Contact Form & SMTP Plugin for WordPress by PirateForms - Version 1.2.0

Version Description

  • Fixed security error when upload field was active.
Download this release

Release Info

Developer themeisle
Plugin Icon 128x128 Contact Form & SMTP Plugin for WordPress by PirateForms
Version 1.2.0
Comparing to
See all releases

Code changes from version 1.1.3 to 1.2.0

Files changed (8) hide show
  1. CHANGELOG.md +13 -5
  2. css/front.css +1 -1
  3. css/wp-admin.css +0 -2
  4. dashboard/dashboard.php +235 -0
  5. dashboard/logo.png +0 -0
  6. languages/pirate-forms.pot +23 -23
  7. pirate-forms.php +48 -40
  8. readme.txt +17 -6
CHANGELOG.md CHANGED
@@ -1,4 +1,17 @@
1
 
 
 
 
2
- Update readme.txt
 
 
 
3
- Improved description
 
 
 
4
- Fixed security error for file field.
5
- Added dashboard widget.
6
 
7
 
8
 
9
- Update readme.txt
1
 
2
+
3
+
4
+
5
+
6
+
7
+
8
+
9
+
10
+
11
+
12
+
13
+
14
+
15
 
16
 
17
 
 
css/front.css CHANGED
@@ -1,5 +1,5 @@
1
  /*
2
- Version: 1.1.3
3
  */
4
  .pirate_forms_wrap .form_field_wrap {
5
  margin-bottom: 20px;
1
  /*
2
+ Version: 1.2.0
3
  */
4
  .pirate_forms_wrap .form_field_wrap {
5
  margin-bottom: 20px;
css/wp-admin.css CHANGED
@@ -241,9 +241,7 @@
241
  -webkit-box-shadow: none;
242
  box-shadow: none;
243
  -webkit-transform: translateY(4px);
244
- -moz-transform: translateY(4px);
245
  -ms-transform: translateY(4px);
246
- -o-transform: translateY(4px);
247
  transform: translateY(4px);
248
  }
249
 
241
  -webkit-box-shadow: none;
242
  box-shadow: none;
243
  -webkit-transform: translateY(4px);
 
244
  -ms-transform: translateY(4px);
 
