Contact Form 7 - Version 4.1.1

Version Description

  • Security enhancement: use wp_rand() instead of mt_rand() for CAPTCHA file name generation to make it harder for attackers to predict its next value.
  • Modified wpcf7_plugin_url(): use plugins_url() internally.
  • Translations for Russian, Hungarian, Swedish, German, and Turkish have been updated.
Download this release

Release Info

Developer takayukister
Plugin Icon 128x128 Contact Form 7
Version 4.1.1
Comparing to
See all releases

Code changes from version 4.1 to 4.1.1

includes/functions.php CHANGED
@@ -5,10 +5,11 @@ function wpcf7_plugin_path( $path = '' ) {
5
}
6
7
function wpcf7_plugin_url( $path = '' ) {
8
- $url = untrailingslashit( WPCF7_PLUGIN_URL );
9
10
- if ( ! empty( $path ) && is_string( $path ) && false === strpos( $path, '..' ) )
11
- $url .= '/' . ltrim( $path, '/' );
12
13
return $url;
14
}
@@ -126,9 +127,6 @@ function wpcf7_is_rtl( $locale = '' ) {
126
function wpcf7_ajax_loader() {
127
$url = wpcf7_plugin_url( 'images/ajax-loader.gif' );
128
129
- if ( is_ssl() && 'http:' == substr( $url, 0, 5 ) )
130
- $url = 'https:' . substr( $url, 5 );
131
-
132
return apply_filters( 'wpcf7_ajax_loader', $url );
133
}
134
5
}
6
7
function wpcf7_plugin_url( $path = '' ) {
8
+ $url = plugins_url( $path, WPCF7_PLUGIN );
9
10
+ if ( is_ssl() && 'http:' == substr( $url, 0, 5 ) ) {
11
+ $url = 'https:' . substr( $url, 5 );
12
+ }
13
14
return $url;
15
}
127
function wpcf7_ajax_loader() {
128
$url = wpcf7_plugin_url( 'images/ajax-loader.gif' );
129
130
return apply_filters( 'wpcf7_ajax_loader', $url );
131
}
132
languages/contact-form-7-de_DE.mo CHANGED
Binary file
languages/contact-form-7-hu_HU.mo CHANGED
Binary file
languages/contact-form-7-ru_RU.mo CHANGED
Binary file
languages/contact-form-7-sv_SE.mo CHANGED
Binary file
languages/contact-form-7-tr_TR.mo CHANGED
Binary file
modules/captcha.php CHANGED
@@ -414,7 +414,7 @@ function wpcf7_generate_captcha( $options = null ) {
414
$captcha->bg = $options['bg'];
415
}
416
417
- $prefix = mt_rand();
418
$captcha_word = $captcha->generate_random_word();
419
return $captcha->generate_image( $prefix, $captcha_word );
420
}
@@ -432,7 +432,7 @@ function wpcf7_remove_captcha( $prefix ) {
432
return false;
433
}
434
435
- if ( preg_match( '/[^0-9]/', $prefix ) ) // Contact Form 7 generates $prefix with mt_rand()
436
return false;
437
438
$captcha->remove( $prefix );
414
$captcha->bg = $options['bg'];
415
}
416
417
+ $prefix = wp_rand();
418
$captcha_word = $captcha->generate_random_word();
419
return $captcha->generate_image( $prefix, $captcha_word );
420
}
432
return false;
433
}
434
435
+ if ( preg_match( '/[^0-9]/', $prefix ) ) // Contact Form 7 generates $prefix with wp_rand()
436
return false;
437
438
$captcha->remove( $prefix );
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: takayukister
3
Donate link: http://contactform7.com/donate/
4
Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
Requires at least: 4.0
6
- Tested up to: 4.1
7
- Stable tag: 4.1
8
License: GPLv2 or later
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
@@ -81,7 +81,7 @@ The following are other recommended plugins by the author of Contact Form 7.
81
* Portuguese (Brazil; pt_BR) - Leonardo Pinheiro, Henrique Vianna, Caciano Gabriel Batista, Gervásio Antônio, Gilvanilson Santos
82
