Formidable Forms – Form Builder for WordPress

Version Description

Security: Added validation to URLs when installing templates and add ons to make sure that the endpoint cannot be manipulated and used for unsafe requests.
Security: Added a nonce and permission check when running migrations and when loading data for applications.
Fix: The spinner was not visible at the top of the page when running migrations.
Updated the icon used for global Stripe settings.

Release Info

Developer	formidableforms
Plugin	Formidable Forms – Form Builder for WordPress
Version	5.5.5
Comparing to
See all releases

Code changes from version 5.5.4 to 5.5.5

Files changed (17) hide show

classes/controllers/FrmAddonsController.php +14 -3
classes/controllers/FrmAppController.php +6 -1
classes/controllers/FrmApplicationsController.php +3 -0
classes/controllers/FrmFieldsController.php +1 -4
classes/controllers/FrmSMTPController.php +1 -2
classes/controllers/FrmXMLController.php +24 -2
classes/helpers/FrmAppHelper.php +33 -1
classes/helpers/FrmTipsHelper.php +2 -2
classes/models/FrmFieldValueSelector.php +1 -1
classes/views/frm-form-actions/default_actions.php +1 -1
classes/views/frm-forms/new-form-overlay/upgrade-body.php +1 -1
css/frm_admin.css +4 -0
formidable.php +1 -1
images/icons.svg +2 -2
js/admin/dom.js +5 -1
languages/formidable.pot +23 -19
readme.txt +9 -3

classes/controllers/FrmAddonsController.php CHANGED Viewed

	@@ -115,8 +115,8 @@ class FrmAddonsController {
115	'excerpt' => 'Enhance your basic Formidable forms with a plethora of Pro field types and features. Create advanced forms and data-driven applications in minutes.',
116	),
117	'mailchimp' => array(
118	- 'title' => '~~MailChimp~~ Forms',
119	- 'excerpt' => 'Get on the path to more sales and leads in a matter of minutes. Add leads to a ~~MailChimp~~ mailing list when they submit forms and update their information along with the entry.',
120	),
121	'registration' => array(
122	'title' => 'User Registration Forms',
	@@ -982,6 +982,13 @@ class FrmAddonsController {
982
983	$download_url = self::get_current_plugin();
984







985	// Create the plugin upgrader with our custom skin.
986	$installer = new Plugin_Upgrader( new FrmInstallerSkin() );
987	$installer->install( $download_url );
	@@ -1238,7 +1245,11 @@ class FrmAddonsController {
1238	public static function ajax_install_addon() {
1239	self::install_addon_permissions();
1240
1241	- self::download_and_activate();




1242
1243	echo json_encode( self::get_addon_activation_response() );
1244	wp_die();


115	'excerpt' => 'Enhance your basic Formidable forms with a plethora of Pro field types and features. Create advanced forms and data-driven applications in minutes.',
116	),
117	'mailchimp' => array(
118	+ 'title' => 'Mailchimp Forms',
119	+ 'excerpt' => 'Get on the path to more sales and leads in a matter of minutes. Add leads to a Mailchimp mailing list when they submit forms and update their information along with the entry.',
120	),
121	'registration' => array(
122	'title' => 'User Registration Forms',

982
983	$download_url = self::get_current_plugin();
984
985	+ if ( ! FrmAppHelper::validate_url_is_in_s3_bucket( $download_url, 'zip' ) ) {
986	+ return array(
987	+ 'message' => 'Plugin URL is not valid',
988	+ 'success' => false,
989	+ );
990	+ }
991	+
992	// Create the plugin upgrader with our custom skin.
993	$installer = new Plugin_Upgrader( new FrmInstallerSkin() );
994	$installer->install( $download_url );

1245	public static function ajax_install_addon() {
1246	self::install_addon_permissions();
1247
1248	+ $result = self::download_and_activate();
1249	+ if ( isset( $result['success'] ) && ! $result['success'] ) {
1250	+ echo json_encode( $result );
1251	+ wp_die();
1252	+ }
1253
1254	echo json_encode( self::get_addon_activation_response() );
1255	wp_die();

classes/controllers/FrmAppController.php CHANGED Viewed

	@@ -380,7 +380,10 @@ class FrmAppController {
380	*/
381	public static function install_js_fallback() {
382	FrmAppHelper::load_admin_wide_js();
383	- ~~echo '<div id="hidden frm_install_message"></div><script type="text/javascript">jQuery(document).ready(function(){frm_install_now();});</script>';~~



384	}
385
386	/**
	@@ -741,6 +744,8 @@ class FrmAppController {
741	* @since 2.0.1
742	*/
743	public static function ajax_install() {


744	self::api_install();
745	wp_die();
746	}


380	*/
381	public static function install_js_fallback() {
382	FrmAppHelper::load_admin_wide_js();
383	+ ?>
384	+ <div id="frm_install_message"></div>
385	+ <script>jQuery(document).ready( frm_install_now );</script>
386	+ <?php
387	}
388
389	/**

744	* @since 2.0.1
745	*/
746	public static function ajax_install() {
747	+ FrmAppHelper::permission_check( 'frm_change_settings' );
748	+ check_ajax_referer( 'frm_ajax', 'nonce' );
749	self::api_install();
750	wp_die();
751	}

classes/controllers/FrmApplicationsController.php CHANGED Viewed

	@@ -72,6 +72,9 @@ class FrmApplicationsController {
72	* @return void
73	*/
74	public static function get_applications_data() {



75	$view = FrmAppHelper::get_param( 'view', '', 'get', 'sanitize_text_field' );
76	$data = array();
77


