Contact Form 7 - Version 4.9.2

Version Description

  • Remove improper uses of esc_sql().
  • Fix the refill REST-API request so that a nonce is set when available.
  • Give more contrast to unused mail-tags in the Mail tab panel to make them easier to recognize.
  • Undo the previous change of HTTP status code for the REST-API response.
Download this release

Release Info

Developer takayukister
Plugin Icon 128x128 Contact Form 7
Version 4.9.2
Comparing to
See all releases

Code changes from version 4.9.1 to 4.9.2

Files changed (7) hide show
  1. admin/css/styles.css +4 -0
  2. includes/js/scripts.js +7 -0
  3. includes/rest-api.php +1 -1
  4. modules/checkbox.php +2 -2
  5. modules/select.php +2 -2
  6. readme.txt +9 -2
  7. wp-contact-form-7.php +2 -2
admin/css/styles.css CHANGED
@@ -298,6 +298,10 @@ ul.config-error li a.external {
298
  color: #666;
299
  }
300
 
 
 
 
 
301
  /*
302
  * Messages Tab
303
  */
298
  color: #666;
299
  }
300
 
301
+ .contact-form-editor-box-mail span.mailtag.unused {
302
+ font-weight: bold;
303
+ }
304
+
305
  /*
306
  * Messages Tab
307
  */
includes/js/scripts.js CHANGED
@@ -441,6 +441,13 @@
441
  type: 'GET',
442
  url: wpcf7.apiSettings.getRoute(
443
  '/contact-forms/' + wpcf7.getId( $form ) + '/refill' ),
 
 
 
 
 
 
 
444
  dataType: 'json'
445
  } ).done( function( data, status, xhr ) {
446
  if ( data.captcha ) {
441
  type: 'GET',
442
  url: wpcf7.apiSettings.getRoute(
443
  '/contact-forms/' + wpcf7.getId( $form ) + '/refill' ),
444
+ beforeSend: function( xhr ) {
445
+ var nonce = $form.find( ':input[name="_wpnonce"]' ).val();
446
+
447
+ if ( nonce ) {
448
+ xhr.setRequestHeader( 'X-WP-Nonce', nonce );
449
+ }
450
+ },
451
  dataType: 'json'
452
  } ).done( function( data, status, xhr ) {
453
  if ( data.captcha ) {
includes/rest-api.php CHANGED
@@ -119,7 +119,7 @@ function wpcf7_rest_create_contact_form( WP_REST_Request $request ) {
119
  if ( $id ) {
120
  return new WP_Error( 'wpcf7_post_exists',
121
  __( "Cannot create existing contact form.", 'contact-form-7' ),
122
- array( 'status' => 409 ) );
123
  }
124
 
125
  if ( ! current_user_can( 'wpcf7_edit_contact_forms' ) ) {
119
  if ( $id ) {
120
  return new WP_Error( 'wpcf7_post_exists',
121
  __( "Cannot create existing contact form.", 'contact-form-7' ),
122
+ array( 'status' => 400 ) );
123
  }
124
 
125
  if ( ! current_user_can( 'wpcf7_edit_contact_forms' ) ) {
modules/checkbox.php CHANGED
@@ -107,9 +107,9 @@ function wpcf7_checkbox_form_tag_handler( $tag ) {
107
 
108
  if ( $hangover ) {
109
  if ( $multiple ) {
110
- $checked = in_array( esc_sql( $value ), (array) $hangover );
111
  } else {
112
- $checked = ( $hangover == esc_sql( $value ) );
113
  }
114
  } else {
115
  $checked = in_array( $key + 1, (array) $defaults );
107
 
108
  if ( $hangover ) {
109
  if ( $multiple ) {
110
+ $checked = in_array( $value, (array) $hangover, true );
111
  } else {
112
+ $checked = ( $hangover === $value );
113
  }
114
  } else {
115
  $checked = in_array( $key + 1, (array) $defaults );
modules/select.php CHANGED
@@ -102,9 +102,9 @@ function wpcf7_select_form_tag_handler( $tag ) {
102
 
103
  if ( $hangover ) {
104
  if ( $multiple ) {
105
- $selected = in_array( esc_sql( $value ), (array) $hangover );
106
  } else {
107
- $selected = ( $hangover == esc_sql( $value ) );
108
  }
109
  } else {
110
  if ( ! $shifted && in_array( (int) $key + 1, (array) $defaults ) ) {
102
 
103
  if ( $hangover ) {
104
  if ( $multiple ) {
105
+ $selected = in_array( $value, (array) $hangover, true );
106
  } else {
107
+ $selected = ( $hangover === $value );
108
  }
109
  } else {
110
  if ( ! $shifted && in_array( (int) $key + 1, (array) $defaults ) ) {
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: takayukister
3
  Donate link: https://contactform7.com/donate/
4
  Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
  Requires at least: 4.7
6
- Tested up to: 4.9
7
- Stable tag: 4.9.1
8
  License: GPLv2 or later
9
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -60,6 +60,13 @@ Do you have questions or issues with Contact Form 7? Use these support channels
60
 
61
  For more information, see [Releases](https://contactform7.com/category/releases/).
62
 
 
 
 
 
 
 
 
63
  = 4.9.1 =
64
 
65
  * Code using create_function() has been removed to avoid security risks and warnings given when using with PHP 7.2+.
3
  Donate link: https://contactform7.com/donate/
4
  Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
  Requires at least: 4.7
6
+ Tested up to: 4.9.1
7
+ Stable tag: 4.9.2
8
  License: GPLv2 or later
9
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
 
60
 
61
  For more information, see [Releases](https://contactform7.com/category/releases/).
62
 
63
+ = 4.9.2 =
64
+
65
+ * Remove improper uses of esc_sql().
66
+ * Fix the refill REST-API request so that a nonce is set when available.
67
+ * Give more contrast to unused mail-tags in the Mail tab panel to make them easier to recognize.
68
+ * Undo the previous change of HTTP status code for the REST-API response.
69
+
70
  = 4.9.1 =
71
 
72
  * Code using create_function() has been removed to avoid security risks and warnings given when using with PHP 7.2+.
wp-contact-form-7.php CHANGED
@@ -7,10 +7,10 @@ Author: Takayuki Miyoshi
7
  Author URI: https://ideasilo.wordpress.com/
8
  Text Domain: contact-form-7
9
  Domain Path: /languages/
10
- Version: 4.9.1
11
  */
12
 
13
- define( 'WPCF7_VERSION', '4.9.1' );
14
 
15
  define( 'WPCF7_REQUIRED_WP_VERSION', '4.7' );
16
 
7
  Author URI: https://ideasilo.wordpress.com/
8
  Text Domain: contact-form-7
9
  Domain Path: /languages/
10
+ Version: 4.9.2
11
  */
12
 
13
+ define( 'WPCF7_VERSION', '4.9.2' );
14
 
15
  define( 'WPCF7_REQUIRED_WP_VERSION', '4.7' );
16