename ( __FILE__ ), 'bws_license_nonce_name ' ) ) {
746748 if ( '' != $ bws_license_key ) {
747749 if ( strlen ( $ bws_license_key ) != 18 ) {
748750 $ error = __ ( "Wrong license key " , 'contact_form ' );
749751 } else {
750- $ bws_license_plugin = trim ( $ _POST ['bws_license_plugin ' ] );
752+ $ bws_license_plugin = stripslashes ( esc_html ( $ _POST ['bws_license_plugin ' ] ) );
751753 if ( isset ( $ bstwbsftwppdtplgns_options ['go_pro ' ][ $ bws_license_plugin ]['count ' ] ) && $ bstwbsftwppdtplgns_options ['go_pro ' ][ $ bws_license_plugin ]['time ' ] < ( time () + (24 * 60 * 60 ) ) ) {
752754 $ bstwbsftwppdtplgns_options ['go_pro ' ][ $ bws_license_plugin ]['count ' ] = $ bstwbsftwppdtplgns_options ['go_pro ' ][ $ bws_license_plugin ]['count ' ] + 1 ;
753755 } else {
@@ -1175,7 +1177,7 @@ function cntctfrm_settings_page() {
11751177 <?php foreach ( $ lang_codes as $ key => $ val ) {
11761178 if ( in_array ( $ key , $ cntctfrm_options ['cntctfrm_language ' ] ) )
11771179 continue ;
1178- echo '<option value=" ' . esc_attr ( $ key ) . '"> ' . esc_html ( $ val ) . '</option> ' ;
1180+ echo '<option value=" ' . esc_attr ( $ key ) . '"> ' . esc_html ( $ val ) . '</option> ' ;
11791181 } ?>
11801182 </select>
11811183 <input type="button" class="button-primary" id="cntctfrm_add_language_button" value="<?php _e ( 'Add a language ' , 'contact_form ' ); ?> " />
@@ -1821,9 +1823,9 @@ function cntctfrm_display_form( $atts = array( 'lang' => 'en' ) ) {
18211823
18221824 $ content .= '<div style="text-align: left; padding-top: 8px;"> ' ;
18231825 if ( isset ( $ atts ['id ' ] ) )
1824- $ content .= '<input type="hidden" value=" ' . $ atts ['id ' ] . '" name="cntctfrmmlt_shortcode_id"> ' ;
1826+ $ content .= '<input type="hidden" value=" ' . esc_attr ( $ atts ['id ' ] ) . '" name="cntctfrmmlt_shortcode_id"> ' ;
18251827 $ content .= '<input type="hidden" value="send" name="cntctfrm_contact_action"><input type="hidden" value="Version: 3.30" />
1826- <input type="hidden" value=" ' . $ lang . '" name="cntctfrm_language">
1828+ <input type="hidden" value=" ' . esc_attr ( $ lang ) . '" name="cntctfrm_language">
18271829 <input type="submit" value=" ' . $ cntctfrm_options ['cntctfrm_submit_label ' ][ $ lang ] . '" style="cursor: pointer; margin: 0pt; text-align: center;margin-bottom:10px;" />
18281830 </div>
18291831 </form> ' ;
@@ -1943,7 +1945,8 @@ function cntctfrm_check_form() {
19431945 unset( $ error_message ['error_name ' ] );
19441946 if ( 1 == $ cntctfrm_options ['cntctfrm_display_address_field ' ] && 1 == $ cntctfrm_options ['cntctfrm_required_address_field ' ] && "" != $ address )
19451947 unset( $ error_message ['error_address ' ] );
1946- if ( 1 == $ cntctfrm_options ['cntctfrm_required_email_field ' ] && "" != $ email && preg_match ( "/^(?:[a-z0-9_']+(?:[a-z0-9\-_\.']+)?@[a-z0-9]+(?:[a-z0-9\-\.]+)?\.[a-z]{2,5})$/i " , trim ( stripslashes ( $ email ) ) ) )
1948+ if ( 1 == $ cntctfrm_options ['cntctfrm_required_email_field ' ] && "" != $ email &&
1949+ is_email ( trim ( stripslashes ( $ email ) ) ) )
19471950 unset( $ error_message ['error_email ' ] );
