Version Description
Download this release
Release Info
Developer | mmuro |
Plugin | Visual Form Builder |
Version | 3.0.8 |
Comparing to | |
See all releases |
Code changes from version 3.0.7 to 3.0.8
- admin/class-admin-menu.php +2 -2
- admin/class-entries-detail.php +3 -1
- admin/class-entries-list.php +12 -4
- admin/class-forms-edit.php +2 -0
- admin/class-forms-list.php +3 -2
- readme.txt +6 -2
- visual-form-builder.php +2 -2
admin/class-admin-menu.php
CHANGED
@@ -264,8 +264,8 @@ class Visual_Form_Builder_Admin_Menu {
|
|
264 |
?>
|
265 |
<form id="entries-filter" method="post" action="">
|
266 |
<?php
|
267 |
-
|
268 |
-
|
269 |
?>
|
270 |
</form>
|
271 |
<?php endif; ?>
|
264 |
?>
|
265 |
<form id="entries-filter" method="post" action="">
|
266 |
<?php
|
267 |
+
$entries_list->search_box( 'search', 'search_id' );
|
268 |
+
$entries_list->display();
|
269 |
?>
|
270 |
</form>
|
271 |
<?php endif; ?>
|
admin/class-entries-detail.php
CHANGED
@@ -15,6 +15,8 @@ class Visual_Form_Builder_Entries_Detail {
|
|
15 |
public function entries_detail() {
|
16 |
global $wpdb;
|
17 |
|
|
|
|
|
18 |
$entry_id = absint( $_GET['entry'] );
|
19 |
|
20 |
$entries = $wpdb->get_results( $wpdb->prepare( "SELECT forms.form_title, entries.* FROM " . VFB_WP_FORMS_TABLE_NAME . " AS forms INNER JOIN " . VFB_WP_ENTRIES_TABLE_NAME . " AS entries ON entries.form_id = forms.form_id WHERE entries.entries_id = %d", $entry_id ) );
|
@@ -65,7 +67,7 @@ class Visual_Form_Builder_Entries_Detail {
|
|
65 |
|
66 |
<div id="major-publishing-actions">
|
67 |
<div id="delete-action">
|
68 |
-
<?php echo sprintf( '<a class="submitdelete deletion entry-delete" href="%2$s&action=%3$s&entry=%4$d">%1$s</a>', __( 'Move to Trash', 'visual-form-builder' ), admin_url( 'admin.php?page=vfb-entries' ), 'trash', $entry_id ); ?>
|
69 |
</div>
|
70 |
<div id="publishing-action">
|
71 |
<?php submit_button( __( 'Print', 'visual-form-builder' ), 'secondary', 'submit', false, array( 'onclick' => 'window.print();return false;' ) ); ?>
|
15 |
public function entries_detail() {
|
16 |
global $wpdb;
|
17 |
|
18 |
+
check_admin_referer( 'vfb_view_entry' );
|
19 |
+
|
20 |
$entry_id = absint( $_GET['entry'] );
|
21 |
|
22 |
$entries = $wpdb->get_results( $wpdb->prepare( "SELECT forms.form_title, entries.* FROM " . VFB_WP_FORMS_TABLE_NAME . " AS forms INNER JOIN " . VFB_WP_ENTRIES_TABLE_NAME . " AS entries ON entries.form_id = forms.form_id WHERE entries.entries_id = %d", $entry_id ) );
|
67 |
|
68 |
<div id="major-publishing-actions">
|
69 |
<div id="delete-action">
|
70 |
+
<?php echo sprintf( '<a class="submitdelete deletion entry-delete" href="%2$s&action=%3$s&entry=%4$d">%1$s</a>', __( 'Move to Trash', 'visual-form-builder' ), wp_nonce_url( admin_url( 'admin.php?page=vfb-entries' ), 'vfb_trash_entry' ), 'trash', $entry_id ); ?>
|
71 |
</div>
|
72 |
<div id="publishing-action">
|
73 |
<?php submit_button( __( 'Print', 'visual-form-builder' ), 'secondary', 'submit', false, array( 'onclick' => 'window.print();return false;' ) ); ?>
