Version Description
- Added security fix to escape user submitted data
Download this release
Release Info
| Developer | jasongreen |
| Plugin |  Contact Form Submissions |
| Version | 1.6.4 |
| Comparing to | |
| See all releases | |
Code changes from version 1.6.3 to 1.6.4
- Admin.php +3 -3
- contact-form-submissions.php +1 -1
- readme.txt +4 -1
Admin.php
CHANGED
|
@@ -83,7 +83,7 @@ class WPCF7SAdmin
|
|
| 83 |
<option value="0"><?php _e('Contact Form', 'contact-form-submissions'); ?></option>
|
| 84 |
<?php foreach ($forms as $post) {
|
| 85 |
?>
|
| 86 |
-
<?php $selected = ($post->ID == $_GET['wpcf7_contact_form']) ? 'selected' : ''; ?>
|
| 87 |
<option value="<?php echo $post->ID; ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
|
| 88 |
<?php
|
| 89 |
} ?>
|
|
@@ -155,7 +155,7 @@ class WPCF7SAdmin
|
|
| 155 |
|
| 156 |
// dynamically add cols if the user selects a form
|
| 157 |
if (isset($_GET['wpcf7_contact_form']) && !empty($_GET['wpcf7_contact_form'])) {
|
| 158 |
-
$form_id = $_GET['wpcf7_contact_form'];
|
| 159 |
|
| 160 |
$wpcf7s_columns = $this->get_available_columns($form_id);
|
| 161 |
|
|
@@ -196,7 +196,7 @@ class WPCF7SAdmin
|
|
| 196 |
<?php
|
| 197 |
break;
|
| 198 |
default:
|
| 199 |
-
echo get_post_meta($post_id, $column, true);
|
| 200 |
break;
|
| 201 |
}
|
| 202 |
}
|
| 83 |
<option value="0"><?php _e('Contact Form', 'contact-form-submissions'); ?></option>
|
| 84 |
<?php foreach ($forms as $post) {
|
| 85 |
?>
|
| 86 |
+
<?php $selected = ($post->ID == esc_attr($_GET['wpcf7_contact_form'])) ? 'selected' : ''; ?>
|
| 87 |
<option value="<?php echo $post->ID; ?>" <?php echo $selected; ?>><?php echo $post->post_title; ?></option>
|
| 88 |
<?php
|
| 89 |
} ?>
|
| 155 |
|
| 156 |
// dynamically add cols if the user selects a form
|
| 157 |
if (isset($_GET['wpcf7_contact_form']) && !empty($_GET['wpcf7_contact_form'])) {
|
| 158 |
+
$form_id = esc_attr($_GET['wpcf7_contact_form']);
|
| 159 |
|
| 160 |
$wpcf7s_columns = $this->get_available_columns($form_id);
|
| 161 |
|
| 196 |
<?php
|
| 197 |
break;
|
| 198 |
default:
|
| 199 |
+
echo esc_html(get_post_meta($post_id, $column, true));
|
| 200 |
break;
|
| 201 |
}
|
| 202 |
}
|
contact-form-submissions.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
/*
|
| 3 |
Plugin Name: Contact Form Submissions
|
| 4 |
Description: Never miss an enquiry again! Save all Contact Form 7 submissions in your database.
|
| 5 |
-
Version: 1.6.
|
| 6 |
Author: Jason Green
|
| 7 |
License: GPLv3
|
| 8 |
Domain Path: /languages
|
| 2 |
/*
|
| 3 |
Plugin Name: Contact Form Submissions
|
| 4 |
Description: Never miss an enquiry again! Save all Contact Form 7 submissions in your database.
|
| 5 |
+
Version: 1.6.4
|
| 6 |
Author: Jason Green
|
| 7 |
License: GPLv3
|
| 8 |
Domain Path: /languages
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Tags: contact form 7, save contact form, submissions, contact form db, cf7, wpcf
|
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=SNHXWSXSPYATE
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 5.2.3
|
| 7 |
-
Stable tag: 1.6.
|
| 8 |
License: GPLv3
|
| 9 |
|
| 10 |
Never miss an enquiry again! Save & Export your Contact Form 7 submissions.
|
|
@@ -42,6 +42,9 @@ None yet
|
|
| 42 |
|
| 43 |
== Changelog ==
|
| 44 |
|
|
|
|
|
|
|
|
|
|
| 45 |
= 1.6.3 =
|
| 46 |
* Added check for mb_convert_encoding. Updating query to add constant as prefix.
|
| 47 |
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=SNHXWSXSPYATE
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 5.2.3
|
| 7 |
+
Stable tag: 1.6.4
|
| 8 |
License: GPLv3
|
| 9 |
|
| 10 |
Never miss an enquiry again! Save & Export your Contact Form 7 submissions.
|
| 42 |
|
| 43 |
== Changelog ==
|
| 44 |
|
| 45 |
+
= 1.6.4 =
|
| 46 |
+
* Added security fix to escape user submitted data
|
| 47 |
+
|
| 48 |
= 1.6.3 =
|
| 49 |
* Added check for mb_convert_encoding. Updating query to add constant as prefix.
|
| 50 |
|
