Contact Form 7 - Version 5.0.5

Version Description

  • Fixes the inconsistency problem between get_data_option() and get_default_option() in the WPCF7_FormTag class.
  • Suppresses PHP errors occur on unlink() calls.
  • Introduces wpcf7_is_file_path_in_content_dir() to support the use of the UPLOADS constant.
Download this release

Release Info

Developer takayukister
Plugin Icon 128x128 Contact Form 7
Version 5.0.5
Comparing to
See all releases

Code changes from version 5.0.4 to 5.0.5

includes/config-validator.php CHANGED
@@ -573,7 +573,7 @@ class WPCF7_ConfigValidator {
573
public function detect_file_not_in_content_dir( $section, $content ) {
574
$path = path_join( WP_CONTENT_DIR, $content );
575
576
- if ( 0 !== strpos( realpath( $path ), WP_CONTENT_DIR ) ) {
577
return $this->add_error( $section,
578
self::error_file_not_in_content_dir,
579
array(
573
public function detect_file_not_in_content_dir( $section, $content ) {
574
$path = path_join( WP_CONTENT_DIR, $content );
575
576
+ if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
577
return $this->add_error( $section,
578
self::error_file_not_in_content_dir,
579
array(
includes/functions.php CHANGED
@@ -253,12 +253,12 @@ function wpcf7_enctype_value( $enctype ) {
253
254
function wpcf7_rmdir_p( $dir ) {
255
if ( is_file( $dir ) ) {
256
- if ( ! $result = unlink( $dir ) ) {
257
$stat = stat( $dir );
258
$perms = $stat['mode'];
259
chmod( $dir, $perms | 0200 ); // add write for owner
260
261
- if ( ! $result = unlink( $dir ) ) {
262
chmod( $dir, $perms );
263
}
264
}
@@ -390,3 +390,16 @@ function wpcf7_anonymize_ip_addr( $ip_addr ) {
390
391
return inet_ntop( $packed & inet_pton( $mask ) );
392
}
253
254
function wpcf7_rmdir_p( $dir ) {
255
if ( is_file( $dir ) ) {
256
+ if ( ! $result = @unlink( $dir ) ) {
257
$stat = stat( $dir );
258
$perms = $stat['mode'];
259
chmod( $dir, $perms | 0200 ); // add write for owner
260
261
+ if ( ! $result = @unlink( $dir ) ) {
262
chmod( $dir, $perms );
263
}
264
}
390
391
return inet_ntop( $packed & inet_pton( $mask ) );
392
}
393
+
394
+ function wpcf7_is_file_path_in_content_dir( $path ) {
395
+ if ( 0 === strpos( realpath( $path ), WP_CONTENT_DIR ) ) {
396
+ return true;
397
+ }
398
+
399
+ if ( defined( 'UPLOADS' )
400
+ and 0 === strpos( realpath( $path ), ABSPATH . UPLOADS ) ) {
401
+ return true;
402
+ }
403
+
404
+ return false;
405
+ }
includes/mail.php CHANGED
@@ -174,7 +174,7 @@ class WPCF7_Mail {
174
175
$path = path_join( WP_CONTENT_DIR, $line );
176
177
- if ( 0 !== strpos( realpath( $path ), WP_CONTENT_DIR ) ) {
178
// $path is out of WP_CONTENT_DIR
179
continue;
180
}
174
175
$path = path_join( WP_CONTENT_DIR, $line );
176
177
+ if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
178
// $path is out of WP_CONTENT_DIR
179
continue;
180
}
modules/checkbox.php CHANGED
@@ -61,25 +61,25 @@ function wpcf7_checkbox_form_tag_handler( $tag ) {
61
$html = '';
62
$count = 0;
63
64
- $values = (array) $tag->values;
65
- $labels = (array) $tag->labels;
66
-
67
if ( $data = (array) $tag->get_data_option() ) {
68
if ( $free_text ) {
69
- $values = array_merge(
70
- array_slice( $values, 0, -1 ),
71
array_values( $data ),
72
- array_slice( $values, -1 ) );
73
- $labels = array_merge(
74
- array_slice( $labels, 0, -1 ),
75
array_values( $data ),
76
- array_slice( $labels, -1 ) );
77
} else {
78
- $values = array_merge( $values, array_values( $data ) );
79
- $labels = array_merge( $labels, array_values( $data ) );
80
}
81
}
82
83
$default_choice = $tag->get_default_option( null, array(
84
'multiple' => $multiple,
85
) );
61
$html = '';
62
$count = 0;
63
64
if ( $data = (array) $tag->get_data_option() ) {
65
if ( $free_text ) {
66
+ $tag->values = array_merge(
67
+ array_slice( $tag->values, 0, -1 ),
68
