Version Description
- all shortcode attributes sanitized correctly to close a serious security hole
Download this release
Release Info
Developer | nickboss |
Plugin | WordPress File Upload |
Version | 4.3.3 |
Comparing to | |
See all releases |
Code changes from version 4.3.2 to 4.3.3
- lib/wfu_ajaxactions.php +5 -3
- lib/wfu_attributes.php +68 -0
- lib/wfu_functions.php +83 -0
- lib/wfu_processfiles.php +1 -0
- readme.txt +6 -0
- release_notes.txt +1 -1
- wordpress_file_upload.php +1 -1
lib/wfu_ajaxactions.php
CHANGED
@@ -74,7 +74,7 @@ function wfu_ajax_action_send_email_notification() {
|
|
74 |
foreach ( $userdata_fields as $userdata_key => $userdata_field )
|
75 |
$userdata_fields[$userdata_key]["value"] = "";
|
76 |
//then retrieve userdata from session if files exist
|
77 |
-
if ( $all_files_count > 0 ) {
|
78 |
foreach ( WFU_USVAR("filedata_".$uniqueid) as $file ) {
|
79 |
if ( isset($file["user_data"]) ) {
|
80 |
$userdata_fields = array();
|
@@ -308,6 +308,8 @@ function wfu_ajax_action_save_shortcode() {
|
|
308 |
$shortcode_position = wfu_sanitize_int($_POST['shortcode_position']);
|
309 |
$shortcode_tag = wfu_sanitize_tag($_POST['shortcode_tag']);
|
310 |
$widget_id = sanitize_text_field($_POST['widget_id']);
|
|
|
|
|
311 |
|
312 |
if ( $post_id == "" && $widget_id == "" ) {
|
313 |
die();
|
@@ -320,7 +322,7 @@ function wfu_ajax_action_save_shortcode() {
|
|
320 |
if ( $post_id != "" && !wfu_check_edit_shortcode($data) ) $echo_str = "wfu_save_shortcode:fail:post_modified";
|
321 |
else {
|
322 |
if ( $widget_id == "" ) {
|
323 |
-
$new_shortcode = "[".$shortcode_tag." "
|
324 |
if ( wfu_replace_shortcode($data, $new_shortcode) ) {
|
325 |
$post = get_post($post_id);
|
326 |
$hash = hash('md5', $post->post_content);
|
@@ -335,7 +337,7 @@ function wfu_ajax_action_save_shortcode() {
|
|
335 |
$widget_sidebar = is_active_widget(false, $widget_id, "wordpress_file_upload_widget");
|
336 |
if ( !$widget_sidebar ) $echo_str = "wfu_save_shortcode:fail:post_update_failed";
|
337 |
else {
|
338 |
-
$widget_obj->update_external(
|
339 |
$hash = $data['post_hash'];
|
340 |
$echo_str = "wfu_save_shortcode:success:".$hash;
|
341 |
}
|
74 |
foreach ( $userdata_fields as $userdata_key => $userdata_field )
|
75 |
$userdata_fields[$userdata_key]["value"] = "";
|
76 |
//then retrieve userdata from session if files exist
|
77 |
+
if ( $all_files_count > 0 && WFU_USVAR_exists("filedata_".$uniqueid) && is_array(WFU_USVAR("filedata_".$uniqueid)) ) {
|
78 |
foreach ( WFU_USVAR("filedata_".$uniqueid) as $file ) {
|
79 |
if ( isset($file["user_data"]) ) {
|
80 |
$userdata_fields = array();
|
308 |
$shortcode_position = wfu_sanitize_int($_POST['shortcode_position']);
|
309 |
$shortcode_tag = wfu_sanitize_tag($_POST['shortcode_tag']);
|
310 |
$widget_id = sanitize_text_field($_POST['widget_id']);
|
311 |
+
|
312 |
+
$shortcode = wfu_sanitize_shortcode(wfu_plugin_decode_string($shortcode), $shortcode_tag);
|
313 |
|
314 |
if ( $post_id == "" && $widget_id == "" ) {
|
315 |
die();
|
322 |
if ( $post_id != "" && !wfu_check_edit_shortcode($data) ) $echo_str = "wfu_save_shortcode:fail:post_modified";
|
323 |
else {
|
324 |
if ( $widget_id == "" ) {
|
325 |
+
$new_shortcode = "[".$shortcode_tag." ".$shortcode."]";
|
326 |
if ( wfu_replace_shortcode($data, $new_shortcode) ) {
|
327 |
$post = get_post($post_id);
|
328 |
$hash = hash('md5', $post->post_content);
|
337 |
$widget_sidebar = is_active_widget(false, $widget_id, "wordpress_file_upload_widget");
|
338 |
if ( !$widget_sidebar ) $echo_str = "wfu_save_shortcode:fail:post_update_failed";
|
339 |
else {
|
340 |
+
$widget_obj->update_external($shortcode);
|
341 |
$hash = $data['post_hash'];
|
342 |
$echo_str = "wfu_save_shortcode:success:".$hash;
|
343 |
}
|
lib/wfu_attributes.php
CHANGED
@@ -711,6 +711,7 @@ function wfu_attribute_definitions() {
|
|
711 |
"name" => "Widget ID",
|
712 |
"attribute" => "widgetid",
|
713 |
"type" => "hidden",
|
|
|
714 |
"listitems" => null,
|
715 |
"value" => "",
|
716 |
"mode" => "free",
|
@@ -725,6 +726,7 @@ function wfu_attribute_definitions() {
|
|
725 |
"name" => "Plugin ID",
|
726 |
"attribute" => "uploadid",
|
727 |
"type" => "integer",
|
|
|
728 |
"listitems" => null,
|
729 |
"value" => WFU_VAR("WFU_UPLOADID"),
|
730 |
"mode" => "free",
|
@@ -739,6 +741,7 @@ function wfu_attribute_definitions() {
|
|
739 |
"name" => "Single Button Operation",
|
740 |
"attribute" => "singlebutton",
|
741 |
"type" => "onoff",
|
|
|
742 |
"listitems" => null,
|
743 |
"value" => WFU_VAR("WFU_SINGLEBUTTON"),
|
744 |
"mode" => "free",
|
@@ -753,6 +756,7 @@ function wfu_attribute_definitions() {
|
|
753 |
"name" => "Upload Path",
|
754 |
"attribute" => "uploadpath",
|
755 |
"type" => "ltext",
|
|
|
756 |
"listitems" => null,
|
757 |
"value" => WFU_VAR("WFU_UPLOADPATH"),
|
758 |
"mode" => "free",
|
@@ -767,6 +771,7 @@ function wfu_attribute_definitions() {
|
|
767 |
"name" => "Plugin Fit Mode",
|
768 |
"attribute" => "fitmode",
|
769 |
"type" => "radio",
|
|
|
770 |
"listitems" => array("fixed", "responsive"),
|
771 |
"value" => WFU_VAR("WFU_FITMODE"),
|
772 |
"mode" => "free",
|
@@ -781,6 +786,7 @@ function wfu_attribute_definitions() {
|
|
781 |
"name" => "Allow No File",
|
782 |
"attribute" => "allownofile",
|
783 |
"type" => "onoff",
|
|
|
784 |
"listitems" => null,
|
785 |
"value" => WFU_VAR("WFU_ALLOWNOFILE"),
|
786 |
"mode" => "free",
|
@@ -795,6 +801,7 @@ function wfu_attribute_definitions() {
|
|
795 |
"name" => "Upload Roles",
|
796 |
"attribute" => "uploadrole",
|
797 |
"type" => "rolelist",
|
|
|
798 |
"listitems" => array("default_administrator"),
|
799 |
"value" => WFU_VAR("WFU_UPLOADROLE"),
|
800 |
"mode" => "free",
|
@@ -809,6 +816,7 @@ function wfu_attribute_definitions() {
|
|
809 |
"name" => "Allowed File Extensions",
|
810 |
"attribute" => "uploadpatterns",
|
811 |
"type" => "text",
|
|
|
812 |
"listitems" => null,
|
813 |
"value" => WFU_VAR("WFU_UPLOADPATTERNS"),
