ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Plugin Updates

Browse Source
This commit is contained in:
Tony Volpe
2024-03-19 15:33:31 +00:00
parent ff5b56dc44
commit 3a70a6e4bf
317 changed files with 8178 additions and 2933 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/assets/scripts/dtx.min.js vendored
View File

@@ -1,2 +1,2 @@
/*! Do not edit, this file is generated automatically - 2024-02-13 23:02:47 EST */
/*! Do not edit, this file is generated automatically - 2024-03-18 16:03:44 EDT */
window.$=window.$||jQuery.noConflict();var dtx={queue:[],init:function(){var e=$("input.dtx-pageload[data-dtx-value]");e.length&&(e.each(function(e,t){var r=$(t),a=r.attr("data-dtx-value"),o=decodeURIComponent(a).split(" ");if(o.length){var n=o[0],c={};if(1<o.length)for(var i=1;i<o.length;i++){var u=o[i].split("="),d;2===u.length&&(c[u[0]]=u[1].split("'").join(""))}var s="";switch(n){case"CF7_GET":s=dtx.get(c);break;case"CF7_referrer":s=dtx.referrer(c);break;case"CF7_URL":s=dtx.current_url(c);break;case"CF7_get_cookie":s=dtx.get_cookie(c);break;case"CF7_guid":s=dtx.guid();break;case"CF7_get_current_var":if(!dtx.validKey(c,"key")||"url"!=c.key)return;s=dtx.current_url(c);break;case"CF7_get_post_var":case"CF7_get_custom_field":case"CF7_get_taxonomy":case"CF7_get_attachment":case"CF7_bloginfo":case"CF7_get_theme_option":return;default:return void(n&&dtx.queue.push({value:a,multiline:r.is("textarea")}))}dtx.set(r,s)}}),dtx.queue.length)&&setTimeout(function(){$.ajax({type:"POST",url:dtx_obj.ajax_url,dataType:"json",data:{action:"wpcf7dtx",shortcodes:dtx.queue},cache:!1,error:function(e,t,r){},success:function(e,t,r){"object"==typeof e&&e.length&&$.each(e,function(e,t){var r=$('.wpcf7 form input.dtx-pageload[data-dtx-value="'+t.raw_value+'"]');r.length&&(r.addClass("dtx-ajax-loaded"),dtx.set(r,t.value))})}})},10)},validKey:function(e,t){return e.hasOwnProperty(t)&&"string"==typeof e[t]&&e[t].trim()},obfuscate:function(e,t){if(e=e.trim(),dtx.validKey(t,"obfuscate")&&t.obfuscate){for(var r="",a=0;a<e.length;a++)r+="&#"+e.codePointAt(a)+";";return r}return e},set:function(e,t){e.attr("value",t).addClass("dtx-loaded").trigger("dtx_init")},get:function(e){if(dtx.validKey(e,"key")){var t=window.location.search;if(t)return t=new URLSearchParams(t),dtx.obfuscate(t.get(e.key).trim(),e)}return""},referrer:function(e){return dtx.obfuscate(document.referrer,e)},current_url:function(e){if(!e.hasOwnProperty("part"))return dtx.obfuscate(window.location.href,e);var t;if(["scheme","host","port","path","query","fragment"].includes(e.part))switch(e.part){case"scheme":return dtx.obfuscate(window.location.protocol.replace(":",""),e);case"host":return dtx.obfuscate(window.location.host,e);case"port":return dtx.obfuscate(window.location.port,e);case"path":return dtx.obfuscate(window.location.pathname,e);case"query":return dtx.obfuscate(window.location.search.replace("?",""),e);case"fragment":return dtx.obfuscate(window.location.hash.replace("#",""),e)}return""},get_cookie:function(e){var t;return e.hasOwnProperty("key")&&"string"==typeof e.key&&""!=e.key.trim()&&(t=document.cookie.match("(^|;) ?"+e.key.trim()+"=([^;]*)(;|$)"))?dtx.obfuscate(t[2],e):""},guid:function(){var r,a;return(void 0!==window.crypto&&void 0!==window.crypto.getRandomValues?([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,e=>(e^crypto.getRandomValues(new Uint8Array(1))[0]&15>>e/4).toString(16)):(r=(new Date).getTime(),a="undefined"!=typeof performance&&performance.now&&1e3*performance.now()||0,"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(e){var t=16*Math.random();return 0<r?(t=(r+t)%16|0,r=Math.floor(r/16)):(t=(a+t)%16|0,a=Math.floor(a/16)),("x"===e?t:3&t|8).toString(16).toUpperCase()}))).toUpperCase()}};$(document).ready(dtx.init);

2
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/assets/scripts/tag-generator.min.js vendored
View File

@@ -1,2 +1,2 @@
/*! Do not edit, this file is generated automatically - 2024-02-13 23:02:47 EST */
/*! Do not edit, this file is generated automatically - 2024-03-18 16:03:44 EDT */
!function(n){"use strict";"undefined"!=typeof wpcf7&&null!==wpcf7&&(window.wpcf7dtx=window.wpcf7dtx||{},wpcf7dtx.taggen={},wpcf7dtx.taggen.escapeRegExp=function(e){return e.replace(/([.*+?^=!:${}()|\[\]\/\\])/g,"\\$1")},wpcf7dtx.taggen.replaceAll=function(e,t,n,a){var c;return null!=e&&"string"==typeof e&&""!==e.trim()&&-1<e.indexOf(t)?(c=new RegExp(wpcf7dtx.taggen.escapeRegExp(t),"g"),a&&(c=new RegExp(t,"g")),e.replace(c,n)):e},wpcf7dtx.taggen.updateOption=function(e){var e=n(e.currentTarget),t=encodeURIComponent(wpcf7dtx.taggen.replaceAll(e.val(),"'","&#39;"));e.siblings('input[type="hidden"].option').val(t)},n(function(){n("form.tag-generator-panel .dtx-option").on("change keyup click",wpcf7dtx.taggen.updateOption),n('.contact-form-editor-panel #tag-generator-list a.thickbox.button[href*="inlineId=tag-generator-panel-dynamic_"]').each(function(){var e=n(this),t=e.text();e.addClass("dtx-form-tag"),"dynamic drop-down menu"!=t&&"dynamic checkboxes"!=t&&"dynamic radio buttons"!=t||e.attr("href",e.attr("href").replace("height=500","height=750"))})}))}(jQuery);

