Contact Form 7 - Version 5.0.5

Version Description

Fixes the inconsistency problem between get_data_option() and get_default_option() in the WPCF7_FormTag class.
Suppresses PHP errors occur on unlink() calls.
Introduces wpcf7_is_file_path_in_content_dir() to support the use of the UPLOADS constant.

Files changed (8) hide show

includes/config-validator.php CHANGED Viewed

	@@ -573,7 +573,7 @@ class WPCF7_ConfigValidator {
573	public function detect_file_not_in_content_dir( $section, $content ) {
574	$path = path_join( WP_CONTENT_DIR, $content );
575
576	- if ( 0 ~~!== strpos~~( ~~realpath(~~ $path ), ~~WP_CONTENT_DIR~~ ) ) {
577	return $this->add_error( $section,
578	self::error_file_not_in_content_dir,
579	array(


573	public function detect_file_not_in_content_dir( $section, $content ) {
574	$path = path_join( WP_CONTENT_DIR, $content );
575
576	+ if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
577	return $this->add_error( $section,
578	self::error_file_not_in_content_dir,
579	array(

includes/functions.php CHANGED Viewed

	@@ -253,12 +253,12 @@ function wpcf7_enctype_value( $enctype ) {
253
254	function wpcf7_rmdir_p( $dir ) {
255	if ( is_file( $dir ) ) {
256	- if ( ! $result = unlink( $dir ) ) {
257	$stat = stat( $dir );
258	$perms = $stat['mode'];
259	chmod( $dir, $perms \| 0200 ); // add write for owner
260
261	- if ( ! $result = unlink( $dir ) ) {
262	chmod( $dir, $perms );
263	}
264	}
	@@ -390,3 +390,16 @@ function wpcf7_anonymize_ip_addr( $ip_addr ) {
390
391	return inet_ntop( $packed & inet_pton( $mask ) );
392	}


253
254	function wpcf7_rmdir_p( $dir ) {
255	if ( is_file( $dir ) ) {
256	+ if ( ! $result = @unlink( $dir ) ) {
257	$stat = stat( $dir );
258	$perms = $stat['mode'];
259	chmod( $dir, $perms \| 0200 ); // add write for owner
260
261	+ if ( ! $result = @unlink( $dir ) ) {
262	chmod( $dir, $perms );
263	}
264	}

390
391	return inet_ntop( $packed & inet_pton( $mask ) );
392	}
393	+
394	+ function wpcf7_is_file_path_in_content_dir( $path ) {
395	+ if ( 0 === strpos( realpath( $path ), WP_CONTENT_DIR ) ) {
396	+ return true;
397	+ }
398	+
399	+ if ( defined( 'UPLOADS' )
400	+ and 0 === strpos( realpath( $path ), ABSPATH . UPLOADS ) ) {
401	+ return true;
402	+ }
403	+
404	+ return false;
405	+ }

includes/mail.php CHANGED Viewed

	@@ -174,7 +174,7 @@ class WPCF7_Mail {
174
175	$path = path_join( WP_CONTENT_DIR, $line );
176
177	- if ( 0 ~~!== strpos~~( ~~realpath(~~ $path ), ~~WP_CONTENT_DIR~~ ) ) {
178	// $path is out of WP_CONTENT_DIR
179	continue;
180	}


174
175	$path = path_join( WP_CONTENT_DIR, $line );
176
177	+ if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
178	// $path is out of WP_CONTENT_DIR
179	continue;
180	}

modules/checkbox.php CHANGED Viewed

	@@ -61,25 +61,25 @@ function wpcf7_checkbox_form_tag_handler( $tag ) {
61	$html = '';
62	$count = 0;
63
64	- $values = (array) $tag->values;
65	- $labels = (array) $tag->labels;
66	-
67	if ( $data = (array) $tag->get_data_option() ) {
68	if ( $free_text ) {
69	- $values = array_merge(
70	- array_slice( $values, 0, -1 ),
71	array_values( $data ),
72	- array_slice( $values, -1 ) );
73	- $labels = array_merge(
74	- array_slice( $labels, 0, -1 ),
75	array_values( $data ),
76	- array_slice( $labels, -1 ) );
77	} else {
78	- $values = array_merge( $values, array_values( $data ) );
79	- $labels = array_merge( $labels, array_values( $data ) );
80	}
81	}
82



83	$default_choice = $tag->get_default_option( null, array(
84	'multiple' => $multiple,
85	) );


