Plugin Directory

Changeset 2682024


Ignore:
Timestamp:
02/20/2022 02:14:10 PM (3 years ago)
Author:
jasongreen
Message:

tagging version 1.7.3

Location:
contact-form-submissions
Files:
4 edited
5 copied

Legend:

Unmodified
Added
Removed
  • contact-form-submissions/tags/1.7.3/Admin.php

    r2511030 r2682024  
    8585                ?>
    8686                    <?php $selected = ($post->ID == filter_var($_GET['wpcf7_contact_form'], FILTER_SANITIZE_NUMBER_INT)) ? 'selected' : ''; ?>
    87                     <option value="<?php echo $post->ID; ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
     87                    <option value="<?php echo esc_attr($post->ID); ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
    8888                <?php
    8989            } ?>
     
    191191                <strong>
    192192                <a class="row-title" href="<?php echo get_edit_post_link($post_id); ?>">
    193                     <?php echo $nested . htmlspecialchars(get_post_meta($post_id, 'sender', true)); ?>
     193                    <?php echo $nested . esc_html(htmlspecialchars(get_post_meta($post_id, 'sender', true))); ?>
    194194                </a>
    195195                </strong>
     
    227227    public function mail_meta_box($post)
    228228    {
    229         $form_id = get_post_meta($post->ID, 'form_id', true);
     229        $form_id = esc_html(get_post_meta($post->ID, 'form_id', true));
    230230        $sender = esc_html(get_post_meta($post->ID, 'sender', true));
    231231        $sender_mailto = preg_replace('/([a-zA-Z0-9_\-\.]*@\\S+\\.\\w+)/', '<a href="mailto:$1">$1</a>', $sender);
     
    234234        $subject = esc_html(get_post_meta($post->ID, 'subject', true));
    235235
    236         $body = apply_filters('the_content', esc_html($post->post_content));
     236        $body = wp_kses_post(apply_filters('the_content', esc_html($post->post_content)));
    237237
    238238        $additional_headers = esc_html(get_post_meta($post->ID, 'additional_headers', true)); ?>
     
    282282            <tbody>
    283283                <?php foreach ($values as $key => $value) {
     284                    $label = wp_kses_post($key);
    284285                  // check if the value is serialized and unserialize it
    285286                  $posted_field = is_serialized($value[0]) ? implode(', ', unserialize($value[0])) : $value[0];
     
    287288            ?>
    288289                    <tr>
    289                         <th scope="row"><?php _e(str_replace('wpcf7s_posted-', '', $key), 'contact-form-submissions'); ?></th>
     290                        <th scope="row"><?php _e(str_replace('wpcf7s_posted-', '', $label), 'contact-form-submissions'); ?></th>
    290291                        <td><?php echo $posted_field; ?></td>
    291292                    </tr>
     
    345346            <div id="misc-publishing-actions">
    346347                <div class="misc-pub-section curtime misc-pub-curtime">
    347                     <span id="timestamp"><?php _e('Submitted', 'contact-form-submissions'); ?> : <strong><?php echo $date; ?></strong></span>
     348                    <span id="timestamp"><?php _e('Submitted', 'contact-form-submissions'); ?> : <strong><?php echo esc_html($date); ?></strong></span>
    348349                </div>
    349350            </div>
     
    368369            $post_meta,
    369370            array_flip(array_filter(array_keys($post_meta), function ($key) {
    370                 return preg_match('/^wpcf7s_posted-/', $key);
     371                return esc_html(preg_match('/^wpcf7s_posted-/', $key));
    371372            }))
    372373        );
  • contact-form-submissions/tags/1.7.3/Submissions.php

    r2680229 r2682024  
    171171                     foreach ($additional_fields as $name => $value) {
    172172                         if (!empty($value)) {
    173                              add_post_meta($post_id, 'wpcf7s_posted-' . $name, wp_kses_post($value));
     173                             add_post_meta($post_id, 'wpcf7s_posted-' . $name, $value);
    174174                         }
    175175                     }
  • contact-form-submissions/tags/1.7.3/contact-form-submissions.php

    r2680229 r2682024  
    33Plugin Name: Contact Form Submissions
    44Description: Never miss an enquiry again! Save all Contact Form 7 submissions in your database.
    5 Version:     1.7.2
     5Version:     1.7.3
    66Author:      Jason Green
    77License:     GPLv3
  • contact-form-submissions/tags/1.7.3/readme.txt

    r2680229 r2682024  
    44Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=SNHXWSXSPYATE
    55Requires at least: 3.0.1
    6 Tested up to: 5.7
    7 Stable tag: 1.7.2
     6Tested up to: 5.9
     7Stable tag: 1.7.3
    88Requires PHP: 5.6
    99License: GPLv3
     
