44Plugin URI: http://bestwebsoft.com/plugin/
55Description: Plugin for Contact Form.
66Author: BestWebSoft
7- Version: 3.51
7+ Version: 3.52
88Author URI: http://bestwebsoft.com/
99License: GPLv2 or later
1010*/
@@ -380,7 +380,7 @@ function cntctfrm_admin_menu() {
380380// Register settings for plugin
381381if ( ! function_exists ( 'cntctfrm_settings ' ) ) {
382382 function cntctfrm_settings () {
383- global $ cntctfrm_options , $ cntctfrm_option_defaults ;
383+ global $ cntctfrm_options , $ cntctfrm_option_defaults, $ wpdb ;
384384
385385 $ cntctfrm_option_defaults = array (
386386 'cntctfrm_user_email ' => 'admin ' ,
@@ -474,6 +474,31 @@ function cntctfrm_settings() {
474474 $ cntctfrm_options ['cntctfrm_send_copy_label ' ]['en ' ] = __ ( "Send me a copy " , 'contact_form ' );
475475
476476 update_option ( 'cntctfrm_options ' , $ cntctfrm_options );
477+
478+ // create db table of fields list
479+ $ sql = "CREATE TABLE IF NOT EXISTS ` " . $ wpdb ->prefix . "cntctfrm_field` (
480+ id int NOT NULL AUTO_INCREMENT,
481+ name CHAR(100) NOT NULL,
482+ UNIQUE KEY id (id)
483+ ); " ;
484+ require_once ( ABSPATH . 'wp-admin/includes/upgrade.php ' );
485+ dbDelta ( $ sql );
486+ $ fields = array ( 'display_address_field ' ,
487+ 'display_phone_field ' ,
488+ 'attachment ' ,
489+ 'attachment_explanations ' ,
490+ 'send_copy ' ,
491+ 'display_sent_from ' ,
492+ 'display_date_time ' ,
493+ 'display_coming_from ' ,
494+ 'display_user_agent '
495+ );
496+ foreach ( $ fields as $ key => $ value ) {
497+ $ db_row = $ wpdb ->get_row ( "SELECT * FROM " . $ wpdb ->prefix . "cntctfrm_field WHERE `name` = ' " . $ value . "' " , ARRAY_A );
498+ if ( !isset ( $ db_row ) || empty ( $ db_row ) ) {
499+ $ wpdb ->insert ( $ wpdb ->prefix . "cntctfrm_field " , array ( 'name ' => $ value ), array ( '%s ' ) );
500+ }
501+ }
477502 }
478503}
479504
@@ -821,8 +846,6 @@ function cntctfrm_settings_page() {
821846 <input type="checkbox" id="cntctfrm_display_address_field" name="cntctfrm_display_address_field" value="1" <?php if ($ cntctfrm_options ['cntctfrm_display_address_field ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> /> <?php _e ( "Address " , 'contact_form ' ); ?> <br />
822847 <input type="checkbox" id="cntctfrm_display_phone_field" name="cntctfrm_display_phone_field" value="1" <?php if ($ cntctfrm_options ['cntctfrm_display_phone_field ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> /> <?php _e ( "Phone " , 'contact_form ' ); ?> <br />
823848 <input type="checkbox" id="cntctfrm_attachment" name="cntctfrm_attachment" value="1" <?php if ($ cntctfrm_options ['cntctfrm_attachment ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> /> <?php _e ( "Attachment block " , 'contact_form ' ); ?> <span class="cntctfrm_info">(<?php echo __ ( "Users can attach the following file formats " , 'contact_form ' ) . ": html, txt, css, gif, png, jpeg, jpg, tiff, bmp, ai, eps, ps, rtf, pdf, doc, docx, xls, zip, rar, wav, mp3, ppt " ; ?> )</span><br />
