Version Description
- Improved Security - ( Check valid filename & extensions, sanitations, Secured File deletions )
- New - Allowed non ASCII file name
- Improved styling on Progress Bar
- Fixed - Conflict with WooCommerce Geo Location
Download this release
Release Info
Developer | glenwpcoder |
Plugin | Drag and Drop Multiple File Upload – Contact Form 7 |
Version | 1.3.3.1 |
Comparing to | |
See all releases |
Code changes from version 1.3.3 to 1.3.3.1
- assets/css/dnd-upload-cf7.css +22 -6
- assets/js/codedropz-uploader-min.js +2 -2
- assets/js/codedropz-uploader.js +2 -1
- drag-n-drop-upload-cf7.php +2 -2
- inc/dnd-upload-cf7.php +36 -23
- readme.txt +25 -17
assets/css/dnd-upload-cf7.css
CHANGED
@@ -56,6 +56,18 @@
|
|
56 |
border-radius:100%;
|
57 |
position:relative;
|
58 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
59 |
.dnd-upload-status .dnd-upload-image span {
|
60 |
font-size:20px;
|
61 |
color:#222;
|
@@ -66,14 +78,16 @@
|
|
66 |
-webkit-transform: translate(-50%,-50%);
|
67 |
left: 50%;
|
68 |
}
|
|
|
69 |
|
70 |
/* Progress bar - Image Details ( Name and Size ) */
|
71 |
.dnd-upload-status .dnd-upload-details {
|
72 |
padding-left:10px;
|
73 |
-
width:100
|
74 |
}
|
75 |
-
.dnd-upload-status .dnd-upload-details .name {color:#016d98; padding:4px 0; display:
|
76 |
-
.dnd-upload-status .dnd-upload-details .name
|
|
|
77 |
|
78 |
/* Remove Upload File */
|
79 |
.dnd-upload-status .dnd-upload-details .remove-file {
|
@@ -82,7 +96,7 @@
|
|
82 |
top:6px;
|
83 |
text-decoration:none;
|
84 |
box-shadow:none;
|
85 |
-
outline:none
|
86 |
}
|
87 |
|
88 |
.dnd-upload-status .dnd-upload-details span.has-error { color:#f50505; }
|
@@ -131,6 +145,8 @@
|
|
131 |
}
|
132 |
.codedropz-upload-inner h3 {
|
133 |
margin:5px 0;
|
|
|
|
|
134 |
}
|
135 |
|
136 |
/* Add border on dragenter, drag etc */
|
@@ -140,7 +156,7 @@
|
|
140 |
|
141 |
.codedropz-upload-wrapper span.has-error-msg {
|
142 |
display:inline-block;
|
143 |
-
color:#
|
144 |
padding:5px 0;
|
145 |
font-style:italic;
|
146 |
}
|
@@ -148,5 +164,5 @@
|
|
148 |
@media screen and (max-width: 767px) {
|
149 |
.dnd-upload-status .dnd-upload-details .name em { font-weight:normal; }
|
150 |
.dnd-upload-status .dnd-upload-details .name { padding-right:60px; }
|
151 |
-
.codedropz-upload-inner h3 { font-size:
|
152 |
}
|
56 |
border-radius:100%;
|
57 |
position:relative;
|
58 |
}
|
59 |
+
.dnd-upload-status .dnd-upload-image.has-bg {
|
60 |
+
background-position:center center;
|
61 |
+
background-size:cover;
|
62 |
+
background-repeat:no-repeat;
|
63 |
+
border:0;
|
64 |
+
transition: transform 0.3s ease;
|
65 |
+
max-width:40px;
|
66 |
+
width:100%;
|
67 |
+
}
|
68 |
+
.dnd-upload-status .dnd-upload-image.has-bg:hover {
|
69 |
+
transform: scale(1.5);
|
70 |
+
}
|
71 |
.dnd-upload-status .dnd-upload-image span {
|
72 |
font-size:20px;
|
73 |
color:#222;
|
78 |
-webkit-transform: translate(-50%,-50%);
|
79 |
left: 50%;
|
80 |
}
|
81 |
+
.dnd-upload-status .dnd-upload-image.has-bg span { opacity:0; z-index:-200; }
|
82 |
|
83 |
/* Progress bar - Image Details ( Name and Size ) */
|
84 |
.dnd-upload-status .dnd-upload-details {
|
85 |
padding-left:10px;
|
86 |
+
width: calc(100% - 40px);
|
87 |
}
|
88 |
+
.dnd-upload-status .dnd-upload-details .name {color:#016d98; padding:4px 0; padding-right:25px; display:flex; }