* Portuguese (Portugal; pt_PT) - Hugo Baeta, Pedro Nave, Pedro Mendonça
83
* Punjabi (pa_IN) - Jasvinder Sing
84
- * Russian (ru_RU) - Dmitry Volotovich, Denis Voituk, kg69design
85
* Romanian (ro_RO) - Stas Sushkov, Anunturi Jibo, Marius Olar, Inbox Translation
86
* Serbian (sr_RS) - Vedran, Aleksandar Urošević
87
* Sinhala (si_LK) - Nitin Aggarwal
@@ -125,6 +125,12 @@ Do you have questions or issues with Contact Form 7? Use these support channels
125
126
For more information, see [Releases](http://contactform7.com/category/releases/).
127
128
= 4.1 =
129
130
* Added maxlength and minlength options to several form-tag types.
@@ -134,25 +140,3 @@ For more information, see [Releases](http://contactform7.com/category/releases/)
134
* Added default:get, default:post and default:post_meta options to get default values from the context.
135
* Translations for Turkish, German, Portuguese, Dutch, and Hebrew have been updated.
136
* WordPress 4.0 or higher is required.
137
-
138
- = 4.0.3 =
139
-
140
- * The contextual help tab has been added to admin pages.
141
- * Changed the admin menu icon to "email" dashicon.
142
- * Translations for Croatian, Turkish, and Catalan have been updated.
143
-
144
- = 4.0.2 =
145
-
146
- * Introduced wpcf7_build_query() to correctly apply urlencode to keys and values in URL queries.
147
- * Translations for Portuguese, Spanish, Hungarian, and German have been updated.
148
-
149
- = 4.0.1 =
150
-
151
- * Fixed a bug that caused an error when creating new contact forms in some environment.
152
- * Translations for Portuguese and Croatian have been updated.
153
-
154
- = 4.0 =
155
-
156
- * The default mail template changed (see [Best Practice to Set Up Mail](http://contactform7.com/best-practice-to-set-up-mail/)).
157
- * Translations for Slovak, German, Turkish and Portuguese have been updated.
158
- * WordPress 3.9 or higher is required.
3
Donate link: http://contactform7.com/donate/
4
Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
Requires at least: 4.0
6
+ Tested up to: 4.1.1
7
+ Stable tag: 4.1.1
8
License: GPLv2 or later
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
81
* Portuguese (Brazil; pt_BR) - Leonardo Pinheiro, Henrique Vianna, Caciano Gabriel Batista, Gervásio Antônio, Gilvanilson Santos
82
* Portuguese (Portugal; pt_PT) - Hugo Baeta, Pedro Nave, Pedro Mendonça
83
* Punjabi (pa_IN) - Jasvinder Sing
84
+ * Russian (ru_RU) - Dmitry Volotovich, Denis Voituk, twisted tits, kg69design
85
* Romanian (ro_RO) - Stas Sushkov, Anunturi Jibo, Marius Olar, Inbox Translation
86
* Serbian (sr_RS) - Vedran, Aleksandar Urošević
87
* Sinhala (si_LK) - Nitin Aggarwal
125
126
For more information, see [Releases](http://contactform7.com/category/releases/).
127
128
+ = 4.1.1 =
129
+
130
+ * Security enhancement: use wp_rand() instead of mt_rand() for CAPTCHA file name generation to make it harder for attackers to predict its next value.
131
+ * Modified wpcf7_plugin_url(): use plugins_url() internally.
132
+ * Translations for Russian, Hungarian, Swedish, German, and Turkish have been updated.
133
+
134
= 4.1 =
135
136
* Added maxlength and minlength options to several form-tag types.
140
* Added default:get, default:post and default:post_meta options to get default values from the context.
141
* Translations for Turkish, German, Portuguese, Dutch, and Hebrew have been updated.