|
814 |
"mode" => "free",
|
@@ -823,6 +831,7 @@ function wfu_attribute_definitions() {
|
|
823 |
"name" => "Allowed File Size",
|
824 |
"attribute" => "maxsize",
|
825 |
"type" => "float",
|
|
|
826 |
"listitems" => null,
|
827 |
"value" => WFU_VAR("WFU_MAXSIZE"),
|
828 |
"mode" => "free",
|
@@ -837,6 +846,7 @@ function wfu_attribute_definitions() {
|
|
837 |
"name" => "Create Upload Path",
|
838 |
"attribute" => "createpath",
|
839 |
"type" => "onoff",
|
|
|
840 |
"listitems" => null,
|
841 |
"value" => WFU_VAR("WFU_CREATEPATH"),
|
842 |
"mode" => "free",
|
@@ -851,6 +861,7 @@ function wfu_attribute_definitions() {
|
|
851 |
"name" => "Do Not Change Filename",
|
852 |
"attribute" => "forcefilename",
|
853 |
"type" => "onoff",
|
|
|
854 |
"listitems" => null,
|
855 |
"value" => WFU_VAR("WFU_FORCEFILENAME"),
|
856 |
"mode" => "free",
|
@@ -865,6 +876,7 @@ function wfu_attribute_definitions() {
|
|
865 |
"name" => "Folder Access Method",
|
866 |
"attribute" => "accessmethod",
|
867 |
"type" => "radio",
|
|
|
868 |
"listitems" => array("normal", "*ftp"),
|
869 |
"value" => WFU_VAR("WFU_ACCESSMETHOD"),
|
870 |
"mode" => "free",
|
@@ -879,6 +891,7 @@ function wfu_attribute_definitions() {
|
|
879 |
"name" => "FTP Access Credentials",
|
880 |
"attribute" => "ftpinfo",
|
881 |
"type" => "ltext",
|
|
|
882 |
"listitems" => null,
|
883 |
"value" => WFU_VAR("WFU_FTPINFO"),
|
884 |
"mode" => "free",
|
@@ -893,6 +906,7 @@ function wfu_attribute_definitions() {
|
|
893 |
"name" => "Use FTP Domain",
|
894 |
"attribute" => "useftpdomain",
|
895 |
"type" => "onoff",
|
|
|
896 |
"listitems" => null,
|
897 |
"value" => WFU_VAR("WFU_USEFTPDOMAIN"),
|
898 |
"mode" => "free",
|
@@ -907,6 +921,7 @@ function wfu_attribute_definitions() {
|
|
907 |
"name" => "FTP Passive Mode",
|
908 |
"attribute" => "ftppassivemode",
|
909 |
"type" => "onoff",
|
|
|
910 |
"listitems" => null,
|
911 |
"value" => WFU_VAR("WFU_FTPPASSIVEMODE"),
|
912 |
"mode" => "free",
|
@@ -921,6 +936,7 @@ function wfu_attribute_definitions() {
|
|
921 |
"name" => "Permissions of Uploaded File",
|
922 |
"attribute" => "ftpfilepermissions",
|
923 |
"type" => "text",
|
|
|
924 |
"listitems" => null,
|
925 |
"value" => WFU_VAR("WFU_FTPFILEPERMISSIONS"),
|
926 |
"mode" => "free",
|
@@ -935,6 +951,7 @@ function wfu_attribute_definitions() {
|
|
935 |
"name" => "Show Upload Folder Path",
|
936 |
"attribute" => "showtargetfolder",
|
937 |
"type" => "onoff",
|
|
|
938 |
"listitems" => null,
|
939 |
"value" => WFU_VAR("WFU_SHOWTARGETFOLDER"),
|
940 |
"mode" => "free",
|
@@ -949,6 +966,7 @@ function wfu_attribute_definitions() {
|
|
949 |
"name" => "Select Subfolder",
|
950 |
"attribute" => "askforsubfolders",
|
951 |
"type" => "onoff",
|
|
|
952 |
"listitems" => null,
|
953 |
"value" => WFU_VAR("WFU_ASKFORSUBFOLDERS"),
|
954 |
"mode" => "free",
|
@@ -963,6 +981,7 @@ function wfu_attribute_definitions() {
|
|
963 |
"name" => "List of Subfolders",
|
964 |
"attribute" => "subfoldertree",
|
965 |
"type" => "folderlist",
|
|
|
966 |
"listitems" => null,
|
967 |
"value" => WFU_VAR("WFU_SUBFOLDERTREE"),
|
968 |
"mode" => "free",
|
@@ -977,6 +996,7 @@ function wfu_attribute_definitions() {
|
|
977 |
"name" => "File Duplicates Policy",
|
978 |
"attribute" => "duplicatespolicy",
|
979 |
"type" => "radio",
|
|
|
980 |
"listitems" => array("overwrite", "reject", "*maintain both"),
|
981 |
"value" => WFU_VAR("WFU_DUBLICATESPOLICY"),
|
982 |
"mode" => "free",
|
@@ -991,6 +1011,7 @@ function wfu_attribute_definitions() {
|
|
991 |
"name" => "File Rename Rule",
|
992 |
"attribute" => "uniquepattern",
|
993 |
"type" => "radio",
|
|
|
994 |
"listitems" => array("index", "datetimestamp"),
|
995 |
"value" => WFU_VAR("WFU_UNIQUEPATTERN"),
|
996 |
"mode" => "free",
|
@@ -1005,6 +1026,7 @@ function wfu_attribute_definitions() {
|
|
1005 |
"name" => "Redirect after Upload",
|
1006 |
"attribute" => "redirect",
|
1007 |
"type" => "onoff",
|
|
|
1008 |
"listitems" => null,
|
1009 |
"value" => WFU_VAR("WFU_REDIRECT"),
|
1010 |
"mode" => "free",
|
@@ -1019,6 +1041,7 @@ function wfu_attribute_definitions() {
|
|
1019 |
"name" => "Redirection URL",
|
1020 |
"attribute" => "redirectlink",
|
1021 |
"type" => "ltext",
|
|
|
1022 |
"listitems" => null,
|
1023 |
"value" => WFU_VAR("WFU_REDIRECTLINK"),
|
1024 |
"mode" => "free",
|
@@ -1033,6 +1056,7 @@ function wfu_attribute_definitions() {
|
|
1033 |
"name" => "Show Detailed Admin Messages",
|
1034 |
"attribute" => "adminmessages",
|
1035 |
"type" => "onoff",
|
|
|
1036 |
"listitems" => null,
|
1037 |
"value" => WFU_VAR("WFU_ADMINMESSAGES"),
|
1038 |
"mode" => "free",
|
@@ -1047,6 +1071,7 @@ function wfu_attribute_definitions() {
|
|
1047 |
"name" => "Disable AJAX",
|
1048 |
"attribute" => "forceclassic",
|
1049 |
"type" => "onoff",
|
|
|
1050 |
"listitems" => null,
|
1051 |
"value" => WFU_VAR("WFU_FORCECLASSIC"),
|
1052 |
"mode" => "free",
|
@@ -1061,6 +1086,7 @@ function wfu_attribute_definitions() {
|
|
1061 |
"name" => "Test Mode",
|
1062 |
"attribute" => "testmode",
|
1063 |
"type" => "onoff",
|
|
|
1064 |
"listitems" => null,
|
1065 |
"value" => WFU_VAR("WFU_TESTMODE"),
|
1066 |
"mode" => "free",
|
@@ -1075,6 +1101,7 @@ function wfu_attribute_definitions() {
|
|
1075 |
"name" => "Debug Mode",
|
1076 |
"attribute" => "debugmode",
|
1077 |
"type" => "onoff",
|
|
|
1078 |
"listitems" => null,
|
1079 |
"value" => WFU_VAR("WFU_DEBUGMODE"),
|
1080 |
"mode" => "free",
|
@@ -1089,6 +1116,7 @@ function wfu_attribute_definitions() {
|
|
1089 |
"name" => "Plugin Component Positions",
|
1090 |
"attribute" => "placements",
|
1091 |
"type" => "placements",
|
|
|
1092 |
"listitems" => null,
|
1093 |
"value" => WFU_VAR("WFU_PLACEMENTS"),
|
1094 |
"mode" => "free",
|
@@ -1103,6 +1131,7 @@ function wfu_attribute_definitions() {
|
|
1103 |
"name" => "Plugin Title",
|
1104 |
"attribute" => "uploadtitle",
|
1105 |
"type" => "text",
|
|
|
1106 |
"listitems" => null,
|
1107 |
