Contact Form by BestWebSoft - Version 3.35

Version Description

  • 19.02.2013 =
  • Bugfix : The error related to the cross-site scripting vulnerabilities was fixed.
Download this release

Release Info

Developer bestwebsoft
Plugin Icon 128x128 Contact Form by BestWebSoft
Version 3.35
Comparing to
See all releases

Code changes from version 3.34 to 3.35

contact_form.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: Contact Form Plugin
4
  Plugin URI: http://bestwebsoft.com/plugin/
5
  Description: Plugin for Contact Form.
6
  Author: BestWebSoft
7
- Version: 3.34
8
  Author URI: http://bestwebsoft.com/
9
  License: GPLv2 or later
10
  */
@@ -153,9 +153,9 @@ if( ! function_exists( 'cntctfrm_settings' ) ) {
153
  'cntctfrm_submit_label' => array( 'en' => __( "Submit", 'contact_form' ) ),
154
  'cntctfrm_name_error' => array( 'en' => __( "Your name is required.", 'contact_form' ) ),
155
  'cntctfrm_email_error' => array( 'en' => __( "A proper e-mail address is required.", 'contact_form' ) ),
156
- 'cntctfrm_phone_error' => array( 'en' => __( "Subject is required.", 'contact_form' ) ),
157
- 'cntctfrm_subject_error' => array( 'en' => __( "Message text is required.", 'contact_form' ) ),
158
- 'cntctfrm_message_error' => array( 'en' => __( "Phone number is required.", 'contact_form' ) ),
159
  'cntctfrm_attachment_error' => array( 'en' => __( "File format is not valid.", 'contact_form' ) ),
160
  'cntctfrm_captcha_error' => array( 'en' => __( "Please fill out the CAPTCHA.", 'contact_form' ) ),
161
  'cntctfrm_form_error' => array( 'en' => __( "Please make corrections below and try again.", 'contact_form' ) ),
@@ -199,13 +199,13 @@ if( ! function_exists( 'cntctfrm_settings_page' ) ) {
199
 
200
  $error = "";
201
  // Save data for settings page
202
- if( isset( $_REQUEST['cntctfrm_form_submit'] ) && check_admin_referer( plugin_basename(__FILE__), 'cntctfrm_nonce_name' ) ) {
203
- $cntctfrm_options_submit['cntctfrm_user_email'] = $_REQUEST['cntctfrm_user_email'];
204
- $cntctfrm_options_submit['cntctfrm_custom_email'] = stripslashes( $_REQUEST['cntctfrm_custom_email'] );
205
- $cntctfrm_options_submit['cntctfrm_select_email'] = $_REQUEST['cntctfrm_select_email'];
206
- $cntctfrm_options_submit['cntctfrm_from_email'] = $_REQUEST['cntctfrm_from_email'];
207
- $cntctfrm_options_submit['cntctfrm_custom_from_email'] = stripslashes( $_REQUEST['cntctfrm_custom_from_email'] );
208
- $cntctfrm_options_submit['cntctfrm_additions_options'] = isset( $_REQUEST['cntctfrm_additions_options']) ? $_REQUEST['cntctfrm_additions_options'] : 0;
209
  if($cntctfrm_options_submit['cntctfrm_additions_options'] == 0) {
210
  $cntctfrm_options_submit['cntctfrm_attachment'] = 0;
211
  $cntctfrm_options_submit['cntctfrm_attachment_explanations'] = 1;
@@ -263,26 +263,26 @@ if( ! function_exists( 'cntctfrm_settings_page' ) ) {
263
  }
264
  $cntctfrm_options_submit['cntctfrm_redirect_url'] = '';
265
  } else {
266
- $cntctfrm_options_submit['cntctfrm_attachment'] = isset( $_REQUEST['cntctfrm_attachment']) ? $_REQUEST['cntctfrm_attachment'] : 0;
267
- $cntctfrm_options_submit['cntctfrm_attachment_explanations'] = isset( $_REQUEST['cntctfrm_attachment_explanations']) ? $_REQUEST['cntctfrm_attachment_explanations'] : 0;
268
- $cntctfrm_options_submit['cntctfrm_send_copy'] = isset( $_REQUEST['cntctfrm_send_copy']) ? $_REQUEST['cntctfrm_send_copy'] : 0;
269
- $cntctfrm_options_submit['cntctfrm_from_field'] = $_REQUEST['cntctfrm_from_field'];
270
- $cntctfrm_options_submit['cntctfrm_mail_method'] = $_REQUEST['cntctfrm_mail_method'];
271
- $cntctfrm_options_submit['cntctfrm_mail_method'] = $_REQUEST['cntctfrm_mail_method'];
272
- $cntctfrm_options_submit['cntctfrm_display_add_info'] = isset( $_REQUEST['cntctfrm_display_add_info']) ? 1 : 0;
273
- $cntctfrm_options_submit['cntctfrm_change_label'] = isset( $_REQUEST['cntctfrm_change_label']) ? 1 : 0;
274
- $cntctfrm_options_submit['cntctfrm_display_phone_field'] = isset( $_REQUEST['cntctfrm_display_phone_field']) ? 1 : 0;
275
- $cntctfrm_options_submit['cntctfrm_required_name_field'] = isset( $_REQUEST['cntctfrm_required_name_field']) ? 1 : 0;
276
- $cntctfrm_options_submit['cntctfrm_required_email_field'] = isset( $_REQUEST['cntctfrm_required_email_field']) ? 1 : 0;
277
- $cntctfrm_options_submit['cntctfrm_required_phone_field'] = isset( $_REQUEST['cntctfrm_required_phone_field']) ? 1 : 0;
278
- $cntctfrm_options_submit['cntctfrm_required_subject_field'] = isset( $_REQUEST['cntctfrm_required_subject_field']) ? 1 : 0;
279
- $cntctfrm_options_submit['cntctfrm_required_message_field'] = isset( $_REQUEST['cntctfrm_required_message_field']) ? 1 : 0;
280
 