72	* @return void
73	*/
74	public static function get_applications_data() {
75	+ FrmAppHelper::permission_check( 'frm_view_forms' );
76	+ check_ajax_referer( 'frm_ajax', 'nonce' );
77	+
78	$view = FrmAppHelper::get_param( 'view', '', 'get', 'sanitize_text_field' );
79	$data = array();
80

classes/controllers/FrmFieldsController.php CHANGED Viewed

	@@ -879,10 +879,7 @@ class FrmFieldsController {
879	* @deprecated 4.0 Moved to Pro for Other option only.
880	*/
881	public static function add_option() {
882	- _deprecated_function( __METHOD__, '4.0', '~~FrmProFormsController~~::add_other_option' );
883	- if ( is_callable( 'FrmProFormsController::add_other_option' ) ) {
884	- FrmProFormsController::add_other_option();
885	- }
886	}
887
888	/**


879	* @deprecated 4.0 Moved to Pro for Other option only.
880	*/
881	public static function add_option() {
882	+ _deprecated_function( __METHOD__, '4.0', 'FrmProFieldsController::add_other_option' );



883	}
884
885	/**

classes/controllers/FrmSMTPController.php CHANGED Viewed

	@@ -384,13 +384,12 @@ class FrmSMTPController {
384	return function_exists( 'wp_mail_smtp' ) && ( is_plugin_active( $this->config['lite_plugin'] ) \|\| is_plugin_active( $this->config['pro_plugin'] ) );
385	}
386
387	-
388	/**
389	* Get $phpmailer instance.
390	*
391	* @since 4.04.04
392	*
393	- * @return PHPMailer Instance of PHPMailer.
394	*/
395	protected function get_phpmailer() {
396	global $phpmailer;


384	return function_exists( 'wp_mail_smtp' ) && ( is_plugin_active( $this->config['lite_plugin'] ) \|\| is_plugin_active( $this->config['pro_plugin'] ) );
385	}
386

387	/**
388	* Get $phpmailer instance.
389	*
390	* @since 4.04.04
391	*
392	+ * @return \WPMailSMTP\Providers\MailCatcherInterface\|PHPMailer Instance of PHPMailer.
393	*/
394	protected function get_phpmailer() {
395	global $phpmailer;

classes/controllers/FrmXMLController.php CHANGED Viewed

	@@ -49,11 +49,18 @@ class FrmXMLController {
49	wp_die();
50	}
51
52	- $url = FrmAppHelper::get_param( 'xml', '', 'post', 'esc_url_raw' );
53	-
54	$form = self::get_posted_form();

55	self::override_url( $form, $url );
56








57	$response = wp_remote_get( $url );
58	$body = wp_remote_retrieve_body( $response );
59	$xml = simplexml_load_string( $body );
	@@ -110,8 +117,23 @@ class FrmXMLController {
110	wp_die();
111	}
112













113	/**
114	* @since 4.06.02


115	*/
116	private static function get_posted_form() {
117	$form = FrmAppHelper::get_param( 'form', '', 'post', 'wp_unslash' );


49	wp_die();
50	}
51


52	$form = self::get_posted_form();
53	+ $url = FrmAppHelper::get_param( 'xml', '', 'post', 'esc_url_raw' );
54	self::override_url( $form, $url );
55
56	+ if ( ! self::validate_xml_url( $url ) ) {
57	+ $response = array(
58	+ 'message' => __( 'The template you are trying to install could not be validated.', 'formidable' ),
59	+ );
60	+ echo wp_json_encode( $response );
61	+ wp_die();
62	+ }
63	+
64	$response = wp_remote_get( $url );
65	$body = wp_remote_retrieve_body( $response );
66	$xml = simplexml_load_string( $body );

117	wp_die();
118	}
119
120	+ /**
121	+ * Make sure that the XML file we're trying to load is in fact an XML file, and that it's coming from our S3 bucket.
122	+ * This is to make sure that the URL can't be exploited for a SSRF attack.
123	+ *
124	+ * @since 5.5.5
125	+ * @param string $url
126	+ *
127	+ * @return bool True on success, False on error.
128	+ */
129	+ private static function validate_xml_url( $url ) {
130	+ return FrmAppHelper::validate_url_is_in_s3_bucket( $url, 'xml' );
131	+ }
132	+
133	/**
134	* @since 4.06.02
135	+ *
136	+ * @return mixed
137	*/
138	private static function get_posted_form() {
139	$form = FrmAppHelper::get_param( 'form', '', 'post', 'wp_unslash' );

classes/helpers/FrmAppHelper.php CHANGED Viewed

@@ -16,7 +16,7 @@ class FrmAppHelper {
             	/**
             	 * @since 2.0
             	 */
-            -
            	public static $plug_version = '5.5.4';
             	/**
             	 * @since 1.07.02
@@ -3613,6 +3613,38 @@ class FrmAppHelper {
             		return get_plugins();
+            	}
             	/**
             	 * @since 4.08
             	 * @deprecated 4.09.01


16	/**
17	* @since 2.0
18	*/
19	+ public static $plug_version = '5.5.5';
20
21	/**
22	* @since 1.07.02

