WordPress Email Marketing Plugin – WP Email Capture - Version 2.9

Version Description

(17/12/13) = * Fixed a small bug that produced warnings should security fields not be passed. * Style buttons in a style for WordPress 3.8. * Remove a rogue mysql_real_escape_string() call making it compatible with WordPress 3.9. * Introduced stylings.

Download this release

Release Info

Developer rhyswynne
Plugin Icon 128x128 WordPress Email Marketing Plugin – WP Email Capture
Version 2.9
Comparing to
See all releases

Code changes from version 2.8 to 2.9

Files changed (12) hide show
  1. inc/core.php +1 -0
  2. inc/css/wp-email-capture-styles.css +6 -0
  3. inc/dashboard.php +2 -2
  4. inc/display.php +4 -4
  5. inc/enqueue.php +9 -0
  6. inc/functions.php +3 -4
  7. inc/options.php +3 -3
  8. inc/process.php +6 -6
  9. inc/security.php +4 -4
  10. inc/tabledata.php +1 -1
  11. readme.txt +9 -3
  12. wp-email-capture.php +1 -1
inc/core.php CHANGED
@@ -28,4 +28,5 @@ require_once(WP_EMAIL_CAPTURE_PATH . '/inc/checks.php');
28
 
29
  require_once(WP_EMAIL_CAPTURE_PATH . '/inc/functions.php');
30
 
 
31
  ?>
28
 
29
  require_once(WP_EMAIL_CAPTURE_PATH . '/inc/functions.php');
30
 
31
+ require_once(WP_EMAIL_CAPTURE_PATH . '/inc/enqueue.php');
32
  ?>
inc/css/wp-email-capture-styles.css ADDED
@@ -0,0 +1,6 @@
 
 
 
 
 
 
1
+ .wp-email-capture-error {
2
+ width:80%;
3
+ background-color: #FFCCCC;
4
+ margin: 5px;
5
+ font-weight: bold;
6
+ }
inc/dashboard.php CHANGED
@@ -14,7 +14,7 @@ function wp_email_capture_dashboard_widget() {
14
  echo '<form name="wp_email_capture_export" action="'. esc_url($_SERVER['REQUEST_URI']) . '#list" method="post">';
15
  echo '<label>'.__('Use the button below to export your list as a CSV to use in software such as','WPEC').' <a href="http://www.gospelrhys.co.uk/go/aweber.php" title="Email Marketing">Aweber</a>.</label>';
16
  echo '<input type="hidden" name="wp_email_capture_export" />';
17
- echo '<div class="submit"><input type="submit" value="'.__('Export List','WPEC').'" /></div>';
18
  echo "</form><br/><br/>";
19
 
20
  $tempemails = wp_email_capture_count_temp();
@@ -24,7 +24,7 @@ function wp_email_capture_dashboard_widget() {
24
  echo '<label>'.__('There are','WPEC').' '. $tempemails . ' '.__('e-mail addresses that have been unconfirmed. Delete them to save space below.','WPEC').'</label>';
25
 
26
  echo '<input type="hidden" name="wp_email_capture_truncate"/>';
27
- echo '<div class="submit"><input type="submit" value="'.__('Delete Unconfirmed e-mail Addresses','WPEC').'" /></div>';
28
  echo "</form>";
29
 
30
 
14
  echo '<form name="wp_email_capture_export" action="'. esc_url($_SERVER['REQUEST_URI']) . '#list" method="post">';
15
  echo '<label>'.__('Use the button below to export your list as a CSV to use in software such as','WPEC').' <a href="http://www.gospelrhys.co.uk/go/aweber.php" title="Email Marketing">Aweber</a>.</label>';
16
  echo '<input type="hidden" name="wp_email_capture_export" />';
17
+ echo '<div class="submit"><input type="submit" value="'.__('Export List','WPEC').'" class="button" /></div>';
18
  echo "</form><br/><br/>";
19
 
20
  $tempemails = wp_email_capture_count_temp();
24
  echo '<label>'.__('There are','WPEC').' '. $tempemails . ' '.__('e-mail addresses that have been unconfirmed. Delete them to save space below.','WPEC').'</label>';
25
 
26
  echo '<input type="hidden" name="wp_email_capture_truncate"/>';
27
+ echo '<div class="submit"><input type="submit" value="'.__('Delete Unconfirmed e-mail Addresses','WPEC').'" class="button" /></div>';
28
  echo "</form>";
29
 