281
  if( $cntctfrm_options_submit['cntctfrm_display_add_info'] == 1 ) {
282
- $cntctfrm_options_submit['cntctfrm_display_sent_from'] = isset( $_REQUEST['cntctfrm_display_sent_from']) ? 1 : 0;
283
- $cntctfrm_options_submit['cntctfrm_display_date_time'] = isset( $_REQUEST['cntctfrm_display_date_time']) ? 1 : 0;
284
- $cntctfrm_options_submit['cntctfrm_display_coming_from'] = isset( $_REQUEST['cntctfrm_display_coming_from']) ? 1 : 0;
285
- $cntctfrm_options_submit['cntctfrm_display_user_agent'] = isset( $_REQUEST['cntctfrm_display_user_agent']) ? 1 : 0;
286
  }
287
  else {
288
  $cntctfrm_options_submit['cntctfrm_display_sent_from'] = 1;
@@ -291,23 +291,23 @@ if( ! function_exists( 'cntctfrm_settings_page' ) ) {
291
  $cntctfrm_options_submit['cntctfrm_display_user_agent'] = 1;
292
  }
293
  if( $cntctfrm_options_submit['cntctfrm_change_label'] == 1 ) {
294
- foreach( $_REQUEST['cntctfrm_name_label'] as $key=>$val ){
295
- $cntctfrm_options_submit['cntctfrm_name_label'][$key] = $_REQUEST['cntctfrm_name_label'][$key];
296
- $cntctfrm_options_submit['cntctfrm_email_label'][$key] = $_REQUEST['cntctfrm_email_label'][$key];
297
- $cntctfrm_options_submit['cntctfrm_phone_label'][$key] = $_REQUEST['cntctfrm_phone_label'][$key];
298
- $cntctfrm_options_submit['cntctfrm_subject_label'][$key] = $_REQUEST['cntctfrm_subject_label'][$key];
299
- $cntctfrm_options_submit['cntctfrm_message_label'][$key] = $_REQUEST['cntctfrm_message_label'][$key];
300
- $cntctfrm_options_submit['cntctfrm_attachment_label'][$key] = $_REQUEST['cntctfrm_attachment_label'][$key];
301
- $cntctfrm_options_submit['cntctfrm_thank_text'][$key] = $_REQUEST['cntctfrm_thank_text'][$key];
302
- $cntctfrm_options_submit['cntctfrm_submit_label'][$key] = $_REQUEST['cntctfrm_submit_label'][$key];
303
- $cntctfrm_options_submit['cntctfrm_name_error'][$key] = $_REQUEST['cntctfrm_name_error'][$key];
304
- $cntctfrm_options_submit['cntctfrm_email_error'][$key] = $_REQUEST['cntctfrm_email_error'][$key];
305
- $cntctfrm_options_submit['cntctfrm_phone_error'][$key] = $_REQUEST['cntctfrm_phone_error'][$key];
306
- $cntctfrm_options_submit['cntctfrm_subject_error'][$key] = $_REQUEST['cntctfrm_subject_error'][$key];
307
- $cntctfrm_options_submit['cntctfrm_message_error'][$key] = $_REQUEST['cntctfrm_message_error'][$key];
308
- $cntctfrm_options_submit['cntctfrm_attachment_error'][$key] = $_REQUEST['cntctfrm_attachment_error'][$key];
309
- $cntctfrm_options_submit['cntctfrm_captcha_error'][$key] = $_REQUEST['cntctfrm_captcha_error'][$key];
310
- $cntctfrm_options_submit['cntctfrm_form_error'][$key] = $_REQUEST['cntctfrm_form_error'][$key];
311
  }
312
  }
313
  else {
@@ -348,8 +348,8 @@ if( ! function_exists( 'cntctfrm_settings_page' ) ) {
348
  $cntctfrm_options_submit['cntctfrm_form_error']['en'] = $cntctfrm_option_defaults['cntctfrm_form_error']['en'];
349
  }
350
  }
351
- $cntctfrm_options_submit['cntctfrm_action_after_send'] = $_REQUEST['cntctfrm_action_after_send'];
352
- $cntctfrm_options_submit['cntctfrm_redirect_url'] = $_REQUEST['cntctfrm_redirect_url'];
353
  }
354
  $cntctfrm_options = array_merge( $cntctfrm_options, $cntctfrm_options_submit );
355
  if( $cntctfrm_options_submit['cntctfrm_action_after_send'] == 0
@@ -401,7 +401,7 @@ if( ! function_exists( 'cntctfrm_settings_page' ) ) {
401
  <div class="wrap">
402
  <div class="icon32 icon32-bws" id="icon-options-general"></div>
403
  <h2><?php _e( "Contact Form Options", 'contact_form' ); ?></h2>
404
- <div class="updated fade" <?php if( ! isset( $_REQUEST['cntctfrm_form_submit'] ) || $error != "" ) echo "style=\"display:none\""; ?>><p><strong><?php echo $message; ?></strong></p></div>
405
  <div class="error" <?php if( "" == $error ) echo "style=\"display:none\""; ?>><p><strong><?php echo $error; ?></strong></p></div>
406
  <form method="post" action="admin.php?page=contact_form.php">
407
  <span style="margin-bottom:15px;">
@@ -625,15 +625,19 @@ if( ! function_exists( 'cntctfrm_display_form' ) ) {
625
 
