Version Description
No known upgrade issues.
Download this release
Release Info
| Developer | mpwalsh8 |
| Plugin |  Google Forms |
| Version | 0.92 |
| Comparing to | |
| See all releases | |
Code changes from version 0.91 to 0.92
- readme.txt +6 -2
- wpgform-core.php +7 -4
- wpgform-post-type.php +12 -0
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: mpwalsh8
|
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=DK4MS3AA983CC
|
| 4 |
Tags: Google Forms, Google Docs, Google, Spreadsheet, shortcode, forms
|
| 5 |
Requires at least: 4.0
|
| 6 |
-
Tested up to: 4.
|
| 7 |
-
Stable tag: 0.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -381,6 +381,10 @@ No known upgrade issues.
|
|
| 381 |
|
| 382 |
== Change log ==
|
| 383 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 384 |
= Version 0.91 =
|
| 385 |
* Retagged to correct version number.
|
| 386 |
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=DK4MS3AA983CC
|
| 4 |
Tags: Google Forms, Google Docs, Google, Spreadsheet, shortcode, forms
|
| 5 |
Requires at least: 4.0
|
| 6 |
+
Tested up to: 4.9.1
|
| 7 |
+
Stable tag: 0.92
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 381 |
|
| 382 |
== Change log ==
|
| 383 |
|
| 384 |
+
= Version 0.92 =
|
| 385 |
+
* Fixed collision with global $post variable resulting in media uploads being places in the wrong folder.
|
| 386 |
+
* Changed expression check to use parse_url() to ensure the form action comes from google.com and not a spoofed domain.
|
| 387 |
+
|
| 388 |
= Version 0.91 =
|
| 389 |
* Retagged to correct version number.
|
| 390 |
|
wpgform-core.php
CHANGED
|
@@ -1781,11 +1781,14 @@ jQuery(document).ready(function($) {
|
|
| 1781 |
if (WPGFORM_DEBUG) wpgform_whereami(__FILE__, __LINE__, 'ProcessGoogleForm (action)') ;
|
| 1782 |
if (WPGFORM_DEBUG) wpgform_preprint_r($action) ;
|
| 1783 |
|
| 1784 |
-
// As a safety precaution make sure the action provided resolves to Google
|
| 1785 |
-
|
|
|
|
|
|
|
|
|
|
| 1786 |
{
|
| 1787 |
-
wp_die(sprintf('<div class="wpgform-google-error gform-google-error">%s</div>',
|
| 1788 |
-
__('Google Form submit action does not resolve to <b>
|
| 1789 |
}
|
| 1790 |
|
| 1791 |
$options = json_decode(base64_decode(sanitize_text_field($_POST['wpgform-options'])), true) ;
|
| 1781 |
if (WPGFORM_DEBUG) wpgform_whereami(__FILE__, __LINE__, 'ProcessGoogleForm (action)') ;
|
| 1782 |
if (WPGFORM_DEBUG) wpgform_preprint_r($action) ;
|
| 1783 |
|
| 1784 |
+
// As a safety precaution make sure the action provided resolves to Google.com
|
| 1785 |
+
// (docs.google.com drive.google.com) - make sure the trailing slash is present
|
| 1786 |
+
// to catch spoofed domains.
|
| 1787 |
+
|
| 1788 |
+
if (!in_array(parse_url($action, PHP_URL_HOST), array('drive.google.com', 'docs.google.com')))
|
| 1789 |
{
|
| 1790 |
+
wp_die(sprintf('<div class="wpgform-google-error gform-google-error">%s (%s)</div>',
|
| 1791 |
+
__('Google Form submit action does not resolve to <b>google.com</b>. Form submission aborted.', WPGFORM_I18N_DOMAIN), $action)) ;
|
| 1792 |
}
|
| 1793 |
|
| 1794 |
$options = json_decode(base64_decode(sanitize_text_field($_POST['wpgform-options'])), true) ;
|
wpgform-post-type.php
CHANGED
|
@@ -64,6 +64,12 @@ function wpgform_register_post_types()
|
|
| 64 |
/** Perform routine maintenance */
|
| 65 |
function wpgform_routine_maintenance()
|
| 66 |
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 67 |
// Post type is registered, do some hygiene on any that exist in the database.
|
| 68 |
// Insert the "wpgform" shortcode for that post into the post content. This
|
| 69 |
// ensures the form will be displayed properly when viewed through the CPT URL.
|
|
@@ -85,6 +91,12 @@ function wpgform_routine_maintenance()
|
|
| 85 |
|
| 86 |
// re-hook this function
|
| 87 |
add_action('save_post_' . WPGFORM_CPT_FORM, 'wpgform_save_meta_box_data');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 88 |
}
|
| 89 |
|
| 90 |
// Build custom meta box support
|
| 64 |
/** Perform routine maintenance */
|
| 65 |
function wpgform_routine_maintenance()
|
| 66 |
{
|
| 67 |
+
global $post;
|
| 68 |
+
|
| 69 |
+
// Save the state of the global $post variable as the query will change it.
|
| 70 |
+
|
| 71 |
+
$gblpost = $post;
|
| 72 |
+
|
| 73 |
// Post type is registered, do some hygiene on any that exist in the database.
|
| 74 |
// Insert the "wpgform" shortcode for that post into the post content. This
|
| 75 |
// ensures the form will be displayed properly when viewed through the CPT URL.
|
| 91 |
|
| 92 |
// re-hook this function
|
| 93 |
add_action('save_post_' . WPGFORM_CPT_FORM, 'wpgform_save_meta_box_data');
|
| 94 |
+
|
| 95 |
+
// Reset the Post Data after running WP_Query ...
|
| 96 |
+
wp_reset_postdata() ;
|
| 97 |
+
|
| 98 |
+
// Restore the state of the global $post variable
|
| 99 |
+
$post = $gblpost;
|
| 100 |
}
|
| 101 |
|
| 102 |
// Build custom meta box support
|