142
* WordPress 4.0 or higher is required.
wp-contact-form-7.php CHANGED
@@ -7,7 +7,7 @@ Author: Takayuki Miyoshi
7
Author URI: http://ideasilo.wordpress.com/
8
Text Domain: contact-form-7
9
Domain Path: /languages/
10
- Version: 4.1
11
*/
12
13
/* Copyright 2007-2015 Takayuki Miyoshi (email: takayukister at gmail.com)
@@ -27,40 +27,50 @@ Version: 4.1
27
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28
*/
29
30
- define( 'WPCF7_VERSION', '4.1' );
31
32
define( 'WPCF7_REQUIRED_WP_VERSION', '4.0' );
33
34
- define( 'WPCF7_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
35
36
- define( 'WPCF7_PLUGIN_NAME', trim( dirname( WPCF7_PLUGIN_BASENAME ), '/' ) );
37
38
- define( 'WPCF7_PLUGIN_DIR', untrailingslashit( dirname( __FILE__ ) ) );
39
40
- define( 'WPCF7_PLUGIN_URL', untrailingslashit( plugins_url( '', __FILE__ ) ) );
41
42
define( 'WPCF7_PLUGIN_MODULES_DIR', WPCF7_PLUGIN_DIR . '/modules' );
43
44
- if ( ! defined( 'WPCF7_LOAD_JS' ) )
45
define( 'WPCF7_LOAD_JS', true );
46
47
- if ( ! defined( 'WPCF7_LOAD_CSS' ) )
48
define( 'WPCF7_LOAD_CSS', true );
49
50
- if ( ! defined( 'WPCF7_AUTOP' ) )
51
define( 'WPCF7_AUTOP', true );
52
53
- if ( ! defined( 'WPCF7_USE_PIPE' ) )
54
define( 'WPCF7_USE_PIPE', true );
55
56
- if ( ! defined( 'WPCF7_ADMIN_READ_CAPABILITY' ) )
57
define( 'WPCF7_ADMIN_READ_CAPABILITY', 'edit_posts' );
58
59
- if ( ! defined( 'WPCF7_ADMIN_READ_WRITE_CAPABILITY' ) )
60
define( 'WPCF7_ADMIN_READ_WRITE_CAPABILITY', 'publish_pages' );
61
62
- if ( ! defined( 'WPCF7_VERIFY_NONCE' ) )
63
define( 'WPCF7_VERIFY_NONCE', true );
64
65
require_once WPCF7_PLUGIN_DIR . '/settings.php';
66
7
Author URI: http://ideasilo.wordpress.com/
8
Text Domain: contact-form-7
9
Domain Path: /languages/
10
+ Version: 4.1.1
11
*/
12
13
/* Copyright 2007-2015 Takayuki Miyoshi (email: takayukister at gmail.com)
27
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28
*/
29
30
+ define( 'WPCF7_VERSION', '4.1.1' );
31
32
define( 'WPCF7_REQUIRED_WP_VERSION', '4.0' );
33
34
+ define( 'WPCF7_PLUGIN', __FILE__ );
35
36
+ define( 'WPCF7_PLUGIN_BASENAME', plugin_basename( WPCF7_PLUGIN ) );
37
38
+ define( 'WPCF7_PLUGIN_NAME', trim( dirname( WPCF7_PLUGIN_BASENAME ), '/' ) );
39
40
+ define( 'WPCF7_PLUGIN_DIR', untrailingslashit( dirname( WPCF7_PLUGIN ) ) );
41
42
define( 'WPCF7_PLUGIN_MODULES_DIR', WPCF7_PLUGIN_DIR . '/modules' );
43
44
+ if ( ! defined( 'WPCF7_LOAD_JS' ) ) {
45
define( 'WPCF7_LOAD_JS', true );
46
+ }
47
48
+ if ( ! defined( 'WPCF7_LOAD_CSS' ) ) {
49
define( 'WPCF7_LOAD_CSS', true );
50
+ }
51
52
+ if ( ! defined( 'WPCF7_AUTOP' ) ) {
53
define( 'WPCF7_AUTOP', true );
54
+ }
55
56
+ if ( ! defined( 'WPCF7_USE_PIPE' ) ) {
57
define( 'WPCF7_USE_PIPE', true );
58
+ }
59
60
+ if ( ! defined( 'WPCF7_ADMIN_READ_CAPABILITY' ) ) {
61
define( 'WPCF7_ADMIN_READ_CAPABILITY', 'edit_posts' );
62
+ }
63
64
+ if ( ! defined( 'WPCF7_ADMIN_READ_WRITE_CAPABILITY' ) ) {
65
define( 'WPCF7_ADMIN_READ_WRITE_CAPABILITY', 'publish_pages' );
66
+ }
67
68
+ if ( ! defined( 'WPCF7_VERIFY_NONCE' ) ) {
69
define( 'WPCF7_VERIFY_NONCE', true );
70
+ }
71
+
72
+ // Deprecated, not used in the plugin core. Use wpcf7_plugin_url() instead.
73
+ define( 'WPCF7_PLUGIN_URL', untrailingslashit( plugins_url( '', WPCF7_PLUGIN ) ) );
74
75
require_once WPCF7_PLUGIN_DIR . '/settings.php';
76