626
  $page_url = ( isset( $_SERVER["HTTPS"] ) && $_SERVER["HTTPS"] == "on" ? "https://" : "http://" ).$_SERVER["SERVER_NAME"].strip_tags( $_SERVER["REQUEST_URI"] );
627
  // If contact form submited
628
- $name = isset( $_REQUEST['cntctfrm_contact_name'] ) ? $_REQUEST['cntctfrm_contact_name'] : "";
629
- $email = isset( $_REQUEST['cntctfrm_contact_email'] ) ? stripslashes( $_REQUEST['cntctfrm_contact_email'] ) : "";
630
- $subject = isset( $_REQUEST['cntctfrm_contact_subject'] ) ? $_REQUEST['cntctfrm_contact_subject'] : "";
631
- $message = isset( $_REQUEST['cntctfrm_contact_message'] ) ? $_REQUEST['cntctfrm_contact_message'] : "";
632
- $phone = isset( $_REQUEST['cntctfrm_contact_phone'] ) ? $_REQUEST['cntctfrm_contact_phone'] : "";
633
- $name = strip_tags( $name );
634
- $phone = strip_tags( $phone );
635
- $subject = strip_tags( $subject );
636
- $send_copy = isset( $_REQUEST['cntctfrm_contact_send_copy'] ) ? $_REQUEST['cntctfrm_contact_send_copy'] : "";
 
 
 
 
637
  // If it is good
638
  if( true === $cntctfrm_result ) {
639
  $_SESSION['cntctfrm_send_mail'] = true;
@@ -746,7 +750,7 @@ if( ! function_exists( 'cntctfrm_check_and_send' ) ) {
746
  function cntctfrm_check_and_send() {
747
  global $cntctfrm_result;
748
  $cntctfrm_options = get_option( 'cntctfrm_options' );
749
- if( isset( $_REQUEST['cntctfrm_contact_action'] ) ){
750
  // Check all input data
751
  $cntctfrm_result = cntctfrm_check_form();
752
  }
@@ -767,13 +771,26 @@ if( ! function_exists( 'cntctfrm_check_form' ) ) {
767
  global $error_message;
768
  global $cntctfrm_options;
769
 
770
- $language = isset( $_REQUEST['cntctfrm_language'] ) ? $_REQUEST['cntctfrm_language'] : 'en';
771
  $path_of_uploaded_file = '';
772
  if( empty( $cntctfrm_options ) )
773
  $cntctfrm_options = get_option( 'cntctfrm_options' );
774
  $cntctfrm_result = "";
775
  // Error messages array
776
  $error_message = array();
 
 
 
 
 
 
 
 
 
 
 
 
 
777
  if( $cntctfrm_options['cntctfrm_required_name_field'] == 1 )
778
  $error_message['error_name'] = $cntctfrm_options['cntctfrm_name_error'][$language];
779
  if( $cntctfrm_options['cntctfrm_required_email_field'] == 1 )
@@ -819,18 +836,18 @@ if( ! function_exists( 'cntctfrm_check_form' ) ) {
819
  $error_message['error_attachment'] = $cntctfrm_options['cntctfrm_attachment_error'][$language];
820
  }
821
  // Check information wich was input in fields
822
- if( $cntctfrm_options['cntctfrm_required_name_field'] == 1 && "" != $_REQUEST['cntctfrm_contact_name'] )
823
  unset( $error_message['error_name'] );
824
- if( $cntctfrm_options['cntctfrm_required_email_field'] == 1 && "" != $_REQUEST['cntctfrm_contact_email'] && preg_match( "/^(?:[a-z0-9']+(?:[a-z0-9\-_\.']+)?@[a-z0-9]+(?:[a-z0-9\-\.]+)?\.[a-z]{2,5})$/i", trim( stripslashes( $_REQUEST['cntctfrm_contact_email'] ) ) ) )
825
  unset( $error_message['error_email'] );
826
- if( $cntctfrm_options['cntctfrm_required_subject_field'] == 1 && "" != $_REQUEST['cntctfrm_contact_subject'] )
827
  unset( $error_message['error_subject'] );
828
- if( $cntctfrm_options['cntctfrm_required_message_field'] == 1 && "" != $_REQUEST['cntctfrm_contact_message'] )
829
  unset( $error_message['error_message'] );
830
- if( $cntctfrm_options['cntctfrm_display_phone_field'] == 1 && $cntctfrm_options['cntctfrm_required_phone_field'] == 1 && "" != $_REQUEST['cntctfrm_contact_phone'] )
831
  unset( $error_message['error_phone'] );
832
  // If captcha plugin exists
833
- if( ! apply_filters( 'cntctfrm_check_form', $_REQUEST ) )
834
  $error_message['error_captcha'] = $cntctfrm_options['cntctfrm_captcha_error'][$language];
835
  if( isset($_FILES["cntctfrm_contact_attachment"]["tmp_name"]) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
836
  if( is_multisite() ){
@@ -881,6 +898,19 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
881
  function cntctfrm_send_mail() {
882
  global $cntctfrm_options, $path_of_uploaded_file;
883
  $to = "";
 
 
 
 
 
 
 
 
 
 
 
 
 