824- <input type="checkbox" id="cntctfrm_attachment_explanations" name="cntctfrm_attachment_explanations" value="1" <?php if ( $ cntctfrm_options ['cntctfrm_attachment_explanations ' ] == '1 ' && $ cntctfrm_options ['cntctfrm_attachment ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> /> <?php echo __ ( "Tips below the Attachment block " , 'contact_form ' ); ?> <br />
825- <input type="checkbox" id="cntctfrm_send_copy" name="cntctfrm_send_copy" value="1" <?php if ($ cntctfrm_options ['cntctfrm_send_copy ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> /> <?php _e ( "Send me a copy block " , 'contact_form ' ); ?> <br />
826849 <?php $ all_plugins = get_plugins ();
827850 if ( is_multisite () ) {
828851 $ active_plugins = (array ) array_keys ( get_site_option ( 'active_sitewide_plugins ' , array () ) );
@@ -844,6 +867,18 @@ function cntctfrm_settings_page() {
844867 <?php } ?>
845868 </td>
846869 </tr>
870+ <tr valign="top" class="cntctfrm_additions_block <?php if ($ cntctfrm_options ['cntctfrm_additions_options ' ] == '0 ' ) echo "cntctfrm_hidden " ; ?> ">
871+ <th scope="row" style="width:200px;"><?php echo __ ( "Display tips below the Attachment block " , 'contact_form ' ); ?> </th>
872+ <td colspan="2">
873+ <input type="checkbox" id="cntctfrm_attachment_explanations" name="cntctfrm_attachment_explanations" value="1" <?php if ( $ cntctfrm_options ['cntctfrm_attachment_explanations ' ] == '1 ' && $ cntctfrm_options ['cntctfrm_attachment ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> />
874+ </td>
875+ </tr>
876+ <tr valign="top" class="cntctfrm_additions_block <?php if ($ cntctfrm_options ['cntctfrm_additions_options ' ] == '0 ' ) echo "cntctfrm_hidden " ; ?> ">
877+ <th scope="row" style="width:200px;"><?php _e ( "Display 'Send me a copy' block " , 'contact_form ' ); ?> </th>
878+ <td colspan="2">
879+ <input type="checkbox" id="cntctfrm_send_copy" name="cntctfrm_send_copy" value="1" <?php if ($ cntctfrm_options ['cntctfrm_send_copy ' ] == '1 ' ) echo "checked= \"checked \" " ; ?> />
880+ </td>
881+ </tr>
847882 <tr valign="top" class="cntctfrm_additions_block <?php if ($ cntctfrm_options ['cntctfrm_additions_options ' ] == '0 ' ) echo "cntctfrm_hidden " ; ?> ">
848883 <th scope="row" style="width:200px;"><?php _e ( "Required fields " , 'contact_form ' ); ?> </th>
849884 <td colspan="2">
@@ -1286,12 +1321,12 @@ function cntctfrm_display_form( $atts = array( 'lang' => 'en' ) ) {
12861321 $ page_url = ( isset ( $ _SERVER ["HTTPS " ] ) && $ _SERVER ["HTTPS " ] == "on " ? "https:// " : "http:// " ).$ _SERVER ["SERVER_NAME " ].strip_tags ( $ _SERVER ["REQUEST_URI " ] );
12871322
12881323 // If contact form submited
1289- $ name = isset ( $ _POST ['cntctfrm_contact_name ' ] ) ? $ _POST ['cntctfrm_contact_name ' ] : "" ;
1290- $ address = isset ( $ _POST ['cntctfrm_contact_address ' ] ) ? $ _POST ['cntctfrm_contact_address ' ] : "" ;
1291- $ email = isset ( $ _POST ['cntctfrm_contact_email ' ] ) ? stripslashes ( $ _POST ['cntctfrm_contact_email ' ] ) : "" ;
1292- $ subject = isset ( $ _POST ['cntctfrm_contact_subject ' ] ) ? $ _POST ['cntctfrm_contact_subject ' ] : "" ;
1293- $ message = isset ( $ _POST ['cntctfrm_contact_message ' ] ) ? $ _POST ['cntctfrm_contact_message ' ] : "" ;