245
  transform: translateY(4px);
246
  }
247
 
dashboard/dashboard.php ADDED
@@ -0,0 +1,235 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ if ( ! defined( 'ABSPATH' ) ) {
3
+ exit;
4
+ }
5
+ if ( ! class_exists( 'THEMEISLE_DASHBOARD' ) ) {
6
+ /**
7
+ * Dashboard Widget
8
+ */
9
+ final class THEMEISLE_DASHBOARD {
10
+
11
+ /**
12
+ * The script version
13
+ *
14
+ * @var string Script version
15
+ */
16
+ public $script_version = '1.0.0';
17
+ /**
18
+ * The script url
19
+ *
20
+ * @var string The URL of the script
21
+ */
22
+ public $script_url;
23
+
24
+ /**
25
+ * The class instance
26
+ *
27
+ * @var THEMEISLE_DASHBOARD The singleton instance of the class
28
+ */
29
+ public static $instance;
30
+
31
+ /**
32
+ * The title of the widget
33
+ *
34
+ * @var string The dashboard widget title
35
+ */
36
+ public $dashboard_name;
37
+ /**
38
+ * Array that holds the urls of the blog feeds
39
+ *
40
+ * @var array Feeds to fetch news from
41
+ */
42
+ public $feeds;
43
+ /**
44
+ * The feed items array
45
+ *
46
+ * @var array The feeds items
47
+ */
48
+ public $items;
49
+
50
+ /**
51
+ * The instance of the class
52
+ *
53
+ * @var THEMEISLE_DASHBOARD The singleton instance
54
+ */
55
+ public static function instance() {
56
+ if ( ! isset( self::$instance ) && ! ( self::$instance instanceof THEMEISLE_DASHBOARD ) ) {
57
+ self::$instance = new THEMEISLE_DASHBOARD;
58
+ self::$instance->setup_vars();
59
+ self::$instance->load_hooks();
60
+ }
61
+
62
+ return self::$instance;
63
+ }
64
+
65
+ /**
66
+ * Load hooks to show the widget
67
+ */
68
+ public function load_hooks() {
69
+ add_action( 'wp_dashboard_setup', array( &$this, 'add_widget' ) );
70
+ add_action( 'wp_network_dashboard_setup', array( &$this, 'add_widget' ) );
71
+ }
72
+
73
+ /**
74
+ * Setup class variables
75
+ */
76
+ public function setup_vars() {
77
+ $this->dashboard_name = apply_filters( 'themeisle_sdk_dashboard_widget_name', 'WordPress Guides/Tutorials' );
78
+ $this->feeds = apply_filters( 'themeisle_sdk_dashboard_widget_feeds', array(
79
+ 'https://themeisle.com/blog/feed'
80
+ ) );
81
+ $abs = untrailingslashit( ( dirname( __FILE__ ) ) );
82
+ $parts = str_replace( untrailingslashit( ABSPATH ), '', $abs );
83
+ $parts = explode( DIRECTORY_SEPARATOR, $parts );
84
+ $parts = array_filter( $parts );
85
+ $this->script_url = site_url() . '/' . implode( '/', $parts );
86
+ }
87
+
88
+ /**
89
+ * Add widget to the dashboard
90
+ *
91
+ * @return string|void
92
+ */
93
+ function add_widget() {
94
+ global $wp_meta_boxes;
95
+ if ( isset( $wp_meta_boxes['dashboard']['normal']['core']['themeisle'] ) ) {
96
+ return;
97
+ }
98
+ // Load SimplePie Instance
99
+ $feed = fetch_feed( $this->feeds );
100
+ // TODO report error when is an error loading the feed
101
+ if ( is_wp_error( $feed ) ) {
102
+ return '';
103
+ }
104
+ $feed->enable_cache( true );
105
+ $feed->enable_order_by_date( true );
106
+ $feed->set_cache_class( 'WP_Feed_Cache' );
107
+ $feed->set_file_class( 'WP_SimplePie_File' );
108
+ $feed->set_cache_duration( apply_filters( 'wp_feed_cache_transient_lifetime', 7200, $this->feeds ) );
109
+ do_action_ref_array( 'wp_feed_options', array( $feed, $this->feeds ) );
110
+ $feed->strip_comments( true );
111
+ $feed->strip_htmltags( array(
112
+ 'base',
113
+ 'blink',
114
+ 'body',
115
+ 'doctype',
116
+ 'embed',
117
+ 'font',
118
+ 'form',
119
+ 'frame',
120
+ 'frameset',
121
+ 'html',
122
+ 'iframe',
123
+ 'input',
124
+ 'marquee',
125
+ 'meta',