884
  if( isset( $_SESSION['cntctfrm_send_mail'] ) && $_SESSION['cntctfrm_send_mail'] == true )
885
  return true;
886
  if( $cntctfrm_options['cntctfrm_select_email'] == 'user' ) {
@@ -898,8 +928,6 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
898
  $to = get_option("admin_email");
899
  }
900
  if( "" != $to ) {
901
- // subject
902
- $subject = $_REQUEST['cntctfrm_contact_subject'];
903
  $user_info_string = '';
904
  $userdomain = '';
905
  $form_action_url = '';
@@ -944,7 +972,7 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
944
  }
945
  }
946
  // message
947
- $message = '
948
  <html>
949
  <head>
950
  <title>'. __( "Contact from", 'contact_form' ) . get_bloginfo('name').'</title>
@@ -952,21 +980,21 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
952
  <body>
953
  <table>
954
  <tr>
955
- <td width="160">'. __( "Name", 'contact_form' ) . '</td><td>'.strip_tags( $_REQUEST['cntctfrm_contact_name'] ).'</td>
956
  </tr>
957
  <tr>
958
- <td>'. __( "Email", 'contact_form' ) .'</td><td>'.stripslashes( $_REQUEST['cntctfrm_contact_email'] ).'</td>
959
  </tr>
960
  ';
961
  if( $cntctfrm_options['cntctfrm_display_phone_field'] == 1 )
962
- $message .= '<tr>
963
- <td>'. __( "Phone", 'contact_form' ) . '</td><td>'. strip_tags( $_REQUEST['cntctfrm_contact_phone'] ).'</td>
964
  </tr>';
965
- $message .= '<tr>
966
- <td>'. __( "Subject", 'contact_form' ) . '</td><td>'. strip_tags( $subject ).'</td>
967
  </tr>
968
  <tr>
969
- <td>'. __( "Message", 'contact_form' ) . '</td><td>'.$_REQUEST['cntctfrm_contact_message'].'</td>
970
  </tr>
971
  <tr>
972
  <td>'. __( "Site", 'contact_form' ) . '</td><td>'.get_bloginfo("url").'</td>
@@ -988,16 +1016,16 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
988
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
989
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '';
990
  else
991
- $headers .= 'From: '.stripslashes( $_REQUEST['cntctfrm_contact_email'] ). '';
992
  if( $cntctfrm_options['cntctfrm_attachment'] == 1 && isset($_FILES["cntctfrm_contact_attachment"]["tmp_name"]) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
993
  $attachments = array( $path_of_uploaded_file );
994
  }
995
 
996
- if( isset( $_REQUEST['cntctfrm_contact_send_copy'] ) && $_REQUEST['cntctfrm_contact_send_copy'] == 1 )
997
- wp_mail( stripslashes( $_REQUEST['cntctfrm_contact_email'] ), stripslashes( strip_tags( $subject ) ), stripslashes( $message ), $headers, $attachments );
998
 
999
  // Mail it
1000
- return wp_mail( $to, stripslashes( strip_tags( $subject ) ), stripslashes( $message ), $headers, $attachments );
1001
  }
1002
  else{
1003
  if( $cntctfrm_options['cntctfrm_attachment'] == 1 && isset( $_FILES["cntctfrm_contact_attachment"]["tmp_name"] ) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
@@ -1009,7 +1037,7 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
1009
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
1010
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '>\n';
1011
  else
1012
- $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $_REQUEST['cntctfrm_contact_email'] ). '>\n';
1013
 
1014
  $bound_text = "jimmyP123";
1015
 
@@ -1020,20 +1048,20 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
1020
  $headers .= "MIME-Version: 1.0\n".
1021
  "Content-Type: multipart/mixed; boundary=\"$bound_text\"";
1022
 
1023
- $message = __( "If you can see this MIME, it means that the MIME type is not supported by your email client!", "contact_form" ) . "\n";
1024
 
1025
- $message .= $bound."\n" . "Content-Type: text/html; charset=\"utf-8\"\n" .
1026
  "Content-Transfer-Encoding: 7bit\n\n" . $message_block . "\n\n";
1027
 
1028
 
1029
  $file = file_get_contents($path_of_uploaded_file);
1030
- $message .= $bound."\n";
1031
 
1032
- $message .= "Content-Type: application/octet-stream; name=\"".basename($path_of_uploaded_file)."\"\n" .
1033
  "Content-Description: ".basename($path_of_uploaded_file)."\n" .
1034
  "Content-Disposition: attachment;\n" . " filename=\"".basename($path_of_uploaded_file)."\"; size=".filesize($path_of_uploaded_file).";\n" .
1035
  "Content-Transfer-Encoding: base64\n\n" . chunk_split( base64_encode( $file ) ) . "\n\n";
1036
- $message .= $bound_last;
1037
  }
1038
  else {
1039
  // To send HTML mail, the Content-type header must be set
@@ -1044,12 +1072,12 @@ if( ! function_exists( 'cntctfrm_send_mail' ) ) {
1044
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
1045
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '>\n';
1046
  else
1047
- $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $_REQUEST['cntctfrm_contact_email'] ). '>\n';
1048
  }
1049
- if( isset( $_REQUEST['cntctfrm_contact_send_copy'] ) && $_REQUEST['cntctfrm_contact_send_copy'] == 1 )
1050
- @mail( stripslashes( $_REQUEST['cntctfrm_contact_email'] ), stripslashes( strip_tags( $subject ) ), stripslashes( $message ), $headers );
1051
 
1052
- return @mail( $to, stripslashes( strip_tags( $subject ) ), stripslashes( $message ), $headers );
1053
  }
1054
 
1055
  }
4
  Plugin URI: http://bestwebsoft.com/plugin/
5
  Description: Plugin for Contact Form.
6
  Author: BestWebSoft
7
+ Version: 3.35
8
  Author URI: http://bestwebsoft.com/
9
  License: GPLv2 or later
10
  */
153
  'cntctfrm_submit_label' => array( 'en' => __( "Submit", 'contact_form' ) ),
154
  'cntctfrm_name_error' => array( 'en' => __( "Your name is required.", 'contact_form' ) ),
155
  'cntctfrm_email_error' => array( 'en' => __( "A proper e-mail address is required.", 'contact_form' ) ),
156
+ 'cntctfrm_phone_error' => array( 'en' => __( "Phone number is required.", 'contact_form' ) ),
157
+ 'cntctfrm_subject_error' => array( 'en' => __( "Subject is required.", 'contact_form' ) ),
158
+ 'cntctfrm_message_error' => array( 'en' => __( "Message text is required.", 'contact_form' ) ),
159
  'cntctfrm_attachment_error' => array( 'en' => __( "File format is not valid.", 'contact_form' ) ),
160
  'cntctfrm_captcha_error' => array( 'en' => __( "Please fill out the CAPTCHA.", 'contact_form' ) ),
161
  'cntctfrm_form_error' => array( 'en' => __( "Please make corrections below and try again.", 'contact_form' ) ),
199
 
