Contact Form Builder – a plugin for creating contact and feedback forms - Version 1.0.68

Version Description

  • Fixed: Security issue.
  • Fixed: Issue with Recaptcha.
Download this release

Release Info

Developer webdorado
Plugin Icon 128x128 Contact Form Builder – a plugin for creating contact and feedback forms
Version 1.0.68
Comparing to
See all releases

Code changes from version 1.0.67 to 1.0.68

Files changed (3) hide show
  1. contact-form-builder.php +17 -10
  2. frontend/models/CFMModelForm_maker.php +26 -6
  3. readme.txt +27 -24
contact-form-builder.php CHANGED
@@ -3,14 +3,14 @@
3
  * Plugin Name: Contact Form Builder
4
  * Plugin URI: https://web-dorado.com/products/wordpress-contact-form-builder.html
5
  * Description: Contact Form Builder is an advanced plugin to add contact forms into your website. It comes along with multiple default templates which can be customized.
6
- * Version: 1.0.67
7
  * Author: WebDorado
8
  * Author URI: https://web-dorado.com/wordpress-plugins-bundle.html
9
  * License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
10
  */
11
  define('WD_CFM_DIR', WP_PLUGIN_DIR . "/" . plugin_basename(dirname(__FILE__)));
12
  define('WD_CFM_URL', plugins_url(plugin_basename(dirname(__FILE__))));
13
- define('WD_CFM_VERSION', '1.0.67');
14
  define('WD_CFM_PREFIX', 'cfm');
15
  define('WD_CFM_NICENAME', __( 'Contact Form Builder', WD_CFM_PREFIX ));
16
 
@@ -73,19 +73,26 @@ add_action('wp_ajax_ContactFormmakerwdcaptcha', 'contact_form_maker_ajax'); // G
73
  add_action('wp_ajax_nopriv_ContactFormmakerwdcaptcha', 'contact_form_maker_ajax'); // Generete captcha image and save it code in session for all users.
74
 
75
  function contact_form_maker_ajax() {
 
 
 
 
 
 
76
  require_once(WD_CFM_DIR . '/framework/WDW_CFM_Library.php');
77
  $page = WDW_CFM_Library::get('action');
78
- if ($page != 'ContactFormmakerwdcaptcha') {
79
- if (function_exists('current_user_can')) {
80
- if (!current_user_can('manage_options')) {
 
 
 
 
 
81
  die('Access Denied');
82
  }
83
  }
84
- else {
85
- die('Access Denied');
86
- }
87
- }
88
- if ($page != '') {
89
  require_once (WD_CFM_DIR . '/admin/controllers/CFMController' . ucfirst($page) . '.php');
90
  $controller_class = 'CFMController' . ucfirst($page);
91
  $controller = new $controller_class();
3
  * Plugin Name: Contact Form Builder
4
  * Plugin URI: https://web-dorado.com/products/wordpress-contact-form-builder.html
5
  * Description: Contact Form Builder is an advanced plugin to add contact forms into your website. It comes along with multiple default templates which can be customized.
6
+ * Version: 1.0.68
7
  * Author: WebDorado
8
  * Author URI: https://web-dorado.com/wordpress-plugins-bundle.html
9
  * License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
10
  */
11
  define('WD_CFM_DIR', WP_PLUGIN_DIR . "/" . plugin_basename(dirname(__FILE__)));
12
  define('WD_CFM_URL', plugins_url(plugin_basename(dirname(__FILE__))));
13
+ define('WD_CFM_VERSION', '1.0.68');
14
  define('WD_CFM_PREFIX', 'cfm');
15
  define('WD_CFM_NICENAME', __( 'Contact Form Builder', WD_CFM_PREFIX ));
16
 
73
  add_action('wp_ajax_nopriv_ContactFormmakerwdcaptcha', 'contact_form_maker_ajax'); // Generete captcha image and save it code in session for all users.
74
 
75
  function contact_form_maker_ajax() {
76
+ $allowed_pages = array(
77
+ 'CFMShortcode',
78
+ 'ContactFormMakerPreview',
79
+ 'wp_ajax_ContactFormmakerwdcaptcha',
80
+ 'wp_ajax_nopriv_ContactFormmakerwdcaptcha',
81
+ );
82
  require_once(WD_CFM_DIR . '/framework/WDW_CFM_Library.php');
83
  $page = WDW_CFM_Library::get('action');
84
+ if ( !empty($page) && in_array($page, $allowed_pages) ) {
85
+ if ($page != 'ContactFormmakerwdcaptcha') {
86
+ if (function_exists('current_user_can')) {
87
+ if (!current_user_can('manage_options')) {
88
+ die('Access Denied');
89
+ }
90
+ }
91
+ else {
92
  die('Access Denied');
93
  }
94
  }
95
+
 