    4343
    4444== Changelog ==
     45
     46= 1.7.3 =
     47* Security fix
    4548
    4649= 1.7.2 =
  • contact-form-submissions/trunk/Admin.php

    r2511030 r2682024  
    8585                ?>
    8686                    <?php $selected = ($post->ID == filter_var($_GET['wpcf7_contact_form'], FILTER_SANITIZE_NUMBER_INT)) ? 'selected' : ''; ?>
    87                     <option value="<?php echo $post->ID; ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
     87                    <option value="<?php echo esc_attr($post->ID); ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
    8888                <?php
    8989            } ?>
     
    191191                <strong>
    192192                <a class="row-title" href="<?php echo get_edit_post_link($post_id); ?>">
    193                     <?php echo $nested . htmlspecialchars(get_post_meta($post_id, 'sender', true)); ?>
     193                    <?php echo $nested . esc_html(htmlspecialchars(get_post_meta($post_id, 'sender', true))); ?>
    194194                </a>
    195195                </strong>
     
    227227    public function mail_meta_box($post)
    228228    {
    229         $form_id = get_post_meta($post->ID, 'form_id', true);
     229        $form_id = esc_html(get_post_meta($post->ID, 'form_id', true));
    230230        $sender = esc_html(get_post_meta($post->ID, 'sender', true));
    231231        $sender_mailto = preg_replace('/([a-zA-Z0-9_\-\.]*@\\S+\\.\\w+)/', '<a href="mailto:$1">$1</a>', $sender);
     
    234234        $subject = esc_html(get_post_meta($post->ID, 'subject', true));
    235235
    236         $body = apply_filters('the_content', esc_html($post->post_content));
     236        $body = wp_kses_post(apply_filters('the_content', esc_html($post->post_content)));
    237237
    238238        $additional_headers = esc_html(get_post_meta($post->ID, 'additional_headers', true)); ?>
     
    282282            <tbody>
    283283                <?php foreach ($values as $key => $value) {
     284                    $label = wp_kses_post($key);
    284285                  // check if the value is serialized and unserialize it
    285286                  $posted_field = is_serialized($value[0]) ? implode(', ', unserialize($value[0])) : $value[0];
     
    287288            ?>
    288289                    <tr>
    289                         <th scope="row"><?php _e(str_replace('wpcf7s_posted-', '', $key), 'contact-form-submissions'); ?></th>
     290                        <th scope="row"><?php _e(str_replace('wpcf7s_posted-', '', $label), 'contact-form-submissions'); ?></th>
    290291                        <td><?php echo $posted_field; ?></td>
    291292                    </tr>
     
    345346            <div id="misc-publishing-actions">
    346347                <div class="misc-pub-section curtime misc-pub-curtime">
    347                     <span id="timestamp"><?php _e('Submitted', 'contact-form-submissions'); ?> : <strong><?php echo $date; ?></strong></span>
     348                    <span id="timestamp"><?php _e('Submitted', 'contact-form-submissions'); ?> : <strong><?php echo esc_html($date); ?></strong></span>
    348349                </div>
    349350            </div>
     
    368369            $post_meta,
    369370            array_flip(array_filter(array_keys($post_meta), function ($key) {
    370                 return preg_match('/^wpcf7s_posted-/', $key);
     371                return esc_html(preg_match('/^wpcf7s_posted-/', $key));
    371372            }))
    372373        );
  • contact-form-submissions/trunk/Submissions.php

    r2680229 r2682024  
    171171                     foreach ($additional_fields as $name => $value) {
    172172                         if (!empty($value)) {
    173                              add_post_meta($post_id, 'wpcf7s_posted-' . $name, wp_kses_post($value));
     173                             add_post_meta($post_id, 'wpcf7s_posted-' . $name, $value);
    174174                         }
    175175                     }
  • contact-form-submissions/trunk/contact-form-submissions.php

    r2680229 r2682024  
    33Plugin Name: Contact Form Submissions
    44Description: Never miss an enquiry again! Save all Contact Form 7 submissions in your database.
    5 Version:     1.7.2
     5Version:     1.7.3
    66Author:      Jason Green
    77License:     GPLv3
  • contact-form-submissions/trunk/readme.txt

    r2680229 r2682024  
    44Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=SNHXWSXSPYATE
    55Requires at least: 3.0.1
    6 Tested up to: 5.7
    7 Stable tag: 1.7.2
     6Tested up to: 5.9
     7Stable tag: 1.7.3
    88Requires PHP: 5.6
    99License: GPLv3
     
    4343
    4444== Changelog ==
     45
     46= 1.7.3 =
     47* Security fix
    4548
    4649= 1.7.2 =
Note: See TracChangeset for help on using the changeset viewer.