3613	return get_plugins();
3614	}
3615
3616	+ /**
3617	+ * Make sure that the file we're trying to load is in fact the expected file type, and that it's coming from our S3 bucket.
3618	+ * This is to make sure that the URL can't be exploited for a SSRF attack.
3619	+ *
3620	+ * @since 5.5.5
3621	+ *
3622	+ * @param string $url
3623	+ * @param string $expected_extension
3624	+ * @return bool
3625	+ */
3626	+ public static function validate_url_is_in_s3_bucket( $url, $expected_extension ) {
3627	+ $file_is_in_expected_s3_bucket = 0 === strpos( $url, 'https://s3.amazonaws.com/fp.strategy11.com' );
3628	+ if ( ! $file_is_in_expected_s3_bucket ) {
3629	+ return false;
3630	+ }
3631	+
3632	+ $parsed = parse_url( $url );
3633	+ if ( ! is_array( $parsed ) ) {
3634	+ // URL is malformed.
3635	+ return false;
3636	+ }
3637	+
3638	+ $path = $parsed['path'];
3639	+ $ext = pathinfo( $path, PATHINFO_EXTENSION );
3640	+ if ( $expected_extension !== $ext ) {
3641	+ // The URL isn't to an XML file.
3642	+ return false;
3643	+ }
3644	+
3645	+ return true;
3646	+ }
3647	+
3648	/**
3649	* @since 4.08
3650	* @deprecated 4.09.01

classes/helpers/FrmTipsHelper.php CHANGED Viewed

	@@ -166,7 +166,7 @@ class FrmTipsHelper {
166	'page' => 'mailchimp-tip',
167	),
168	'tip' => __( 'Grow your business with automated email follow-up.', 'formidable' ),
169	- 'call' => __( 'Send leads straight to ~~MailChimp~~.', 'formidable' ),
170	),
171	array(
172	'link' => array(
	@@ -326,7 +326,7 @@ class FrmTipsHelper {
326	'content' => 'automate',
327	),
328	'tip' => __( 'Automate your business and increase revenue.', 'formidable' ),
329	- 'call' => __( 'Collect instant payments, and send leads to ~~MailChimp~~.', 'formidable' ),
330	),
331	);
332	$random = rand( 0, count( $tips ) - 1 );


166	'page' => 'mailchimp-tip',
167	),
168	'tip' => __( 'Grow your business with automated email follow-up.', 'formidable' ),
169	+ 'call' => __( 'Send leads straight to Mailchimp.', 'formidable' ),
170	),
171	array(
172	'link' => array(

326	'content' => 'automate',
327	),
328	'tip' => __( 'Automate your business and increase revenue.', 'formidable' ),
329	+ 'call' => __( 'Collect instant payments, and send leads to Mailchimp.', 'formidable' ),
330	),
331	);
332	$random = rand( 0, count( $tips ) - 1 );

classes/models/FrmFieldValueSelector.php CHANGED Viewed

	@@ -5,7 +5,7 @@ if ( ! defined( 'ABSPATH' ) ) {
5
6	/**
7	* A class for the field value selector
8	- * Used in field conditional logic, action conditional logic, ~~MailChimp~~ action, etc.
9	*
10	* @since 2.03.05
11	*/


5
6	/**
7	* A class for the field value selector
8	+ * Used in field conditional logic, action conditional logic, Mailchimp action, etc.
9	*
10	* @since 2.03.05
11	*/

classes/views/frm-form-actions/default_actions.php CHANGED Viewed

	@@ -66,7 +66,7 @@ class FrmDefMlcmpAction extends FrmFormAction {
66	$action_ops = FrmFormAction::default_action_opts( 'frm_mailchimp_icon frm_show_upgrade frm-inverse' );
67	$action_ops['color'] = 'var(--dark-grey)';
68
69	- parent::__construct( 'mailchimp', '~~MailChimp~~', $action_ops );
70	}
71	}
72


66	$action_ops = FrmFormAction::default_action_opts( 'frm_mailchimp_icon frm_show_upgrade frm-inverse' );
67	$action_ops['color'] = 'var(--dark-grey)';
68
69	+ parent::__construct( 'mailchimp', 'Mailchimp', $action_ops );
70	}
71	}
72

classes/views/frm-forms/new-form-overlay/upgrade-body.php CHANGED Viewed

	@@ -24,7 +24,7 @@ if ( ! defined( 'ABSPATH' ) ) {
24	</ul>
25	</div><div>
26	<ul>
27	- <li><?php esc_html_e( '~~MailChimp~~ integration', 'formidable' ); ?></li>
28	<li><?php esc_html_e( 'Repeater fields', 'formidable' ); ?></li>
29	<li><?php esc_html_e( 'Post submission', 'formidable' ); ?></li>
30	<li><?php esc_html_e( 'Front-end editing', 'formidable' ); ?></li>


24	</ul>
25	</div><div>
26	<ul>
27	+ <li><?php esc_html_e( 'Mailchimp integration', 'formidable' ); ?></li>
28	<li><?php esc_html_e( 'Repeater fields', 'formidable' ); ?></li>
29	<li><?php esc_html_e( 'Post submission', 'formidable' ); ?></li>
30	<li><?php esc_html_e( 'Front-end editing', 'formidable' ); ?></li>

css/frm_admin.css CHANGED Viewed

	@@ -4454,6 +4454,10 @@ label.frm-example-icon {
4454	margin: 0;
4455	}
4456




4457	.frm_captchas {
4458	margin-top: 16px;
4459	}


4454	margin: 0;
4455	}
4456
4457	+ #frm_stripe_icon {
4458	+ border-radius: 5px;
4459	+ }
4460	+
4461	.frm_captchas {
4462	margin-top: 16px;
4463	}

formidable.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/*
3	Plugin Name: Formidable Forms
4	Description: Quickly and easily create drag-and-drop forms
5	- Version: 5.5.4
6	Plugin URI: https://formidableforms.com/
7	Author URI: https://formidableforms.com/
8	Author: Strategy11 Form Builder Team