13
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/changelog.txt
View File

@@ -1,5 +1,16 @@
== Changelog ==
= 4.3.1 =
* Fix: Resolved the PHP warning regarding `Undefined array key "value" in /.../contact-form-7-dynamic-text-extension/contact-form-7-dynamic-text-extension.php on line 391`, [see support thread](https://wordpress.org/support/topic/undefined-array-key-value-2/).
* Fix: Resolved a bug introduced in version 4.2.1 that prevented the mail template validator from recognizing DTX form tags, [see support thread](https://wordpress.org/support/topic/email-field-validation-4/).
* Fix: The `default` attribute for `dynamic_checkbox` can now accept multiple values that are delimited by an underscore (_), making it consistent with [Contact Form 7](https://contactform7.com/checkboxes-radio-buttons-and-menus/#checkbox-radio), [see support thread](https://wordpress.org/support/topic/help-dynamic_checkbox-and-default-values/).
= 4.3.0 =
* Feature: Added the `wpcf7dtx_shortcode` filter to all built-in shortcodes as requested. For usage details, see the [knowledge base](https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/filter-modify-built-in-shortcode-responses/?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme).
* Fix: Resolved a bug that prevented using the number zero as the value for select fields, checkboxes, and radio buttons, [see support thread](https://wordpress.org/support/topic/error-with-option-value-0-for-a-dynamic-radio-button/).
= 4.2.3 =
* Fix: Resolved a bug where the `dynamic_select` displayed with a default size of 40 instead of 1.
@@ -21,7 +32,7 @@
= 4.2.0 =
* Security Update: ** Please be sure to review this doc, as you may need to adjust the settings: https://sevenspark.com/docs/contact-form-7-dynamic-text-extension/allow-data-access **
* Security Update: ** Please be sure to review this doc, as you may need to adjust the settings: [Documentation by SevenSpark](https://sevenspark.com/docs/contact-form-7-dynamic-text-extension/allow-data-access), [Documentation by AuRise Creative](https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/security/) **
* Feature: Added Settings Screen with Allow Lists
* Feature: Added Form Scanner
* Feature: Added Allow List key validation in CF7 Form Validator

64
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/contact-form-7-dynamic-text-extension.php
View File

@@ -2,41 +2,40 @@
/**
* Plugin Name: Contact Form 7 - Dynamic Text Extension
* Plugin URI: https://sevenspark.com/goods/contact-form-7-dynamic-text-extension
* Description: This plugin extends Contact Form 7 by adding dynamic form fields that accept any shortcode to generate default values and placeholder text. Requires Contact Form 7.
* Version: 4.2.3
* Author: SevenSpark, AuRise Creative
* Author URI: https://sevenspark.com
* License: GPL2
* Description: Extends Contact Form 7 by adding dynamic form fields that accepts shortcodes to prepopulate form fields with default values and dynamic placeholders.
* Version: 4.3.1
* Author: AuRise Creative, SevenSpark
* Author URI: https://aurisecreative.com
* Plugin URI: https://aurisecreative.com/products/wordpress-plugin/contact-form-7-dynamic-text-extension/
* License: GPL v3
* License URI: http://www.gnu.org/licenses/gpl-3.0.html
* Requires at least: 5.5
* Requires PHP: 7.4
* Text Domain: contact-form-7-dynamic-text-extension
*
* @copyright Copyright (c) 2010-2024 Chris Mavricos, SevenSpark <https://sevenspark.com>
* @copyright Copyright (c) 2022-2024 Tessa Watkins, AuRise Creative <https://aurisecreative.com>
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public License, version 3 or higher
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
Copyright 2010-2024 Chris Mavricos, SevenSpark <https://sevenspark.com>
Copyright 2022-2024 Tessa Watkins, AuRise Creative <https://aurisecreative.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, version 2, as
published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
define('WPCF7DTX_VERSION', '4.2.3'); // Define current version of DTX
define('WPCF7DTX_MINVERSION', '5.7'); // The minimum version of CF7 required to use all features
define('WPCF7DTX_VERSION', '4.3.1'); // Define current version of DTX
define('WPCF7DTX_MINVERSION', '5.7'); // The minimum version of CF7 required to use mail validator
defined('WPCF7DTX_DIR') || define('WPCF7DTX_DIR', __DIR__); // Define root directory
defined('WPCF7DTX_FILE') || define('WPCF7DTX_FILE', __FILE__); // Define root file
define('WPCF7DTX_DATA_ACCESS_KB_URL', 'https://sevenspark.com/docs/contact-form-7-dynamic-text-extension/allow-data-access');
define('WPCF7DTX_DATA_ACCESS_KB_URL', 'https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/security/');
/**
* Determine Dependencies are Met
@@ -310,13 +309,14 @@ function wpcf7dtx_shortcode_handler($tag)
//Reverse engineer what JS did (converted quotes to HTML entities --> URL encode) then sanitize
$placeholder = html_entity_decode(urldecode($tag->get_option('placeholder', '', true)), ENT_QUOTES);
if ($placeholder) {
//If a different placeholder text has been specified, set both attributes
// If a different placeholder text has been specified, set both attributes
$placeholder = wpcf7dtx_get_dynamic($placeholder, false, $sanitize_type);
$atts['placeholder'] = $placeholder;
$atts['value'] = $value;
} else {
//Default behavior of using the value as the placeholder
// Default behavior of using the value as the placeholder
$atts['placeholder'] = $value;
$atts['value'] = '';
}
} else {
$atts['value'] = $value;
@@ -352,7 +352,9 @@ function wpcf7dtx_shortcode_handler($tag)
foreach ($pipes as $pipe) {
$key = trim(strval($pipe[0]));
$value = trim(strval($pipe[1]));
if ($key && $value) {
$valid_key = is_numeric($key) || (is_string($key) && !empty($key)); // Allow falsey numbers but not booleans or strings
$valid_value = is_numeric($value) || (is_string($value) && !empty($value)); // Allow falsey numbers but not booleans or strings
if ($valid_key && $valid_value) {
$options[$key] = $value;
}
}

350
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/includes/shortcodes.php
View File