 
 
 
96
  require_once (WD_CFM_DIR . '/admin/controllers/CFMController' . ucfirst($page) . '.php');
97
  $controller_class = 'CFMController' . ucfirst($page);
98
  $controller = new $controller_class();
frontend/models/CFMModelForm_maker.php CHANGED
@@ -118,15 +118,35 @@ class CFMModelForm_maker {
118
  curl_setopt_array($ch, $curlConfig);
119
  $response = curl_exec($ch);
120
  curl_close($ch);
121
- $jsonResponse = json_decode($response);
122
- if ( $jsonResponse->success == "true" ) {
123
  $correct = TRUE;
124
  }
125
  else {
126
- ?>
127
- <script>alert("<?php echo addslashes(__('`php_openssl` extension is not enabled.', 'contact_form_maker')); ?>");</script>
128
- <?php
129
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
130
  }
131
  else {
132
  if($captcha_exist && preg_match('(type_captcha|type_recaptcha)', $form -> label_order_current) === 1){
118
  curl_setopt_array($ch, $curlConfig);
119
  $response = curl_exec($ch);
120
  curl_close($ch);
121
+ $jsonResponse = (array) json_decode($response);
122
+ if ( $jsonResponse['success'] == "true" ) {
123
  $correct = TRUE;
124
  }
125
  else {
126
+ if ( isset( $jsonResponse[ 'error-codes' ] ) ) {
127
+ foreach ( $jsonResponse[ 'error-codes' ] as $errorcode ) {
128
+ switch ( $errorcode ) {
129
+ case 'missing-input-secret' :
130
+ case 'invalid-input-secret' : {
131
+ $error_massage = addslashes( addslashes( __( 'Error, incorrect secret code.', WD_CFM_PREFIX ) ) );
132
+ break;
133
+ }
134
+ case 'missing-input-response' :
135
+ case 'invalid-input-response' :
136
+ case 'bad-request' :
137
+ default: {
138
+ $error_massage = addslashes( addslashes( __( 'Verification failed.', WD_CFM_PREFIX ) ) );
139
+ break;
140
+ }
141
+ }
142
+ }
143
+ } else {
144
+ $error_massage = addslashes( addslashes( __( 'Verification failed.', WD_CFM_PREFIX) ) );
145
+ }
146
+ ?>
147
+ <script>alert("<?php echo $error_massage; ?>");</script>
148
+ <?php
149
+ }
150
  }
151
  else {
152
  if($captcha_exist && preg_match('(type_captcha|type_recaptcha)', $form -> label_order_current) === 1){
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: webdorado
3
  Tags: contact form, contact forms, contact, feedback, form manager, captcha, custom form, email, form, form builder, forms, survey
4
  Requires at least: 3.4
5
- Tested up to: 5.0
6
- Stable tag: 1.0.67
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
@@ -77,8 +77,11 @@ After downloading the ZIP file,
77
 
78
 
79
  == Changelog ==
 
 
 
80
 
81
- = 2.0.67 =
82
  * Added: Gutenberg integration.
83
 
84
  = 1.0.66 =
@@ -352,16 +355,16 @@ Required fields mark. Here you can change the symbol of the indicator used for t
352
  You can setup email notifications from Form Options > Email Options section of your form.
353
 
354
  Send Email. Choose whether to send emails containing the contact form entries to administrator(s)/submitter or not.
355
- Email to Administrator Email to send submissions to. Here you provide e-mails to which submitted contact form information is sent. If you need more than one e-mail address, you should press + button to add the new one.
356
- Email From. Here you specify the email address from which the administrator(s) receives the submission email (senders email). If you have an email address field in your form, you can use this user-submitted email address.
357
 