2	/*
3	Plugin Name: Formidable Forms
4	Description: Quickly and easily create drag-and-drop forms
5	+ Version: 5.5.5
6	Plugin URI: https://formidableforms.com/
7	Author URI: https://formidableforms.com/
8	Author: Strategy11 Form Builder Team

images/icons.svg CHANGED Viewed

	@@ -808,9 +808,9 @@
808	<title>salesforcealt</title>
809	<path d="M9.7 9.6h-1c0-.2.1-.6.5-.6.3 0 .5.2.5.6zm5.4-.5s-.6-.1-.6.7.5.8.6.8c.5 0 .5-.5.5-.8 0-.8-.5-.7-.5-.7zm-9.5.9a.3.3 0 0 0-.2.3c0 .2.1.2.2.2.1.2.6.1.8 0V10h-.8zM25 9c0 3.5-3.1 6-6.5 5.4a4 4 0 0 1-5.1 1.6 4.5 4.5 0 0 1-8.4-.2c-4.7 1-7-5.4-3-7.8a4.9 4.9 0 0 1 8.4-4.9 4.4 4.4 0 0 1 7 1A5.4 5.4 0 0 1 25 9zM4.7 10.4c0-.5-.5-.6-.7-.7-.2 0-.5-.1-.5-.3 0-.4.6-.3 1-.1l.1-.3c-.5-.4-1.6-.4-1.6.4 0 .5.5.6.7.7.2 0 .5.1.5.4 0 .1-.1.2-.3.2-.3 0-.6 0-.8-.2l-.1.3c0 .1.4.3.9.3s.8-.3.8-.7zM6 8.6l-.9.2V9l.1.3S5.6 9 6 9l.4.1.1.5c-.2 0-.7-.2-1.2.1l-.2.5c0 .3 0 .5.2.6.5.3 1.4.1 1.5 0h.1V9.5c0-.2 0-.9-.8-.9zm1.8-.8h-.5V11h.4zM10 9c-.1-.1-.3-.3-.7-.3-.2 0-.6 0-.8.3-.3.3-.3.7-.3.8 0 .2 0 .6.3.9 0 0 .3.3.9.3.4 0 .6-.1.7-.2v-.3h-.7c-.7 0-.7-.5-.7-.6H10s.2-.6-.1-1zm1.4 2c.5 0 .8-.3.8-.7 0-.5-.4-.6-.7-.7-.1 0-.5-.1-.5-.3 0-.2.1-.3.3-.3l.7.2.1-.3-.8-.3c-.4 0-.8.3-.8.7 0 .5.5.6.7.7.3 0 .5.1.5.3 0 .2 0 .3-.3.3s-.6 0-.8-.2l-.1.3c0 .1.4.3.9.3zm2.5-2.3h-.5s0-.3.2-.5h.5l.2-.4c-.2-.1-.7-.1-1 .1l-.3.8h-.3l-.1.4h.3l-.4 2.2-.2.3h-.4l-.2.3c.3.1.6.1.8 0 .2 0 .3-.3.4-.5l.5-2.3h.4zm2.1.7s-.2-.7-1-.7a1 1 0 0 0-1 .7v.9s.2.7 1 .7a1 1 0 0 0 1-.7c.2-.4 0-.8 0-1zm1.8-.7c-.2 0-.6 0-.9.2v-.1h-.4v2.1h.4v-1c0-.2 0-.5.2-.7h.6V9l.1-.3zm1.8 2.1v-.2H19c-.2 0-.7 0-.7-.8 0-.2 0-.7.6-.7h.5l.1-.3c-.5-.2-.9-.1-1 0-.1 0-.7.2-.7 1 0 .1 0 1.2 1.1 1.2l.6-.1zm2.1-1.5c0-.1-.2-.6-.8-.6-.7 0-1 .4-1 .7l-.1.4c0 1 .7 1.2 1.2 1.2.4 0 .6-.1.7-.2v-.3H21c-.7 0-.7-.5-.7-.6h1.4v-.6zm-.9-.3c-.4 0-.5.4-.5.6h1c0-.5-.3-.6-.5-.6z"/>
810	</symbol>
811	- <symbol id="frm_stripe_icon" viewBox="0 0 25 20">
812	<title>stripe</title>
813	- <path d="~~M25~~ ~~13.6c0~~ ~~1.7~~-1.4 3.1-3.1 3.~~1H3A3~~.1 3.~~1 0 0 1 0~~ 13.~~6V6.4c0-~~1.7 1.4~~-3.1~~ ~~3.1-3.1H22c1.7~~ 0 3.1 1.4 ~~3.1~~ 3.~~1v7.2zm~~-9.~~3-1.3c1~~ .2 ~~1.9-.3 2.1-1.3.2-.7.2-1.4~~ 0~~-2-.2-.8-.8-1.2-1.5-1l-.9.3V8h-1.2V14l1.3-.2V13v-.7h.2zm-.2-2.8c0-.4.2-.5.5-.5.2-.1.4~~ 0 ~~.5.3.2.6.2 1.1~~ 0 ~~1.7l-.4.3c-.3.2-.6~~ ~~0-.6-.3v-.8-.7zm4~~.1 ~~1H22c0-.5~~ 0-~~1-.2-1~~.~~5s-.5-.8-1-1c-1-.3-2~~ .2-2.~~3 1.3-.1.3-.2.~~7~~-.1~~ 1.1 0 .8.2 1.5 1 1.~~8.7.3~~ 1.~~5.2~~ ~~2.3~~ 0l.1~~-.3V11c~~-~~1.4.5-2.1.2-2-.5zm0-.8c0-.5.2-.~~9.~~5-.9s~~.~~5.3.5 1h~~-~~1zM3~~.~~1 11.8l.~~2~~.3a3~~ ~~3 0 0 0 1~~.7.~~3c.7-.~~1 ~~1.2-.6 1.2~~-1.~~2.1-.~~7~~-.2~~-~~1.1-.~~8-1.~~4l-.7-.3-.3-.4.4-.~~2 ~~1.1.2.1-.9C5.5 8 5 8 4.3 8c-.7 0~~-~~1 .5~~-1.~~1 1-.1~~.7.1 1.1.8 ~~1.4l.7.4.3.3c-.2.1-.3.3-.5.3L3.2 11v.7zM9 9L9 8h-.9V6.8c-.4~~ 0~~-.7~~ 0~~-1.1.2v.5c-.1.2~~ 0 ~~.6-.5.6l-.1.1-.1.8h.5v2.3c0~~ .4.~~2.7.6~~ 1 .5.2 1 .~~1 1.5 0v~~-~~1h-.3c-.2 0-.4-.2-.4-.3V9H9zm2~~.~~9-.8c0-.~~2-.~~1-.3-.3-.3l-.8.~~4~~-.1-.3H9~~.~~6v4.3h1.3V9.9c0-.~~5.~~1-.6~~.5~~-.7h.5v~~-~~1zm~~.4 ~~4h1.3V8h~~-~~1.3v4.3zm.6~~-~~4.7c.4 0 .7-.3.7-.7 0-.4-.3-.7-.7-.7-.4 0-.7.3-.7.7 0 .4.3.7.7.7z~~"/>
814	</symbol>
815	<symbol id="frm_stripealt_icon" viewBox="0 0 35 20">
816	<title>stripealt</title>