"value" => WFU_UPLOADTITLE,
|
1108 |
"mode" => "free",
|
@@ -1117,6 +1146,7 @@ function wfu_attribute_definitions() {
|
|
1117 |
"name" => "Select Button Caption",
|
1118 |
"attribute" => "selectbutton",
|
1119 |
"type" => "text",
|
|
|
1120 |
"listitems" => null,
|
1121 |
"value" => WFU_SELECTBUTTON,
|
1122 |
"mode" => "free",
|
@@ -1131,6 +1161,7 @@ function wfu_attribute_definitions() {
|
|
1131 |
"name" => "Upload Button Caption",
|
1132 |
"attribute" => "uploadbutton",
|
1133 |
"type" => "text",
|
|
|
1134 |
"listitems" => null,
|
1135 |
"value" => WFU_UPLOADBUTTON,
|
1136 |
"mode" => "free",
|
@@ -1145,6 +1176,7 @@ function wfu_attribute_definitions() {
|
|
1145 |
"name" => "Upload Folder Label",
|
1146 |
"attribute" => "targetfolderlabel",
|
1147 |
"type" => "text",
|
|
|
1148 |
"listitems" => null,
|
1149 |
"value" => WFU_VAR("WFU_TARGETFOLDERLABEL"),
|
1150 |
"mode" => "free",
|
@@ -1159,6 +1191,7 @@ function wfu_attribute_definitions() {
|
|
1159 |
"name" => "Select Subfolder Label",
|
1160 |
"attribute" => "subfolderlabel",
|
1161 |
"type" => "text",
|
|
|
1162 |
"listitems" => null,
|
1163 |
"value" => WFU_VAR("WFU_SUBFOLDERLABEL"),
|
1164 |
"mode" => "free",
|
@@ -1173,6 +1206,7 @@ function wfu_attribute_definitions() {
|
|
1173 |
"name" => "Success Upload Message",
|
1174 |
"attribute" => "successmessage",
|
1175 |
"type" => "ltext",
|
|
|
1176 |
"listitems" => null,
|
1177 |
"value" => WFU_SUCCESSMESSAGE,
|
1178 |
"mode" => "free",
|
@@ -1187,6 +1221,7 @@ function wfu_attribute_definitions() {
|
|
1187 |
"name" => "Warning Upload Message",
|
1188 |
"attribute" => "warningmessage",
|
1189 |
"type" => "ltext",
|
|
|
1190 |
"listitems" => null,
|
1191 |
"value" => WFU_WARNINGMESSAGE,
|
1192 |
"mode" => "free",
|
@@ -1201,6 +1236,7 @@ function wfu_attribute_definitions() {
|
|
1201 |
"name" => "Error Upload Message",
|
1202 |
"attribute" => "errormessage",
|
1203 |
"type" => "ltext",
|
|
|
1204 |
"listitems" => null,
|
1205 |
"value" => WFU_ERRORMESSAGE,
|
1206 |
"mode" => "free",
|
@@ -1215,6 +1251,7 @@ function wfu_attribute_definitions() {
|
|
1215 |
"name" => "Wait Upload Message",
|
1216 |
"attribute" => "waitmessage",
|
1217 |
"type" => "ltext",
|
|
|
1218 |
"listitems" => null,
|
1219 |
"value" => WFU_WAITMESSAGE,
|
1220 |
"mode" => "free",
|
@@ -1229,6 +1266,7 @@ function wfu_attribute_definitions() {
|
|
1229 |
"name" => "Upload Media Button Caption",
|
1230 |
"attribute" => "uploadmediabutton",
|
1231 |
"type" => "text",
|
|
|
1232 |
"listitems" => null,
|
1233 |
"value" => WFU_UPLOADMEDIABUTTON,
|
1234 |
"mode" => "free",
|
@@ -1243,6 +1281,7 @@ function wfu_attribute_definitions() {
|
|
1243 |
"name" => "Video Filename",
|
1244 |
"attribute" => "videoname",
|
1245 |
"type" => "text",
|
|
|
1246 |
"listitems" => null,
|
1247 |
"value" => WFU_VIDEONAME,
|
1248 |
"mode" => "free",
|
@@ -1257,6 +1296,7 @@ function wfu_attribute_definitions() {
|
|
1257 |
"name" => "Image Filename",
|
1258 |
"attribute" => "imagename",
|
1259 |
"type" => "text",
|
|
|
1260 |
"listitems" => null,
|
1261 |
"value" => WFU_IMAGENAME,
|
1262 |
"mode" => "free",
|
@@ -1271,6 +1311,7 @@ function wfu_attribute_definitions() {
|
|
1271 |
"name" => "Required Fields Suffix",
|
1272 |
"attribute" => "requiredlabel",
|
1273 |
"type" => "text",
|
|
|
1274 |
"listitems" => null,
|
1275 |
"value" => WFU_USERDATA_REQUIREDLABEL,
|
1276 |
"mode" => "free",
|
@@ -1285,6 +1326,7 @@ function wfu_attribute_definitions() {
|
|
1285 |
"name" => "Notify by Email",
|
1286 |
"attribute" => "notify",
|
1287 |
"type" => "onoff",
|
|
|
1288 |
"listitems" => null,
|
1289 |
"value" => WFU_VAR("WFU_NOTIFY"),
|
1290 |
"mode" => "free",
|
@@ -1299,6 +1341,7 @@ function wfu_attribute_definitions() {
|
|
1299 |
"name" => "Email Recipients",
|
1300 |
"attribute" => "notifyrecipients",
|
1301 |
"type" => "mtext",
|
|
|
1302 |
"listitems" => null,
|
1303 |
"value" => WFU_VAR("WFU_NOTIFYRECIPIENTS"),
|
1304 |
"mode" => "free",
|
@@ -1313,6 +1356,7 @@ function wfu_attribute_definitions() {
|
|
1313 |
"name" => "Email Headers",
|
1314 |
"attribute" => "notifyheaders",
|
1315 |
"type" => "mtext",
|
|
|
1316 |
"listitems" => null,
|
1317 |
"value" => WFU_VAR("WFU_NOTIFYHEADERS"),
|
1318 |
"mode" => "free",
|
@@ -1327,6 +1371,7 @@ function wfu_attribute_definitions() {
|
|
1327 |
"name" => "Email Subject",
|
1328 |
"attribute" => "notifysubject",
|
1329 |
"type" => "ltext",
|
|
|
1330 |
"listitems" => null,
|
1331 |
"value" => WFU_NOTIFYSUBJECT,
|
1332 |
"mode" => "free",
|
@@ -1341,6 +1386,7 @@ function wfu_attribute_definitions() {
|
|
1341 |
"name" => "Email Body",
|
1342 |
"attribute" => "notifymessage",
|
1343 |
"type" => "mtext",
|
|
|
1344 |
"listitems" => null,
|
1345 |
"value" => WFU_NOTIFYMESSAGE,
|
1346 |
"mode" => "free",
|
@@ -1355,6 +1401,7 @@ function wfu_attribute_definitions() {
|
|
1355 |
"name" => "Attach Uploaded Files",
|
1356 |
"attribute" => "attachfile",
|
1357 |
"type" => "onoff",
|
|
|
1358 |
"listitems" => null,
|
1359 |
"value" => WFU_VAR("WFU_ATTACHFILE"),
|
1360 |
"mode" => "free",
|
@@ -1369,6 +1416,7 @@ function wfu_attribute_definitions() {
|
|
1369 |
"name" => "Success Upload Message Color",
|
1370 |
"attribute" => "successmessagecolor",
|
1371 |
"type" => "hidden",
|
|
|
1372 |
"listitems" => null,
|
1373 |
"value" => WFU_SUCCESSMESSAGECOLOR,
|
1374 |
"mode" => "free",
|
@@ -1383,6 +1431,7 @@ function wfu_attribute_definitions() {
|
|
1383 |
"name" => "Success Message Colors",
|
1384 |
"attribute" => "successmessagecolors",
|
1385 |
"type" => "color-triplet",
|
|
|
1386 |
"listitems" => null,
|
1387 |
"value" => WFU_VAR("WFU_SUCCESSMESSAGECOLORS"),
|
1388 |
"mode" => "free",
|
@@ -1397,6 +1446,7 @@ function wfu_attribute_definitions() {
|
|
1397 |
"name" => "Warning Message Colors",
|
1398 |
"attribute" => "warningmessagecolors",
|
1399 |
"type" => "color-triplet",
|
|
|
1400 |
"listitems" => null,
|
1401 |
"value" => WFU_VAR("WFU_WARNINGMESSAGECOLORS"),
