Context Navigation

Changeset 3185636

Timestamp:

11/11/2024 11:21:20 AM (17 months ago)

Author:

zohocrm

Message:

Security review changes has been updated

Location:

zoho-crm-forms/trunk

Files:

-                      r3185097
+                      r3185636
 Author: Zoho CRM
 Tested up to: 6.7
 Stable tag:1.7.9.7
+Stable tag:1.7.9.8
 License: GPLv2 or later
 Version: 1.7.9.7
+Version: 1.7.9.8
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 …
 Wordpress latest version compatibility check
 .7.9.5
 Security review chnages has been updated
+Security review changes has been updated
 .7.9.6
 Security review chnages has been updated
+Security review changes has been updated
 .7.9.7
 Wordpress latest version compatibility check
+.7.9.8
+Security review changes has been updated
 == Upgrade notice ==

-                      r3185097
+                      r3185636
 function zcf_ContactFormFieldsGenerator($attr, $thirdparty) {
     global $HelperObj;
     global $module_options, $module, $isWidget, $assignedto, $check_duplicate, $update_record, $formattr, $attrname;
     $module_options = 'Leads';
     $newform = new zcffieldlistDatamanage();
+    if($attr['name'] ==''){
+      $attr['name'] = $attr['id'];
+    if (empty($attr['name'])) {
+        $attr['name'] = sanitize_text_field($attr['id']);
+    } else {
+        $attr['name'] = sanitize_text_field($attr['name']);
+    }
     $newshortcode = $newform->zcfformfieldsPropsettings($attr['name']);
 …
     $check_duplicate = $FormSettings->duplicate_handling;
     if (isset($shortcodes['update_record'])) {
+        $update_record = $shortcodes['update_record'];
+    }
+        $update_record = sanitize_text_field($shortcodes['update_record']); // Sanitize if needed
+    }
     return zcf_ContactFormfieldlistsMapping($module, $config_fields, $module_options, "post", $thirdparty);
+}
 function zcf_callcontactform7mapping($formtype) {

-                      r3178287
+                      r3185636
     function zcfFormPropSettings($shortcodename = "") {
         global $wpdb;
+        $query = "";
+        $where = "";
+        $query = "SELECT * FROM zcf_zohoshortcode_manager";
+        // Use a prepared statement to safely handle user input
         if ($shortcodename != "") {
+            $where = " where shortcode_name = '$shortcodename'";
+        }
+        $query = "select * from zcf_zohoshortcode_manager";
+        $sql = $query . $where;
+            $sql = $wpdb->prepare("SELECT * FROM zcf_zohoshortcode_manager WHERE shortcode_name = %s", $shortcodename);
+        } else {
+            $sql = $query;
+        }
         $results = $wpdb->get_results($sql);
         if (( $shortcodename != "" ) && ( count($results) > 0 )) {
             $return_results = $results[0];
             return $return_results;
+        if (($shortcodename != "") && (count($results) > 0)) {
+            return $results[0];
         } else {
             return $results;

-                      r3185097
+                      r3185636
  * Plugin Name: Zoho CRM Lead Magnet
  * Description: Websites are one of the most important sources of leads for your business. That means your CRM system should be well integrated with your website to contextually capture each and every visitor to turn them into a lead.Introducing the Zoho CRM Lead Capture plugin for Wordpress. This lets you create webforms, embed them in your website, and automatically capture leads directly into your CRM with zero attenuation.Not only is the integration easy to set-up but it's also easy on your wallet.
  * Version: 1.7.9.7
+ * Version: 1.7.9.8
  * ***************************************************************************************** */
 if (!defined('ABSPATH'))
     exit;
         define( 'ZCF_VERSION', '1.7.9.7' );
+        define( 'ZCF_VERSION', '1.7.9.8' );
         define( 'ZCF_LBPLUGINFILE', __FILE__ );
         define( 'ZCF_LBPLUGIN_URL', untrailingslashit( plugins_url( '', ZCF_LBPLUGINFILE ) ) );

Note: See TracChangeset for help on using the changeset viewer.