808	<title>salesforcealt</title>
809	<path d="M9.7 9.6h-1c0-.2.1-.6.5-.6.3 0 .5.2.5.6zm5.4-.5s-.6-.1-.6.7.5.8.6.8c.5 0 .5-.5.5-.8 0-.8-.5-.7-.5-.7zm-9.5.9a.3.3 0 0 0-.2.3c0 .2.1.2.2.2.1.2.6.1.8 0V10h-.8zM25 9c0 3.5-3.1 6-6.5 5.4a4 4 0 0 1-5.1 1.6 4.5 4.5 0 0 1-8.4-.2c-4.7 1-7-5.4-3-7.8a4.9 4.9 0 0 1 8.4-4.9 4.4 4.4 0 0 1 7 1A5.4 5.4 0 0 1 25 9zM4.7 10.4c0-.5-.5-.6-.7-.7-.2 0-.5-.1-.5-.3 0-.4.6-.3 1-.1l.1-.3c-.5-.4-1.6-.4-1.6.4 0 .5.5.6.7.7.2 0 .5.1.5.4 0 .1-.1.2-.3.2-.3 0-.6 0-.8-.2l-.1.3c0 .1.4.3.9.3s.8-.3.8-.7zM6 8.6l-.9.2V9l.1.3S5.6 9 6 9l.4.1.1.5c-.2 0-.7-.2-1.2.1l-.2.5c0 .3 0 .5.2.6.5.3 1.4.1 1.5 0h.1V9.5c0-.2 0-.9-.8-.9zm1.8-.8h-.5V11h.4zM10 9c-.1-.1-.3-.3-.7-.3-.2 0-.6 0-.8.3-.3.3-.3.7-.3.8 0 .2 0 .6.3.9 0 0 .3.3.9.3.4 0 .6-.1.7-.2v-.3h-.7c-.7 0-.7-.5-.7-.6H10s.2-.6-.1-1zm1.4 2c.5 0 .8-.3.8-.7 0-.5-.4-.6-.7-.7-.1 0-.5-.1-.5-.3 0-.2.1-.3.3-.3l.7.2.1-.3-.8-.3c-.4 0-.8.3-.8.7 0 .5.5.6.7.7.3 0 .5.1.5.3 0 .2 0 .3-.3.3s-.6 0-.8-.2l-.1.3c0 .1.4.3.9.3zm2.5-2.3h-.5s0-.3.2-.5h.5l.2-.4c-.2-.1-.7-.1-1 .1l-.3.8h-.3l-.1.4h.3l-.4 2.2-.2.3h-.4l-.2.3c.3.1.6.1.8 0 .2 0 .3-.3.4-.5l.5-2.3h.4zm2.1.7s-.2-.7-1-.7a1 1 0 0 0-1 .7v.9s.2.7 1 .7a1 1 0 0 0 1-.7c.2-.4 0-.8 0-1zm1.8-.7c-.2 0-.6 0-.9.2v-.1h-.4v2.1h.4v-1c0-.2 0-.5.2-.7h.6V9l.1-.3zm1.8 2.1v-.2H19c-.2 0-.7 0-.7-.8 0-.2 0-.7.6-.7h.5l.1-.3c-.5-.2-.9-.1-1 0-.1 0-.7.2-.7 1 0 .1 0 1.2 1.1 1.2l.6-.1zm2.1-1.5c0-.1-.2-.6-.8-.6-.7 0-1 .4-1 .7l-.1.4c0 1 .7 1.2 1.2 1.2.4 0 .6-.1.7-.2v-.3H21c-.7 0-.7-.5-.7-.6h1.4v-.6zm-.9-.3c-.4 0-.5.4-.5.6h1c0-.5-.3-.6-.5-.6z"/>
810	</symbol>
811	+ <symbol id="frm_stripe_icon" viewBox="0 0 400 400">
812	<title>stripe</title>
813	+ <path d="M0 0h400v400H0z" style="fill-rule:evenodd;clip-rule:evenodd;"/><path d="M184.4 155.5c0-9.4 7.7-13.1 20.5-13.1 18.4 0 41.6 5.6 60 15.5v-56.8A159 159 0 0 0 205 90c-49.1 0-81.7 25.6-81.7 68.4 0 66.7 91.9 56.1 91.9 84.9 0 11.1-9.7 14.7-23.2 14.7-20.1 0-45.7-8.2-66-19.3v57.5a167.1 167.1 0 0 0 66 13.8c50.3 0 84.9-24.9 84.9-68.2-.4-72-92.5-59.2-92.5-86.3z" style="fill-rule:evenodd;clip-rule:evenodd;fill:#fff"/>
814	</symbol>
815	<symbol id="frm_stripealt_icon" viewBox="0 0 35 20">
816	<title>stripealt</title>

js/admin/dom.js CHANGED Viewed

	@@ -100,7 +100,11 @@
100
101	const ajax = {
102	doJsonFetch: async function( action ) {
103	- ~~const~~ ~~response~~ = ~~await fetch(~~ ajaxurl + '?action=frm_' + action );