array_values( $data ),
69
+ array_slice( $tag->values, -1 ) );
70
+ $tag->labels = array_merge(
71
+ array_slice( $tag->labels, 0, -1 ),
72
array_values( $data ),
73
+ array_slice( $tag->labels, -1 ) );
74
} else {
75
+ $tag->values = array_merge( $tag->values, array_values( $data ) );
76
+ $tag->labels = array_merge( $tag->labels, array_values( $data ) );
77
}
78
}
79
80
+ $values = $tag->values;
81
+ $labels = $tag->labels;
82
+
83
$default_choice = $tag->get_default_option( null, array(
84
'multiple' => $multiple,
85
) );
modules/really-simple-captcha.php CHANGED
@@ -541,7 +541,7 @@ function wpcf7_cleanup_captcha_files() {
541
$stat = stat( path_join( $dir, $file ) );
542
543
if ( $stat['mtime'] + 3600 < time() ) { // 3600 secs == 1 hour
544
- unlink( path_join( $dir, $file ) );
545
}
546
}
547
541
$stat = stat( path_join( $dir, $file ) );
542
543
if ( $stat['mtime'] + 3600 < time() ) { // 3600 secs == 1 hour
544
+ @unlink( path_join( $dir, $file ) );
545
}
546
}
547
modules/select.php CHANGED
@@ -58,14 +58,14 @@ function wpcf7_select_form_tag_handler( $tag ) {
58
}
59
}
60
61
- $values = $tag->values;
62
- $labels = $tag->labels;
63
-
64
if ( $data = (array) $tag->get_data_option() ) {
65
- $values = array_merge( $values, array_values( $data ) );
66
- $labels = array_merge( $labels, array_values( $data ) );
67
}
68
69
$default_choice = $tag->get_default_option( null, array(
70
'multiple' => $multiple,
71
'shifted' => $include_blank,
58
}
59
}
60
61
if ( $data = (array) $tag->get_data_option() ) {
62
+ $tag->values = array_merge( $tag->values, array_values( $data ) );
63
+ $tag->labels = array_merge( $tag->labels, array_values( $data ) );
64
}
65
66
+ $values = $tag->values;
67
+ $labels = $tag->labels;
68
+
69
$default_choice = $tag->get_default_option( null, array(
70
'multiple' => $multiple,
71
'shifted' => $include_blank,
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://contactform7.com/donate/
4
Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
Requires at least: 4.8
6
Tested up to: 4.9
7
- Stable tag: 5.0.4
8
License: GPLv2 or later
9
License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
@@ -74,6 +74,12 @@ Do you have questions or issues with Contact Form 7? Use these support channels
74
75
For more information, see [Releases](https://contactform7.com/category/releases/).
76
77
= 5.0.4 =
78
79
* Specifies the capability_type argument explicitly in the register_post_type() call to fix the privilege escalation vulnerability issue.
4
Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5
Requires at least: 4.8
6
Tested up to: 4.9
7
+ Stable tag: 5.0.5
8
License: GPLv2 or later
9
License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
74
75
For more information, see [Releases](https://contactform7.com/category/releases/).
76
77
+ = 5.0.5 =
78
+
79
+ * Fixes the inconsistency problem between get_data_option() and get_default_option() in the WPCF7_FormTag class.
80
+ * Suppresses PHP errors occur on unlink() calls.
81
+ * Introduces wpcf7_is_file_path_in_content_dir() to support the use of the UPLOADS constant.
82
+
83
= 5.0.4 =
84
85
* Specifies the capability_type argument explicitly in the register_post_type() call to fix the privilege escalation vulnerability issue.
wp-contact-form-7.php CHANGED
@@ -7,10 +7,10 @@ Author: Takayuki Miyoshi
7
Author URI: https://ideasilo.wordpress.com/
8
Text Domain: contact-form-7
9
Domain Path: /languages/
10
- Version: 5.0.4
11
*/
12
13
- define( 'WPCF7_VERSION', '5.0.4' );
14
15
define( 'WPCF7_REQUIRED_WP_VERSION', '4.8' );
16
7
Author URI: https://ideasilo.wordpress.com/
8
Text Domain: contact-form-7
9
Domain Path: /languages/
10
+ Version: 5.0.5
11
*/
12
13
+ define( 'WPCF7_VERSION', '5.0.5' );
14
15
define( 'WPCF7_REQUIRED_WP_VERSION', '4.8' );
16