|
89 |
+
.dnd-upload-status .dnd-upload-details .name span { text-overflow: ellipsis; white-space: nowrap; overflow: hidden; position: relative; padding-right:10px; }
|
90 |
+
.dnd-upload-status .dnd-upload-details .name em {color:#444242; font-weight:700; }
|
91 |
|
92 |
/* Remove Upload File */
|
93 |
.dnd-upload-status .dnd-upload-details .remove-file {
|
96 |
top:6px;
|
97 |
text-decoration:none;
|
98 |
box-shadow:none;
|
99 |
+
outline:none;
|
100 |
}
|
101 |
|
102 |
.dnd-upload-status .dnd-upload-details span.has-error { color:#f50505; }
|
145 |
}
|
146 |
.codedropz-upload-inner h3 {
|
147 |
margin:5px 0;
|
148 |
+
font-size:30px;
|
149 |
+
line-height:32px;
|
150 |
}
|
151 |
|
152 |
/* Add border on dragenter, drag etc */
|
156 |
|
157 |
.codedropz-upload-wrapper span.has-error-msg {
|
158 |
display:inline-block;
|
159 |
+
color:#ff0000;
|
160 |
padding:5px 0;
|
161 |
font-style:italic;
|
162 |
}
|
164 |
@media screen and (max-width: 767px) {
|
165 |
.dnd-upload-status .dnd-upload-details .name em { font-weight:normal; }
|
166 |
.dnd-upload-status .dnd-upload-details .name { padding-right:60px; }
|
167 |
+
.codedropz-upload-inner h3 { font-size:22px; }
|
168 |
}
|
assets/js/codedropz-uploader-min.js
CHANGED
@@ -2,10 +2,10 @@
|
|
2 |
* CodeDropz Uploader v1.3.3
|
3 |
* Copyright 2018 Glen Mongaya
|
4 |
* CodeDrop Drag&Drop Uploader
|
5 |
-
* @version 1.
|
6 |
* @author CodeDropz, Glen Don L. Mongaya
|
7 |
* @license The MIT License (MIT)
|
8 |
*/
|
9 |
|
10 |
// CodeDropz Drag and Drop Plugin
|
11 |
-
!function(e){e.fn.CodeDropz_Uploader=function(a){this.each(function(){var
|
2 |
* CodeDropz Uploader v1.3.3
|
3 |
* Copyright 2018 Glen Mongaya
|
4 |
* CodeDrop Drag&Drop Uploader
|
5 |
+
* @version 1.0
|
6 |
* @author CodeDropz, Glen Don L. Mongaya
|
7 |
* @license The MIT License (MIT)
|
8 |
*/
|
9 |
|
10 |
// CodeDropz Drag and Drop Plugin
|
11 |
+
!function(e){e.fn.CodeDropz_Uploader=function(a){this.each(function(){var d=e(this),r=e.extend({handler:d,color:"#000",background:"",server_max_error:"Uploaded file exceeds the maximum upload size of your server.",max_file:d.data("max")?d.data("max"):10,max_upload_size:d.data("limit")?d.data("limit"):"5242880",supported_type:d.data("type")?d.data("type"):"jpg|jpeg|JPG|png|gif|pdf|doc|docx|ppt|pptx|odt|avi|ogg|m4a|mov|mp3|mp4|mpg|wav|wmv|xls",text:"Drag & Drop Files Here",separator:"or",button_text:"Browse Files",on_success:""},a),o=d.data("name")+"_count_files";localStorage.setItem(o,1);var s='<div class="codedropz-upload-handler"><div class="codedropz-upload-container"><div class="codedropz-upload-inner"><h3>'+r.text+"</h3><span>"+r.separator+'</span><div class="codedropz-btn-wrap"><a class="cd-upload-btn" href="javascript:void(0)">'+r.button_text+"</a></div></div></div></div>";r.handler.wrapAll('<div class="codedropz-upload-wrapper"></div>');var t=r.handler.parents("form"),n=r.handler.parents(".codedropz-upload-wrapper"),p=e('input[type="submit"]',t);r.handler.after(s),e(".codedropz-upload-handler",n).on("drag dragstart dragend dragover dragenter dragleave drop",function(e){e.preventDefault(),e.stopPropagation()}),e(".codedropz-upload-handler",n).on("dragover dragenter",function(a){e(this).addClass("codedropz-dragover")}),e(".codedropz-upload-handler",n).on("dragleave dragend drop",function(a){e(this).removeClass("codedropz-dragover")}),e("a.cd-upload-btn",n).on("click",function(e){e.preventDefault(),r.handler.val(null),r.handler.click()}),e(".codedropz-upload-handler",n).on("drop",function(e){l(e.originalEvent.dataTransfer.files,"drop")}),r.handler.on("change",function(e){l(this.files,"click")});var l=function(a,s){if(!