104	const json = await response.json();
105	if ( ! json.success ) {
106	return Promise.reject( json.data \|\| 'JSON result is not successful' );


100
101	const ajax = {
102	doJsonFetch: async function( action ) {
103	+ let targetUrl = ajaxurl + '?action=frm_' + action;
104	+ if ( -1 === targetUrl.indexOf( 'nonce=' ) ) {
105	+ targetUrl += '&nonce=' + frmGlobal.nonce;
106	+ }
107	+ const response = await fetch( targetUrl );
108	const json = await response.json();
109	if ( ! json.success ) {
110	return Promise.reject( json.data \|\| 'JSON result is not successful' );

languages/formidable.pot CHANGED Viewed

	@@ -2,14 +2,14 @@
2	# This file is distributed under the same license as the Formidable Forms plugin.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Formidable Forms 5.5.4\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/formidable\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: 2022-12-~~01T17~~:28:01+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.6.0\n"
15	"X-Domain: formidable\n"
	@@ -165,16 +165,16 @@ msgstr ""
165	msgid "Sorry, your site requires FTP authentication. Please download plugins from FormidableForms.com and install them manually."
166	msgstr ""
167
168	- #: classes/controllers/FrmAddonsController.php:~~1025~~
169	msgid "Your plugin has been activated. Would you like to save and reload the page now?"
170	msgstr ""
171
172	- #: classes/controllers/FrmAddonsController.php:~~1144~~
173	msgid "Could not install an upgrade. Please download from formidableforms.com and install manually."
174	msgstr ""
175
176	- #: classes/controllers/FrmAddonsController.php:~~1229~~
177	- #: classes/controllers/FrmAddonsController.php:~~1230~~
178	#: classes/controllers/FrmWelcomeController.php:141
179	#: classes/views/frm-forms/new-form-overlay.php:105
180	#: classes/views/shared/reports-info.php:23
	@@ -197,7 +197,7 @@ msgstr ""
197	#: classes/controllers/FrmEntriesController.php:11
198	#: classes/controllers/FrmEntriesController.php:100
199	#: classes/controllers/FrmFormsController.php:862
200	- #: classes/controllers/FrmXMLController.php:~~269~~
201	#: classes/views/xml/import_form.php:121
202	msgid "Entries"
203	msgstr ""
	@@ -324,7 +324,7 @@ msgstr ""
324	#: classes/controllers/FrmFormsController.php:9
325	#: classes/controllers/FrmFormsController.php:872
326	#: classes/controllers/FrmStylesController.php:51
327	- #: classes/controllers/FrmXMLController.php:~~268~~
328	#: classes/views/frm-forms/list.php:10
329	#: classes/widgets/FrmElementorWidget.php:14
330	#: js/admin/applications.js:338
	@@ -999,35 +999,39 @@ msgstr ""
999	msgid "Your server is missing the Simple XML extension. This is required to install a template."
1000	msgstr ""
1001
1002	- #: classes/controllers/FrmXMLController.php:63




1003	msgid "There was an error reading the form template."
1004	msgstr ""
1005
1006	- #: classes/controllers/FrmXMLController.php:99
1007	msgid "There was an error importing form"
1008	msgstr ""
1009
1010	- #: classes/controllers/FrmXMLController.php:~~304~~
1011	msgid "Oops, you didn't select a file."
1012	msgstr ""
1013
1014	- #: classes/controllers/FrmXMLController.php:~~315~~
1015	msgid "The file does not exist, please try again."
1016	msgstr ""
1017
1018	- #: classes/controllers/FrmXMLController.php:~~344~~
1019	msgid "XML import is not enabled on your server with the libxml_disable_entity_loader function."
1020	msgstr ""
1021
1022	- #: classes/controllers/FrmXMLController.php:~~559~~
1023	msgid "Please select a form"
1024	msgstr ""
1025
1026	- #: classes/controllers/FrmXMLController.php:~~589~~
1027	msgid "Form not found."
1028	msgstr ""
1029
1030	- #: classes/controllers/FrmXMLController.php:~~621~~
1031	msgid "There are no entries for that form."
1032	msgstr ""
1033
	@@ -3649,7 +3653,7 @@ msgid "Grow your business with automated email follow-up."
3649	msgstr ""
3650
3651	#: classes/helpers/FrmTipsHelper.php:169
3652	- msgid "Send leads straight to ~~MailChimp~~."
3653	msgstr ""
3654
3655	#: classes/helpers/FrmTipsHelper.php:176
	@@ -3754,7 +3758,7 @@ msgid "Automate your business and increase revenue."
3754	msgstr ""
3755
3756	#: classes/helpers/FrmTipsHelper.php:329
3757	- msgid "Collect instant payments, and send leads to ~~MailChimp~~."
3758	msgstr ""
3759
3760	#: classes/helpers/FrmXMLHelper.php:36
	@@ -5377,7 +5381,7 @@ msgid "Review before submit"
5377	msgstr ""
5378
5379	#: classes/views/frm-forms/new-form-overlay/upgrade-body.php:27
5380	- msgid "~~MailChimp~~ integration"
5381	msgstr ""
5382
5383	#: classes/views/frm-forms/new-form-overlay/upgrade-body.php:28