@@ -45,13 +45,23 @@ add_action('init', 'wpcf7dtx_init_shortcodes'); //Add init hook to add shortcode
*/
function wpcf7dtx_get($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => 0,
'default' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
$value = apply_filters('wpcf7dtx_sanitize', wpcf7dtx_array_has_key($key, $_GET, $default));
return apply_filters('wpcf7dtx_escape', $value, $obfuscate);
), array_change_key_case((array)$atts, CASE_LOWER));
$raw = wpcf7dtx_array_has_key($atts['key'], $_GET, $atts['default']);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters(
'wpcf7dtx_escape',
apply_filters('wpcf7dtx_sanitize', $raw),
$atts['obfuscate']
), // Sanitized & escaped value to output
$raw, // Raw value
'GET', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -65,13 +75,22 @@ function wpcf7dtx_get($atts = array())
*/
function wpcf7dtx_post($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => '',
'default' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
$value = apply_filters('wpcf7dtx_sanitize', wpcf7dtx_array_has_key($key, $_POST, $default));
return apply_filters('wpcf7dtx_escape', $value, $obfuscate);
), array_change_key_case((array)$atts, CASE_LOWER));
$raw = wpcf7dtx_array_has_key($atts['key'], $_POST, $atts['default']);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', apply_filters(
'wpcf7dtx_sanitize',
apply_filters('wpcf7dtx_sanitize', $raw)
), $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'POST', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -85,12 +104,13 @@ function wpcf7dtx_post($atts = array())
*/
function wpcf7dtx_url($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'allowed_protocols' => '',
'part' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
$allowed_protocols = explode(',', sanitize_text_field($allowed_protocols));
), array_change_key_case((array)$atts, CASE_LOWER));
$atts['allowed_protocols'] = explode(',', sanitize_text_field($atts['allowed_protocols']));
extract($atts);
// Get the absolute URL
if (is_multisite() && !is_subdomain_install()) {
@@ -110,12 +130,29 @@ function wpcf7dtx_url($atts = array())
];
$value = '';
if (array_key_exists($part, $part_constant_map)) {
$value = apply_filters('wpcf7dtx_sanitize', strval(wp_parse_url($url, $part_constant_map[$part])), 'text');
$value = strval(wp_parse_url($url, $part_constant_map[$part]));
}
return apply_filters('wpcf7dtx_escape', $value, $obfuscate, 'text');
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters(
'wpcf7dtx_escape',
apply_filters('wpcf7dtx_sanitize', $value, 'text'),
$obfuscate,
'text'
), // Sanitized & escaped value to output
$value, // Raw value
'URL', // Shortcode tag
$atts // Shortcode attributes
);
}
// No part requested, return the absolute URL
return apply_filters('wpcf7dtx_escape', $url, $obfuscate, 'url', $allowed_protocols);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $url, $obfuscate, 'url', $allowed_protocols), // Sanitized & escaped value to output
$url, // Raw value
'URL', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -129,15 +166,23 @@ function wpcf7dtx_url($atts = array())
*/
function wpcf7dtx_referrer($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'allowed_protocols' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
if ($value = wpcf7dtx_array_has_key('HTTP_REFERER', $_SERVER)) {
$value = apply_filters('wpcf7dtx_sanitize', $value, 'url', $allowed_protocols);
return apply_filters('wpcf7dtx_escape', $value, $obfuscate, 'url');
}
return '';
), array_change_key_case((array)$atts, CASE_LOWER));
$url = wpcf7dtx_array_has_key('HTTP_REFERER', $_SERVER);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', apply_filters(
'wpcf7dtx_sanitize',
$url,
'url',
$atts['allowed_protocols']
), $atts['obfuscate'], 'url'), // Sanitized & escaped value to output
$url, // Raw value
'referrer', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -151,13 +196,21 @@ function wpcf7dtx_referrer($atts = array())
*/
function wpcf7dtx_bloginfo($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'show' => 'name', //Backwards compatibility
'key' => 'name',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
), array_change_key_case((array)$atts, CASE_LOWER));
extract($atts);
$key = $show != $key && $show != 'name' ? $show : $key; // Use old value of "show" if not set to default value
return apply_filters('wpcf7dtx_escape', get_bloginfo($key), $obfuscate);
$raw = get_bloginfo($key);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $obfuscate), // Sanitized & escaped value to output
$raw, // Raw value
'bloginfo', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -171,12 +224,12 @@ function wpcf7dtx_bloginfo($atts = array())
*/
function wpcf7dtx_get_post_var($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => 'post_title',
'post_id' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
$key = strtolower(apply_filters('wpcf7dtx_sanitize', $key));
), array_change_key_case((array)$atts, CASE_LOWER));
$key = strtolower(apply_filters('wpcf7dtx_sanitize', $atts['key']));
switch ($key) {
case 'acf_id': // If requesting the handle for ACF, return the post ID
case 'id':
@@ -191,11 +244,15 @@ function wpcf7dtx_get_post_var($atts = array())
default:
break;
}
$post_id = wpcf7dtx_get_post_id($post_id);
if ($post_id) {
return apply_filters('wpcf7dtx_escape', get_post_field($key, $post_id), $obfuscate);
}
return '';
$atts['post_id'] = wpcf7dtx_get_post_id($atts['post_id']);
$raw = $atts['post_id'] ? get_post_field($key, $atts['post_id']) : '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'get_post_var', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -209,25 +266,29 @@ function wpcf7dtx_get_post_var($atts = array())
*/
function wpcf7dtx_get_custom_field($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => '',
'post_id' => '',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
), array_change_key_case((array)$atts, CASE_LOWER));
// If this key can't be accessed
if (!wpcf7dtx_post_meta_key_access_is_allowed($key)) {
if (!wpcf7dtx_post_meta_key_access_is_allowed($atts['key'])) {
// Trigger a warning if a denied key is in use
wpcf7dtx_access_denied_alert($key, 'post_meta');
wpcf7dtx_access_denied_alert($atts['key'], 'post_meta');
return '';
}
$post_id = wpcf7dtx_get_post_id($post_id);
$key = apply_filters('wpcf7dtx_sanitize', $key, 'text');
if ($post_id && $key) {
return apply_filters('wpcf7dtx_escape', get_post_meta($post_id, $key, true), $obfuscate);
}
return '';
$key = apply_filters('wpcf7dtx_sanitize', $atts['key'], 'text');
$atts['post_id'] = wpcf7dtx_get_post_id($atts['post_id']);
$raw = $atts['post_id'] && $key ? get_post_meta($atts['post_id'], $key, true) : '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'get_custom_field', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -243,12 +304,15 @@ function wpcf7dtx_get_custom_field($atts = array())
*/
function wpcf7dtx_get_current_var($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => 'title',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
), array_change_key_case((array)$atts, CASE_LOWER));
extract($atts);
$key = apply_filters('wpcf7dtx_sanitize', $key);
$temp_key = str_replace('-', '_', sanitize_key($key));
$raw = '';
$value = '';
if ($temp_key === 'url') {
return wpcf7dtx_url($atts); // Getting the current URL is the same for all WordPress pages
} elseif (!empty($key)) {
@@ -272,16 +336,26 @@ function wpcf7dtx_get_current_var($atts = array())
case 'user': // This is an author page
switch ($temp_key) {
case 'acf_id': // Get handle for Advanced Custom Fields
return apply_filters('wpcf7dtx_escape', 'user_' . $obj->ID, $obfuscate);
$raw = 'user_' . $obj->ID;
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
case 'image':
case 'featured_image': // Get the profile picture of the user being displayed on the page
return apply_filters('wpcf7dtx_escape', get_avatar_url($obj->ID), $obfuscate, 'url');
$raw = get_avatar_url($obj->ID);
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate, 'url');
break;
case 'title': // Get author's display name
return apply_filters('wpcf7dtx_escape', $obj->display_name, $obfuscate);
$raw = $obj->display_name;
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
case 'slug': // Not all author pages use the `user_login` variable for security reasons, so get what is currently displayed as slug
return apply_filters('wpcf7dtx_escape', basename(wpcf7dtx_url(array('part' => 'path'))), $obfuscate);
$raw = basename(wpcf7dtx_url(array('part' => 'path')));
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
default: // Get user value by key should it exist
return apply_filters('wpcf7dtx_escape', $obj->get($key), $obfuscate);
$raw = $obj->get($key);
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
}
case 'post': // This is a post object
switch ($temp_key) {
@@ -302,35 +376,53 @@ function wpcf7dtx_get_current_var($atts = array())
case 'term': // This is a taxonomy with a term ID
switch ($key) {
case 'id': // Get term ID
return apply_filters('wpcf7dtx_escape', $obj->term_id, $obfuscate);
$raw = $obj->term_id;
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