126
+ 'noscript',
127
+ 'object',
128
+ 'param',
129
+ 'script',
130
+ 'style',
131
+ ) );
132
+ $feed->init();
133
+ $feed->handle_content_type();
134
+ $items = $feed->get_items( 0, 5 );
135
+ foreach ( (array) $items as $item ) {
136
+ $this->items[] = array(
137
+ 'title' => $item->get_title(),
138
+ 'date' => $item->get_date( 'U' ),
139
+ 'link' => $item->get_permalink(),
140
+ );
141
+ }
142
+ wp_add_dashboard_widget( 'themeisle', $this->dashboard_name, array(
143
+ &$this,
144
+ 'render_dashboard_widget',
145
+ ) );
146
+ }
147
+
148
+ /**
149
+ * Render widget content
150
+ */
151
+ function render_dashboard_widget() {
152
+ ?>
153
+ <style type="text/css">
154
+ #themeisle h2.hndle {
155
+ background-image: url(<?php echo $this->script_url; ?>/logo.png);
156
+ background-repeat: no-repeat;
157
+ background-position: 90% 50%;
158
+ background-size: 29px;
159
+ }
160
+
161
+ .ti-dw-feed-item {
162
+ display: flex;
163
+ align-items: center;
164
+ }
165
+
166
+ .ti-dw-feed-item a {
167
+ float: left;
168
+ width: 89.9%;
169
+ }
170
+
171
+ .ti-dw-feed-item .ti-dw-day-container {
172
+ width: 100%;
173
+ letter-spacing: 3px;
174
+ display: block;
175
+ }
176
+
177
+ .ti-dw-feed-item .ti-dw-month-container {
178
+
179
+ width: 100%;
180
+ display: block;
181
+ font-weight: 600;
182
+ padding: 0px;
183
+ margin-top: -6px;
184
+ text-transform: uppercase;
185
+ font-size: 10px;
186
+ letter-spacing: 1px;
187
+ }
188
+
189
+ .ti-dw-feed-item .ti-dw-date-container {
190
+ float: left;
191
+ min-height: 30px;
192
+ margin-right: 0.1%;
193
+ width: 10%;
194
+ text-align: center;
195
+ }
196
+
197
+ </style>
198
+ <ul>
199
+ <?php
200
+ foreach ( $this->items as $item ) {
201
+ ?>
202
+ <li class="ti-dw-feed-item"><span class="ti-dw-date-container"><span
203
+ class="ti-dw-day-container"><?php echo date( 'd', $item['date'] ); ?></span> <span
204
+ class="ti-dw-month-container"><?php echo substr( date( 'M', $item['date'] ), 0, 3 ); ?></span></span><a
205
+ href="<?php echo add_query_arg(
206
+ array(
207
+ 'utm_campaign' => 'feed',
208
+ 'utm_medium' => 'dashboard_widget',
209
+ ), $item['link'] ); ?>" target="_blank"><?php echo $item['title']; ?></a>
210
+ <div class="clear"></div>
211
+ </li>
212
+ <?php
213
+ }
214
+ ?>
215
+ </ul>
216
+
217
+ <?php
218
+
219
+ }
220
+ }
221
+
222
+ }
223
+
224
+ if ( ! function_exists( 'themeisle_dashboard_widget' ) ) {
225
+ /**
226
+ * The helper method to run the class
227
+ *
228
+ * @return THEMEISLE_DASHBOARD
229
+ */
230
+ function themeisle_dashboard_widget() {
231
+ return THEMEISLE_DASHBOARD::instance();
232
+ }
233
+ }
234
+
235
+ themeisle_dashboard_widget();
dashboard/logo.png ADDED
Binary file
languages/pirate-forms.pot CHANGED
@@ -1,14 +1,14 @@
1
- # Copyright (C) 2016 Themeisle
2
  # This file is distributed under the GPLv2.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: Free & Simple Contact Form Plugin - PirateForms 1.1.2\n"
6
  "Report-Msgid-Bugs-To: https://github.com/Codeinwp/pirate-forms/issues\n"
7
- "POT-Creation-Date: 2016-12-20 16:33:52+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=utf-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
11
- "PO-Revision-Date: 2016-MO-DA HO:MI+ZONE\n"
12
  "Last-Translator: Themeisle Translate Team <friends@themeisle.com>\n"
13
  "Language-Team: Themeisle Translate <friends@themeisle.com>\n"
14
  "X-Generator: grunt-wp-i18n 0.5.4\n"
@@ -452,59 +452,59 @@ msgstr ""
452
  msgid "Form submission blocked!"
453
  msgstr ""
454
 