2	# This file is distributed under the same license as the Formidable Forms plugin.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Formidable Forms 5.5.5\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/formidable\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2022-12-15T15:17:45+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.6.0\n"
15	"X-Domain: formidable\n"

165	msgid "Sorry, your site requires FTP authentication. Please download plugins from FormidableForms.com and install them manually."
166	msgstr ""
167
168	+ #: classes/controllers/FrmAddonsController.php:1032
169	msgid "Your plugin has been activated. Would you like to save and reload the page now?"
170	msgstr ""
171
172	+ #: classes/controllers/FrmAddonsController.php:1151
173	msgid "Could not install an upgrade. Please download from formidableforms.com and install manually."
174	msgstr ""
175
176	+ #: classes/controllers/FrmAddonsController.php:1236
177	+ #: classes/controllers/FrmAddonsController.php:1237
178	#: classes/controllers/FrmWelcomeController.php:141
179	#: classes/views/frm-forms/new-form-overlay.php:105
180	#: classes/views/shared/reports-info.php:23

197	#: classes/controllers/FrmEntriesController.php:11
198	#: classes/controllers/FrmEntriesController.php:100
199	#: classes/controllers/FrmFormsController.php:862
200	+ #: classes/controllers/FrmXMLController.php:291
201	#: classes/views/xml/import_form.php:121
202	msgid "Entries"
203	msgstr ""

324	#: classes/controllers/FrmFormsController.php:9
325	#: classes/controllers/FrmFormsController.php:872
326	#: classes/controllers/FrmStylesController.php:51
327	+ #: classes/controllers/FrmXMLController.php:290
328	#: classes/views/frm-forms/list.php:10
329	#: classes/widgets/FrmElementorWidget.php:14
330	#: js/admin/applications.js:338

999	msgid "Your server is missing the Simple XML extension. This is required to install a template."
1000	msgstr ""
1001
1002	+ #: classes/controllers/FrmXMLController.php:58
1003	+ msgid "The template you are trying to install could not be validated."
1004	+ msgstr ""
1005	+
1006	+ #: classes/controllers/FrmXMLController.php:70
1007	msgid "There was an error reading the form template."
1008	msgstr ""
1009
1010	+ #: classes/controllers/FrmXMLController.php:106
1011	msgid "There was an error importing form"
1012	msgstr ""
1013
1014	+ #: classes/controllers/FrmXMLController.php:326
1015	msgid "Oops, you didn't select a file."
1016	msgstr ""
1017
1018	+ #: classes/controllers/FrmXMLController.php:337
1019	msgid "The file does not exist, please try again."
1020	msgstr ""
1021
1022	+ #: classes/controllers/FrmXMLController.php:366
1023	msgid "XML import is not enabled on your server with the libxml_disable_entity_loader function."
1024	msgstr ""
1025
1026	+ #: classes/controllers/FrmXMLController.php:581
1027	msgid "Please select a form"
1028	msgstr ""
1029
1030	+ #: classes/controllers/FrmXMLController.php:611
1031	msgid "Form not found."
1032	msgstr ""
1033
1034	+ #: classes/controllers/FrmXMLController.php:643
1035	msgid "There are no entries for that form."
1036	msgstr ""
1037

3653	msgstr ""
3654
3655	#: classes/helpers/FrmTipsHelper.php:169
3656	+ msgid "Send leads straight to Mailchimp."
3657	msgstr ""
3658
3659	#: classes/helpers/FrmTipsHelper.php:176

3758	msgstr ""
3759
3760	#: classes/helpers/FrmTipsHelper.php:329
3761	+ msgid "Collect instant payments, and send leads to Mailchimp."
3762	msgstr ""
3763
3764	#: classes/helpers/FrmXMLHelper.php:36

5381	msgstr ""
5382
5383	#: classes/views/frm-forms/new-form-overlay/upgrade-body.php:27
5384	+ msgid "Mailchimp integration"
5385	msgstr ""
5386
5387	#: classes/views/frm-forms/new-form-overlay/upgrade-body.php:28

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Tags: forms, form builder, survey, free, custom form, contact form, form maker,
5	Requires at least: 5.2
6	Tested up to: 6.1.1
7	Requires PHP: 5.6
8	- Stable tag: 5.5.4
9
10	The most advanced WordPress forms plugin. Go beyond contact forms with our drag and drop form builder for surveys, quizzes, and more.
11
	@@ -179,7 +179,7 @@ Since Formidable is not your average form plugin, this feature list is going to
179	* <a href="https://formidableforms.com/features/user-submitted-posts-wordpress-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">User submitted front-end posts and pages</a>. Create and edit WordPress posts, pages, and custom post types from front-end online forms. Send user-generated content quickly from a post creation form to a page.
180	* <a href="https://formidableforms.com/features/form-entry-management-wordpress/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Simple entry management</a>. Flexibly display, edit, and delete entries. Let logged-in users can manage their personal journal entries, weight tracking, guest blog posts, RSVP status, and more.
181	* WordPress front-end editing. Allow users to edit their entries and posts from the front-end of your site. Create an online journaling platform, member directory, classified ads, community recipes, and more.
182	- * Sync custom field values with ~~ACF forms (~~Advanced Custom Fields). Now you can create ACF front-end forms to make managing your application faster.
183	* Logged-in users can <a href="https://formidableforms.com/features/save-and-continue-partial-submissions/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">save and continue partial submissions</a>. Whether it's a basic email form or a long multi-paged registration form, users can save progress and pick up where they left off.
184	* <a href="https://formidableforms.com/features/create-a-graph-wordpress-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Graphs and charts for data visualization</a>. Display statistics from a survey, poll, and questionnaire. Or graph data in a variety of ways. Whatever you choose, it will update as new data is submitted (great for weight tracking over time).
185	* Permissions. Lock visibility and access based on user role.
	@@ -201,7 +201,7 @@ Since Formidable is not your average form plugin, this feature list is going to
201	* <a href="https://formidableforms.com/features/form-action-automation-scheduling/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Form action automation</a>. Schedule email notifications, SMS messages, and webhooks to trigger later. You can automatically delete guest posts after 30 days, send weekly digests, or trigger happy birthday text messages from a lead form.
202	* <a href="https://formidableforms.com/features/wordpress-form-api/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Forms API</a>. Send submissions to other REST APIs and add a set of webhooks. This includes the option to send submissions from one site to another.
203	* <a href="https://formidableforms.com/features/quiz-maker-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Quiz maker forms</a>. Write your quiz form questions, submit an entry as the quiz key, and publish the quiz on a page. Then all the quiz grading is automatically done for you with our quiz plugin.
204	- * World class support. Have questions on how to use our form maker? We are happy to help. Our passion is to help you <strong>defy the limits</strong> to take on bigger projects, earn more clients, and grow your business.
205
206	== Payment Forms, APIs, and Marketing Integrations ==
207	In addition to all the features listed above, add power ups with these integrations.
	@@ -441,6 +441,12 @@ Using our Zapier integration, you can easily connect your website with over 5,00
441	See all <a href="https://zapier.com/apps/formidable/integrations">Formidable Zapier Integrations</a>.
442
443	== Changelog ==