case 'acf_id': // Get handle for Advanced Custom Fields
return apply_filters('wpcf7dtx_escape', $obj->taxonomy . '_' . $obj->term_id, $obfuscate);
$raw = $obj->taxonomy . '_' . $obj->term_id;
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
case 'title': // Get term name
return apply_filters('wpcf7dtx_escape', $obj->name, $obfuscate);
$raw = $obj->name;
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
default:
if (property_exists($obj, $key)) {
// Get any property if it exists
return apply_filters('wpcf7dtx_escape', $obj->{$key}, $obfuscate);
$raw = $obj->{$key};
} else {
// Otherwise, try meta data if the property doesn't exist
$raw = get_metadata('term', $obj->ID, $key, true);
}
// Otherwise, try meta data if the property doesn't exist
return apply_filters('wpcf7dtx_escape', get_metadata('term', $obj->ID, $key, true), $obfuscate);
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
}
case 'archive': // Possibly a date or formats archive
switch ($temp_key) {
case 'title': // Get archive title
return apply_filters('wpcf7dtx_escape', get_the_archive_title(), $obfuscate);
$raw = get_the_archive_title();
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
break;
default:
break;
}
default: // Possibly a search or 404 page at this point
if ($temp_key == 'slug') {
// no idea what else to get except the slug maybe
return apply_filters('wpcf7dtx_escape', basename(wpcf7dtx_url(array('part' => 'path'))), $obfuscate);
$raw = basename(wpcf7dtx_url(array('part' => 'path')));
$value = apply_filters('wpcf7dtx_escape', $raw, $obfuscate);
}
break;
}
}
return '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
$value, // Sanitized & escaped value to output
$raw, // Raw value
'get_current_var', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -346,23 +438,29 @@ function wpcf7dtx_get_current_var($atts = array())
*/
function wpcf7dtx_get_current_user($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => 'user_login',
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
), array_change_key_case((array)$atts, CASE_LOWER));
$raw = '';
if (is_user_logged_in()) {
// If this key can't be accessed
if (!wpcf7dtx_user_data_access_is_allowed($key)) {
if (!wpcf7dtx_user_data_access_is_allowed($atts['key'])) {
// Trigger a warning if a denied key is in use
wpcf7dtx_access_denied_alert($key, 'user_data');
wpcf7dtx_access_denied_alert($atts['key'], 'user_data');
return '';
}
$user = wp_get_current_user();
return apply_filters('wpcf7dtx_escape', $user->get($key), $obfuscate);
$raw = wp_get_current_user()->get($atts['key']);
}
return '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'get_current_user', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -380,34 +478,45 @@ function wpcf7dtx_get_current_user($atts = array())
*/
function wpcf7dtx_get_attachment($atts = array())
{
extract(shortcode_atts(array(
'id' => '', //Get attachment by ID
'size' => 'full', //Define attachment size
'post_id' => '', //If attachment ID is empty but post ID is not, get the featured image
'return' => 'url', //Options are `id` or `url`
$atts = shortcode_atts(array(
'id' => '', // Get attachment by ID
'size' => 'full', // Define attachment size
'post_id' => '', // If attachment ID is empty but post ID is not, get the featured image
'return' => 'url', // Options are `id` or `url`
'obfuscate' => ''
), array_change_key_case((array)$atts, CASE_LOWER)));
), array_change_key_case((array)$atts, CASE_LOWER));
//No attachment ID was provided, check for post ID to get it's featured image
if (empty($id)) {
if ($post_id = wpcf7dtx_get_post_id($post_id)) {
// No attachment ID was provided, check for post ID to get it's featured image
if (empty($atts['id'])) {
if ($atts['post_id'] = wpcf7dtx_get_post_id($atts['post_id'])) {
//If a post ID was provided, get it's featured image
$id = get_post_thumbnail_id($post_id);
$atts['id'] = get_post_thumbnail_id($atts['post_id']);
}
}
//Get the value
if ($id) {
$id = intval(sanitize_text_field(strval($id)));
switch ($return) {
$value = '';
$raw = '';
if ($atts['id']) {
$atts['id'] = intval(sanitize_text_field(strval($atts['id'])));
switch ($atts['return']) {
case 'id': //Return the attachment ID
return apply_filters('wpcf7dtx_escape', $id, $obfuscate);
$raw = $atts['id'];
$value = apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']);
break;
default: //Return attachment URL
$url = wp_get_attachment_image_url(intval($id), sanitize_text_field(strval($size)));
return apply_filters('wpcf7dtx_escape', $url, $obfuscate, 'url');
$raw = wp_get_attachment_image_url(intval($atts['id']), sanitize_text_field(strval($atts['size'])));
$value = apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate'], 'url');
break;
}
}
return '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
$value, // Sanitized & escaped value to output
$raw, // Raw value
'get_attachment', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -425,14 +534,19 @@ function wpcf7dtx_get_attachment($atts = array())
*/
function wpcf7dtx_get_cookie($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => '',
'default' => '',
'obfuscate' => '' // Optionally obfuscate returned value
), array_change_key_case((array)$atts, CASE_LOWER)));
$key = apply_filters('wpcf7dtx_sanitize', $key);
$value = wpcf7dtx_array_has_key($key, $_COOKIE, $default);
return apply_filters('wpcf7dtx_escape', $value, $obfuscate);
), array_change_key_case((array)$atts, CASE_LOWER));
$raw = wpcf7dtx_array_has_key(apply_filters('wpcf7dtx_sanitize', $atts['key']), $_COOKIE, $atts['default']);
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'get_cookie', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -451,25 +565,34 @@ function wpcf7dtx_get_cookie($atts = array())
*/
function wpcf7dtx_get_taxonomy($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'post_id' => '',
'taxonomy' => 'category', // Default taxonomy is `category`
'fields' => 'names', // Return an array of term names
'obfuscate' => '' // Optionally obfuscate returned value
), array_change_key_case((array)$atts, CASE_LOWER)));
$post_id = wpcf7dtx_get_post_id($post_id);
$fields = apply_filters('wpcf7dtx_sanitize', $fields, 'key');
if ($post_id && in_array($fields, array('names', 'slugs', 'ids'))) {
), array_change_key_case((array)$atts, CASE_LOWER));
$atts['post_id'] = wpcf7dtx_get_post_id($atts['post_id']);
$fields = apply_filters('wpcf7dtx_sanitize', $atts['fields'], 'key');
$raw = '';
$value = '';
if ($atts['post_id'] && in_array($fields, array('names', 'slugs', 'ids'))) {
$terms = wp_get_object_terms(
$post_id, // Get only the ones assigned to this post
apply_filters('wpcf7dtx_sanitize', $taxonomy, 'slug'),
$atts['post_id'], // Get only the ones assigned to this post
apply_filters('wpcf7dtx_sanitize', $atts['taxonomy'], 'slug'),
array('fields' => $fields)
);
if (is_array($terms) && count($values = array_values($terms)) && (is_string($values[0]) || is_numeric($values[0]))) {
return apply_filters('wpcf7dtx_escape', implode(', ', $values), $obfuscate, 'text');
if (is_array($terms) && count($raw = array_values($terms)) && (is_string($raw[0]) || is_numeric($raw[0]))) {
//return apply_filters('wpcf7dtx_escape', implode(', ', $values), $obfuscate, 'text');
$value = implode(', ', $raw);
}
}
return '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $value, $atts['obfuscate'], 'text'), // Sanitized & escaped value to output
$raw, // Raw value
'get_taxonomy', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -488,16 +611,23 @@ function wpcf7dtx_get_taxonomy($atts = array())
*/
function wpcf7dtx_get_theme_option($atts = array())
{
extract(shortcode_atts(array(
$atts = shortcode_atts(array(
'key' => '',
'default' => '', // Optional default value
'obfuscate' => '' // Optionally obfuscate returned value
), array_change_key_case((array)$atts, CASE_LOWER)));
if ($key = apply_filters('wpcf7dtx_sanitize', $key, 'text')) {
$default = apply_filters('wpcf7dtx_sanitize', $default);
return apply_filters('wpcf7dtx_escape', get_theme_mod($key, $default), $obfuscate);
), array_change_key_case((array)$atts, CASE_LOWER));
$default = apply_filters('wpcf7dtx_sanitize', $atts['default']);
$raw = $default;
if ($key = apply_filters('wpcf7dtx_sanitize', $atts['key'], 'text')) {
$raw = get_theme_mod($key, $default);
}
return '';
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
apply_filters('wpcf7dtx_escape', $raw, $atts['obfuscate']), // Sanitized & escaped value to output
$raw, // Raw value
'get_theme_option', // Shortcode tag
$atts // Shortcode attributes
);
}
/**
@@ -513,8 +643,16 @@ function wpcf7dtx_get_theme_option($atts = array())
*/
function wpcf7dtx_guid()
{
if (function_exists('com_create_guid') === true) {
return esc_attr(trim(com_create_guid(), '{}'));
if (function_exists('com_create_guid')) {
$raw = trim(com_create_guid(), '{}');
} else {
$raw = sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
}
return esc_attr(sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535)));
return apply_filters(
'wpcf7dtx_shortcode', // DTX built-in shortcode hook
esc_attr($raw), // Sanitized & escaped value to output
$raw, // Raw value
'guid', // Shortcode tag
array() // Shortcode attributes
);
}