358
- * From Name. Here you specify the senders name which is shown in submission email.
359
  * Reply to:(if different from "Email From"). Here you can specify the email address the administrator can reply to. If you have an email address field in your contact form, you can use this user-submitted email address.
360
  * CC. Provide additional email/emails to send the submissions of the contact form. The receiver will be able to view all the emails receiving the submissions.
361
  * BCC. Provide additional email/emails to send the submissions of the contact form. The receiver will not be able to view the emails receiving the submissions.
362
  * Subject. You can provide a text to be used as a subject for the email. In addition using + button you can select any of the contact form fields to be set as a separate subject for the email or use it with additional text, e.g. Submission of + %Name%.
363
  * Mode. Specify the mode of the email to the administrator- HTML or text. HTML will display the contact form within a box, whereas text will display the content of the filled contact form only.
364
- * Custom Text in Email For Administrator. Here you can add custom texts, images, and custom HTML to the e-mail message that is sent to the administrator (filled in contact form), as well as choose which fields of the submitted form are included in the e-mail (set to all by default).
365
 
366
  = Can I send email confirmation to submitter? =
367
 
@@ -369,13 +372,13 @@ Email to User section of Form Options > Email Options section lets you do this.
369
 
370
  * Send to. By checking the box the submitters will receive their copy of the filled contact form.
371
  * Email From. Here you specify the email address from which the users receive the submission email.
372
- * From Name. Here you specify the senders name which is shown in submission email which the users receive.
373
  * Reply to:(if different from "Email From"). Here you can specify the email address the user can reply to.
374
  * CC. Provide additional email/emails to send the submissions of the contact form. The receiver will be able to view all the emails receiving the submissions.
375
  * BCC. Provide additional email/emails to send the submissions of the contact form. The receiver will not be able to view the emails receiving the submissions.
376
  * Subject. You can provide a text to be used as a subject for the email. In addition using + button you can select any of the contact form fields to be set as a separate subject for the email or use it with additional text, e.g. Submission of + %Name%.
377
  * Mode. Specify the mode of the email (filled in contact form) to the administrator- HTML or text. HTML will display the contact form within a box, whereas text will display the content of the filled contact form only.
378
- * Custom Text in Email For User. Here you can add custom texts, images, and custom HTML to the e-mail message that is sent to the administrator, as well as choose which fields of the submitted form are included in the e-mail (set to all by default).
379
 
380
  = Where are the submitted entries stored? =
381
 
@@ -404,22 +407,22 @@ The contact form submissions can be exported using CSV and XML formats.
404
  Captcha field of Contact Form Builder is provided for spam protection. This field can be used for receiving human generated contact form entries. There are two options for this contact form field:
405
 
406
  Captcha:
407
- Field label. Provide the label text.
408
- Field label size. Set the size of the field label.
409
- Field label position. Define the positioning of the field label.
410
- Captcha size. Select the number of the characters to be displayed with Captcha.
411
- Class Name. The CSS class of the field included in the Theme (Plugins>Contact Form Builder>Themes)
412
- Additional attributes. This field allows adding additional features to the field to customize it.
413
 
414
  ReCaptcha:
415
- Field label. Provide the label text.
416
- Field label size. Set the size of the contact form field label.
417
- Field label position. Define the positioning of the contact form field label.
418
- Public Key. Specify the public key of the Recaptcha.
419
- Private Key. Specify the private key of the Recaptcha.
420
- Recaptcha Theme. Select the theme to be applied to the Recaptcha.
421
- Class Name. The CSS class of the field included in the Theme (Plugins>Contact Form Builder>Themes)
422
- Additional attributes. This field allows adding additional features to the field to customize it.
423
 
424
  = Can I block submissions from spammy IP addresses? =
425
 
@@ -523,7 +526,7 @@ Alternatively, you can activate Address (Mark on Map). This contact form field a
523
 
524
  = Is there a field which validates email addresses? =
525
 
526
- Email field of Contact Form Builder allows adding submitters email. It gets validated so that the users will add it in the appropriate format. It has the following attributes:
527
  * Field label. Provide the label text.
528
  * Field label size. Set the size of the contact form field label.
529
  * Field label position. Define the positioning of the contact form field label.
2
  Contributors: webdorado
3
  Tags: contact form, contact forms, contact, feedback, form manager, captcha, custom form, email, form, form builder, forms, survey
4
  Requires at least: 3.4
5
+ Tested up to: 5.1
6
+ Stable tag: 1.0.68
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
77
 
78
 
79
  == Changelog ==
80
+ = 1.0.68 =
81
+ * Fixed: Security issue.
82
+ * Fixed: Issue with Recaptcha.
83
 
84
+ = 1.0.67 =
85
  * Added: Gutenberg integration.
86
 
87
  = 1.0.66 =
355
  You can setup email notifications from Form Options > Email Options section of your form.
356
 