200
  $error = "";
201
  // Save data for settings page
202
+ if( isset( $_POST['cntctfrm_form_submit'] ) && check_admin_referer( plugin_basename(__FILE__), 'cntctfrm_nonce_name' ) ) {
203
+ $cntctfrm_options_submit['cntctfrm_user_email'] = $_POST['cntctfrm_user_email'];
204
+ $cntctfrm_options_submit['cntctfrm_custom_email'] = stripslashes( $_POST['cntctfrm_custom_email'] );
205
+ $cntctfrm_options_submit['cntctfrm_select_email'] = $_POST['cntctfrm_select_email'];
206
+ $cntctfrm_options_submit['cntctfrm_from_email'] = $_POST['cntctfrm_from_email'];
207
+ $cntctfrm_options_submit['cntctfrm_custom_from_email'] = stripslashes( $_POST['cntctfrm_custom_from_email'] );
208
+ $cntctfrm_options_submit['cntctfrm_additions_options'] = isset( $_POST['cntctfrm_additions_options']) ? $_POST['cntctfrm_additions_options'] : 0;
209
  if($cntctfrm_options_submit['cntctfrm_additions_options'] == 0) {
210
  $cntctfrm_options_submit['cntctfrm_attachment'] = 0;
211
  $cntctfrm_options_submit['cntctfrm_attachment_explanations'] = 1;
263
  }
264
  $cntctfrm_options_submit['cntctfrm_redirect_url'] = '';
265
  } else {
266
+ $cntctfrm_options_submit['cntctfrm_attachment'] = isset( $_POST['cntctfrm_attachment']) ? $_POST['cntctfrm_attachment'] : 0;
267
+ $cntctfrm_options_submit['cntctfrm_attachment_explanations'] = isset( $_POST['cntctfrm_attachment_explanations']) ? $_POST['cntctfrm_attachment_explanations'] : 0;
268
+ $cntctfrm_options_submit['cntctfrm_send_copy'] = isset( $_POST['cntctfrm_send_copy']) ? $_POST['cntctfrm_send_copy'] : 0;
269
+ $cntctfrm_options_submit['cntctfrm_from_field'] = $_POST['cntctfrm_from_field'];
270
+ $cntctfrm_options_submit['cntctfrm_mail_method'] = $_POST['cntctfrm_mail_method'];
271
+ $cntctfrm_options_submit['cntctfrm_mail_method'] = $_POST['cntctfrm_mail_method'];
272
+ $cntctfrm_options_submit['cntctfrm_display_add_info'] = isset( $_POST['cntctfrm_display_add_info']) ? 1 : 0;
273
+ $cntctfrm_options_submit['cntctfrm_change_label'] = isset( $_POST['cntctfrm_change_label']) ? 1 : 0;
274
+ $cntctfrm_options_submit['cntctfrm_display_phone_field'] = isset( $_POST['cntctfrm_display_phone_field']) ? 1 : 0;
275
+ $cntctfrm_options_submit['cntctfrm_required_name_field'] = isset( $_POST['cntctfrm_required_name_field']) ? 1 : 0;
276
+ $cntctfrm_options_submit['cntctfrm_required_email_field'] = isset( $_POST['cntctfrm_required_email_field']) ? 1 : 0;
277
+ $cntctfrm_options_submit['cntctfrm_required_phone_field'] = isset( $_POST['cntctfrm_required_phone_field']) ? 1 : 0;
278
+ $cntctfrm_options_submit['cntctfrm_required_subject_field'] = isset( $_POST['cntctfrm_required_subject_field']) ? 1 : 0;
279
+ $cntctfrm_options_submit['cntctfrm_required_message_field'] = isset( $_POST['cntctfrm_required_message_field']) ? 1 : 0;
280
 