16
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/includes/utilities.php
View File

@@ -350,7 +350,7 @@ function wpcf7dtx_format_atts($atts)
if ($value) {
$sanitized_atts[$key] = $key;
}
} elseif ($value && (is_string($value) || is_numeric($value))) {
} elseif (is_numeric($value) || (is_string($value) || !empty($value))) {
$sanitized_atts[$key] = $value;
}
}
@@ -396,7 +396,14 @@ function wpcf7dtx_checkbox_html($atts, $label_text = '', $label_ui = true, $reve
{
// Default field attributes
$atts = array_merge(array('value' => '', 'dtx-default' => ''), array_change_key_case((array)$atts, CASE_LOWER));
if ($atts['value'] && $atts['dtx-default'] && $atts['value'] == $atts['dtx-default']) {
// Checkboxes can have multiple values checked, check mine if it's listed as a default value
if ($atts['type'] == 'checkbox' && is_string($atts['dtx-default']) && strpos($atts['dtx-default'], '_') !== false) {
$default = array_unique(explode('_', $atts['dtx-default']));
if (in_array($atts['value'], $default)) {
$atts['checked'] = 'checked';
}
} elseif ((is_numeric($atts['dtx-default']) || $atts['dtx-default']) && $atts['value'] == $atts['dtx-default']) {
$atts['checked'] = 'checked';
}
$input = wpcf7dtx_input_html($atts);
@@ -463,7 +470,7 @@ function wpcf7dtx_checkbox_group_html($atts, $options, $label_ui = false, $rever
));
$dynamic_value = '';
$dynamic_label = $label;
if ($value && $label && $value === $label) {
if (is_string($value) && !empty($value) && $value === $label) {
// These are identical, just handle it as one, could also be a raw shortcode
$dynamic_option = trim(wpcf7dtx_get_dynamic($value, false, 'none')); // Do not sanitize yet, it may have HTML
if (is_string($dynamic_option) && !empty($dynamic_option) && strpos($dynamic_option, '{') === 0 && strpos($dynamic_option, '}') === strlen($dynamic_option) - 1) {
@@ -513,7 +520,8 @@ function wpcf7dtx_checkbox_group_html($atts, $options, $label_ui = false, $rever
if ($exclusive) {
$class[] = 'wpcf7-exclusive-checkbox';
}
if ($dynamic_value && $atts['dtx-default'] && $dynamic_value == $atts['dtx-default']) {
$valid_default = is_numeric($atts['dtx-default']) || (is_string($atts['dtx-default']) && !empty($atts['dtx-default']));
if ($valid_default && $dynamic_value == $atts['dtx-default']) {
$my_atts['checked'] = 'checked';
}
$group_html[] = sprintf(