|
1402 |
"mode" => "free",
|
@@ -1411,6 +1461,7 @@ function wfu_attribute_definitions() {
|
|
1411 |
"name" => "Fail Message Colors",
|
1412 |
"attribute" => "failmessagecolors",
|
1413 |
"type" => "color-triplet",
|
|
|
1414 |
"listitems" => null,
|
1415 |
"value" => WFU_VAR("WFU_FAILMESSAGECOLORS"),
|
1416 |
"mode" => "free",
|
@@ -1425,6 +1476,7 @@ function wfu_attribute_definitions() {
|
|
1425 |
"name" => "Wait Message Colors",
|
1426 |
"attribute" => "waitmessagecolors",
|
1427 |
"type" => "hidden",
|
|
|
1428 |
"listitems" => null,
|
1429 |
"value" => WFU_VAR("WFU_WAITMESSAGECOLORS"),
|
1430 |
"mode" => "free",
|
@@ -1439,6 +1491,7 @@ function wfu_attribute_definitions() {
|
|
1439 |
"name" => "Plugin Component Widths",
|
1440 |
"attribute" => "widths",
|
1441 |
"type" => "dimensions",
|
|
|
1442 |
"listitems" => null,
|
1443 |
"value" => WFU_VAR("WFU_WIDTHS"),
|
1444 |
"mode" => "free",
|
@@ -1453,6 +1506,7 @@ function wfu_attribute_definitions() {
|
|
1453 |
"name" => "Plugin Component Heights",
|
1454 |
"attribute" => "heights",
|
1455 |
"type" => "dimensions",
|
|
|
1456 |
"listitems" => null,
|
1457 |
"value" => WFU_VAR("WFU_HEIGHTS"),
|
1458 |
"mode" => "free",
|
@@ -1467,6 +1521,7 @@ function wfu_attribute_definitions() {
|
|
1467 |
"name" => "Include Additional Data Fields",
|
1468 |
"attribute" => "userdata",
|
1469 |
"type" => "onoff",
|
|
|
1470 |
"listitems" => null,
|
1471 |
"value" => WFU_VAR("WFU_USERDATA"),
|
1472 |
"mode" => "free",
|
@@ -1481,6 +1536,7 @@ function wfu_attribute_definitions() {
|
|
1481 |
"name" => "Additional Data Fields",
|
1482 |
"attribute" => "userdatalabel",
|
1483 |
"type" => "formfields",
|
|
|
1484 |
"listitems" => wfu_formfield_definitions(),
|
1485 |
"value" => WFU_USERDATALABEL,
|
1486 |
"mode" => "free",
|
@@ -1495,6 +1551,7 @@ function wfu_attribute_definitions() {
|
|
1495 |
"name" => "WP Filebase Plugin Connection",
|
1496 |
"attribute" => "filebaselink",
|
1497 |
"type" => "onoff",
|
|
|
1498 |
"listitems" => null,
|
1499 |
"value" => WFU_VAR("WFU_FILEBASELINK"),
|
1500 |
"mode" => "free",
|
@@ -1509,6 +1566,7 @@ function wfu_attribute_definitions() {
|
|
1509 |
"name" => "Add Uploaded Files To Media",
|
1510 |
"attribute" => "medialink",
|
1511 |
"type" => "onoff",
|
|
|
1512 |
"listitems" => null,
|
1513 |
"value" => WFU_VAR("WFU_MEDIALINK"),
|
1514 |
"mode" => "free",
|
@@ -1523,6 +1581,7 @@ function wfu_attribute_definitions() {
|
|
1523 |
"name" => "Attach Uploaded Files To Post",
|
1524 |
"attribute" => "postlink",
|
1525 |
"type" => "onoff",
|
|
|
1526 |
"listitems" => null,
|
1527 |
"value" => WFU_VAR("WFU_POSTLINK"),
|
1528 |
"mode" => "free",
|
@@ -1537,6 +1596,7 @@ function wfu_attribute_definitions() {
|
|
1537 |
"name" => "Enable Webcam",
|
1538 |
"attribute" => "webcam",
|
1539 |
"type" => "onoff",
|
|
|
1540 |
"listitems" => null,
|
1541 |
"value" => WFU_VAR("WFU_WEBCAM"),
|
1542 |
"mode" => "free",
|
@@ -1551,6 +1611,7 @@ function wfu_attribute_definitions() {
|
|
1551 |
"name" => "Capture Mode",
|
1552 |
"attribute" => "webcammode",
|
1553 |
"type" => "radio",
|
|
|
1554 |
"listitems" => array("capture video", "take photos", "both"),
|
1555 |
"value" => WFU_VAR("WFU_WEBCAMMODE"),
|
1556 |
"mode" => "free",
|
@@ -1565,6 +1626,7 @@ function wfu_attribute_definitions() {
|
|
1565 |
"name" => "Capture Audio",
|
1566 |
"attribute" => "audiocapture",
|
1567 |
"type" => "onoff",
|
|
|
1568 |
"listitems" => null,
|
1569 |
"value" => WFU_VAR("WFU_AUDIOCAPTURE"),
|
1570 |
"mode" => "free",
|
@@ -1579,6 +1641,7 @@ function wfu_attribute_definitions() {
|
|
1579 |
"name" => "Video Width",
|
1580 |
"attribute" => "videowidth",
|
1581 |
"type" => "text",
|
|
|
1582 |
"listitems" => null,
|
1583 |
"value" => WFU_VAR("WFU_VIDEOWIDTH"),
|
1584 |
"mode" => "free",
|
@@ -1593,6 +1656,7 @@ function wfu_attribute_definitions() {
|
|
1593 |
"name" => "Video Height",
|
1594 |
"attribute" => "videoheight",
|
1595 |
"type" => "text",
|
|
|
1596 |
"listitems" => null,
|
1597 |
"value" => WFU_VAR("WFU_VIDEOHEIGHT"),
|
1598 |
"mode" => "free",
|
@@ -1607,6 +1671,7 @@ function wfu_attribute_definitions() {
|
|
1607 |
"name" => "Video Aspect Ratio",
|
1608 |
"attribute" => "videoaspectratio",
|
1609 |
"type" => "text",
|
|
|
1610 |
"listitems" => null,
|
1611 |
"value" => WFU_VAR("WFU_VIDEOASPECTRATIO"),
|
1612 |
"mode" => "free",
|
@@ -1621,6 +1686,7 @@ function wfu_attribute_definitions() {
|
|
1621 |
"name" => "Video Frame Rate",
|
1622 |
"attribute" => "videoframerate",
|
1623 |
"type" => "text",
|
|
|
1624 |
"listitems" => null,
|
1625 |
"value" => WFU_VAR("WFU_VIDEOFRAMERATE"),
|
1626 |
"mode" => "free",
|
@@ -1635,6 +1701,7 @@ function wfu_attribute_definitions() {
|
|
1635 |
"name" => "Camera Facing Mode",
|
1636 |
"attribute" => "camerafacing",
|
1637 |
"type" => "radio",
|
|
|
1638 |
"listitems" => array("any", "front", "back"),
|
1639 |
"value" => WFU_VAR("WFU_CAMERAFACING"),
|
1640 |
"mode" => "free",
|
@@ -1649,6 +1716,7 @@ function wfu_attribute_definitions() {
|
|
1649 |
"name" => "Max Record Time",
|
1650 |
"attribute" => "maxrecordtime",
|
1651 |
"type" => "integer",
|
|
|
1652 |
"listitems" => null,
|
1653 |
"value" => WFU_VAR("WFU_MAXRECORDTIME"),
|
1654 |
"mode" => "free",
|
711 |
"name" => "Widget ID",
|
712 |
"attribute" => "widgetid",
|
713 |
"type" => "hidden",
|
714 |
+
"validator" => "text",
|
715 |
"listitems" => null,
|
716 |
"value" => "",
|
717 |
"mode" => "free",
|
726 |
"name" => "Plugin ID",
|
727 |
"attribute" => "uploadid",
|
728 |
"type" => "integer",
|
729 |
+
"validator" => "text",
|
730 |
"listitems" => null,
|
731 |
"value" => WFU_VAR("WFU_UPLOADID"),
|
732 |
"mode" => "free",
|
741 |
"name" => "Single Button Operation",
|
742 |
"attribute" => "singlebutton",
|
743 |
"type" => "onoff",
|
744 |
+
"validator" => "text",
|
745 |
"listitems" => null,
|
746 |
"value" => WFU_VAR("WFU_SINGLEBUTTON"),
|
747 |
"mode" => "free",