(!a.length>1)){var p=new FormData;p.append("supported_type",r.supported_type),p.append("size_limit",r.max_upload_size),p.append("action","dnd_codedropz_upload"),p.append("type",s),p.append("security",dnd_cf7_uploader.ajax_nonce),e("span.has-error",r.handler).remove(),e.each(a,function(a,s){if(void 0!==p.delete&&p.delete("upload-file"),localStorage.getItem(o)>r.max_file)return!e("span.has-error-msg",n).length>0&&(err_msg=dnd_cf7_uploader.drag_n_drop_upload.max_file_limit,n.append('<span class="has-error-msg">'+err_msg.replace("%count%",r.max_file)+"</span>")),!1;var l=i.createProgressBar(s),c=!1;if(s.size>r.max_upload_size&&(e(".dnd-upload-details",e("#"+l)).append('<span class="has-error">'+dnd_cf7_uploader.drag_n_drop_upload.large_file+"</span>"),c=!0),regex_type=new RegExp("(.*?).("+r.supported_type+")$"),!1!==c||regex_type.test(s.name.toLowerCase())||(e(".dnd-upload-details",e("#"+l)).append('<span class="has-error">'+dnd_cf7_uploader.drag_n_drop_upload.inavalid_type+"</span>"),c=!0),localStorage.setItem(o,Number(localStorage.getItem(o))+1),!1===c){p.append("upload-file",s);e.ajax({url:r.ajax_url,type:t.attr("method"),data:p,dataType:"json",cache:!1,contentType:!1,processData:!1,xhr:function(){var e=new window.XMLHttpRequest;return e.upload.addEventListener("progress",function(e){if(e.lengthComputable){var a=e.loaded/e.total,d=parseInt(100*a);i.setProgressBar(l,d)}},!1),e},complete:function(){i.setProgressBar(l,100)},success:function(a){a.success?e.isFunction(r.on_success)&&r.on_success.call(this,d,l,a):(e(".dnd-progress-bar",e("#"+l)).remove(),e(".dnd-upload-details",e("#"+l)).append('<span class="has-error">'+a.data+"</span>"),e('input[type="submit"]',t).removeClass("disabled").prop("disabled",!1))},error:function(a,d,o){e(".dnd-progress-bar",e("#"+l)).remove(),e(".dnd-upload-details",e("#"+l)).append('<span class="has-error">'+r.server_max_error+"</span>"),e('input[type="submit"]',t).removeClass("disabled").prop("disabled",!1)}})}})}},i={createProgressBar:function(a){var d=e(".codedropz-upload-handler",n),r="dnd-file-"+Math.random().toString(36).substr(2,9),s='<div class="dnd-upload-image"><span class="dnd-icon-blank-file"></span></div><div class="dnd-upload-details"><span class="name"><span>'+a.name+"</span><em>("+i.bytesToSize(a.size)+')</em></span><a href="javascript:void(0)" title="Remove" class="remove-file" data-storage="'+o+'"><span class="dnd-icon-remove"></span></a><span class="dnd-progress-bar"><span></span></span></div>';return d.after('<div id="'+r+'" class="dnd-upload-status">'+s+"</div>"),r},setProgressBar:function(a,d){var r=e(".dnd-progress-bar",e("#"+a));return r.length>0&&(i.disableBtn(p),progress_width=d*r.width()/100,e("span",r).addClass("in-progress").animate({width:progress_width},10).text(d+"% "),100==d&&e("span",r).addClass("complete").removeClass("in-progress")),!1},bytesToSize:function(e){return 0===e?"0":(kBytes=e/1024,fileSize=kBytes>=1024?