|
admin/class-entries-list.php
CHANGED
@@ -53,13 +53,13 @@ class Visual_Form_Builder_Entries_List extends Visual_Form_Builder_List_Table {
|
|
53 |
|
54 |
// Build row actions
|
55 |
if ( !$this->get_entry_status() || 'all' == $this->get_entry_status() )
|
56 |
-
$actions['view'] = sprintf( '<a href="%s&action=%s&entry=%s" id="%3$s" class="view-entry">View</a>', admin_url( 'admin.php?page=vfb-entries' ), 'view', $item['entry_id'] );
|
57 |
|
58 |
if ( !$this->get_entry_status() || 'all' == $this->get_entry_status() )
|
59 |
-
$actions['trash'] = sprintf( '<a href="%s&action=%s&entry=%s">Trash</a>', admin_url( 'admin.php?page=vfb-entries' ), 'trash', $item['entry_id'] );
|
60 |
elseif ( $this->get_entry_status() && 'trash' == $this->get_entry_status() ) {
|
61 |
-
$actions['restore'] = sprintf( '<a href="%s&action=%s&entry=%s">%s</a>', admin_url( 'admin.php?page=vfb-entries' ), 'restore', $item['entry_id'], __( 'Restore', 'visual-form-builder' ) );
|
62 |
-
$actions['delete'] = sprintf( '<a href="%s&action=%s&entry=%s">%s</a>', admin_url( 'admin.php?page=vfb-entries' ), 'delete', $item['entry_id'], __( 'Delete Permanently', 'visual-form-builder' ) );
|
63 |
}
|
64 |
|
65 |
return sprintf( '%1$s %2$s', $item['form'], $this->row_actions( $actions ) );
|
@@ -306,6 +306,8 @@ class Visual_Form_Builder_Entries_List extends Visual_Form_Builder_List_Table {
|
|
306 |
|
307 |
switch( $this->current_action() ) :
|
308 |
case 'trash' :
|
|
|
|
|
309 |
foreach ( $entry_id as $id ) {
|
310 |
$id = absint( $id );
|
311 |
$wpdb->update( VFB_WP_ENTRIES_TABLE_NAME, array( 'entry_approved' => 'trash' ), array( 'entries_id' => $id ) );
|
@@ -313,6 +315,8 @@ class Visual_Form_Builder_Entries_List extends Visual_Form_Builder_List_Table {
|
|
313 |
break;
|
314 |
|
315 |
case 'delete' :
|
|
|
|
|
316 |
foreach ( $entry_id as $id ) {
|
317 |
$id = absint( $id );
|
318 |
$wpdb->query( $wpdb->prepare( "DELETE FROM " . VFB_WP_ENTRIES_TABLE_NAME . " WHERE entries_id = %d", $id ) );
|
@@ -320,6 +324,8 @@ class Visual_Form_Builder_Entries_List extends Visual_Form_Builder_List_Table {
|
|
320 |
break;
|
321 |
|
322 |
case 'restore' :
|
|
|
|
|
323 |
foreach ( $entry_id as $id ) {
|
324 |
$id = absint( $id );
|
325 |
$wpdb->update( VFB_WP_ENTRIES_TABLE_NAME, array( 'entry_approved' => 1 ), array( 'entries_id' => $id ) );
|
@@ -327,6 +333,8 @@ class Visual_Form_Builder_Entries_List extends Visual_Form_Builder_List_Table {
|
|
327 |
break;
|
328 |
|
329 |
case 'delete' :
|
|
|
|
|
330 |
$entry_id = ( isset( $_GET['entry'] ) && is_array( $_GET['entry'] ) ) ? $_GET['entry'] : array( $_GET['entry'] );
|
331 |
|
332 |
global $wpdb;
|
53 |
|
54 |
// Build row actions
|
55 |
if ( !$this->get_entry_status() || 'all' == $this->get_entry_status() )
|
56 |
+
$actions['view'] = sprintf( '<a href="%s&action=%s&entry=%s" id="%3$s" class="view-entry">View</a>', wp_nonce_url( admin_url( 'admin.php?page=vfb-entries' ), 'vfb_view_entry' ), 'view', $item['entry_id'] );