|
756 |
"name" => "Upload Path",
|
757 |
"attribute" => "uploadpath",
|
758 |
"type" => "ltext",
|
759 |
+
"validator" => "path",
|
760 |
"listitems" => null,
|
761 |
"value" => WFU_VAR("WFU_UPLOADPATH"),
|
762 |
"mode" => "free",
|
771 |
"name" => "Plugin Fit Mode",
|
772 |
"attribute" => "fitmode",
|
773 |
"type" => "radio",
|
774 |
+
"validator" => "text",
|
775 |
"listitems" => array("fixed", "responsive"),
|
776 |
"value" => WFU_VAR("WFU_FITMODE"),
|
777 |
"mode" => "free",
|
786 |
"name" => "Allow No File",
|
787 |
"attribute" => "allownofile",
|
788 |
"type" => "onoff",
|
789 |
+
"validator" => "text",
|
790 |
"listitems" => null,
|
791 |
"value" => WFU_VAR("WFU_ALLOWNOFILE"),
|
792 |
"mode" => "free",
|
801 |
"name" => "Upload Roles",
|
802 |
"attribute" => "uploadrole",
|
803 |
"type" => "rolelist",
|
804 |
+
"validator" => "text",
|
805 |
"listitems" => array("default_administrator"),
|
806 |
"value" => WFU_VAR("WFU_UPLOADROLE"),
|
807 |
"mode" => "free",
|
816 |
"name" => "Allowed File Extensions",
|
817 |
"attribute" => "uploadpatterns",
|
818 |
"type" => "text",
|
819 |
+
"validator" => "text",
|
820 |
"listitems" => null,
|
821 |
"value" => WFU_VAR("WFU_UPLOADPATTERNS"),
|
822 |
"mode" => "free",
|
831 |
"name" => "Allowed File Size",
|
832 |
"attribute" => "maxsize",
|
833 |
"type" => "float",
|
834 |
+
"validator" => "float",
|
835 |
"listitems" => null,
|
836 |
"value" => WFU_VAR("WFU_MAXSIZE"),
|
837 |
"mode" => "free",
|
846 |
"name" => "Create Upload Path",
|
847 |
"attribute" => "createpath",
|
848 |
"type" => "onoff",
|
849 |
+
"validator" => "text",
|
850 |
"listitems" => null,
|
851 |
"value" => WFU_VAR("WFU_CREATEPATH"),
|
852 |
"mode" => "free",
|
861 |
"name" => "Do Not Change Filename",
|
862 |
"attribute" => "forcefilename",
|
863 |
"type" => "onoff",
|
864 |
+
"validator" => "text",
|
865 |
"listitems" => null,
|
866 |
"value" => WFU_VAR("WFU_FORCEFILENAME"),
|
867 |
"mode" => "free",
|
876 |
"name" => "Folder Access Method",
|
877 |
"attribute" => "accessmethod",
|
878 |
"type" => "radio",
|
879 |
+
"validator" => "text",
|
880 |
"listitems" => array("normal", "*ftp"),
|
881 |
"value" => WFU_VAR("WFU_ACCESSMETHOD"),
|
882 |
"mode" => "free",
|
891 |
"name" => "FTP Access Credentials",
|
892 |
"attribute" => "ftpinfo",
|
893 |
"type" => "ltext",
|
894 |
+
"validator" => "text",
|
895 |
"listitems" => null,
|
896 |
"value" => WFU_VAR("WFU_FTPINFO"),
|
897 |
"mode" => "free",
|
906 |
"name" => "Use FTP Domain",
|
907 |
"attribute" => "useftpdomain",
|
908 |
"type" => "onoff",
|
909 |
+
"validator" => "text",
|
910 |
"listitems" => null,
|
911 |
"value" => WFU_VAR("WFU_USEFTPDOMAIN"),
|
912 |
"mode" => "free",
|
921 |
"name" => "FTP Passive Mode",
|
922 |
"attribute" => "ftppassivemode",
|
923 |
"type" => "onoff",
|
924 |
+
"validator" => "text",
|
925 |
"listitems" => null,
|
926 |
"value" => WFU_VAR("WFU_FTPPASSIVEMODE"),
|
927 |
"mode" => "free",
|
936 |
"name" => "Permissions of Uploaded File",
|
937 |
"attribute" => "ftpfilepermissions",
|
938 |
"type" => "text",
|
939 |
+
"validator" => "integer",
|
940 |
"listitems" => null,
|
941 |
"value" => WFU_VAR("WFU_FTPFILEPERMISSIONS"),
|
942 |
"mode" => "free",
|
951 |
"name" => "Show Upload Folder Path",
|
952 |
"attribute" => "showtargetfolder",
|
953 |
"type" => "onoff",
|
954 |
+
"validator" => "text",
|
955 |
"listitems" => null,
|
956 |
"value" => WFU_VAR("WFU_SHOWTARGETFOLDER"),
|
957 |
"mode" => "free",
|
966 |
"name" => "Select Subfolder",
|
967 |
"attribute" => "askforsubfolders",
|
968 |
"type" => "onoff",
|
969 |
+
"validator" => "text",
|
970 |
"listitems" => null,
|
971 |
"value" => WFU_VAR("WFU_ASKFORSUBFOLDERS"),
|
972 |
"mode" => "free",
|
981 |
"name" => "List of Subfolders",
|
982 |
"attribute" => "subfoldertree",
|
983 |
"type" => "folderlist",
|
984 |
+
"validator" => "text",
|
985 |
"listitems" => null,
|
986 |
"value" => WFU_VAR("WFU_SUBFOLDERTREE"),
|
987 |
"mode" => "free",
|
996 |
"name" => "File Duplicates Policy",
|
997 |
"attribute" => "duplicatespolicy",
|
998 |
"type" => "radio",
|
999 |
+
"validator" => "text",
|
1000 |
"listitems" => array("overwrite", "reject", "*maintain both"),
|
1001 |
"value" => WFU_VAR("WFU_DUBLICATESPOLICY"),
|
1002 |
"mode" => "free",
|
1011 |
"name" => "File Rename Rule",
|
1012 |
"attribute" => "uniquepattern",
|
1013 |
"type" => "radio",
|
1014 |
+
"validator" => "text",
|
1015 |
"listitems" => array("index", "datetimestamp"),
|
1016 |
"value" => WFU_VAR("WFU_UNIQUEPATTERN"),
|
1017 |
"mode" => "free",
|
1026 |
"name" => "Redirect after Upload",
|
1027 |
"attribute" => "redirect",
|
1028 |
"type" => "onoff",
|
1029 |
+
"validator" => "text",
|
1030 |
"listitems" => null,
|
1031 |
"value" => WFU_VAR("WFU_REDIRECT"),
|
1032 |
"mode" => "free",
|
1041 |
"name" => "Redirection URL",
|
1042 |
"attribute" => "redirectlink",
|
1043 |
"type" => "ltext",
|
1044 |
+
"validator" => "link",
|
1045 |
"listitems" => null,
|
1046 |
"value" => WFU_VAR("WFU_REDIRECTLINK"),
|
1047 |
"mode" => "free",
|
1056 |
"name" => "Show Detailed Admin Messages",
|
1057 |
"attribute" => "adminmessages",
|
1058 |
"type" => "onoff",
|
1059 |
+
"validator" => "text",
|
1060 |
"listitems" => null,
|
1061 |
"value" => WFU_VAR("WFU_ADMINMESSAGES"),
|
1062 |
"mode" => "free",
|
1071 |
"name" => "Disable AJAX",
|
1072 |
"attribute" => "forceclassic",
|
1073 |
"type" => "onoff",
|
1074 |
+
"validator" => "text",
|
1075 |
"listitems" => null,
|
1076 |
"value" => WFU_VAR("WFU_FORCECLASSIC"),
|
1077 |
"mode" => "free",
|
1086 |
"name" => "Test Mode",
|
1087 |
"attribute" => "testmode",
|
1088 |
"type" => "onoff",
|
1089 |
+
"validator" => "text",
|
1090 |
"listitems" => null,
|
1091 |
"value" => WFU_VAR("WFU_TESTMODE"),
|
1092 |
"mode" => "free",
|
1101 |
"name" => "Debug Mode",
|
1102 |
"attribute" => "debugmode",
|
1103 |
"type" => "onoff",
|
1104 |
+
"validator" => "text",
|
1105 |
"listitems" => null,
|
1106 |