(kBytes/1024).toFixed(2)+"MB":kBytes.toFixed(2)+"KB",fileSize)},disableBtn:function(e){e.length>0&&e.addClass("disable").prop("disabled",!0)}}}),e(document).on("click",".dnd-icon-remove",function(d){var r=e(this),o=r.parents(".dnd-upload-status"),s=r.parents(".codedropz-upload-wrapper"),t=r.parent("a").attr("data-storage");return!(e("span.in-progress",o).length>0)&&(e(".has-error",o).length>0?(o.remove(),localStorage.setItem(t,Number(localStorage.getItem(t))-1),!1):(r.addClass("deleting").text("deleting..."),void e.post(a.ajax_url,{path:o.find('input[type="hidden"]').val(),action:"dnd_codedropz_upload_delete",security:dnd_cf7_uploader.ajax_nonce},function(a){a.success&&(o.remove(),localStorage.setItem(t,Number(localStorage.getItem(t))-1),e(".dnd-upload-status",s).length<=1&&e("span.has-error-msg",s).remove())})))})}}(jQuery);
|
assets/js/codedropz-uploader.js
CHANGED
@@ -116,6 +116,7 @@
|
|
116 |
formData.append('size_limit', options.max_upload_size );
|
117 |
formData.append('action', 'dnd_codedropz_upload' );
|
118 |
formData.append('type', action );
|
|
|
119 |
|
120 |
// remove has error
|
121 |
$('span.has-error', options.handler ).remove();
|
@@ -232,7 +233,7 @@
|
|
232 |
// Setup progressbar elements
|
233 |
var fileDetails = '<div class="dnd-upload-image"><span class="dnd-icon-blank-file"></span></div>'
|
234 |
+ '<div class="dnd-upload-details">'
|
235 |
-
+ '<span class="name">'+ file.name +'
|
236 |
+ '<a href="javascript:void(0)" title="Remove" class="remove-file" data-storage="'+ dataStorageName +'"><span class="dnd-icon-remove"></span></a>'
|
237 |
+ '<span class="dnd-progress-bar"><span></span></span>'
|
238 |
+ '</div>';
|
116 |
formData.append('size_limit', options.max_upload_size );
|
117 |
formData.append('action', 'dnd_codedropz_upload' );
|
118 |
formData.append('type', action );
|
119 |
+
formData.append('security', dnd_cf7_uploader.ajax_nonce );
|
120 |
|
121 |
// remove has error
|
122 |
$('span.has-error', options.handler ).remove();
|
233 |
// Setup progressbar elements
|
234 |
var fileDetails = '<div class="dnd-upload-image"><span class="dnd-icon-blank-file"></span></div>'
|
235 |
+ '<div class="dnd-upload-details">'
|
236 |
+
+ '<span class="name"><span>'+ file.name +'</span><em>('+ CodeDropz_Object.bytesToSize( file.size ) +')</em></span>'
|
237 |
+ '<a href="javascript:void(0)" title="Remove" class="remove-file" data-storage="'+ dataStorageName +'"><span class="dnd-icon-remove"></span></a>'
|
238 |
+ '<span class="dnd-progress-bar"><span></span></span>'
|
239 |
+ '</div>';
|
drag-n-drop-upload-cf7.php
CHANGED
@@ -6,7 +6,7 @@
|
|
6 |
* Description: This simple plugin create Drag & Drop or choose Multiple File upload in your Confact Form 7 Forms.
|
7 |
* Text Domain: dnd-upload-cf7
|
8 |
* Domain Path: /languages
|
9 |
-
* Version: 1.3.3
|
10 |
* Author: Glen Don L. Mongaya
|
11 |
* Author URI: http://codedropz.com
|
12 |
* License: GPL2
|
@@ -21,7 +21,7 @@
|
|
21 |
define( 'dnd_upload_cf7', true );
|
22 |
|
23 |
/** Define plugin Version */
|
24 |
-
define( 'dnd_upload_cf7_version', '1.3.3' );
|
25 |
|
26 |
/** Define constant Plugin Directories */
|
27 |
define( 'dnd_upload_cf7_directory', untrailingslashit( dirname( __FILE__ ) ) );
|
6 |
* Description: This simple plugin create Drag & Drop or choose Multiple File upload in your Confact Form 7 Forms.