30
 
inc/display.php CHANGED
@@ -13,9 +13,9 @@ $url = addLastCharacter($url);
13
 
14
  <?php if (isset($_GET['wp_email_capture_error'])) {
15
 
16
- $error = sanitize($_GET['wp_email_capture_error']);
17
 
18
- echo "<div style='width:80%;background-color: #FFCCCC; margin: 5px;font-weight'>".__('Error:','WPEC'). $error ."</div>";
19
 
20
  } ?>
21
 
@@ -52,9 +52,9 @@ $display .= "<div id='wp_email_capture_2' class='wp-email-capture wp-email-captu
52
 
53
  if (isset($_GET['wp_email_capture_error'])) {
54
 
55
- $error = sanitize($_GET['wp_email_capture_error']);
56
 
57
- $display .= "<div style='width:80%;background-color: #FFCCCC; margin: 5px;font-weight'>Error: ". $error ."</div>\n";
58
 
59
  }
60
 
13
 
14
  <?php if (isset($_GET['wp_email_capture_error'])) {
15
 
16
+ $error = wp_email_capture_sanitize($_GET['wp_email_capture_error']);
17
 
18
+ echo "<div class='wp-email-capture-error'>".__('Error:','WPEC'). $error ."</div>";
19
 
20
  } ?>
21
 
52
 
53
  if (isset($_GET['wp_email_capture_error'])) {
54
 
55
+ $error = wp_email_capture_sanitize($_GET['wp_email_capture_error']);
56
 
57
+ $display .= "<div class='wp-email-capture-error'>Error: ". $error ."</div>\n";
58
 
59
  }
60
 
inc/enqueue.php ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ function wp_email_capture_scripts() {
4
+ /* Register our stylesheet. */
5
+ wp_enqueue_style( 'wpemailcapturestyles', plugins_url('/css/wp-email-capture-styles.css',__FILE__), array(), '1.0' );
6
+ }
7
+ add_action( 'wp_enqueue_scripts', 'wp_email_capture_scripts' );
8
+
9
+ ?>
inc/functions.php CHANGED
@@ -1,10 +1,9 @@
1
  <?php
2
 
3
- function sanitize($string)
4
-
5
  {
6
 
7
- $string = mysql_real_escape_string($string);
8
 
9
  $string = htmlspecialchars($string, ENT_QUOTES, 'UTF-8');
10
 
@@ -14,7 +13,7 @@ function sanitize($string)
14
 
15
 
16
 
17
- function checkIfPresent($email){
18
 
19
  global $wpdb;
20
 
1
  <?php
2
 
3
+ function wp_email_capture_sanitize($string)
 
4
  {
5
 
6
+ $string = esc_attr($string);
7
 
8
  $string = htmlspecialchars($string, ENT_QUOTES, 'UTF-8');
9
 
13
 
14
 
15
 
16
+ function wp_email_capture_checkIfPresent($email){
17
 
18
  global $wpdb;
19
 
inc/options.php CHANGED
@@ -181,7 +181,7 @@ if (get_option('wp_email_capture_name_required') == 1) { echo "checked"; } ?>
181
 
182
  echo '<input type="hidden" name="wp_email_capture_export" />';
183
 
184
- echo '<div class="submit"><input type="submit" value="'.__('Export List','WPEC').'" /></div>';
185
 
186
  echo "</form>";
187
 
@@ -195,7 +195,7 @@ if (get_option('wp_email_capture_name_required') == 1) { echo "checked"; } ?>
195
 
196
  echo '<input type="hidden" name="wp_email_capture_truncate"/>';
197
 
198
- echo '<div class="submit"><input type="submit" value="'.__('Delete Unconfirmed e-mail Addresses','WPEC').'" /></div>';
199
 
200
  echo "</form>";
201
 
@@ -207,7 +207,7 @@ echo "<a name='emptyallemails'></a><h3>".__('Delete Current List','WPEC')."</h3>
207
 
208
  echo '<input type="hidden" name="wp_email_capture_delete"/>';
209
 
210
- echo '<div class="submit"><input type="submit" value="'.__('Delete Confirmed e-mail Addresses','WPEC').'" /></div>';
211
 
212
  echo "</form>";
213
 
181
 
182
  echo '<input type="hidden" name="wp_email_capture_export" />';
183
 
184
+ echo '<div class="submit"><input type="submit" value="'.__('Export List','WPEC').'" class="button" /></div>';
185
 