"value" => WFU_VAR("WFU_DEBUGMODE"),
|
1107 |
"mode" => "free",
|
1116 |
"name" => "Plugin Component Positions",
|
1117 |
"attribute" => "placements",
|
1118 |
"type" => "placements",
|
1119 |
+
"validator" => "text",
|
1120 |
"listitems" => null,
|
1121 |
"value" => WFU_VAR("WFU_PLACEMENTS"),
|
1122 |
"mode" => "free",
|
1131 |
"name" => "Plugin Title",
|
1132 |
"attribute" => "uploadtitle",
|
1133 |
"type" => "text",
|
1134 |
+
"validator" => "text",
|
1135 |
"listitems" => null,
|
1136 |
"value" => WFU_UPLOADTITLE,
|
1137 |
"mode" => "free",
|
1146 |
"name" => "Select Button Caption",
|
1147 |
"attribute" => "selectbutton",
|
1148 |
"type" => "text",
|
1149 |
+
"validator" => "text",
|
1150 |
"listitems" => null,
|
1151 |
"value" => WFU_SELECTBUTTON,
|
1152 |
"mode" => "free",
|
1161 |
"name" => "Upload Button Caption",
|
1162 |
"attribute" => "uploadbutton",
|
1163 |
"type" => "text",
|
1164 |
+
"validator" => "text",
|
1165 |
"listitems" => null,
|
1166 |
"value" => WFU_UPLOADBUTTON,
|
1167 |
"mode" => "free",
|
1176 |
"name" => "Upload Folder Label",
|
1177 |
"attribute" => "targetfolderlabel",
|
1178 |
"type" => "text",
|
1179 |
+
"validator" => "text",
|
1180 |
"listitems" => null,
|
1181 |
"value" => WFU_VAR("WFU_TARGETFOLDERLABEL"),
|
1182 |
"mode" => "free",
|
1191 |
"name" => "Select Subfolder Label",
|
1192 |
"attribute" => "subfolderlabel",
|
1193 |
"type" => "text",
|
1194 |
+
"validator" => "text",
|
1195 |
"listitems" => null,
|
1196 |
"value" => WFU_VAR("WFU_SUBFOLDERLABEL"),
|
1197 |
"mode" => "free",
|
1206 |
"name" => "Success Upload Message",
|
1207 |
"attribute" => "successmessage",
|
1208 |
"type" => "ltext",
|
1209 |
+
"validator" => "text",
|
1210 |
"listitems" => null,
|
1211 |
"value" => WFU_SUCCESSMESSAGE,
|
1212 |
"mode" => "free",
|
1221 |
"name" => "Warning Upload Message",
|
1222 |
"attribute" => "warningmessage",
|
1223 |
"type" => "ltext",
|
1224 |
+
"validator" => "text",
|
1225 |
"listitems" => null,
|
1226 |
"value" => WFU_WARNINGMESSAGE,
|
1227 |
"mode" => "free",
|
1236 |
"name" => "Error Upload Message",
|
1237 |
"attribute" => "errormessage",
|
1238 |
"type" => "ltext",
|
1239 |
+
"validator" => "text",
|
1240 |
"listitems" => null,
|
1241 |
"value" => WFU_ERRORMESSAGE,
|
1242 |
"mode" => "free",
|
1251 |
"name" => "Wait Upload Message",
|
1252 |
"attribute" => "waitmessage",
|
1253 |
"type" => "ltext",
|
1254 |
+
"validator" => "text",
|
1255 |
"listitems" => null,
|
1256 |
"value" => WFU_WAITMESSAGE,
|
1257 |
"mode" => "free",
|
1266 |
"name" => "Upload Media Button Caption",
|
1267 |
"attribute" => "uploadmediabutton",
|
1268 |
"type" => "text",
|
1269 |
+
"validator" => "text",
|
1270 |
"listitems" => null,
|
1271 |
"value" => WFU_UPLOADMEDIABUTTON,
|
1272 |
"mode" => "free",
|
1281 |
"name" => "Video Filename",
|
1282 |
"attribute" => "videoname",
|
1283 |
"type" => "text",
|
1284 |
+
"validator" => "text",
|
1285 |
"listitems" => null,
|
1286 |
"value" => WFU_VIDEONAME,
|
1287 |
"mode" => "free",
|
1296 |
"name" => "Image Filename",
|
1297 |
"attribute" => "imagename",
|
1298 |
"type" => "text",
|
1299 |
+
"validator" => "text",
|
1300 |
"listitems" => null,
|
1301 |
"value" => WFU_IMAGENAME,
|
1302 |
"mode" => "free",
|
1311 |
"name" => "Required Fields Suffix",
|
1312 |
"attribute" => "requiredlabel",
|
1313 |
"type" => "text",
|
1314 |
+
"validator" => "text",
|
1315 |
"listitems" => null,
|
1316 |
"value" => WFU_USERDATA_REQUIREDLABEL,
|
1317 |
"mode" => "free",
|
1326 |
"name" => "Notify by Email",
|
1327 |
"attribute" => "notify",
|
1328 |
"type" => "onoff",
|
1329 |
+
"validator" => "text",
|
1330 |
"listitems" => null,
|
1331 |
"value" => WFU_VAR("WFU_NOTIFY"),
|
1332 |
"mode" => "free",
|
1341 |
"name" => "Email Recipients",
|
1342 |
"attribute" => "notifyrecipients",
|
1343 |
"type" => "mtext",
|
1344 |
+
"validator" => "text",
|
1345 |
"listitems" => null,
|
1346 |
"value" => WFU_VAR("WFU_NOTIFYRECIPIENTS"),
|
1347 |
"mode" => "free",
|
1356 |
"name" => "Email Headers",
|
1357 |
"attribute" => "notifyheaders",
|
1358 |
"type" => "mtext",
|
1359 |
+
"validator" => "emailheaders",
|
1360 |
"listitems" => null,
|
1361 |
"value" => WFU_VAR("WFU_NOTIFYHEADERS"),
|
1362 |
"mode" => "free",
|
1371 |
"name" => "Email Subject",
|
1372 |
"attribute" => "notifysubject",
|
1373 |
"type" => "ltext",
|
1374 |
+
"validator" => "emailsubject",
|
1375 |
"listitems" => null,
|
1376 |
"value" => WFU_NOTIFYSUBJECT,
|
1377 |
"mode" => "free",
|
1386 |
"name" => "Email Body",
|
1387 |
"attribute" => "notifymessage",
|
1388 |
"type" => "mtext",
|
1389 |
+
"validator" => "emailbody",
|
1390 |
"listitems" => null,
|
1391 |
"value" => WFU_NOTIFYMESSAGE,
|
1392 |
"mode" => "free",
|
1401 |
"name" => "Attach Uploaded Files",
|
1402 |
"attribute" => "attachfile",
|
1403 |
"type" => "onoff",
|
1404 |
+
"validator" => "text",
|
1405 |
"listitems" => null,
|
1406 |
"value" => WFU_VAR("WFU_ATTACHFILE"),
|
1407 |
"mode" => "free",
|
1416 |
"name" => "Success Upload Message Color",
|
1417 |
"attribute" => "successmessagecolor",
|
1418 |
"type" => "hidden",
|
1419 |
+
"validator" => "colors",
|
1420 |
"listitems" => null,
|
1421 |
"value" => WFU_SUCCESSMESSAGECOLOR,
|
1422 |
"mode" => "free",
|
1431 |
"name" => "Success Message Colors",
|
1432 |
"attribute" => "successmessagecolors",
|
1433 |
"type" => "color-triplet",
|
1434 |
+
"validator" => "colors",
|
1435 |
"listitems" => null,
|
1436 |
"value" => WFU_VAR("WFU_SUCCESSMESSAGECOLORS"),
|
1437 |
"mode" => "free",
|
1446 |
"name" => "Warning Message Colors",
|
1447 |
"attribute" => "warningmessagecolors",
|
1448 |
"type" => "color-triplet",
|
1449 |
+
"validator" => "colors",
|
1450 |
"listitems" => null,
|
1451 |
"value" => WFU_VAR("WFU_WARNINGMESSAGECOLORS"),
|
1452 |
"mode" => "free",
|
1461 |
"name" => "Fail Message Colors",
|
1462 |
"attribute" => "failmessagecolors",
|
1463 |
"type" => "color-triplet",
|
1464 |
+
"validator" => "colors",
|
1465 |