|
57 |
|
58 |
if ( !$this->get_entry_status() || 'all' == $this->get_entry_status() )
|
59 |
+
$actions['trash'] = sprintf( '<a href="%s&action=%s&entry=%s">Trash</a>', wp_nonce_url( admin_url( 'admin.php?page=vfb-entries' ), 'vfb_trash_entry' ), 'trash', $item['entry_id'] );
|
60 |
elseif ( $this->get_entry_status() && 'trash' == $this->get_entry_status() ) {
|
61 |
+
$actions['restore'] = sprintf( '<a href="%s&action=%s&entry=%s">%s</a>', wp_nonce_url( admin_url( 'admin.php?page=vfb-entries' ), 'vfb_undo_trash_entry' ), 'restore', $item['entry_id'], __( 'Restore', 'visual-form-builder' ) );
|
62 |
+
$actions['delete'] = sprintf( '<a href="%s&action=%s&entry=%s">%s</a>', wp_nonce_url( admin_url( 'admin.php?page=vfb-entries' ), 'vfb_delete_entry' ), 'delete', $item['entry_id'], __( 'Delete Permanently', 'visual-form-builder' ) );
|
63 |
}
|
64 |
|
65 |
return sprintf( '%1$s %2$s', $item['form'], $this->row_actions( $actions ) );
|
306 |
|
307 |
switch( $this->current_action() ) :
|
308 |
case 'trash' :
|
309 |
+
check_admin_referer( 'vfb_trash_entry' );
|
310 |
+
|
311 |
foreach ( $entry_id as $id ) {
|
312 |
$id = absint( $id );
|
313 |
$wpdb->update( VFB_WP_ENTRIES_TABLE_NAME, array( 'entry_approved' => 'trash' ), array( 'entries_id' => $id ) );
|
315 |
break;
|
316 |
|
317 |
case 'delete' :
|
318 |
+
check_admin_referer( 'vfb_delete_entry' );
|
319 |
+
|
320 |
foreach ( $entry_id as $id ) {
|
321 |
$id = absint( $id );
|
322 |
$wpdb->query( $wpdb->prepare( "DELETE FROM " . VFB_WP_ENTRIES_TABLE_NAME . " WHERE entries_id = %d", $id ) );
|
324 |
break;
|
325 |
|
326 |
case 'restore' :
|
327 |
+
check_admin_referer( 'vfb_undo_trash_entry' );
|
328 |
+
|
329 |
foreach ( $entry_id as $id ) {
|
330 |
$id = absint( $id );
|
331 |
$wpdb->update( VFB_WP_ENTRIES_TABLE_NAME, array( 'entry_approved' => 1 ), array( 'entries_id' => $id ) );
|
333 |
break;
|
334 |
|
335 |
case 'delete' :
|
336 |
+
check_admin_referer( 'vfb_delete_entry' );
|
337 |
+
|
338 |
$entry_id = ( isset( $_GET['entry'] ) && is_array( $_GET['entry'] ) ) ? $_GET['entry'] : array( $_GET['entry'] );
|
339 |
|
340 |
global $wpdb;
|
admin/class-forms-edit.php
CHANGED
@@ -13,6 +13,8 @@ class Visual_Form_Builder_Forms_Edit {
|
|
13 |
public function display() {
|
14 |
global $wpdb;
|
15 |
|
|
|
|
|
16 |
$current_user = wp_get_current_user();
|
17 |
|
18 |
// Save current user ID
|
13 |
public function display() {
|
14 |
global $wpdb;
|
15 |
|
16 |
+
check_admin_referer( 'vfb_edit_form' );
|
17 |
+
|
18 |
$current_user = wp_get_current_user();
|
19 |
|
20 |
// Save current user ID
|
admin/class-forms-list.php
CHANGED
@@ -51,8 +51,9 @@ class Visual_Form_Builder_Forms_List extends Visual_Form_Builder_List_Table {
|
|
51 |
$actions = array();
|
52 |
|
53 |
// Edit Form
|
54 |
-
$
|
55 |
-
$
|
|
|
56 |
|
57 |
// Duplicate Form
|
58 |