281
  if( $cntctfrm_options_submit['cntctfrm_display_add_info'] == 1 ) {
282
+ $cntctfrm_options_submit['cntctfrm_display_sent_from'] = isset( $_POST['cntctfrm_display_sent_from']) ? 1 : 0;
283
+ $cntctfrm_options_submit['cntctfrm_display_date_time'] = isset( $_POST['cntctfrm_display_date_time']) ? 1 : 0;
284
+ $cntctfrm_options_submit['cntctfrm_display_coming_from'] = isset( $_POST['cntctfrm_display_coming_from']) ? 1 : 0;
285
+ $cntctfrm_options_submit['cntctfrm_display_user_agent'] = isset( $_POST['cntctfrm_display_user_agent']) ? 1 : 0;
286
  }
287
  else {
288
  $cntctfrm_options_submit['cntctfrm_display_sent_from'] = 1;
291
  $cntctfrm_options_submit['cntctfrm_display_user_agent'] = 1;
292
  }
293
  if( $cntctfrm_options_submit['cntctfrm_change_label'] == 1 ) {
294
+ foreach( $_POST['cntctfrm_name_label'] as $key=>$val ){
295
+ $cntctfrm_options_submit['cntctfrm_name_label'][$key] = $_POST['cntctfrm_name_label'][$key];
296
+ $cntctfrm_options_submit['cntctfrm_email_label'][$key] = $_POST['cntctfrm_email_label'][$key];
297
+ $cntctfrm_options_submit['cntctfrm_phone_label'][$key] = $_POST['cntctfrm_phone_label'][$key];
298
+ $cntctfrm_options_submit['cntctfrm_subject_label'][$key] = $_POST['cntctfrm_subject_label'][$key];
299
+ $cntctfrm_options_submit['cntctfrm_message_label'][$key] = $_POST['cntctfrm_message_label'][$key];
300
+ $cntctfrm_options_submit['cntctfrm_attachment_label'][$key] = $_POST['cntctfrm_attachment_label'][$key];
301
+ $cntctfrm_options_submit['cntctfrm_thank_text'][$key] = $_POST['cntctfrm_thank_text'][$key];
302
+ $cntctfrm_options_submit['cntctfrm_submit_label'][$key] = $_POST['cntctfrm_submit_label'][$key];
303
+ $cntctfrm_options_submit['cntctfrm_name_error'][$key] = $_POST['cntctfrm_name_error'][$key];
304
+ $cntctfrm_options_submit['cntctfrm_email_error'][$key] = $_POST['cntctfrm_email_error'][$key];
305
+ $cntctfrm_options_submit['cntctfrm_phone_error'][$key] = $_POST['cntctfrm_phone_error'][$key];
306
+ $cntctfrm_options_submit['cntctfrm_subject_error'][$key] = $_POST['cntctfrm_subject_error'][$key];
307
+ $cntctfrm_options_submit['cntctfrm_message_error'][$key] = $_POST['cntctfrm_message_error'][$key];
308
+ $cntctfrm_options_submit['cntctfrm_attachment_error'][$key] = $_POST['cntctfrm_attachment_error'][$key];
309
+ $cntctfrm_options_submit['cntctfrm_captcha_error'][$key] = $_POST['cntctfrm_captcha_error'][$key];
310
+ $cntctfrm_options_submit['cntctfrm_form_error'][$key] = $_POST['cntctfrm_form_error'][$key];
311
  }
312
  }
313
  else {
348
  $cntctfrm_options_submit['cntctfrm_form_error']['en'] = $cntctfrm_option_defaults['cntctfrm_form_error']['en'];
349
  }
350
  }
351
+ $cntctfrm_options_submit['cntctfrm_action_after_send'] = $_POST['cntctfrm_action_after_send'];
352
+ $cntctfrm_options_submit['cntctfrm_redirect_url'] = $_POST['cntctfrm_redirect_url'];
353
  }
354
  $cntctfrm_options = array_merge( $cntctfrm_options, $cntctfrm_options_submit );
355
  if( $cntctfrm_options_submit['cntctfrm_action_after_send'] == 0
401
  <div class="wrap">
402
  <div class="icon32 icon32-bws" id="icon-options-general"></div>
403
  <h2><?php _e( "Contact Form Options", 'contact_form' ); ?></h2>
404
+ <div class="updated fade" <?php if( ! isset( $_POST['cntctfrm_form_submit'] ) || $error != "" ) echo "style=\"display:none\""; ?>><p><strong><?php echo $message; ?></strong></p></div>
405
  <div class="error" <?php if( "" == $error ) echo "style=\"display:none\""; ?>><p><strong><?php echo $error; ?></strong></p></div>
406
  <form method="post" action="admin.php?page=contact_form.php">
407
  <span style="margin-bottom:15px;">
625
 
626
  $page_url = ( isset( $_SERVER["HTTPS"] ) && $_SERVER["HTTPS"] == "on" ? "https://" : "http://" ).$_SERVER["SERVER_NAME"].strip_tags( $_SERVER["REQUEST_URI"] );
627
  // If contact form submited
628
+ $name = isset( $_POST['cntctfrm_contact_name'] ) ? $_POST['cntctfrm_contact_name'] : "";
629
+ $email = isset( $_POST['cntctfrm_contact_email'] ) ? stripslashes( $_POST['cntctfrm_contact_email'] ) : "";
630
+ $subject = isset( $_POST['cntctfrm_contact_subject'] ) ? $_POST['cntctfrm_contact_subject'] : "";
631
+ $message = isset( $_POST['cntctfrm_contact_message'] ) ? $_POST['cntctfrm_contact_message'] : "";
632
+ $phone = isset( $_POST['cntctfrm_contact_phone'] ) ? $_POST['cntctfrm_contact_phone'] : "";
633
+
634
+ $name = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $name ) ) );
635
+ $email = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $email ) ) );
636
+ $subject = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $subject ) ) );
637
+ $message = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $message ) ) );
638
+ $phone = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $phone ) ) );
639
+
640
+ $send_copy = isset( $_POST['cntctfrm_contact_send_copy'] ) ? $_POST['cntctfrm_contact_send_copy'] : "";
641
  // If it is good
642
  if( true === $cntctfrm_result ) {
643
  $_SESSION['cntctfrm_send_mail'] = true;
750
  function cntctfrm_check_and_send() {
751
  global $cntctfrm_result;
752
  $cntctfrm_options = get_option( 'cntctfrm_options' );
753
+ if( isset( $_POST['cntctfrm_contact_action'] ) ){
754
  // Check all input data
755
  $cntctfrm_result = cntctfrm_check_form();
756
  }
771
  global $error_message;
772
  global $cntctfrm_options;
773
 