256
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/includes/validation.php
View File

@@ -98,7 +98,6 @@ function wpcf7dtx_validation_filter($result, $tag)
return wpcf7dtx_validate_value($result, $user_value, $tag, $type);
}
/**
* Validate Single Value
*
@@ -171,137 +170,132 @@ function wpcf7dtx_validate_value($result, $value, $tag, $type = '')
}
/**
* Validator Requires Contact Form 7 Minimum Version
* Backend Mail Configuration Validation
*
* Validate dynamic form tags used in mail configuration.
*
* @since 4.0.0
*
* @param WPCF7_ConfigValidator
*
* @return void
*/
if (wpcf7dtx_dependencies()) {
/**
* Backend Mail Configuration Validation
*
* Validate dynamic form tags used in mail configuration.
*
* @since 4.0.0
*
* @param WPCF7_ConfigValidator
*
* @return void
*/
function wpcf7dtx_validate($validator)
{
// Check for sensitive form tags
$manager = WPCF7_FormTagsManager::get_instance();
$contact_form = $validator->contact_form();
$form = $contact_form->prop('form');
if (wpcf7_autop_or_not()) {
$form = $manager->replace_with_placeholders($form);
$form = wpcf7_autop($form);
$form = $manager->restore_from_placeholders($form);
}
$form = $manager->replace_all($form);
$tags = $manager->get_scanned_tags();
foreach ($tags as $tag) {
/** @var WPCF7_FormTag $tag */
function wpcf7dtx_validate($validator)
{
// Check for sensitive form tags
$manager = WPCF7_FormTagsManager::get_instance();
$contact_form = $validator->contact_form();
$form = $contact_form->prop('form');
if (wpcf7_autop_or_not()) {
$form = $manager->replace_with_placeholders($form);
$form = wpcf7_autop($form);
$form = $manager->restore_from_placeholders($form);
}
$form = $manager->replace_all($form);
$tags = $manager->get_scanned_tags();
foreach ($tags as $tag) {
/** @var WPCF7_FormTag $tag */
// Only validate DTX formtags
if (in_array($tag->basetype, array_merge(
array('dynamictext', 'dynamichidden'), // Deprecated DTX form tags
array_keys(wpcf7dtx_config()) // DTX form tags
))) {
// Check value for sensitive data
$default = $tag->get_option('defaultvalue', '', true);
if (!$default) {
$default = $tag->get_default_option(strval(reset($tag->values)));
}
if (
!empty($value = trim(wpcf7_get_hangover($tag->name, $default))) && // Has value
($result = wpcf7dtx_validate_sensitive_value($value))['status'] // Has sensitive data
) {
$validator->add_error('form.body', 'dtx_disallowed', array(
'message' => sprintf(
__('[%1$s %2$s]: Access to key "%3$s" in shortcode "%4$s" is disallowed by default. To allow access, add "%3$s" to the %5$s Allow List.', 'contact-form-7-dynamic-text-extension'),
esc_html($tag->basetype),
esc_html($tag->name),
esc_html($result['key']),
esc_html($result['shortcode']),
esc_html($result['shortcode'] == 'CF7_get_current_user' ? __('User Data Key', 'contact-form-7-dynamic-text-extension') : __('Meta Key', 'contact-form-7-dynamic-text-extension'))
),
'link' => wpcf7dtx_get_admin_settings_screen_url()
));
}
// Only validate DTX formtags
if (in_array($tag->basetype, array_merge(
array('dynamictext', 'dynamichidden'), // Deprecated DTX form tags
array_keys(wpcf7dtx_config()) // DTX form tags
))) {
// Check value for sensitive data
$default = $tag->get_option('defaultvalue', '', true);
if (!$default) {
$default = $tag->get_default_option(strval(reset($tag->values)));
}
if (
!empty($value = trim(wpcf7_get_hangover($tag->name, $default))) && // Has value
($result = wpcf7dtx_validate_sensitive_value($value))['status'] // Has sensitive data
) {
$validator->add_error('form.body', 'dtx_disallowed', array(
'message' => sprintf(
__('[%1$s %2$s]: Access to key "%3$s" in shortcode "%4$s" is disallowed by default. To allow access, add "%3$s" to the %5$s Allow List.', 'contact-form-7-dynamic-text-extension'),
esc_html($tag->basetype),
esc_html($tag->name),
esc_html($result['key']),
esc_html($result['shortcode']),
esc_html($result['shortcode'] == 'CF7_get_current_user' ? __('User Data Key', 'contact-form-7-dynamic-text-extension') : __('Meta Key', 'contact-form-7-dynamic-text-extension'))
),
'link' => wpcf7dtx_get_admin_settings_screen_url()
));
}
// Check placeholder for sensitive data
if (
($tag->has_option('placeholder') || $tag->has_option('watermark')) && // Using placeholder
!empty($placeholder = trim(html_entity_decode(urldecode($tag->get_option('placeholder', '', true)), ENT_QUOTES))) && // Has value
($result = wpcf7dtx_validate_sensitive_value($placeholder))['status'] // Has sensitive data
) {
$validator->add_error('form.body', 'dtx_disallowed', array(
'message' => sprintf(
__('[%1$s %2$s]: Access to key "%3$s" in shortcode "%4$s" is disallowed by default. To allow access, add "%3$s" to the %5$s Allow List.', 'contact-form-7-dynamic-text-extension'),
esc_html($tag->basetype),
esc_html($tag->name),
esc_html($result['key']),
esc_html($result['shortcode']),
esc_html($result['shortcode'] == 'CF7_get_current_user' ? __('User Data Key', 'contact-form-7-dynamic-text-extension') : __('Meta Key', 'contact-form-7-dynamic-text-extension'))
),
'link' => wpcf7dtx_get_admin_settings_screen_url()
));
}
// Check placeholder for sensitive data
if (
($tag->has_option('placeholder') || $tag->has_option('watermark')) && // Using placeholder
!empty($placeholder = trim(html_entity_decode(urldecode($tag->get_option('placeholder', '', true)), ENT_QUOTES))) && // Has value
($result = wpcf7dtx_validate_sensitive_value($placeholder))['status'] // Has sensitive data
) {
$validator->add_error('form.body', 'dtx_disallowed', array(
'message' => sprintf(
__('[%1$s %2$s]: Access to key "%3$s" in shortcode "%4$s" is disallowed by default. To allow access, add "%3$s" to the %5$s Allow List.', 'contact-form-7-dynamic-text-extension'),
esc_html($tag->basetype),
esc_html($tag->name),
esc_html($result['key']),
esc_html($result['shortcode']),
esc_html($result['shortcode'] == 'CF7_get_current_user' ? __('User Data Key', 'contact-form-7-dynamic-text-extension') : __('Meta Key', 'contact-form-7-dynamic-text-extension'))
),
'link' => wpcf7dtx_get_admin_settings_screen_url()
));
}
}
}
// Validate email address
if (!$validator->is_valid()) {
$contact_form = null;
$form_tags = null;
foreach ($validator->collect_error_messages() as $component => $errors) {
$components = explode('.', $component);
if (count($components) === 2 && strpos($components[0], 'mail') === 0 && in_array($components[1], array('sender', 'recipient', 'additional_headers'))) {