19481951 if ( 1 == $ cntctfrm_options ['cntctfrm_display_phone_field ' ] && 1 == $ cntctfrm_options ['cntctfrm_required_phone_field ' ] && "" != $ phone )
19491952 unset( $ error_message ['error_phone ' ] );
@@ -2390,7 +2393,7 @@ function cntctfrm_admin_head() {
23902393 wp_enqueue_style ( 'cntctfrm_stylesheet ' , plugins_url ( 'css/style.css ' , __FILE__ ) );
23912394
23922395 if ( 3.5 > $ wp_version )
2393- wp_enqueue_script ( 'cntctfrm_script ' , plugins_url ( 'js/script_wp_before_3.5.js ' , __FILE__ ) );
2396+ wp_enqueue_script ( 'cntctfrm_script ' , plugins_url ( 'js/script_wp_before_3.5.js ' , __FILE__ ) );
23942397 else
23952398 wp_enqueue_script ( 'cntctfrm_script ' , plugins_url ( 'js/script.js ' , __FILE__ ) );
23962399
@@ -2535,12 +2538,13 @@ function cntctfrm_plugin_banner() {
25352538 if ( 'plugins.php ' == $ hook_suffix ) {
25362539 global $ cntctfrm_plugin_info ;
25372540 $ banner_array = array (
2541+ array ( 'lmtttmpts_hide_banner_on_plugin_page ' , 'limit-attempts/limit-attempts.php ' , '1.0.2 ' ),
25382542 array ( 'sndr_hide_banner_on_plugin_page ' , 'sender/sender.php ' , '0.5 ' ),
25392543 array ( 'srrl_hide_banner_on_plugin_page ' , 'user-role/user-role.php ' , '1.4 ' ),
25402544 array ( 'pdtr_hide_banner_on_plugin_page ' , 'updater/updater.php ' , '1.12 ' ),
25412545 array ( 'cntctfrmtdb_hide_banner_on_plugin_page ' , 'contact-form-to-db/contact_form_to_db.php ' , '1.2 ' ),
2542- array ( 'cntctfrmmlt_hide_banner_on_plugin_page ' , 'contact-form-multi/contact-form-multi.php ' , '1.0.7 ' ),
2543- array ( 'gglmps_hide_banner_on_plugin_page ' , 'bws-google-maps/bws-google-maps.php ' , '1.2 ' ),
2546+ array ( 'cntctfrmmlt_hide_banner_on_plugin_page ' , 'contact-form-multi/contact-form-multi.php ' , '1.0.7 ' ),
2547+ array ( 'gglmps_hide_banner_on_plugin_page ' , 'bws-google-maps/bws-google-maps.php ' , '1.2 ' ),
25442548 array ( 'fcbkbttn_hide_banner_on_plugin_page ' , 'facebook-button-plugin/facebook-button-plugin.php ' , '2.29 ' ),
25452549 array ( 'twttr_hide_banner_on_plugin_page ' , 'twitter-plugin/twitter.php ' , '2.34 ' ),
25462550 array ( 'pdfprnt_hide_banner_on_plugin_page ' , 'pdf-print/pdf-print.php ' , '1.7.1 ' ),
@@ -2550,7 +2554,7 @@ function cntctfrm_plugin_banner() {
25502554 array ( 'cntctfrm_for_ctfrmtdb_hide_banner_on_plugin_page ' , 'contact-form-plugin/contact_form.php ' , '3.62 ' ),
25512555 array ( 'cntctfrm_hide_banner_on_plugin_page ' , 'contact-form-plugin/contact_form.php ' , '3.47 ' ),
25522556 array ( 'cptch_hide_banner_on_plugin_page ' , 'captcha/captcha.php ' , '3.8.4 ' ),
2553- array ( 'gllr_hide_banner_on_plugin_page ' , 'gallery-plugin/gallery-plugin.php ' , '3.9.1 ' )
2557+ array ( 'gllr_hide_banner_on_plugin_page ' , 'gallery-plugin/gallery-plugin.php ' , '3.9.1 ' )
25542558 );
25552559 if ( ! $ cntctfrm_plugin_info )
25562560 $ cntctfrm_plugin_info = get_plugin_data ( __FILE__ );
@@ -2672,5 +2676,4 @@ function cntctfrm_delete_options() {
26722676
26732677add_action ( 'admin_notices ' , 'cntctfrm_plugin_banner ' );
26742678
2675- register_uninstall_hook ( __FILE__ , 'cntctfrm_delete_options ' );
2676- ?>
2679+ register_uninstall_hook ( __FILE__ , 'cntctfrm_delete_options ' );
0 commit comments