186
  echo "</form>";
187
 
195
 
196
  echo '<input type="hidden" name="wp_email_capture_truncate"/>';
197
 
198
+ echo '<div class="submit"><input type="submit" value="'.__('Delete Unconfirmed e-mail Addresses','WPEC').'" class="button" /></div>';
199
 
200
  echo "</form>";
201
 
207
 
208
  echo '<input type="hidden" name="wp_email_capture_delete"/>';
209
 
210
+ echo '<div class="submit"><input type="submit" value="'.__('Delete Confirmed e-mail Addresses','WPEC').'" class="button" /></div>';
211
 
212
  echo "</form>";
213
 
inc/process.php CHANGED
@@ -84,9 +84,9 @@ if (wp_email_capture_double_check_everything($name, $email))
84
 
85
  // values sent from form
86
 
87
- $name = sanitize($name);
88
 
89
- $email= sanitize($email);
90
 
91
  $name = wp_email_injection_test($name);
92
 
@@ -96,14 +96,14 @@ if (wp_email_capture_double_check_everything($name, $email))
96
 
97
  $email = wp_email_stripslashes($email);
98
 
99
- $referrer = sanitize($_SERVER['HTTP_REFERER']);
100
 
101
- $ip = sanitize($_SERVER['REMOTE_ADDR']);
102
 
103
  $date = date("Y-m-d H-i");
104
 
105
 
106
- $sqlcheck = checkIfPresent($email);
107
 
108
 
109
 
@@ -248,7 +248,7 @@ function wp_capture_email_confirm()
248
 
249
  // Passkey that got from link
250
 
251
- $passkey=sanitize($_GET['wp_email_capture_passkey']);
252
 
253
  $table_name = $wpdb->prefix . "wp_email_capture_temp_members";
254
 
84
 
85
  // values sent from form
86
 
87
+ $name = wp_email_capture_sanitize($name);
88
 
89
+ $email= wp_email_capture_sanitize($email);
90
 
91
  $name = wp_email_injection_test($name);
92
 
96
 
97
  $email = wp_email_stripslashes($email);
98
 
99
+ $referrer = wp_email_capture_sanitize($_SERVER['HTTP_REFERER']);
100
 
101
+ $ip = wp_email_capture_sanitize($_SERVER['REMOTE_ADDR']);
102
 
103
  $date = date("Y-m-d H-i");
104
 
105
 
106
+ $sqlcheck = wp_email_capture_checkIfPresent($email);
107
 
108
 
109
 
248
 
249
  // Passkey that got from link
250
 
251
+ $passkey=wp_email_capture_sanitize($_GET['wp_email_capture_passkey']);
252
 
253
  $table_name = $wpdb->prefix . "wp_email_capture_temp_members";
254
 
inc/security.php CHANGED
@@ -4,7 +4,7 @@
4
 
5
  /* Check for injection characters */
6
 
7
- function wp_email_injection_chars($s) {
8
 
9
  return (stripos("\r", $s) || stripos("\n", $s) || stripos("%0a", $s) || stripos("%0d", $s)) ? TRUE : FALSE;
10
 
@@ -16,7 +16,7 @@ function wp_email_injection_chars($s) {
16
 
17
  /* Make output safe for the browser */
18
 
19
- function wp_email_capture_bsafe($input) {
20
 
21
  return htmlspecialchars(stripslashes($input));
22
 
@@ -30,7 +30,7 @@ function wp_email_capture_bsafe($input) {
30
 
31
 
32
 
33
- function wp_email_stripslashes($s) {
34
 
35
  if (defined('TEMPLATEPATH') || (get_magic_quotes_gpc())) {
36
 
@@ -48,7 +48,7 @@ function wp_email_stripslashes($s) {
48
 
49
 
50
 
51
- function wp_email_injection_test($str) {
52
 
53
  $tests = array("/bcc\:/i", "/Content\-Type\:/i", "/Mime\-Version\:/i", "/cc\:/i", "/from\:/i", "/to\:/i", "/Content\-Transfer\-Encoding\:/i");
54
 
4
 
5
  /* Check for injection characters */
6
 
7
+ function wp_email_injection_chars($s = "") {
8
 
9
  return (stripos("\r", $s) || stripos("\n", $s) || stripos("%0a", $s) || stripos("%0d", $s)) ? TRUE : FALSE;
10
 