1294- $ phone = isset ( $ _POST ['cntctfrm_contact_phone ' ] ) ? $ _POST ['cntctfrm_contact_phone ' ] : "" ;
1324+ $ name = isset ( $ _POST ['cntctfrm_contact_name ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_name ' ] ) : "" ;
1325+ $ address = isset ( $ _POST ['cntctfrm_contact_address ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_address ' ] ) : "" ;
1326+ $ email = isset ( $ _POST ['cntctfrm_contact_email ' ] ) ? htmlspecialchars ( stripslashes ( $ _POST ['cntctfrm_contact_email ' ] ) ) : "" ;
1327+ $ subject = isset ( $ _POST ['cntctfrm_contact_subject ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_subject ' ] ) : "" ;
1328+ $ message = isset ( $ _POST ['cntctfrm_contact_message ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_message ' ] ) : "" ;
1329+ $ phone = isset ( $ _POST ['cntctfrm_contact_phone ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_phone ' ] ) : "" ;
12951330
12961331 $ name = strip_tags ( preg_replace ( '/<[^>]*>/ ' , '' , preg_replace ( '/<script.*<\/[^>]*>/ ' , '' , $ name ) ) );
12971332 $ address = strip_tags ( preg_replace ( '/<[^>]*>/ ' , '' , preg_replace ( '/<script.*<\/[^>]*>/ ' , '' , $ address ) ) );
@@ -1456,12 +1491,12 @@ function cntctfrm_check_form() {
14561491 // Error messages array
14571492 $ error_message = array ();
14581493
1459- $ name = isset ( $ _POST ['cntctfrm_contact_name ' ] ) ? $ _POST ['cntctfrm_contact_name ' ] : "" ;
1460- $ address = isset ( $ _POST ['cntctfrm_contact_address ' ] ) ? $ _POST ['cntctfrm_contact_address ' ] : "" ;
1461- $ email = isset ( $ _POST ['cntctfrm_contact_email ' ] ) ? stripslashes ( $ _POST ['cntctfrm_contact_email ' ] ) : "" ;
1462- $ subject = isset ( $ _POST ['cntctfrm_contact_subject ' ] ) ? $ _POST ['cntctfrm_contact_subject ' ] : "" ;
1463- $ message = isset ( $ _POST ['cntctfrm_contact_message ' ] ) ? $ _POST ['cntctfrm_contact_message ' ] : "" ;
1464- $ phone = isset ( $ _POST ['cntctfrm_contact_phone ' ] ) ? $ _POST ['cntctfrm_contact_phone ' ] : "" ;
1494+ $ name = isset ( $ _POST ['cntctfrm_contact_name ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_name ' ] ) : "" ;
1495+ $ address = isset ( $ _POST ['cntctfrm_contact_address ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_address ' ] ) : "" ;
1496+ $ email = isset ( $ _POST ['cntctfrm_contact_email ' ] ) ? htmlspecialchars ( stripslashes ( $ _POST ['cntctfrm_contact_email ' ] ) ) : "" ;
1497+ $ subject = isset ( $ _POST ['cntctfrm_contact_subject ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_subject ' ] ) : "" ;
1498+ $ message = isset ( $ _POST ['cntctfrm_contact_message ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_message ' ] ) : "" ;
1499+ $ phone = isset ( $ _POST ['cntctfrm_contact_phone ' ] ) ? htmlspecialchars ( $ _POST ['cntctfrm_contact_phone ' ] ) : "" ;
14651500
14661501 $ name = strip_tags ( preg_replace ( '/<[^>]*>/ ' , '' , preg_replace ( '/<script.*<\/[^>]*>/ ' , '' , $ name ) ) );
14671502 $ address = strip_tags ( preg_replace ( '/<[^>]*>/ ' , '' , preg_replace ( '/<script.*<\/[^>]*>/ ' , '' , $ address ) ) );
0 commit comments