|
7 |
* Text Domain: dnd-upload-cf7
|
8 |
* Domain Path: /languages
|
9 |
+
* Version: 1.3.3.1
|
10 |
* Author: Glen Don L. Mongaya
|
11 |
* Author URI: http://codedropz.com
|
12 |
* License: GPL2
|
21 |
define( 'dnd_upload_cf7', true );
|
22 |
|
23 |
/** Define plugin Version */
|
24 |
+
define( 'dnd_upload_cf7_version', '1.3.3.1' );
|
25 |
|
26 |
/** Define constant Plugin Directories */
|
27 |
define( 'dnd_upload_cf7_directory', untrailingslashit( dirname( __FILE__ ) ) );
|
inc/dnd-upload-cf7.php
CHANGED
@@ -47,7 +47,6 @@
|
|
47 |
|
48 |
// Load plugin text-domain
|
49 |
function dnd_load_plugin_textdomain() {
|
50 |
-
setlocale( LC_CTYPE, get_locale() . '.utf8' );
|
51 |
load_plugin_textdomain( 'dnd-upload-cf7', false, dirname( dirname( plugin_basename( __FILE__ ) ) ) . '/languages' );
|
52 |
}
|
53 |
|
@@ -71,7 +70,7 @@
|
|
71 |
$field_name = $field->name;
|
72 |
if( $field->basetype == 'mfile' && isset( $posted_data[$field_name] ) && ! empty( $posted_data[$field_name] ) ) {
|
73 |
foreach( $posted_data[$field_name] as $key => $file ) {
|
74 |
-
$posted_data[$field_name][$key] = trailingslashit( $uploads_dir['upload_url'] ) .
|
75 |
}
|
76 |
}
|
77 |
}
|
@@ -280,7 +279,7 @@
|
|
280 |
foreach( $_POST[ $field->name ] as $_file ) {
|
281 |
|
282 |
// Join dir and a new file name ( get from <input type="hidden" name="upload-file-333"> )
|
283 |
-
$new_file_name = trailingslashit( $uploads_dir['upload_dir'] ) .
|
284 |
|
285 |
// Check if submitted and file exists then file is ready.
|
286 |
if ( $submission && file_exists( $new_file_name ) ) {
|
@@ -406,10 +405,10 @@
|
|
406 |
$name = $tag->name;
|
407 |
$id = $tag->get_id_option();
|
408 |
|
409 |
-
$multiple_files = ( isset( $_POST[ $name ] ) ? $_POST[ $name ] : null );
|
410 |
|
411 |
// Check if we have files or if it's empty
|
412 |
-
if(
|
413 |
$result->invalidate( $tag, wpcf7_get_message( 'invalid_required' ) );
|
414 |
return $result;
|
415 |
}
|
@@ -499,6 +498,9 @@
|
|
499 |
// Begin process upload
|
500 |
function dnd_upload_cf7_upload() {
|
501 |
|
|
|
|
|
|
|
502 |
// Get upload dir
|
503 |
$path = dnd_get_upload_dir();
|
504 |
|
@@ -526,9 +528,12 @@
|
|
526 |
}
|
527 |
|
528 |
// Create file name
|
529 |
-
$filename = $file['name'];
|
530 |
$filename = wpcf7_canonicalize( $filename, 'as-is' );
|
531 |
-
|
|
|
|
|
|
|
532 |
|
533 |
// Add filter on upload file name
|
534 |
$filename = apply_filters( 'wpcf7_upload_file_name', $filename, $file['name'] );
|
@@ -544,7 +549,7 @@
|
|
544 |
|
545 |
$files = array(
|
546 |
'path' => basename( $path['upload_dir'] ),
|
547 |
-
'file' => str_replace('/','-', $filename
|
548 |
);
|
549 |
|
550 |
// Change file permission to 0400
|
@@ -562,26 +567,34 @@
|
|
562 |
// check and verify ajax request
|
563 |
check_ajax_referer( 'dnd-cf7-security-nonce', 'security' );
|
564 |
|
565 |
-
//
|
566 |
-
|
567 |
-
die('file not safe');
|
568 |
-
}
|
569 |
-
|
570 |
-
// Get upload dir
|
571 |
-
$upload_dir = dnd_get_upload_dir();
|
572 |
-
$path = preg_replace( '/\..\/|\/..\//', '', $_POST['path'] ); // remove extra character
|
573 |
-
$directory = dirname( $upload_dir['upload_dir'] );
|
574 |
|
575 |
-
//
|
576 |
-
$
|
577 |
-
$folder_name = basename( dirname( $path ) );
|
578 |
|
579 |
// Make sure path is set
|
580 |
-
if(
|
581 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
582 |
if( file_exists( $file_path ) ){
|
583 |
wp_delete_file( $file_path );
|
584 |
-
|
|
|
|
|
585 |
}
|
586 |
}
|
587 |
|
47 |
|
48 |
// Load plugin text-domain
|
49 |
function dnd_load_plugin_textdomain() {
|
|
|
50 |
load_plugin_textdomain( 'dnd-upload-cf7', false, dirname( dirname( plugin_basename( __FILE__ ) ) ) . '/languages' );