455
- #: pirate-forms.php:554
456
  msgid "Uploaded file is not allowed for file type"
457
  msgstr ""
458
 
459
- #: pirate-forms.php:559
460
  msgid "Uploaded file is too large"
461
  msgstr ""
462
 
463
- #: pirate-forms.php:572 pirate-forms.php:576
464
  msgid "There was an unknown error uploading the file."
465
  msgstr ""
466
 
467
- #: pirate-forms.php:721
468
  msgid "Add New Contact"
469
  msgstr ""
470
 
471
- #: pirate-forms.php:722
472
  msgid "New Contact"
473
  msgstr ""
474
 
475
- #: pirate-forms.php:723
476
  msgid "Edit Contact"
477
  msgstr ""
478
 
479
- #: pirate-forms.php:724
480
  msgid "View Contact"
481
  msgstr ""
482
 
483
- #: pirate-forms.php:725
484
  msgid "All Contacts"
485
  msgstr ""
486
 
487
- #: pirate-forms.php:726
488
  msgid "Search Contacts"
489
  msgstr ""
490
 
491
- #: pirate-forms.php:727
492
  msgid "Parent Contacts:"
493
  msgstr ""
494
 
495
- #: pirate-forms.php:728
496
  msgid "No contacts found."
497
  msgstr ""
498
 
499
- #: pirate-forms.php:729
500
  msgid "No contacts found in Trash."
501
  msgstr ""
502
 
503
- #: pirate-forms.php:733
504
  msgid "Contacts from Pirate Forms"
505
  msgstr ""
506
 
507
- #: pirate-forms.php:752
508
  msgid "Settings"
509
  msgstr ""
510
 
@@ -528,27 +528,27 @@ msgstr ""
528
  msgid "http://themeisle.com"
529
  msgstr ""
530
 
531
- #: pirate-forms.php:716
532
  msgctxt "post type general name"
533
  msgid "Contacts"
534
  msgstr ""
535
 
536
- #: pirate-forms.php:717
537
  msgctxt "post type singular name"
538
  msgid "Contact"
539
  msgstr ""
540
 
541
- #: pirate-forms.php:718
542
  msgctxt "admin menu"
543
  msgid "Contacts"
544
  msgstr ""
545
 
546
- #: pirate-forms.php:719
547
  msgctxt "add new on admin bar"
548
  msgid "Contact"
549
  msgstr ""
550
 
551
- #: pirate-forms.php:720
552
  msgctxt "contact"
553
  msgid "Add New"
554
  msgstr ""
1
+ # Copyright (C) 2017 Themeisle
2
  # This file is distributed under the GPLv2.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: Free & Simple Contact Form Plugin - PirateForms 1.2.0\n"
6
  "Report-Msgid-Bugs-To: https://github.com/Codeinwp/pirate-forms/issues\n"
7
+ "POT-Creation-Date: 2017-01-19 17:18:12+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=utf-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
11
+ "PO-Revision-Date: 2017-MO-DA HO:MI+ZONE\n"
12
  "Last-Translator: Themeisle Translate Team <friends@themeisle.com>\n"
13
  "Language-Team: Themeisle Translate <friends@themeisle.com>\n"
14
  "X-Generator: grunt-wp-i18n 0.5.4\n"
452
  msgid "Form submission blocked!"
453
  msgstr ""
454
 
455
+ #: pirate-forms.php:556
456
  msgid "Uploaded file is not allowed for file type"
457
  msgstr ""
458
 
459
+ #: pirate-forms.php:563
460
  msgid "Uploaded file is too large"
461
  msgstr ""
462
 
463
+ #: pirate-forms.php:576
464
  msgid "There was an unknown error uploading the file."
465
  msgstr ""
466
 
467
+ #: pirate-forms.php:727
468
  msgid "Add New Contact"
469
  msgstr ""
470
 
471
+ #: pirate-forms.php:728
472
  msgid "New Contact"
473
  msgstr ""
474
 
475
+ #: pirate-forms.php:729
476
  msgid "Edit Contact"
477
  msgstr ""
478
 
479
+ #: pirate-forms.php:730
480
  msgid "View Contact"
481
  msgstr ""
482
 
483
+ #: pirate-forms.php:731
484
  msgid "All Contacts"
485
  msgstr ""
486
 
487
+ #: pirate-forms.php:732
488
  msgid "Search Contacts"
489
  msgstr ""
490
 
491
+ #: pirate-forms.php:733
492
  msgid "Parent Contacts:"
493
  msgstr ""
494
 
495
+ #: pirate-forms.php:734
496
  msgid "No contacts found."
497
  msgstr ""
498
 
499
+ #: pirate-forms.php:735
500
  msgid "No contacts found in Trash."
501
  msgstr ""
502
 
503
+ #: pirate-forms.php:739
504
  msgid "Contacts from Pirate Forms"
505
  msgstr ""
506
 