774
+ $language = isset( $_POST['cntctfrm_language'] ) ? $_POST['cntctfrm_language'] : 'en';
775
  $path_of_uploaded_file = '';
776
  if( empty( $cntctfrm_options ) )
777
  $cntctfrm_options = get_option( 'cntctfrm_options' );
778
  $cntctfrm_result = "";
779
  // Error messages array
780
  $error_message = array();
781
+
782
+ $name = isset( $_POST['cntctfrm_contact_name'] ) ? $_POST['cntctfrm_contact_name'] : "";
783
+ $email = isset( $_POST['cntctfrm_contact_email'] ) ? stripslashes( $_POST['cntctfrm_contact_email'] ) : "";
784
+ $subject = isset( $_POST['cntctfrm_contact_subject'] ) ? $_POST['cntctfrm_contact_subject'] : "";
785
+ $message = isset( $_POST['cntctfrm_contact_message'] ) ? $_POST['cntctfrm_contact_message'] : "";
786
+ $phone = isset( $_POST['cntctfrm_contact_phone'] ) ? $_POST['cntctfrm_contact_phone'] : "";
787
+
788
+ $name = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $name ) ) );
789
+ $email = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $email ) ) );
790
+ $subject = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $subject ) ) );
791
+ $message = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $message ) ) );
792
+ $phone = strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $phone ) ) );
793
+
794
  if( $cntctfrm_options['cntctfrm_required_name_field'] == 1 )
795
  $error_message['error_name'] = $cntctfrm_options['cntctfrm_name_error'][$language];
796
  if( $cntctfrm_options['cntctfrm_required_email_field'] == 1 )
836
  $error_message['error_attachment'] = $cntctfrm_options['cntctfrm_attachment_error'][$language];
837
  }
838
  // Check information wich was input in fields
839
+ if( $cntctfrm_options['cntctfrm_required_name_field'] == 1 && "" != $name )
840
  unset( $error_message['error_name'] );
841
+ if( $cntctfrm_options['cntctfrm_required_email_field'] == 1 && "" != $email && preg_match( "/^(?:[a-z0-9']+(?:[a-z0-9\-_\.']+)?@[a-z0-9]+(?:[a-z0-9\-\.]+)?\.[a-z]{2,5})$/i", trim( stripslashes( $email ) ) ) )
842
  unset( $error_message['error_email'] );
843
+ if( $cntctfrm_options['cntctfrm_required_subject_field'] == 1 && "" != $subject )
844
  unset( $error_message['error_subject'] );
845
+ if( $cntctfrm_options['cntctfrm_required_message_field'] == 1 && "" != $message )
846
  unset( $error_message['error_message'] );
847
+ if( $cntctfrm_options['cntctfrm_display_phone_field'] == 1 && $cntctfrm_options['cntctfrm_required_phone_field'] == 1 && "" != $phone )
848
  unset( $error_message['error_phone'] );
849
  // If captcha plugin exists
850
+ if( ! apply_filters( 'cntctfrm_check_form', $_POST ) )
851
  $error_message['error_captcha'] = $cntctfrm_options['cntctfrm_captcha_error'][$language];
852
  if( isset($_FILES["cntctfrm_contact_attachment"]["tmp_name"]) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
853
  if( is_multisite() ){
898
  function cntctfrm_send_mail() {
899
  global $cntctfrm_options, $path_of_uploaded_file;
900
  $to = "";
901
+
902
+ $name = isset( $_POST['cntctfrm_contact_name'] ) ? $_POST['cntctfrm_contact_name'] : "";
903
+ $email = isset( $_POST['cntctfrm_contact_email'] ) ? stripslashes( $_POST['cntctfrm_contact_email'] ) : "";
904
+ $subject = isset( $_POST['cntctfrm_contact_subject'] ) ? $_POST['cntctfrm_contact_subject'] : "";
905
+ $message = isset( $_POST['cntctfrm_contact_message'] ) ? $_POST['cntctfrm_contact_message'] : "";
906
+ $phone = isset( $_POST['cntctfrm_contact_phone'] ) ? $_POST['cntctfrm_contact_phone'] : "";
907
+
908
+ $name = stripslashes( strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $name ) ) ) );
909
+ $email = stripslashes( strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $email ) ) ) );
910
+ $subject = stripslashes( strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $subject ) ) ) );
911
+ $message = stripslashes( strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $message ) ) ) );
912
+ $phone = stripslashes( strip_tags( preg_replace ( '/<[^>]*>/', '', preg_replace ( '/<script.*<\/[^>]*>/', '', $phone ) ) ) );
913
+
914
  if( isset( $_SESSION['cntctfrm_send_mail'] ) && $_SESSION['cntctfrm_send_mail'] == true )
915
  return true;
916
  if( $cntctfrm_options['cntctfrm_select_email'] == 'user' ) {
928
  $to = get_option("admin_email");
929
  }
930
  if( "" != $to ) {
 
 
931
  $user_info_string = '';
932
  $userdomain = '';
933
  $form_action_url = '';
972
  }
973
  }
974
  // message
975
+ $message_text = '
976
  <html>
977
  <head>
978
  <title>'. __( "Contact from", 'contact_form' ) . get_bloginfo('name').'</title>
980
  <body>
981
  <table>
982
  <tr>
983
+ <td width="160">'. __( "Name", 'contact_form' ) . '</td><td>'. $name .'</td>
984
  </tr>
985
  <tr>
986
+ <td>'. __( "Email", 'contact_form' ) .'</td><td>'. $email .'</td>
987
  </tr>
988
  ';
989
  if( $cntctfrm_options['cntctfrm_display_phone_field'] == 1 )
990
+ $message_text .= '<tr>
991
+ <td>'. __( "Phone", 'contact_form' ) . '</td><td>'. $phone .'</td>
992
  </tr>';
993
+ $message_text .= '<tr>
994
+ <td>'. __( "Subject", 'contact_form' ) . '</td><td>'. $subject .'</td>
995
  </tr>
996
  <tr>
997
+ <td>'. __( "Message", 'contact_form' ) . '</td><td>'. $message .'</td>
998
  </tr>
999
  <tr>
1000
  <td>'. __( "Site", 'contact_form' ) . '</td><td>'.get_bloginfo("url").'</td>
1016
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
1017
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '';
1018
  else
1019
+ $headers .= 'From: '. $email . '';
1020
  if( $cntctfrm_options['cntctfrm_attachment'] == 1 && isset($_FILES["cntctfrm_contact_attachment"]["tmp_name"]) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
1021
  $attachments = array( $path_of_uploaded_file );
1022
  }
1023
 
1024
+ if( isset( $_POST['cntctfrm_contact_send_copy'] ) && $_POST['cntctfrm_contact_send_copy'] == 1 )
1025
+ wp_mail( $email, $subject, $message_text, $headers, $attachments );
1026
 
1027
  // Mail it
1028
+ return wp_mail( $to, $subject, $message_text, $headers, $attachments );
1029
  }
1030
  else{
1031
  if( $cntctfrm_options['cntctfrm_attachment'] == 1 && isset( $_FILES["cntctfrm_contact_attachment"]["tmp_name"] ) && $_FILES["cntctfrm_contact_attachment"]["tmp_name"] != "") {
1037
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
1038
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '>\n';
1039
  else
1040
+ $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $email ). '>\n';
1041
 