|
51 |
}
|
52 |
|
70 |
$field_name = $field->name;
|
71 |
if( $field->basetype == 'mfile' && isset( $posted_data[$field_name] ) && ! empty( $posted_data[$field_name] ) ) {
|
72 |
foreach( $posted_data[$field_name] as $key => $file ) {
|
73 |
+
$posted_data[$field_name][$key] = trailingslashit( $uploads_dir['upload_url'] ) . wp_basename( $file );
|
74 |
}
|
75 |
}
|
76 |
}
|
279 |
foreach( $_POST[ $field->name ] as $_file ) {
|
280 |
|
281 |
// Join dir and a new file name ( get from <input type="hidden" name="upload-file-333"> )
|
282 |
+
$new_file_name = trailingslashit( $uploads_dir['upload_dir'] ) . wp_basename( $_file );
|
283 |
|
284 |
// Check if submitted and file exists then file is ready.
|
285 |
if ( $submission && file_exists( $new_file_name ) ) {
|
405 |
$name = $tag->name;
|
406 |
$id = $tag->get_id_option();
|
407 |
|
408 |
+
$multiple_files = ( ( isset( $_POST[ $name ] ) && count( $_POST[ $name ] ) > 0 ) ? sanitize_text_field( $_POST[ $name ] ) : null );
|
409 |
|
410 |
// Check if we have files or if it's empty
|
411 |
+
if( is_null( $multiple_files ) && $tag->is_required() ) {
|
412 |
$result->invalidate( $tag, wpcf7_get_message( 'invalid_required' ) );
|
413 |
return $result;
|
414 |
}
|
498 |
// Begin process upload
|
499 |
function dnd_upload_cf7_upload() {
|
500 |
|
501 |
+
// check and verify ajax request
|
502 |
+
check_ajax_referer( 'dnd-cf7-security-nonce', 'security' );
|
503 |
+
|
504 |
// Get upload dir
|
505 |
$path = dnd_get_upload_dir();
|
506 |
|
528 |
}
|
529 |
|
530 |
// Create file name
|
531 |
+
$filename = wp_basename( $file['name'] );
|
532 |
$filename = wpcf7_canonicalize( $filename, 'as-is' );
|
533 |
+
|
534 |
+
if( mb_check_encoding( $filename, 'ASCII' ) ){
|
535 |
+
$filename = wpcf7_antiscript_file_name( $filename );
|
536 |
+
}
|
537 |
|
538 |
// Add filter on upload file name
|
539 |
$filename = apply_filters( 'wpcf7_upload_file_name', $filename, $file['name'] );
|
549 |
|
550 |
$files = array(
|
551 |
'path' => basename( $path['upload_dir'] ),
|
552 |
+
'file' => str_replace('/','-', $filename)
|
553 |
);
|
554 |
|
555 |
// Change file permission to 0400
|
567 |
// check and verify ajax request
|
568 |
check_ajax_referer( 'dnd-cf7-security-nonce', 'security' );
|
569 |
|
570 |
+
// Sanitize Path
|
571 |
+
$path = ( isset( $_POST['path'] ) ? sanitize_text_field( $_POST['path'] ) : null );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
572 |
|
573 |
+
// Get folder directory
|
574 |
+
$dir = dnd_get_upload_dir();
|
|
|
575 |
|
576 |
// Make sure path is set
|
577 |
+
if( ! is_null( $path ) ) {
|
578 |
+
|
579 |
+
// Check valid filename & extensions
|
580 |
+
if( preg_match_all('/wp-|(\.php|\.exe|\.js|\.phtml|\.cgi|\.aspx|\.asp|\.bat)/', $path ) ) {
|
581 |
+
die('File not safe');
|
582 |
+
}
|
583 |
+
|
584 |
+
// Concatenate path and upload directory
|
585 |
+
$file_path = realpath( trailingslashit( dirname( $dir['upload_dir'] ) ) . trim( $path ) );
|
586 |
+
|
587 |
+
// Check if is in the correct upload_dir
|
588 |
+
if( ! preg_match("/". wpcf7_dnd_dir ."/i", $file_path ) ) {
|
589 |
+
die('It\'s not a valid upload directory');
|
590 |
+
}
|
591 |
+
|
592 |
+
// Check if file exists
|
593 |
if( file_exists( $file_path ) ){
|
594 |
wp_delete_file( $file_path );
|
595 |
+
if( ! file_exists( $file_path ) ) {
|
596 |
+
wp_send_json_success('File Deleted!');
|
597 |
+
}
|
598 |
}
|
599 |
}
|
600 |
|
readme.txt
CHANGED
@@ -2,8 +2,8 @@
|
|
2 |
Donate link : http://codedropz.com/donation
|
3 |
Tags: drag and drop, contact form 7, ajax uploader, multiple file, upload, contact form 7 uploader
|
4 |
Requires at least: 3.0.1
|
5 |
-
Tested up to: 5.