$actions['copy'] = sprintf( '<a href="%s&action=%s&form=%s" id="%3$s" class="view-form">%s</a>', wp_nonce_url( admin_url( 'admin.php?page=visual-form-builder' ), 'copy-form-' . $item['form_id'] ), 'copy_form', $item['form_id'], __( 'Duplicate', 'visual-form-builder' ) );
|
51 |
$actions = array();
|
52 |
|
53 |
// Edit Form
|
54 |
+
$edit_link = wp_nonce_url( admin_url( 'admin.php?page=visual-form-builder' ), 'vfb_edit_form' );
|
55 |
+
$form_title = sprintf( '<strong><a href="%s&action=%s&form=%s" id="%3$s" class="view-form">%s</a></strong>', $edit_link, 'edit', $item['form_id'], $item['form_title'] );
|
56 |
+
$actions['edit'] = sprintf( '<a href="%s&action=%s&form=%s" id="%3$s" class="view-form">%s</a>', $edit_link, 'edit', $item['form_id'], __( 'Edit', 'visual-form-builder' ) );
|
57 |
|
58 |
// Duplicate Form
|
59 |
$actions['copy'] = sprintf( '<a href="%s&action=%s&form=%s" id="%3$s" class="view-form">%s</a>', wp_nonce_url( admin_url( 'admin.php?page=visual-form-builder' ), 'copy-form-' . $item['form_id'] ), 'copy_form', $item['form_id'], __( 'Duplicate', 'visual-form-builder' ) );
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=G87A9
|
|
4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
5 |
Requires at least: 4.7
|
6 |
Tested up to: 5.9.3
|
7 |
-
Stable tag: 3.0.
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
@@ -231,7 +231,11 @@ function my_scripts_method() {
|
|
231 |
|
232 |
== Changelog ==
|
233 |
|
234 |
-
**Version 3.0.
|
|
|
|
|
|
|
|
|
235 |
|
236 |
* Fix security on Email To under Add New page
|
237 |
|
4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
5 |
Requires at least: 4.7
|
6 |
Tested up to: 5.9.3
|
7 |
+
Stable tag: 3.0.8
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
231 |
|
232 |
== Changelog ==
|
233 |
|
234 |
+
**Version 3.0.8 - Apr 08, 2022**
|
235 |
+
|
236 |
+
* Update Entries table with CSRF protection
|
237 |
+
|
238 |
+
**Version 3.0.7 - Apr 06, 2022**
|
239 |
|
240 |
* Fix security on Email To under Add New page
|
241 |
|
visual-form-builder.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Visual Form Builder
|
4 |
Plugin URI: https://wordpress.org/plugins/visual-form-builder/
|
5 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
6 |
-
Version: 3.0.
|
7 |
Author: Matthew Muro
|
8 |
Author URI: http://vfbpro.com
|
9 |
Text Domain: visual-form-builder
|
@@ -26,7 +26,7 @@ class Visual_Form_Builder {
|
|
26 |
* The current version of the plugin.
|
27 |
* @var [type]
|
28 |
*/
|
29 |
-
protected $version = '3.0.
|
30 |
|
31 |
/**
|
32 |
* The current DB version. Used if we need to update the DB later.
|
3 |
Plugin Name: Visual Form Builder
|
4 |
Plugin URI: https://wordpress.org/plugins/visual-form-builder/
|
5 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
6 |
+
Version: 3.0.8
|
7 |
Author: Matthew Muro
|
8 |
Author URI: http://vfbpro.com
|
9 |
Text Domain: visual-form-builder
|
26 |
* The current version of the plugin.
|
27 |
* @var [type]
|
28 |
*/
|
29 |
+
protected $version = '3.0.8';
|
30 |
|
31 |
/**
|
32 |
* The current DB version. Used if we need to update the DB later.
|