61	$html = '';
62	$count = 0;
63



64	if ( $data = (array) $tag->get_data_option() ) {
65	if ( $free_text ) {
66	+ $tag->values = array_merge(
67	+ array_slice( $tag->values, 0, -1 ),
68	array_values( $data ),
69	+ array_slice( $tag->values, -1 ) );
70	+ $tag->labels = array_merge(
71	+ array_slice( $tag->labels, 0, -1 ),
72	array_values( $data ),
73	+ array_slice( $tag->labels, -1 ) );
74	} else {
75	+ $tag->values = array_merge( $tag->values, array_values( $data ) );
76	+ $tag->labels = array_merge( $tag->labels, array_values( $data ) );
77	}
78	}
79
80	+ $values = $tag->values;
81	+ $labels = $tag->labels;
82	+
83	$default_choice = $tag->get_default_option( null, array(
84	'multiple' => $multiple,
85	) );

modules/really-simple-captcha.php CHANGED Viewed

	@@ -541,7 +541,7 @@ function wpcf7_cleanup_captcha_files() {
541	$stat = stat( path_join( $dir, $file ) );
542
543	if ( $stat['mtime'] + 3600 < time() ) { // 3600 secs == 1 hour
544	- unlink( path_join( $dir, $file ) );
545	}
546	}
547

modules/select.php CHANGED Viewed

	@@ -58,14 +58,14 @@ function wpcf7_select_form_tag_handler( $tag ) {
58	}
59	}
60
61	- $values = $tag->values;
62	- $labels = $tag->labels;
63	-
64	if ( $data = (array) $tag->get_data_option() ) {
65	- $values = array_merge( $values, array_values( $data ) );
66	- $labels = array_merge( $labels, array_values( $data ) );
67	}
68



69	$default_choice = $tag->get_default_option( null, array(
70	'multiple' => $multiple,
71	'shifted' => $include_blank,


58	}
59	}
60



61	if ( $data = (array) $tag->get_data_option() ) {
62	+ $tag->values = array_merge( $tag->values, array_values( $data ) );
63	+ $tag->labels = array_merge( $tag->labels, array_values( $data ) );
64	}
65
66	+ $values = $tag->values;
67	+ $labels = $tag->labels;
68	+
69	$default_choice = $tag->get_default_option( null, array(
70	'multiple' => $multiple,
71	'shifted' => $include_blank,

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://contactform7.com/donate/
4	Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5	Requires at least: 4.8
6	Tested up to: 4.9
7	- Stable tag: 5.0.4
8	License: GPLv2 or later
9	License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -74,6 +74,12 @@ Do you have questions or issues with Contact Form 7? Use these support channels
74
75	For more information, see [Releases](https://contactform7.com/category/releases/).
76






77	= 5.0.4 =
78
79	* Specifies the capability_type argument explicitly in the register_post_type() call to fix the privilege escalation vulnerability issue.


4	Tags: contact, form, contact form, feedback, email, ajax, captcha, akismet, multilingual
5	Requires at least: 4.8
6	Tested up to: 4.9
7	+ Stable tag: 5.0.5
8	License: GPLv2 or later
9	License URI: https://www.gnu.org/licenses/gpl-2.0.html
10

74
75	For more information, see [Releases](https://contactform7.com/category/releases/).
76
77	+ = 5.0.5 =
78	+
79	+ * Fixes the inconsistency problem between get_data_option() and get_default_option() in the WPCF7_FormTag class.
80	+ * Suppresses PHP errors occur on unlink() calls.
81	+ * Introduces wpcf7_is_file_path_in_content_dir() to support the use of the UPLOADS constant.
82	+
83	= 5.0.4 =
84
85	* Specifies the capability_type argument explicitly in the register_post_type() call to fix the privilege escalation vulnerability issue.

wp-contact-form-7.php CHANGED Viewed

	@@ -7,10 +7,10 @@ Author: Takayuki Miyoshi
7	Author URI: https://ideasilo.wordpress.com/
8	Text Domain: contact-form-7
9	Domain Path: /languages/
10	- Version: 5.0.4
11	*/
12
13	- define( 'WPCF7_VERSION', '5.0.4' );
14
15	define( 'WPCF7_REQUIRED_WP_VERSION', '4.8' );
16


7	Author URI: https://ideasilo.wordpress.com/
8	Text Domain: contact-form-7
9	Domain Path: /languages/
10	+ Version: 5.0.5
11	*/
12
13	+ define( 'WPCF7_VERSION', '5.0.5' );
14
15	define( 'WPCF7_REQUIRED_WP_VERSION', '4.8' );
16