507
+ #: pirate-forms.php:758
508
  msgid "Settings"
509
  msgstr ""
510
 
528
  msgid "http://themeisle.com"
529
  msgstr ""
530
 
531
+ #: pirate-forms.php:722
532
  msgctxt "post type general name"
533
  msgid "Contacts"
534
  msgstr ""
535
 
536
+ #: pirate-forms.php:723
537
  msgctxt "post type singular name"
538
  msgid "Contact"
539
  msgstr ""
540
 
541
+ #: pirate-forms.php:724
542
  msgctxt "admin menu"
543
  msgid "Contacts"
544
  msgstr ""
545
 
546
+ #: pirate-forms.php:725
547
  msgctxt "add new on admin bar"
548
  msgid "Contact"
549
  msgstr ""
550
 
551
+ #: pirate-forms.php:726
552
  msgctxt "contact"
553
  msgid "Add New"
554
  msgstr ""
pirate-forms.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Free & Simple Contact Form Plugin - PirateForms
4
  Plugin URI: http://themeisle.com/plugins/pirate-forms/
5
  Description: Easily creates a nice looking, simple contact form on your WP site.
6
- Version: 1.1.3
7
  Author: Themeisle
8
  Author URI: http://themeisle.com
9
  Text Domain: pirate-forms
@@ -15,7 +15,7 @@ if ( ! function_exists( 'add_action' ) ) {
15
  die( 'Nothing to do...' );
16
  }
17
  /* Important constants */
18
- define( 'PIRATE_FORMS_VERSION', '1.1.3' );
19
  define( 'PIRATE_FORMS_URL', plugin_dir_url( __FILE__ ) );
20
  define( 'PIRATE_FORMS_PATH', plugin_dir_path( __FILE__ ) );
21
  /* Required helper functions */
@@ -44,7 +44,7 @@ add_shortcode( 'pirate_forms', 'pirate_forms_display_form' );
44
  function pirate_forms_display_form( $atts, $content = null ) {
45
  /* thank you message */
46
  $pirate_forms_thankyou_message = '';
47
- if ( ( isset( $_GET['pcf'] ) && $_GET['pcf'] == 1 ) || ( isset( $_POST['pirate-forms-contact-submit'] ) ) ) {
48
  $pirate_forms_thankyou_message .= '
49
  <div class="col-sm-12 col-lg-12 pirate_forms_thankyou_wrap">
50
  <p>' . sanitize_text_field( pirate_forms_get_key( 'pirateformsopt_label_submit' ) ) . '</p>
@@ -539,50 +539,56 @@ function pirate_forms_process_contact() {
539
  // Sent an email notification to the correct address
540
  $headers = "From: $send_from_name <$send_from>\r\nReply-To: $pirate_forms_contact_name <$pirate_forms_contact_email>";
541
  add_action( 'phpmailer_init', 'pirate_forms_phpmailer' );
542
-
543
  /**
544
  ******* Validate Attachment */
545
- $attachments = '';
546
- $pirate_forms_attach_file = isset( $_FILES['pirate-forms-attachment'] ) ? $_FILES['pirate-forms-attachment'] : '';
547
- if ( ! empty( $pirate_forms_attach_file ) && ! empty( $pirate_forms_attach_file['name'] ) ) {
548
- /* Validate file type */
549
- $pirate_forms_file_types_allowed = 'jpg|jpeg|png|gif|pdf|doc|docx|ppt|pptx|odt|avi|ogg|m4a|mov|mp3|mp4|mpg|wav|wmv';
550
- $pirate_forms_file_types_allowed = trim( $pirate_forms_file_types_allowed, '|' );
551
- $pirate_forms_file_types_allowed = '(' . $pirate_forms_file_types_allowed . ')';
552
- $pirate_forms_file_types_allowed = '/\.' . $pirate_forms_file_types_allowed . '$/i';
553
- if ( ! preg_match( $pirate_forms_file_types_allowed, $pirate_forms_attach_file['name'] ) ) {
554
- $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-type'] = __( 'Uploaded file is not allowed for file type', 'pirate-forms' );
555
- }
556
- /* Validate file size */
557
- $pirate_forms_file_size_allowed = 1048576; // default size 1 MB
558
- if ( $pirate_forms_attach_file['size'] > $pirate_forms_file_size_allowed ) {
559
- $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-size'] = __( 'Uploaded file is too large', 'pirate-forms' );
560
- }
561
- pirate_forms_init_uploads();
562
- $uploads_dir = pirate_forms_upload_tmp_dir();
563
- $uploads_dir = pirate_forms_maybe_add_random_dir( $uploads_dir );
564
- $filename = $pirate_forms_attach_file['name'];
565
- $filename = pirate_forms_canonicalize( $filename );
566
- $filename = sanitize_file_name( $filename );
567
- $filename = pirate_forms_antiscript_file_name( $filename );
568
- $filename = wp_unique_filename( $uploads_dir, $filename );
569
- $new_file = trailingslashit( $uploads_dir ) . $filename;
570
- try {
571
- if ( false === move_uploaded_file( $pirate_forms_attach_file['tmp_name'], $new_file ) ) {
572
- throw new Exception( __( 'There was an unknown error uploading the file.', 'pirate-forms' ) );
573
  }
574
- // Make sure the uploaded file is only readable for the owner process
575
- if ( false === chmod( $new_file, 0400 ) ) {
576
- throw new Exception( __( 'There was an unknown error uploading the file.', 'pirate-forms' ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
577
  }
578
- } catch ( Exception $ex ) {
579
- $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-general'] = $ex->getMessage();
580
- }
581
- if ( ! empty( $new_file ) ) {
582
- $attachments = $new_file;
583
  }
584
  }
585
  wp_mail( $site_recipients, 'Contact on ' . htmlspecialchars_decode( get_bloginfo( 'name' ) ), $body, $headers, $attachments );
 