16
 
17
  /* Make output safe for the browser */
18
 
19
+ function wp_email_capture_bsafe($input = "") {
20
 
21
  return htmlspecialchars(stripslashes($input));
22
 
30
 
31
 
32
 
33
+ function wp_email_stripslashes($s = "") {
34
 
35
  if (defined('TEMPLATEPATH') || (get_magic_quotes_gpc())) {
36
 
48
 
49
 
50
 
51
+ function wp_email_injection_test($str = "") {
52
 
53
  $tests = array("/bcc\:/i", "/Content\-Type\:/i", "/Mime\-Version\:/i", "/cc\:/i", "/from\:/i", "/to\:/i", "/Content\-Transfer\-Encoding\:/i");
54
 
inc/tabledata.php CHANGED
@@ -62,7 +62,7 @@ function wp_email_capture_formdelete($id, $email)
62
  {
63
  return "<form action='" . esc_url($_SERVER['REQUEST_URI']) . "#list' method='post'>
64
  <input type='hidden' name='wp_email_capture_deleteid' value='". $id."' />
65
- <input type='submit' value='".__('Delete ','WPEC'). $email ."' style='width: 300px;' />
66
  </form>";
67
  }
68
 
62
  {
63
  return "<form action='" . esc_url($_SERVER['REQUEST_URI']) . "#list' method='post'>
64
  <input type='hidden' name='wp_email_capture_deleteid' value='". $id."' />
65
+ <input type='submit' value='".__('Delete ','WPEC'). $email ."' style='width: 300px;' class='button' />
66
  </form>";
67
  }
68
 
readme.txt CHANGED
@@ -1,9 +1,9 @@
1
  === WP Email Capture ===
2
  Tags: email, marketing, capture, form, affiliates, mailing lists, email marketing, widget ready
3
  Requires at least: 3.0
4
- Tested up to: 3.7.1
5
- Version: 2.8
6
- Stable tag: 2.8
7
  Contributors: rhyswynne
8
  Donate link: http://wpemailcapture.com/pricing/
9
 
@@ -156,6 +156,12 @@ Please report any bugs, support and suggestions to the [WP Email Capture Support
156
  To donate to this plugin, please visit the [WP Email Capture Donations Page](http://www.wpemailcapture.com/pricing/)
157
 
158
  == Change Log ==
 
 
 
 
 
 
159
  = 2.8 (10/11/13) =
160
  * Introduced Spanish Translation (thanks David Bravo!)
161
  * Added a feature whereby you can select the delimiter you wish to use.
1
  === WP Email Capture ===
2
  Tags: email, marketing, capture, form, affiliates, mailing lists, email marketing, widget ready
3
  Requires at least: 3.0
4
+ Tested up to: 3.9
5
+ Version: 2.9
6
+ Stable tag: 2.9
7
  Contributors: rhyswynne
8
  Donate link: http://wpemailcapture.com/pricing/
9
 
156
  To donate to this plugin, please visit the [WP Email Capture Donations Page](http://www.wpemailcapture.com/pricing/)
157
 
158
  == Change Log ==
159
+ = 2.9 (17/12/13) =
160
+ * Fixed a small bug that produced warnings should security fields not be passed.
161
+ * Style buttons in a style for WordPress 3.8.
162
+ * Remove a rogue mysql_real_escape_string() call making it compatible with WordPress 3.9.
163
+ * Introduced stylings.
164
+
165
  = 2.8 (10/11/13) =
166
  * Introduced Spanish Translation (thanks David Bravo!)
167
  * Added a feature whereby you can select the delimiter you wish to use.
wp-email-capture.php CHANGED
@@ -8,7 +8,7 @@ Plugin URI: http://www.wpemailcapture.com
8
 
9
  Description: Captures email addresses for insertion into software such as <a href="http://wpemailcapture.com/recommends/aweber" title="Email Marketing">Aweber</a> or <a href="http://wpemailcapture.com/recommends/mailchimp/">Mailchimp</a>
10
 
11
- Version: 2.8
12
 
13
  Author: Rhys Wynne
14
 
8
 
9
  Description: Captures email addresses for insertion into software such as <a href="http://wpemailcapture.com/recommends/aweber" title="Email Marketing">Aweber</a> or <a href="http://wpemailcapture.com/recommends/mailchimp/">Mailchimp</a>
10
 
11
+ Version: 2.9
12
 
13
  Author: Rhys Wynne
14