|
6 |
-
Stable tag: 1.3.3
|
7 |
Requires PHP: 5.2.4
|
8 |
License: GPLv2 or later
|
9 |
License URI: https://www.gnu.org/licenses/gpl-2.0.html
|
@@ -37,23 +37,23 @@ Here's a little [DEMO](http://codedropz.com/contact).
|
|
37 |
Checkout available features on **PRO version**.
|
38 |
|
39 |
* Image Preview - Show Thumbnail for images
|
40 |
-
* Auto Delete Files - After Form Submission
|
41 |
-
- 1 hour, 4 hours, 8 hours
|
42 |
* Zip Files ( Compressed File )
|
43 |
-
* Save Files
|
44 |
* Change Upload Directory
|
45 |
-
- Generated Name -
|
46 |
- Random Folder
|
47 |
-
- By User
|
48 |
-
- Custom Folder
|
49 |
-
* Send to email as individual attachment,
|
50 |
* Improved Security
|
51 |
* Optimized Code and Performance
|
52 |
* 1 Month Premium Support
|
53 |
-
* Chunks Upload *( Break large files into smaller Chunks )*
|
54 |
-
* Max Total Size *( All Uploaded Files )*
|
55 |
-
* Parallel/Sequential Upload *( Number of files to simultaneously upload )*
|
56 |
-
* Change Filename Pattern ({filename}, {ip_address}, {random}, {post_id}, {post_slug}, etc.)
|
57 |
|
58 |
|
59 |
You can get [PRO Version here](https://www.codedropz.com/purchase-plugin/)!
|
@@ -71,19 +71,21 @@ For any bug reports go to <a href="https://wordpress.org/support/plugin/drag-and
|
|
71 |
|
72 |
= How can I limit file size? =
|
73 |
|
74 |
-
To limit file size in `multiple file upload` field generator under Contact Form 7, there's a field `File size limit (bytes)`.
|
|
|
|
|
75 |
|
76 |
= How can I limit the number of files in my Upload? =
|
77 |
|
78 |
You can limit the number of files in your file upload by adding this parameter `max-file:3` to your shortcode :
|
79 |
|
80 |
-
Example: [mfile upload-file-344 max-file:3] - this option will limit the user to upload only 3 files.
|
81 |
|
82 |
= How can I Add or Limit file types =
|
83 |
|
84 |
You can add or change file types in cf7 Form-tag Generator Options by adding `jpeg|png|jpg|gif` in `Acceptable file types field`.
|
85 |
|
86 |
-
Example : [mfile upload-file-433 filetypes:jpeg|png|jpg|gif]
|
87 |
|
88 |
= How can I change text in Drag and Drop Uploading area? =
|
89 |
|
@@ -91,7 +93,7 @@ You can change text `Drag & Drop Files Here or Browse Files` text in Wordpress A
|
|
91 |
|
92 |
= How can I change email attachment as links? =
|
93 |
|
94 |
-
Go to WP Admin `Contact->Drag & Drop Upload` settings then check "Send Attachment as links?" option.