 
 
 
586
  // Should a confirm email be sent?
587
  $confirm_body = stripslashes( trim( pirate_forms_get_key( 'pirateformsopt_confirm_email' ) ) );
588
  if ( ! empty( $confirm_body ) && ! empty( $pirate_forms_contact_email ) ) {
@@ -773,3 +779,5 @@ function pirate_forms_widget_text_filter( $content ) {
773
 
774
  return $content;
775
  }
 
 
3
  Plugin Name: Free & Simple Contact Form Plugin - PirateForms
4
  Plugin URI: http://themeisle.com/plugins/pirate-forms/
5
  Description: Easily creates a nice looking, simple contact form on your WP site.
6
+ Version: 1.2.0
7
  Author: Themeisle
8
  Author URI: http://themeisle.com
9
  Text Domain: pirate-forms
15
  die( 'Nothing to do...' );
16
  }
17
  /* Important constants */
18
+ define( 'PIRATE_FORMS_VERSION', '1.2.0' );
19
  define( 'PIRATE_FORMS_URL', plugin_dir_url( __FILE__ ) );
20
  define( 'PIRATE_FORMS_PATH', plugin_dir_path( __FILE__ ) );
21
  /* Required helper functions */
44
  function pirate_forms_display_form( $atts, $content = null ) {
45
  /* thank you message */
46
  $pirate_forms_thankyou_message = '';
47
+ if ( ( ( isset( $_GET['pcf'] ) && $_GET['pcf'] == 1 ) || ( isset( $_POST['pirate-forms-contact-submit'] ) ) ) && empty( $_SESSION['pirate_forms_contact_errors'] ) ) {
48
  $pirate_forms_thankyou_message .= '
49
  <div class="col-sm-12 col-lg-12 pirate_forms_thankyou_wrap">
50
  <p>' . sanitize_text_field( pirate_forms_get_key( 'pirateformsopt_label_submit' ) ) . '</p>
539
  // Sent an email notification to the correct address
540
  $headers = "From: $send_from_name <$send_from>\r\nReply-To: $pirate_forms_contact_name <$pirate_forms_contact_email>";
541
  add_action( 'phpmailer_init', 'pirate_forms_phpmailer' );
 