"listitems" => null,
|
1466 |
"value" => WFU_VAR("WFU_FAILMESSAGECOLORS"),
|
1467 |
"mode" => "free",
|
1476 |
"name" => "Wait Message Colors",
|
1477 |
"attribute" => "waitmessagecolors",
|
1478 |
"type" => "hidden",
|
1479 |
+
"validator" => "colors",
|
1480 |
"listitems" => null,
|
1481 |
"value" => WFU_VAR("WFU_WAITMESSAGECOLORS"),
|
1482 |
"mode" => "free",
|
1491 |
"name" => "Plugin Component Widths",
|
1492 |
"attribute" => "widths",
|
1493 |
"type" => "dimensions",
|
1494 |
+
"validator" => "text",
|
1495 |
"listitems" => null,
|
1496 |
"value" => WFU_VAR("WFU_WIDTHS"),
|
1497 |
"mode" => "free",
|
1506 |
"name" => "Plugin Component Heights",
|
1507 |
"attribute" => "heights",
|
1508 |
"type" => "dimensions",
|
1509 |
+
"validator" => "text",
|
1510 |
"listitems" => null,
|
1511 |
"value" => WFU_VAR("WFU_HEIGHTS"),
|
1512 |
"mode" => "free",
|
1521 |
"name" => "Include Additional Data Fields",
|
1522 |
"attribute" => "userdata",
|
1523 |
"type" => "onoff",
|
1524 |
+
"validator" => "text",
|
1525 |
"listitems" => null,
|
1526 |
"value" => WFU_VAR("WFU_USERDATA"),
|
1527 |
"mode" => "free",
|
1536 |
"name" => "Additional Data Fields",
|
1537 |
"attribute" => "userdatalabel",
|
1538 |
"type" => "formfields",
|
1539 |
+
"validator" => "text",
|
1540 |
"listitems" => wfu_formfield_definitions(),
|
1541 |
"value" => WFU_USERDATALABEL,
|
1542 |
"mode" => "free",
|
1551 |
"name" => "WP Filebase Plugin Connection",
|
1552 |
"attribute" => "filebaselink",
|
1553 |
"type" => "onoff",
|
1554 |
+
"validator" => "text",
|
1555 |
"listitems" => null,
|
1556 |
"value" => WFU_VAR("WFU_FILEBASELINK"),
|
1557 |
"mode" => "free",
|
1566 |
"name" => "Add Uploaded Files To Media",
|
1567 |
"attribute" => "medialink",
|
1568 |
"type" => "onoff",
|
1569 |
+
"validator" => "text",
|
1570 |
"listitems" => null,
|
1571 |
"value" => WFU_VAR("WFU_MEDIALINK"),
|
1572 |
"mode" => "free",
|
1581 |
"name" => "Attach Uploaded Files To Post",
|
1582 |
"attribute" => "postlink",
|
1583 |
"type" => "onoff",
|
1584 |
+
"validator" => "text",
|
1585 |
"listitems" => null,
|
1586 |
"value" => WFU_VAR("WFU_POSTLINK"),
|
1587 |
"mode" => "free",
|
1596 |
"name" => "Enable Webcam",
|
1597 |
"attribute" => "webcam",
|
1598 |
"type" => "onoff",
|
1599 |
+
"validator" => "text",
|
1600 |
"listitems" => null,
|
1601 |
"value" => WFU_VAR("WFU_WEBCAM"),
|
1602 |
"mode" => "free",
|
1611 |
"name" => "Capture Mode",
|
1612 |
"attribute" => "webcammode",
|
1613 |
"type" => "radio",
|
1614 |
+
"validator" => "text",
|
1615 |
"listitems" => array("capture video", "take photos", "both"),
|
1616 |
"value" => WFU_VAR("WFU_WEBCAMMODE"),
|
1617 |
"mode" => "free",
|
1626 |
"name" => "Capture Audio",
|
1627 |
"attribute" => "audiocapture",
|
1628 |
"type" => "onoff",
|
1629 |
+
"validator" => "text",
|
1630 |
"listitems" => null,
|
1631 |
"value" => WFU_VAR("WFU_AUDIOCAPTURE"),
|
1632 |
"mode" => "free",
|
1641 |
"name" => "Video Width",
|
1642 |
"attribute" => "videowidth",
|
1643 |
"type" => "text",
|
1644 |
+
"validator" => "text",
|
1645 |
"listitems" => null,
|
1646 |
"value" => WFU_VAR("WFU_VIDEOWIDTH"),
|
1647 |
"mode" => "free",
|
1656 |
"name" => "Video Height",
|
1657 |
"attribute" => "videoheight",
|
1658 |
"type" => "text",
|
1659 |
+
"validator" => "text",
|
1660 |
"listitems" => null,
|
1661 |
"value" => WFU_VAR("WFU_VIDEOHEIGHT"),
|
1662 |
"mode" => "free",
|
1671 |
"name" => "Video Aspect Ratio",
|
1672 |
"attribute" => "videoaspectratio",
|
1673 |
"type" => "text",
|
1674 |
+
"validator" => "text",
|
1675 |
"listitems" => null,
|
1676 |
"value" => WFU_VAR("WFU_VIDEOASPECTRATIO"),
|
1677 |
"mode" => "free",
|
1686 |
"name" => "Video Frame Rate",
|
1687 |
"attribute" => "videoframerate",
|
1688 |
"type" => "text",
|
1689 |
+
"validator" => "text",
|
1690 |
"listitems" => null,
|
1691 |
"value" => WFU_VAR("WFU_VIDEOFRAMERATE"),
|
1692 |
"mode" => "free",
|
1701 |
"name" => "Camera Facing Mode",
|
1702 |
"attribute" => "camerafacing",
|
1703 |
"type" => "radio",
|
1704 |
+
"validator" => "text",
|
1705 |
"listitems" => array("any", "front", "back"),
|
1706 |
"value" => WFU_VAR("WFU_CAMERAFACING"),
|
1707 |
"mode" => "free",
|
1716 |
"name" => "Max Record Time",
|
1717 |
"attribute" => "maxrecordtime",
|
1718 |
"type" => "integer",
|
1719 |
+
"validator" => "integer",
|
1720 |
"listitems" => null,
|
1721 |
"value" => WFU_VAR("WFU_MAXRECORDTIME"),
|
1722 |
"mode" => "free",
|
lib/wfu_functions.php
CHANGED
@@ -165,6 +165,14 @@ function wfu_sanitize_int($code) {
|
|
165 |
return preg_replace("/[^0-9+\-]/", "", $code);
|
166 |
}
|
167 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
168 |
function wfu_sanitize_tag($code) {
|
169 |
return preg_replace("/[^A-Za-z0-9_]/", "", $code);
|
170 |
}
|
@@ -179,6 +187,81 @@ function wfu_sanitize_urls($urls, $separator) {
|
|
179 |
return implode($separator, $urls_arr);
|
180 |
}
|
181 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
182 |
function wfu_slash( $value ) {
|
183 |
if ( is_array( $value ) ) {
|
184 |
foreach ( $value as $k => $v ) {
|
165 |
return preg_replace("/[^0-9+\-]/", "", $code);
|
166 |
}
|
167 |
|
168 |
+
function wfu_sanitize_float($code) {
|
169 |
+
return preg_replace("/[^0-9+\-\.,]/", "", $code);
|
170 |
+
}
|
171 |
+
|
172 |
+
function wfu_sanitize_colors($code) {
|
173 |
+
return preg_replace("/[^A-Fa-f0-9#,]/", "", $code);
|
174 |
+
}
|
175 |
+
|
176 |
function wfu_sanitize_tag($code) {
|
177 |
return preg_replace("/[^A-Za-z0-9_]/", "", $code);
|
178 |
}
|
187 |
return implode($separator, $urls_arr);
|
188 |
}
|
189 |
|
190 |
+
function wfu_sanitize_shortcode($shortcode, $shortcode_tag) {
|
191 |
+
$attrs = wfu_shortcode_string_to_array($shortcode);
|
192 |
+
$sanitized_attrs = array();
|
193 |
+
if ( $shortcode_tag == 'wordpress_file_upload' ) $defs = wfu_attribute_definitions();
|
194 |
+
else $defs = wfu_browser_attribute_definitions();
|
195 |
+
// get validator types for defs
|