foreach ($errors as $error) {
// Focus on email fields that flag the invalid mailbox syntax warning, have to test link because code isn't sent and message could be in any language
if (strpos(wpcf7dtx_array_has_key('link', $error), 'invalid-mailbox-syntax') !== false) {
if (is_null($contact_form)) {
$contact_form = $validator->contact_form();
}
if (is_null($form_tags)) {
$form_tags = wpcf7_scan_form_tags();
}
$raw_value = $contact_form->prop($components[0])[$components[1]];
foreach ($form_tags as $tag) {
if (!empty($tag->name)) {
// Check if this form tag is in the raw value
$form_tag = '[' . $tag->name . ']';
if (strpos($raw_value, $form_tag) !== false && in_array($tag->basetype, array_keys(wpcf7dtx_config()))) {
$validator->remove_error($component, 'invalid_mailbox_syntax'); // Remove error, this is ours to handle now
$utm_source = urlencode(home_url());
if (!in_array($tag->basetype, array('dynamic_hidden', 'dynamic_email'))) {
$validator->add_error($component, 'invalid_mailbox_syntax', array(
'message' => __('Only email, dynamic email, hidden, or dynamic hidden form tags can be used for email addresses.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-invalid_mailbox_syntax#valid-form-tags', $utm_source))
// Validate email address
if (!$validator->is_valid()) {
$contact_form = null;
$form_tags = null;
foreach ($validator->collect_error_messages() as $component => $errors) {
$components = explode('.', $component);
if (count($components) === 2 && strpos($components[0], 'mail') === 0 && in_array($components[1], array('sender', 'recipient', 'additional_headers'))) {
foreach ($errors as $error) {
// Focus on email fields that flag the invalid mailbox syntax warning, have to test link because code isn't sent and message could be in any language
if (strpos(wpcf7dtx_array_has_key('link', $error), 'invalid-mailbox-syntax') !== false) {
if (is_null($contact_form)) {
$contact_form = $validator->contact_form();
}
if (is_null($form_tags)) {
$form_tags = wpcf7_scan_form_tags();
}
$raw_value = $contact_form->prop($components[0])[$components[1]];
foreach ($form_tags as $tag) {
if (!empty($tag->name)) {
// Check if this form tag is in the raw value
$form_tag = '[' . $tag->name . ']';
if (strpos($raw_value, $form_tag) !== false && in_array($tag->basetype, array_keys(wpcf7dtx_config()))) {
$validator->remove_error($component, 'invalid_mailbox_syntax'); // Remove error, this is ours to handle now
$utm_source = urlencode(home_url());
if (!in_array($tag->basetype, array('dynamic_hidden', 'dynamic_email'))) {
$validator->add_error($component, 'invalid_mailbox_syntax', array(
'message' => __('Only email, dynamic email, hidden, or dynamic hidden form tags can be used for email addresses.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-invalid_mailbox_syntax#valid-form-tags', $utm_source))
));
} else {
$dynamic_value = wpcf7dtx_get_dynamic(false, $tag); // Get the dynamic value of this tag
if (empty($dynamic_value) && $tag->basetype == 'dynamic_hidden') {
$validator->add_error($component, 'maybe_empty', array(
'message' => __('The dynamic hidden form tag must have a default value.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-maybe_empty#maybe-empty', $utm_source))
));
} else {
$dynamic_value = wpcf7dtx_get_dynamic(false, $tag); // Get the dynamic value of this tag
if (empty($dynamic_value) && $tag->basetype == 'dynamic_hidden') {
$validator->add_error($component, 'maybe_empty', array(
'message' => __('The dynamic hidden form tag must have a default value.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-maybe_empty#maybe-empty', $utm_source))
} elseif (empty($dynamic_value) && !$tag->is_required()) {
$validator->add_error($component, 'maybe_empty', array(
'message' => __('The dynamic form tag must be required or have a default value.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-maybe_empty#maybe-empty', $utm_source))
));
} elseif (!empty($dynamic_value)) {
if (!wpcf7_is_email($dynamic_value)) {
$validator->add_error($component, 'invalid_mailbox_syntax', array(
'message' => __('The default dynamic value does not result in a valid email address.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-invalid_mailbox_syntax#invalid-email-address', $utm_source))
));
} elseif (empty($dynamic_value) && !$tag->is_required()) {
$validator->add_error($component, 'maybe_empty', array(
'message' => __('The dynamic form tag must be required or have a default value.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-maybe_empty#maybe-empty', $utm_source))
} elseif ($component[1] == 'sender' && !wpcf7_is_email_in_site_domain($dynamic_value)) {
$validator->add_error($component, 'email_not_in_site_domain', array(
'message' => __('The dynamic email address for the sender does not belong to the site domain.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-email_not_in_site_domain#invalid-site-domain', $utm_source))
));
} elseif (!empty($dynamic_value)) {
if (!wpcf7_is_email($dynamic_value)) {
$validator->add_error($component, 'invalid_mailbox_syntax', array(
'message' => __('The default dynamic value does not result in a valid email address.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-invalid_mailbox_syntax#invalid-email-address', $utm_source))
));
} elseif ($component[1] == 'sender' && !wpcf7_is_email_in_site_domain($dynamic_value)) {
$validator->add_error($component, 'email_not_in_site_domain', array(
'message' => __('The dynamic email address for the sender does not belong to the site domain.', 'contact-form-7-dynamic-text-extension'),
'link' => esc_url(sprintf('https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/configuration-errors/?utm_source=%s&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=config-error-email_not_in_site_domain#invalid-site-domain', $utm_source))
));
}
}
}
}
@@ -313,9 +307,23 @@ if (wpcf7dtx_dependencies()) {
}
}
}
add_action('wpcf7_config_validator_validate', 'wpcf7dtx_validate');
}
/**
* Initialise Custom Mail Template Validator
*
* Validator requires a minimum version of Contact Form 7.
*
* @return void
*/
function wpcf7dtx_init_validator()
{
if (wpcf7dtx_dependencies()) {
add_action('wpcf7_config_validator_validate', 'wpcf7dtx_validate');
}
}
add_action('plugins_loaded', 'wpcf7dtx_init_validator', 30);
/**
* Validate Field Value for Sensitive Data