542
  /**
543
  ******* Validate Attachment */
544
+ $attachments = '';
545
+ $use_files = pirate_forms_get_key( 'pirateformsopt_attachment_field' );
546
+ if ( ! empty( $use_files ) && ( $use_files == 'yes' ) ) {
547
+ $attachments = '';
548
+ $pirate_forms_attach_file = isset( $_FILES['pirate-forms-attachment'] ) ? $_FILES['pirate-forms-attachment'] : '';
549
+ if ( ! empty( $pirate_forms_attach_file ) && ! empty( $pirate_forms_attach_file['name'] ) ) {
550
+ /* Validate file type */
551
+ $pirate_forms_file_types_allowed = 'jpg|jpeg|png|gif|pdf|doc|docx|ppt|pptx|odt|avi|ogg|m4a|mov|mp3|mp4|mpg|wav|wmv';
552
+ $pirate_forms_file_types_allowed = trim( $pirate_forms_file_types_allowed, '|' );
553
+ $pirate_forms_file_types_allowed = '(' . $pirate_forms_file_types_allowed . ')';
554
+ $pirate_forms_file_types_allowed = '/\.' . $pirate_forms_file_types_allowed . '$/i';
555
+ if ( ! preg_match( $pirate_forms_file_types_allowed, $pirate_forms_attach_file['name'] ) ) {
556
+ $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-type'] = __( 'Uploaded file is not allowed for file type', 'pirate-forms' );
557
+
558
+ return false;
 
 
 
 
 
 
 
 
 
 
 
 
 
559
  }
560
+ /* Validate file size */
561
+ $pirate_forms_file_size_allowed = 1048576; // default size 1 MB
562
+ if ( $pirate_forms_attach_file['size'] > $pirate_forms_file_size_allowed ) {
563
+ $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-size'] = __( 'Uploaded file is too large', 'pirate-forms' );
564
+ }
565
+ pirate_forms_init_uploads();
566
+ $uploads_dir = pirate_forms_upload_tmp_dir();
567
+ $uploads_dir = pirate_forms_maybe_add_random_dir( $uploads_dir );
568
+ $filename = $pirate_forms_attach_file['name'];
569
+ $filename = pirate_forms_canonicalize( $filename );
570
+ $filename = sanitize_file_name( $filename );
571
+ $filename = pirate_forms_antiscript_file_name( $filename );
572
+ $filename = wp_unique_filename( $uploads_dir, $filename );
573
+ $new_file = trailingslashit( $uploads_dir ) . $filename;
574
+ try {
575
+ if ( false === move_uploaded_file( $pirate_forms_attach_file['tmp_name'], $new_file ) ) {
576
+ throw new Exception( __( 'There was an unknown error uploading the file.', 'pirate-forms' ) );
577
+ }
578
+ // Make sure the uploaded file is only readable for the owner process
579
+ } catch ( Exception $ex ) {
580
+ $_SESSION['pirate_forms_contact_errors']['pirate-forms-upload-failed-general'] = $ex->getMessage();
581
+ }
582
+ if ( ! empty( $new_file ) ) {
583
+ $attachments = $new_file;
584
  }
 
 
 
 
 
585
  }
586
  }
587
  wp_mail( $site_recipients, 'Contact on ' . htmlspecialchars_decode( get_bloginfo( 'name' ) ), $body, $headers, $attachments );
588
+ require_once( ABSPATH . 'wp-admin/includes/file.php' );
589
+ WP_Filesystem();
590
+ global $wp_filesystem;
591
+ $wp_filesystem->delete( pirate_forms_upload_tmp_dir(), true, 'd' );
592
  // Should a confirm email be sent?
593
  $confirm_body = stripslashes( trim( pirate_forms_get_key( 'pirateformsopt_confirm_email' ) ) );
594
  if ( ! empty( $confirm_body ) && ! empty( $pirate_forms_contact_email ) ) {
779
 