196 |
+
$def_validators = array();
|
197 |
+
foreach ( $defs as $def ) $def_validators[$def['attribute']] = $def['validator'];
|
198 |
+
// sanitize each attribute
|
199 |
+
foreach ( $attrs as $attr => $value ) {
|
200 |
+
//first sanitize the attribute name
|
201 |
+
$sanitized = sanitize_text_field($attr);
|
202 |
+
//continue only for attributes that sanitization did not crop any
|
203 |
+
//characters
|
204 |
+
if ( $sanitized == $attr && $attr != "" ) {
|
205 |
+
//flatten attributes that have many occurencies
|
206 |
+
$flat = preg_replace("/^(.*?)[0-9]*$/", "$1", $attr);
|
207 |
+
//get validator type
|
208 |
+
$validator = "text";
|
209 |
+
if ( isset($def_validators[$flat]) ) $validator = $def_validators[$flat];
|
210 |
+
//sanitize value based on validator type
|
211 |
+
$new_value = $value;
|
212 |
+
switch( $validator ) {
|
213 |
+
case "text":
|
214 |
+
$new_value = wp_strip_all_tags($value);
|
215 |
+
break;
|
216 |
+
case "integer":
|
217 |
+
$new_value = wfu_sanitize_int($value);
|
218 |
+
break;
|
219 |
+
case "float":
|
220 |
+
$new_value = wfu_sanitize_float($value);
|
221 |
+
break;
|
222 |
+
case "path":
|
223 |
+
$new_value = wp_strip_all_tags($value);
|
224 |
+
break;
|
225 |
+
case "link":
|
226 |
+
$new_value = wp_strip_all_tags($value);
|
227 |
+
break;
|
228 |
+
case "emailheaders":
|
229 |
+
if ( strpos(strtolower($value), "<script") !== false ) $new_value = "";
|
230 |
+
break;
|
231 |
+
case "emailsubject":
|
232 |
+
if ( strpos(strtolower($value), "<script") !== false ) $new_value = "";
|
233 |
+
break;
|
234 |
+
case "emailbody":
|
235 |
+
if ( strpos(strtolower($value), "<script") !== false ) $new_value = "";
|
236 |
+
break;
|
237 |
+
case "colors":
|
238 |
+
$new_value = wfu_sanitize_colors($value);
|
239 |
+
break;
|
240 |
+
case "css":
|
241 |
+
$new_value = wp_strip_all_tags($value);
|
242 |
+
break;
|
243 |
+
case "datetime":
|
244 |
+
$new_value = wp_strip_all_tags($value);
|
245 |
+
break;
|
246 |
+
case "pattern":
|
247 |
+
if ( substr_count($value, "'") > 0 && substr_count($value, "'") > substr_count($value, "\\'") ) $new_value = "";
|
248 |
+
break;
|
249 |
+
default:
|
250 |
+
$new_value = wp_strip_all_tags($value);
|
251 |
+
}
|
252 |
+
//allow custom filters to change the sanitization result
|
253 |
+
$new_value = apply_filters("_wfu_sanitize_shortcode", $new_value, $attr, $validator, $value);
|
254 |
+
$sanitized_attrs[$attr] = $new_value;
|
255 |
+
}
|
256 |
+
}
|
257 |
+
//reconstruct sanitized shortcode string from array
|
258 |
+
$sanitized_shortcode = "";
|
259 |
+
foreach ( $sanitized_attrs as $attr => $value )
|
260 |
+
$sanitized_shortcode .= ( $sanitized_shortcode == "" ? "" : " " ).$attr.'="'.$value.'"';
|
261 |
+
|
262 |
+
return $sanitized_shortcode;
|
263 |
+
}
|
264 |
+
|
265 |
function wfu_slash( $value ) {
|
266 |
if ( is_array( $value ) ) {
|
267 |
foreach ( $value as $k => $v ) {
|
lib/wfu_processfiles.php
CHANGED
@@ -240,6 +240,7 @@ function wfu_process_files($params, $method) {
|
|
240 |
// filters again, so we store the changable data to session
|
241 |
// variables for this specific file
|
242 |
if ( $only_check && !$nofileupload ) {
|
|
|
243 |
$file_map_arr = WFU_USVAR($file_map);
|
244 |
$file_map_arr['file_unique_id'] = $file_unique_id;
|
245 |
$file_map_arr['filepath'] = $target_path;
|
240 |
// filters again, so we store the changable data to session
|
241 |
// variables for this specific file
|
242 |
if ( $only_check && !$nofileupload ) {
|
243 |
+
if ( !WFU_USVAR_exists($file_map) ) WFU_USVAR_store($file_map, array());
|
244 |
$file_map_arr = WFU_USVAR($file_map);
|
245 |
$file_map_arr['file_unique_id'] = $file_unique_id;
|
246 |
$file_map_arr['filepath'] = $target_path;
|
readme.txt
CHANGED
@@ -146,6 +146,9 @@ There is an option in plugin's settings in Dashboard to relax the CSS rules, so
|
|
146 |
|
147 |
== Changelog ==
|
148 |
|
|
|
|
|
|
|
149 |
= 4.3.2 =
|
150 |
* fixed bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol
|
151 |
|
@@ -732,6 +735,9 @@ Initial version.
|
|
732 |
|
733 |
== Upgrade Notice ==
|
734 |
|
|
|
|
|
|
|
735 |
= 4.3.2 =
|
736 |
Minor update to fix some bugs.
|
737 |
|
146 |
|
147 |
== Changelog ==
|
148 |
|
149 |
+
= 4.3.3 =
|
150 |
+
* all shortcode attributes sanitized correctly to close a serious security hole
|
151 |
+
|
152 |
= 4.3.2 =
|
153 |
* fixed bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol
|
154 |
|
735 |
|
736 |
== Upgrade Notice ==
|
737 |
|
738 |
+
= 4.3.3 =
|
739 |
+
Minor update to fix a serious security hole.
|
740 |
+
|
741 |
= 4.3.2 =
|
742 |
Minor update to fix some bugs.
|
743 |
|
release_notes.txt
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<!-- --><span>Version 4.3.
|
2 |
<!-- -->
|
1 |
+
<!-- --><span>Version 4.3.3 is a minor update that fixes a serious <strong>security hole</strong> in shortcode attributes. </span><span style="font-weight:bold; color:red;">You are strongly encouraged to upgrade to the current version</span><span>. If you notice any problems with the shortcode, please </span><a href="https://www.iptanus.com/contact/">contact</a><span> <strong>Iptanus</strong>.<br/><br/>For details about this version's changes please visit the Release Notes of the plugin's </span><a href="http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/">support page</a><span>.</span><!-- -->
|
2 |
<!-- -->
|
wordpress_file_upload.php
CHANGED
@@ -4,7 +4,7 @@ if( !session_id() ) { session_start(); }
|
|
4 |
/*
|
5 |
Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
|
6 |
Description: Simple interface to upload files from a page.
|
7 |
-
Version: 4.3.
|
8 |
Author: Nickolas Bossinas
|
9 |
Author URI: http://www.iptanus.com
|
10 |
*/
|
4 |
/*
|
5 |
Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
|
6 |
Description: Simple interface to upload files from a page.
|
7 |
+
Version: 4.3.3
|
8 |
Author: Nickolas Bossinas
|
9 |
Author URI: http://www.iptanus.com
|
10 |
*/
|