357
  Send Email. Choose whether to send emails containing the contact form entries to administrator(s)/submitter or not.
358
+ Email to Administrator. Email to send submissions to. Here you provide e-mails to which submitted contact form information is sent. If you need more than one e-mail address, you should press + button to add the new one.
359
+ Email From. Here you specify the email address from which the administrator(s) receives the submission email (sender's email). If you have an email address field in your form, you can use this user-submitted email address.
360
 
361
+ * From Name. Here you specify the sender's name which is shown in submission email.
362
  * Reply to:(if different from "Email From"). Here you can specify the email address the administrator can reply to. If you have an email address field in your contact form, you can use this user-submitted email address.
363
  * CC. Provide additional email/emails to send the submissions of the contact form. The receiver will be able to view all the emails receiving the submissions.
364
  * BCC. Provide additional email/emails to send the submissions of the contact form. The receiver will not be able to view the emails receiving the submissions.
365
  * Subject. You can provide a text to be used as a subject for the email. In addition using + button you can select any of the contact form fields to be set as a separate subject for the email or use it with additional text, e.g. Submission of + %Name%.
366
  * Mode. Specify the mode of the email to the administrator- HTML or text. HTML will display the contact form within a box, whereas text will display the content of the filled contact form only.
367
+ * Custom Text in Email For Administrator. Here you can add custom texts, images, and custom HTML to the e-mail message that is sent to the administrator (filled in contact form), as well as choose which fields of the submitted form are included in the e-mail (set to 'all' by default).
368
 
369
  = Can I send email confirmation to submitter? =
370
 
372
 
373
  * Send to. By checking the box the submitters will receive their copy of the filled contact form.
374
  * Email From. Here you specify the email address from which the users receive the submission email.
375
+ * From Name. Here you specify the sender's name which is shown in submission email which the users receive.
376
  * Reply to:(if different from "Email From"). Here you can specify the email address the user can reply to.
377
  * CC. Provide additional email/emails to send the submissions of the contact form. The receiver will be able to view all the emails receiving the submissions.
378
  * BCC. Provide additional email/emails to send the submissions of the contact form. The receiver will not be able to view the emails receiving the submissions.
379
  * Subject. You can provide a text to be used as a subject for the email. In addition using + button you can select any of the contact form fields to be set as a separate subject for the email or use it with additional text, e.g. Submission of + %Name%.
380
  * Mode. Specify the mode of the email (filled in contact form) to the administrator- HTML or text. HTML will display the contact form within a box, whereas text will display the content of the filled contact form only.
381
+ * Custom Text in Email For User. Here you can add custom texts, images, and custom HTML to the e-mail message that is sent to the administrator, as well as choose which fields of the submitted form are included in the e-mail (set to 'all' by default).
382
 
383
  = Where are the submitted entries stored? =
384
 
407
  Captcha field of Contact Form Builder is provided for spam protection. This field can be used for receiving human generated contact form entries. There are two options for this contact form field:
408
 
409
  Captcha:
410
+ * Field label. Provide the label text.
411
+ * Field label size. Set the size of the field label.
412
+ * Field label position. Define the positioning of the field label.
413
+ * Captcha size. Select the number of the characters to be displayed with Captcha.
414
+ * Class Name. The CSS class of the field included in the Theme (Plugins>Contact Form Builder>Themes)
415
+ * Additional attributes. This field allows adding additional features to the field to customize it.
416
 
417
  ReCaptcha:
418
+ * Field label. Provide the label text.
419
+ * Field label size. Set the size of the contact form field label.
420
+ * Field label position. Define the positioning of the contact form field label.
421
+ * Public Key. Specify the public key of the Recaptcha.
422
+ * Private Key. Specify the private key of the Recaptcha.
423
+ * Recaptcha Theme. Select the theme to be applied to the Recaptcha.
424
+ * Class Name. The CSS class of the field included in the Theme (Plugins>Contact Form Builder>Themes)
425
+ * Additional attributes. This field allows adding additional features to the field to customize it.
426
 
427
  = Can I block submissions from spammy IP addresses? =
428
 
526
 
527
  = Is there a field which validates email addresses? =
528
 
529
+ Email field of Contact Form Builder allows adding submitter's email. It gets validated so that the users will add it in the appropriate format. It has the following attributes:
530
  * Field label. Provide the label text.
531
  * Field label size. Set the size of the contact form field label.
532
  * Field label position. Define the positioning of the contact form field label.