1042
  $bound_text = "jimmyP123";
1043
 
1048
  $headers .= "MIME-Version: 1.0\n".
1049
  "Content-Type: multipart/mixed; boundary=\"$bound_text\"";
1050
 
1051
+ $message_text = __( "If you can see this MIME, it means that the MIME type is not supported by your email client!", "contact_form" ) . "\n";
1052
 
1053
+ $message_text .= $bound."\n" . "Content-Type: text/html; charset=\"utf-8\"\n" .
1054
  "Content-Transfer-Encoding: 7bit\n\n" . $message_block . "\n\n";
1055
 
1056
 
1057
  $file = file_get_contents($path_of_uploaded_file);
1058
+ $message_text .= $bound."\n";
1059
 
1060
+ $message_text .= "Content-Type: application/octet-stream; name=\"".basename($path_of_uploaded_file)."\"\n" .
1061
  "Content-Description: ".basename($path_of_uploaded_file)."\n" .
1062
  "Content-Disposition: attachment;\n" . " filename=\"".basename($path_of_uploaded_file)."\"; size=".filesize($path_of_uploaded_file).";\n" .
1063
  "Content-Transfer-Encoding: base64\n\n" . chunk_split( base64_encode( $file ) ) . "\n\n";
1064
+ $message_text .= $bound_last;
1065
  }
1066
  else {
1067
  // To send HTML mail, the Content-type header must be set
1072
  if( 'custom' == $cntctfrm_options['cntctfrm_from_email'] )
1073
  $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.stripslashes( $cntctfrm_options['cntctfrm_custom_from_email'] ). '>\n';
1074
  else
1075
+ $headers .= 'From: '.stripslashes( $cntctfrm_options['cntctfrm_from_field'] ).' <'.$email. '>\n';
1076
  }
1077
+ if( isset( $_POST['cntctfrm_contact_send_copy'] ) && $_POST['cntctfrm_contact_send_copy'] == 1 )
1078
+ @mail( $email, $subject, $message_text, $headers );
1079
 
1080
+ return @mail( $to, $subject , $message_text, $headers);
1081
  }
1082
 
1083
  }
languages/contact_form-de_DE.mo CHANGED
Binary file
languages/contact_form-de_DE.po CHANGED
@@ -2,8 +2,8 @@ msgid ""
2
  msgstr ""
3
  "Project-Id-Version: contact_form\n"
4
  "Report-Msgid-Bugs-To: \n"
5
- "POT-Creation-Date: 2013-02-07 16:49+0300\n"
6
- "PO-Revision-Date: 2013-02-07 16:50+0300\n"
7
  "Last-Translator: \n"
8
  "Language-Team: Thomas Hartung <thartung@adipositas-mm.de>\n"
9
  "MIME-Version: 1.0\n"
@@ -269,8 +269,9 @@ msgid "Name"
269
  msgstr "Nome"
270
 
271
  #: contact_form.php:492
 
272
  msgid "E-Mail Address"
273
- msgstr "E-Mail-Adresse"
274
 
275
  #: contact_form.php:493
276
  #: contact_form.php:963
2
  msgstr ""
3
  "Project-Id-Version: contact_form\n"
4
  "Report-Msgid-Bugs-To: \n"
5
+ "POT-Creation-Date: 2013-02-07 16:01+0300\n"
6
+ "PO-Revision-Date: 2013-02-07 16:01+0300\n"
7
  "Last-Translator: \n"
8
  "Language-Team: Thomas Hartung <thartung@adipositas-mm.de>\n"
9
  "MIME-Version: 1.0\n"
269
  msgstr "Nome"
270
 
271
  #: contact_form.php:492
272
+ #, fuzzy
273
  msgid "E-Mail Address"
274
+ msgstr "E-Mail-Adresse:"
275
 
276
  #: contact_form.php:493
277
  #: contact_form.php:963
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.2checkout.com/checkout/purchase?sid=1430388&quantity=10
4
  Tags: Contact Form, text, contact, form, contacts, contakt form, request, contact me, feedback form, feedback, contact button, contact form plugin, contacts form plugin, attachment, send, copy, atachment, send copy
5
  Requires at least: 2.9
6
  Tested up to: 3.5.1
7
- Stable tag: 3.34
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -107,6 +107,9 @@ Here is an example for German language files.
107
 
108
  == Changelog ==
109
 
 
 
 
110
  = V3.34 - 7.02.2013 =
111
  * Update : We changed the English text in the plugin file and all language files were updated.
112
 
@@ -273,6 +276,9 @@ Here is an example for German language files.
273
 
274
  == Upgrade Notice ==
275
 
 
 
 
276
  = V3.34 =
277
  We changed the English text in the plugin file and all language files were updated.
278
 
4
  Tags: Contact Form, text, contact, form, contacts, contakt form, request, contact me, feedback form, feedback, contact button, contact form plugin, contacts form plugin, attachment, send, copy, atachment, send copy
5
  Requires at least: 2.9
6
  Tested up to: 3.5.1
7
+ Stable tag: 3.35
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
107
 
108
  == Changelog ==
109
 
110
+ = V3.35 - 19.02.2013 =
111
+ * Bugfix : The error related to the cross-site scripting vulnerabilities was fixed.
112
+
113
  = V3.34 - 7.02.2013 =
114
  * Update : We changed the English text in the plugin file and all language files were updated.
115
 
276
 
277
  == Upgrade Notice ==
278
 
279
+ = V3.35 =
280
+ The error related to the cross-site scripting vulnerabilities was fixed.
281
+
282
  = V3.34 =
283
  We changed the English text in the plugin file and all language files were updated.
284