|
95 |
|
96 |
To manage mail template, go to Contact Forms edit specific form and Select `Mail` tab. In Message Body add generated code from mfile. ( Example Below )
|
97 |
|
@@ -121,6 +123,12 @@ To install this plugin see below:
|
|
121 |
|
122 |
== Changelog ==
|
123 |
|
|
|
|
|
|
|
|
|
|
|
|
|
124 |
= 1.3.3 =
|
125 |
* SECURITY UPDATES ( issues reported by : Robert L Mathews )
|
126 |
- The issues inside `dnd_codedropz_upload_delete` function, that will execute any POST remotely.
|
2 |
Donate link : http://codedropz.com/donation
|
3 |
Tags: drag and drop, contact form 7, ajax uploader, multiple file, upload, contact form 7 uploader
|
4 |
Requires at least: 3.0.1
|
5 |
+
Tested up to: 5.4
|
6 |
+
Stable tag: 1.3.3.1
|
7 |
Requires PHP: 5.2.4
|
8 |
License: GPLv2 or later
|
9 |
License URI: https://www.gnu.org/licenses/gpl-2.0.html
|
37 |
Checkout available features on **PRO version**.
|
38 |
|
39 |
* Image Preview - Show Thumbnail for images
|
40 |
+
* Auto Delete Files - After Form Submission
|
41 |
+
- *(1 hour, 4 hours, 8 hours , days, months etc)*
|
42 |
* Zip Files ( Compressed File )
|
43 |
+
* Save Files to Wordpress Media Library
|
44 |
* Change Upload Directory
|
45 |
+
- Generated Name - Timestamp
|
46 |
- Random Folder
|
47 |
+
- By User
|
48 |
+
- Custom Folder
|
49 |
+
* Send to email as individual attachment, ZIP archive or as a links
|
50 |
* Improved Security
|
51 |
* Optimized Code and Performance
|
52 |
* 1 Month Premium Support
|
53 |
+
* Chunks Upload *( Break large files into smaller Chunks )*
|
54 |
+
* Max Total Size *( All Uploaded Files )*
|
55 |
+
* Parallel/Sequential Upload *( Number of files to simultaneously upload )*
|
56 |
+
* Change Filename Pattern ({filename}, {ip_address}, {random}, {post_id}, {post_slug}, etc.)
|
57 |
|
58 |
|
59 |
You can get [PRO Version here](https://www.codedropz.com/purchase-plugin/)!
|
71 |
|
72 |
= How can I limit file size? =
|
73 |
|
74 |
+
To limit file size in `multiple file upload` field generator under Contact Form 7, there's a field `File size limit (bytes)`.
|
75 |
+
|
76 |
+
Please take note it should be `Bytes` you may use any converter just Google (MB to Bytes converter) default of this plugin is 5MB(5242880 Bytes).
|
77 |
|
78 |
= How can I limit the number of files in my Upload? =
|
79 |
|
80 |
You can limit the number of files in your file upload by adding this parameter `max-file:3` to your shortcode :
|
81 |
|
82 |
+
Example: *[mfile upload-file-344 max-file:3] * - this option will limit the user to upload only 3 files.
|
83 |
|
84 |
= How can I Add or Limit file types =
|
85 |
|
86 |
You can add or change file types in cf7 Form-tag Generator Options by adding `jpeg|png|jpg|gif` in `Acceptable file types field`.
|
87 |
|
88 |
+
Example : *[mfile upload-file-433 filetypes:jpeg|png|jpg|gif]*
|
89 |
|
90 |
= How can I change text in Drag and Drop Uploading area? =
|
91 |
|
93 |
|
94 |
= How can I change email attachment as links? =
|
95 |
|
96 |
+
Go to WP Admin `Contact -> Drag & Drop Upload` settings then check "Send Attachment as links?" option.
|
97 |
|
98 |
To manage mail template, go to Contact Forms edit specific form and Select `Mail` tab. In Message Body add generated code from mfile. ( Example Below )
|
99 |
|
123 |
|
124 |
== Changelog ==
|
125 |
|
126 |
+
= 1.3.3.1 =
|
127 |
+
* Improved Security - ( Check valid filename & extensions, sanitations, Secured File deletions )
|
128 |
+
* New - Allowed non ASCII file name
|
129 |
+
* Improved styling on Progress Bar
|
130 |
+
* Fixed - Conflict with WooCommerce Geo Location
|
131 |
+
|
132 |
= 1.3.3 =
|
133 |
* SECURITY UPDATES ( issues reported by : Robert L Mathews )
|
134 |
- The issues inside `dnd_codedropz_upload_delete` function, that will execute any POST remotely.
|