Changeset 694646
- Timestamp:
- 04/09/2013 04:07:24 PM (13 years ago)
- Location:
- proper-contact-form/trunk
- Files:
-
- 4 edited
-
README.md (modified) (1 diff)
-
proper-contact-form.php (modified) (5 diffs)
-
readme.txt (modified) (2 diffs)
-
settings.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
proper-contact-form/trunk/README.md
r687822 r694646 3 3 4 4 A well-coded, secure, and (soon to be very) flexible WordPress plugin that makes creating contact (and other) forms very simple. This is meant to be a simple tool for both savvy WordPress users and seasoned WordPress developers. 5 6 [WordPress repo here](http://wordpress.org/extend/plugins/proper-contact-form/) 5 7 6 8 At the moment, this simply creates a contact form with the shortcode [proper_contact_form]. There is a settings page to tinker with a few of the options, and allows you to validate and submit to a new page to help with goal tracking in analytics. -
proper-contact-form/trunk/proper-contact-form.php
r687822 r694646 5 5 Plugin URI: http://theproperweb.com/shipped/wp/proper-contact-form 6 6 Description: A better contact form processor 7 Version: 0.9.5 7 Version: 0.9.5.1 8 8 Author: PROPER Development 9 9 Author URI: http://theproperweb.com … … 16 16 function proper_contact_form($atts, $content = NULL) { 17 17 18 if (isset($_SESSION['propercfp_sent']) && $_SESSION['propercfp_sent'] === 'yes') : 18 if ( 19 isset($_SESSION['propercfp_sent']) && 20 $_SESSION['propercfp_sent'] === 'yes' 21 ) : 19 22 unset($_SESSION['propercfp_sent']); 20 23 return ' 21 24 <div class="proper_contact_form_wrap"> 22 <h2>' .proper_contact_get_key('propercfp_label_submit').'</h2>25 <h2>' . proper_contact_get_key('propercfp_label_submit') . '</h2> 23 26 </div>'; 24 27 endif; … … 87 90 'required' => TRUE, 88 91 'type' => 'textarea', 89 'wrap_class' => isset($_SESSION['cfp_contact_errors']['question-or-comment']) ? array('form_field_wrap', 'error') : array('form_field_wrap') 92 'wrap_class' => isset($_SESSION['cfp_contact_errors']['question-or-comment']) ? 93 array('form_field_wrap', 'error') : 94 array('form_field_wrap') 90 95 ), 'question-or-comment'); 91 96 … … 171 176 172 177 // Sanitize contact reason 173 $contact_reason = isset($_POST['contact-reasons']) ? s trip_tags($_POST['contact-reasons']) : '';178 $contact_reason = isset($_POST['contact-reasons']) ? sanitize_text_field($_POST['contact-reasons']) : ''; 174 179 if (!empty($contact_reason)) { 175 180 $body .= stripslashes( proper_contact_get_key( 'propercfp_label_reason' ) ) . ": $contact_reason \r"; … … 177 182 178 183 // Sanitize and validate comments 179 $contact_comment = sanitize_text_field(trim($_POST['question-or-comment']));184 $contact_comment = filter_var((trim($_POST['question-or-comment'])), FILTER_SANITIZE_STRING); 180 185 if (empty($contact_comment)) { 181 186 $_SESSION['cfp_contact_errors']['question-or-comment'] = proper_contact_get_key('propercfp_label_err_no_content'); -
proper-contact-form/trunk/readme.txt
r687822 r694646 5 5 Requires at least: 3.0 6 6 Tested up to: 3.5.1 7 Stable tag: 0.9.5 7 Stable tag: 0.9.5.1 8 8 9 9 Creates a flexible, secure contact form on your WP site … … 50 50 == Changelog == 51 51 52 = 0.9.5.1 = 53 * Improved field handling 54 * Better security for the settings page 55 52 56 = 0.9.5 = 53 57 * Added text fields for error messages and submit button -
proper-contact-form/trunk/settings.php
r687822 r694646 103 103 'Send email confirmation to form submitter', 104 104 'propercfp_confirm_email', 105 'Adding text here will send an email to the form submitter. The email uses the "Text to show when form is submitted..." field below as the subject line. ',105 'Adding text here will send an email to the form submitter. The email uses the "Text to show when form is submitted..." field below as the subject line. Plain text only here, no HTML.', 106 106 'textarea', 107 107 '', … … 216 216 function cfp_add_admin() { 217 217 218 global $plugin_options, $propercfp_options ; 219 220 if ( array_key_exists('page', $_GET) && $_GET['page'] === 'pcfp-admin' ) { 221 222 if (array_key_exists('action', $_REQUEST)) { 223 224 if ('save' == $_REQUEST['action'] ) { 225 226 foreach ($plugin_options as $opt) { 227 228 if (isset($_REQUEST[$opt[1]])) $propercfp_options[$opt[1]] = $_REQUEST[$opt[1]]; 229 else $propercfp_options[$opt[1]] = ''; 230 231 } 232 233 update_option('propercfp_settings_array', $propercfp_options); 234 235 header("Location: admin.php?page=pcfp-admin&saved=true"); 236 237 die; 238 239 } 240 } 218 global $plugin_options, $propercfp_options, $current_user; 219 get_currentuserinfo(); 220 221 if ( 222 // On the right page 223 array_key_exists('page', $_GET) && 224 $_GET['page'] === 'pcfp-admin' && 225 // We're saving options 226 array_key_exists( 'action', $_REQUEST ) && 227 $_REQUEST['action'] == 'save' && 228 // This action is authorized 229 current_user_can( 'manage_options' ) && 230 wp_verify_nonce( $_POST['proper_nonce'], $current_user->user_email ) 231 ) { 232 233 foreach ($plugin_options as $opt) : 234 if (isset($_REQUEST[$opt[1]])) { 235 $opt_data = filter_var($_REQUEST[$opt[1]], FILTER_SANITIZE_STRING); 236 $propercfp_options[$opt[1]] = $opt_data; 237 } else { 238 $propercfp_options[$opt[1]] = ''; 239 } 240 endforeach; 241 242 update_option('propercfp_settings_array', $propercfp_options); 243 header("Location: admin.php?page=pcfp-admin&saved=true"); 244 die; 241 245 } 242 246 … … 251 255 function proper_contact_admin() { 252 256 253 global $plugin_options, $propercfp_options; 257 global $plugin_options, $propercfp_options, $current_user; 258 get_currentuserinfo(); 254 259 ?> 255 260 … … 475 480 <input name="save" type="submit" value="Save changes" class="button-primary"> 476 481 <input type="hidden" name="action" value="save" > 482 <input type="hidden" name="proper_nonce" value="<?php 483 echo wp_create_nonce( $current_user->user_email ) 484 ?>"> 477 485 </p> 478 486
Note: See TracChangeset
for help on using the changeset viewer.