780
  return $content;
781
  }
782
+
783
+ require dirname( __FILE__ ) . '/dashboard/dashboard.php';
readme.txt CHANGED
@@ -1,5 +1,5 @@
1
- === Simple Contact Form Plugin - PirateForms ===
2
- Contributors: themeisle, codeinwp, rodicaelena, alexandrastan001, gouravwptech, hardeepasrani
3
  Tags: contact forms plugin, contact form, contact us, contact us form, contacts form plugin, custom form, subscribe form, feedback form, wordpress contact form
4
  Requires at least: 3.0
5
  Tested up to: 4.7
@@ -7,12 +7,13 @@ Stable tag: trunk
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
- Makes your contact form page more engaging by creating a good-looking simple WordPress contact form on your website. The interaction with your visitors was never easier.
11
 
12
  == Description ==
13
 
14
- Stay in touch with your visitors very easily. <a href="http://themeisle.com/plugins/pirate-forms/" rel="nofollow">Pirate Contact Forms</a> offers you a great and friendly contact form for your website.
15
- This is an easy-to-use WordPress contact form with captcha plugin. To create a contact form you just need to use the [pirate_forms] shortcode or the 'Pirate Forms' widget.
 
16
 
17
  **Why use our responsive WordPress Contact Form:**
18
 
@@ -37,7 +38,13 @@ If you were using Mandrill's SMTP for transactional emails and contact forms, yo
37
 
38
  You can keep all the contacts in an archive by saving their e-mail addresses. Pirate Contact Form allows you to do that by providing contact databases.
39
 
40
- A simple to use contact form plugin for creating a clean contact form using the [pirate_forms] shortcode or the 'Pirate Forms' widget.
 
 
 
 
 
 
41
 
42
 
43
  We've also built some fantastic <a href="http://themeisle.com/wordpress-themes/free/" rel="nofollow" target="_blank">free themes</a> that work well with Pirate Contact Form, check them out.
@@ -77,6 +84,10 @@ Activating the Pirate Contact Form plugin is just like any other plugin. If you'
77
 
78
  == Changelog ==
79
 
 
 
 
 
80
  = 1.1.3 =
81
 
82
  * Added integration with custom emails plugin
1
+ === Contact Form & SMTP Plugin by PirateForms ===
2
+ Contributors: themeisle, codeinwp, rodicaelena, hardeepasrani, pirateforms
3
  Tags: contact forms plugin, contact form, contact us, contact us form, contacts form plugin, custom form, subscribe form, feedback form, wordpress contact form
4
  Requires at least: 3.0
5
  Tested up to: 4.7
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
+ A simple and effective WordPress contact form & SMTP plugin. Compatible with best themes out there, is both secure and responsive.
11
 
12
  == Description ==
13
 
14
+ Stay in touch with your visitors very easily. <a href="https://themeisle.com/plugins/pirate-forms/" rel="nofollow">Pirate Contact Forms</a> offers you a great and friendly contact form for your website.
15
+ This is an easy-to-use WordPress contact form with captcha plugin. To create a contact form you just need to use the [pirate_forms] shortcode or use the WordPress contact form widget.
16
+
17
 
18
  **Why use our responsive WordPress Contact Form:**
19
 
38
 
39
  You can keep all the contacts in an archive by saving their e-mail addresses. Pirate Contact Form allows you to do that by providing contact databases.
40
 
41
+ A simple to use contact form plugin for creating a clean contact form using the [pirate_forms] shortcode or the 'Pirate Forms' form widget.
42
+
43
+ - What PirateForms isn't for now
44
+
45
+
46
+ This is not a form maker or drag & drop builder plugin nor "the best contact form plugin", you cannot add new fields or create multiple forms (subscription forms, payment, order, feedback or quote), there are some great alternatives out there for those like : Caldera Forms or Ninja Forms.
47
+
48
 
49
 
50
  We've also built some fantastic <a href="http://themeisle.com/wordpress-themes/free/" rel="nofollow" target="_blank">free themes</a> that work well with Pirate Contact Form, check them out.
84
 
85
  == Changelog ==
86
 
87
+ = 1.2.0 =
88
+
89
+ * Fixed security error when upload field was active.
90
+
91
  = 1.1.3 =
92
 
93
  * Added integration with custom emails plugin