25
wp/wp-content/plugins/contact-form-7-dynamic-text-extension/readme.txt
View File

@@ -1,11 +1,11 @@
=== Contact Form 7 - Dynamic Text Extension ===
Contributors: sevenspark, tessawatkinsllc
Donate link: https://just1voice.com/donate/
Tags: Contact Form 7, autofill, prepopulate, input, form field, contact form, text, hidden, input, dynamic, GET, POST, title, slug, auto-fill, pre-populate
Tested up to: 6.4.2
Stable tag: 4.2.3
Tags: Contact Form 7, autofill, prepopulate, dynamic form, form field
Tested up to: 6.5
Stable tag: 4.3.1
This plugin provides additional form tags for the Contact Form 7 plugin. It allows dynamic generation of content for text-based input fields like text, hidden, and email, checkboxes, radio buttons, and drop-down selections using any shortcode.
Extends Contact Form 7 by adding dynamic form fields that accepts shortcodes to prepopulate form fields with default values and dynamic placeholders.
== Description ==
@@ -380,14 +380,21 @@ Please check out the [FAQ on our website](https://aurisecreative.com/docs/contac
== Upgrade Notice ==
= 4.2.3 =
Resolved a bug where the `dynamic_select` displayed with a default size of 40 instead of 1.
= 4.3.1 =
Fixed user-reported bugs regarding `dynamic_checkbox` accepting multiple default values, mail template validator, and some PHP warnings. See [the changelog](https://plugins.trac.wordpress.org/browser/contact-form-7-dynamic-text-extension/trunk/changelog.txt) for more details.
== Changelog ==
= 4.2.3 =
= 4.3.1 =
* Fix: Resolved a bug where the `dynamic_select` displayed with a default size of 40 instead of 1.
* Fix: Resolved the PHP warning regarding `Undefined array key "value" in /.../contact-form-7-dynamic-text-extension/contact-form-7-dynamic-text-extension.php on line 391`, [see support thread](https://wordpress.org/support/topic/undefined-array-key-value-2/).
* Fix: Resolved a bug introduced in version 4.2.1 that prevented the mail template validator from recognizing DTX form tags, [see support thread](https://wordpress.org/support/topic/email-field-validation-4/).
* Fix: The `default` attribute for `dynamic_checkbox` can now accept multiple values that are delimited by an underscore (_), making it consistent with [Contact Form 7](https://contactform7.com/checkboxes-radio-buttons-and-menus/#checkbox-radio), [see support thread](https://wordpress.org/support/topic/help-dynamic_checkbox-and-default-values/).
= 4.3.0 =
* Feature: Added the `wpcf7dtx_shortcode` filter to all built-in shortcodes as requested. For usage details, see the [knowledge base](https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/filter-modify-built-in-shortcode-responses/?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme).
* Fix: Resolved a bug that prevented using the number zero as the value for select fields, checkboxes, and radio buttons, [see support thread](https://wordpress.org/support/topic/error-with-option-value-0-for-a-dynamic-radio-button/).
= 4.2.2 =
@@ -406,7 +413,7 @@ Resolved a bug where the `dynamic_select` displayed with a default size of 40 in
= 4.2.0 =
* Security Update: ** Please be sure to review this doc, as you may need to adjust the settings: https://sevenspark.com/docs/contact-form-7-dynamic-text-extension/allow-data-access **
* Security Update: ** Please be sure to review this doc, as you may need to adjust the settings: [Documentation by SevenSpark](https://sevenspark.com/docs/contact-form-7-dynamic-text-extension/allow-data-access), [Documentation by AuRise Creative](https://aurisecreative.com/docs/contact-form-7-dynamic-text-extension/security/) **
* Feature: Added Settings Screen with Allow Lists
* Feature: Added Form Scanner
* Feature: Added Allow List key validation in CF7 Form Validator