444	= 5.5.4 =
445	* New: Added support for hCaptcha. Now in Global Settings, the reCAPTCHA tab has been changed to a CAPTCHA tab with a new CAPTCHA type setting so you can choose between using reCAPTCHA or hCaptcha.
446	* Fix: Avoid a fatal error if the hidden columns setting is in an unexpected format on the form and entry list pages. This may happen because of invalid option data being set or a conflict with another plugin or custom code.


5	Requires at least: 5.2
6	Tested up to: 6.1.1
7	Requires PHP: 5.6
8	+ Stable tag: 5.5.5
9
10	The most advanced WordPress forms plugin. Go beyond contact forms with our drag and drop form builder for surveys, quizzes, and more.
11

179	* <a href="https://formidableforms.com/features/user-submitted-posts-wordpress-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">User submitted front-end posts and pages</a>. Create and edit WordPress posts, pages, and custom post types from front-end online forms. Send user-generated content quickly from a post creation form to a page.
180	* <a href="https://formidableforms.com/features/form-entry-management-wordpress/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Simple entry management</a>. Flexibly display, edit, and delete entries. Let logged-in users can manage their personal journal entries, weight tracking, guest blog posts, RSVP status, and more.
181	* WordPress front-end editing. Allow users to edit their entries and posts from the front-end of your site. Create an online journaling platform, member directory, classified ads, community recipes, and more.
182	+ * Sync custom field values with Advanced Custom Fields (ACF). Now you can create ACF front-end forms to make managing your application faster.
183	* Logged-in users can <a href="https://formidableforms.com/features/save-and-continue-partial-submissions/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">save and continue partial submissions</a>. Whether it's a basic email form or a long multi-paged registration form, users can save progress and pick up where they left off.
184	* <a href="https://formidableforms.com/features/create-a-graph-wordpress-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Graphs and charts for data visualization</a>. Display statistics from a survey, poll, and questionnaire. Or graph data in a variety of ways. Whatever you choose, it will update as new data is submitted (great for weight tracking over time).
185	* Permissions. Lock visibility and access based on user role.

201	* <a href="https://formidableforms.com/features/form-action-automation-scheduling/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Form action automation</a>. Schedule email notifications, SMS messages, and webhooks to trigger later. You can automatically delete guest posts after 30 days, send weekly digests, or trigger happy birthday text messages from a lead form.
202	* <a href="https://formidableforms.com/features/wordpress-form-api/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Forms API</a>. Send submissions to other REST APIs and add a set of webhooks. This includes the option to send submissions from one site to another.
203	* <a href="https://formidableforms.com/features/quiz-maker-forms/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">Quiz maker forms</a>. Write your quiz form questions, submit an entry as the quiz key, and publish the quiz on a page. Then all the quiz grading is automatically done for you with our quiz plugin.
204	+ * <a href="https://formidableforms.com/knowledgebase/?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion">World class support</a>. Have questions on how to use our form maker? We are happy to help. Our passion is to help you <strong>defy the limits</strong> to take on bigger projects, earn more clients, and grow your business.
205
206	== Payment Forms, APIs, and Marketing Integrations ==
207	In addition to all the features listed above, add power ups with these integrations.

441	See all <a href="https://zapier.com/apps/formidable/integrations">Formidable Zapier Integrations</a>.
442
443	== Changelog ==
444	+ = 5.5.5 =
445	+ * Security: Added validation to URLs when installing templates and add ons to make sure that the endpoint cannot be manipulated and used for unsafe requests.
446	+ * Security: Added a nonce and permission check when running migrations and when loading data for applications.
447	+ * Fix: The spinner was not visible at the top of the page when running migrations.
448	+ * Updated the icon used for global Stripe settings.
449	+
450	= 5.5.4 =
451	* New: Added support for hCaptcha. Now in Global Settings, the reCAPTCHA tab has been changed to a CAPTCHA tab with a new CAPTCHA type setting so you can choose between using reCAPTCHA or hCaptcha.
452	* Fix: Avoid a fatal error if the hidden columns setting is in an unexpected format on the form and entry list pages. This may happen because of invalid option data being set or a conflict with another plugin or custom code.

Formidable Forms – Form Builder for WordPress - Version 5.5.5

Version Description

Release Info

Code changes from version 5.5.4 to 5.5.5