ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rebase code on oct-10-2023

Browse Source
This commit is contained in:
Rachit Bhargava
2023-10-10 17:51:46 -04:00
parent b16ad94b69
commit 8f1a2c3a66
2197 changed files with 184921 additions and 35568 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
wp/wp-content/plugins/contact-form-7/includes/config-validator/actions.php
View File

@@ -1,27 +0,0 @@
<?php
add_action(
'wpcf7_update_option',
'wpcf7_config_validator_update_option',
10, 3
);
/**
* Runs bulk validation after the reCAPTCHA integration option is updated.
*/
function wpcf7_config_validator_update_option( $name, $value, $old_option ) {
if ( 'recaptcha' === $name ) {
$contact_forms = WPCF7_ContactForm::find();
$options = array(
'include' => 'unsafe_email_without_protection',
);
foreach ( $contact_forms as $contact_form ) {
$config_validator = new WPCF7_ConfigValidator( $contact_form, $options );
$config_validator->restore();
$config_validator->validate();
$config_validator->save();
}
}
}

25
wp/wp-content/plugins/contact-form-7/includes/config-validator/additional-settings.php
View File

@@ -6,22 +6,17 @@ trait WPCF7_ConfigValidator_AdditionalSettings {
* Runs error detection for the additional settings section.
*/
public function validate_additional_settings() {
$section = 'additional_settings.body';
$deprecated_settings_used =
$this->contact_form->additional_setting( 'on_sent_ok' ) ||
$this->contact_form->additional_setting( 'on_submit' );
if ( $this->supports( 'deprecated_settings' ) ) {
$deprecated_settings_used =
$this->contact_form->additional_setting( 'on_sent_ok' ) ||
$this->contact_form->additional_setting( 'on_submit' );
if ( $deprecated_settings_used ) {
$this->add_error( $section, 'deprecated_settings',
array(
'message' => __( "Deprecated settings are used.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'deprecated_settings' );
}
if ( $deprecated_settings_used ) {
return $this->add_error( 'additional_settings.body',
'deprecated_settings',
array(
'message' => __( "Deprecated settings are used.", 'contact-form-7' ),
)
);
}
}

130
wp/wp-content/plugins/contact-form-7/includes/config-validator/form.php
View File

@@ -8,83 +8,12 @@ trait WPCF7_ConfigValidator_Form {
public function validate_form() {
$section = 'form.body';
$form = $this->contact_form->prop( 'form' );
if ( $this->supports( 'multiple_controls_in_label' ) ) {
if ( $this->detect_multiple_controls_in_label( $section, $form ) ) {
$this->add_error( $section, 'multiple_controls_in_label',
array(
'message' => __( "Multiple form controls are in a single label element.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'multiple_controls_in_label' );
}
}
if ( $this->supports( 'unavailable_names' ) ) {
$ng_names = $this->detect_unavailable_names( $section, $form );
if ( $ng_names ) {
$this->add_error( $section, 'unavailable_names',
array(
'message' =>
/* translators: %names%: a list of form control names */
__( "Unavailable names (%names%) are used for form controls.", 'contact-form-7' ),
'params' => array( 'names' => implode( ', ', $ng_names ) ),
)
);
} else {
$this->remove_error( $section, 'unavailable_names' );
}
}
if ( $this->supports( 'unavailable_html_elements' ) ) {
if ( $this->detect_unavailable_html_elements( $section, $form ) ) {
$this->add_error( $section, 'unavailable_html_elements',
array(
'message' => __( "Unavailable HTML elements are used in the form template.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'unavailable_html_elements' );
}
}
if ( $this->supports( 'dots_in_names' ) ) {
if ( $this->detect_dots_in_names( $section, $form ) ) {
$this->add_error( $section, 'dots_in_names',
array(
'message' => __( "Dots are used in form-tag names.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'dots_in_names' );
}
}
if ( $this->supports( 'colons_in_names' ) ) {
if ( $this->detect_colons_in_names( $section, $form ) ) {
$this->add_error( $section, 'colons_in_names',
array(
'message' => __( "Colons are used in form-tag names.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'colons_in_names' );
}
}
if ( $this->supports( 'upload_filesize_overlimit' ) ) {
if ( $this->detect_upload_filesize_overlimit( $section, $form ) ) {
$this->add_error( $section, 'upload_filesize_overlimit',
array(
'message' => __( "Uploadable file size exceeds PHPs maximum acceptable size.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'upload_filesize_overlimit' );
}
}
$this->detect_multiple_controls_in_label( $section, $form );
$this->detect_unavailable_names( $section, $form );
$this->detect_unavailable_html_elements( $section, $form );
$this->detect_dots_in_names( $section, $form );
$this->detect_colons_in_names( $section, $form );
$this->detect_upload_filesize_overlimit( $section, $form );
}
@@ -125,7 +54,12 @@ trait WPCF7_ConfigValidator_Form {
}
if ( 1 < $fields_count ) {
return true;
return $this->add_error( $section,
'multiple_controls_in_label',
array(
'message' => __( "Multiple form controls are in a single label element.", 'contact-form-7' ),
)
);
}
}
}
@@ -164,7 +98,17 @@ trait WPCF7_ConfigValidator_Form {
}
if ( $ng_names ) {
return array_unique( $ng_names );
$ng_names = array_unique( $ng_names );
return $this->add_error( $section,
'unavailable_names',
array(
'message' =>
/* translators: %names%: a list of form control names */
__( "Unavailable names (%names%) are used for form controls.", 'contact-form-7' ),
'params' => array( 'names' => implode( ', ', $ng_names ) ),
)
);
}
return false;
@@ -180,7 +124,12 @@ trait WPCF7_ConfigValidator_Form {
$pattern = '%(?:<form[\s\t>]|</form>)%i';
if ( preg_match( $pattern, $content ) ) {
return true;
return $this->add_error( $section,
'unavailable_html_elements',
array(
'message' => __( "Unavailable HTML elements are used in the form template.", 'contact-form-7' ),
)
);
}
return false;
@@ -201,7 +150,12 @@ trait WPCF7_ConfigValidator_Form {
foreach ( $tags as $tag ) {
if ( str_contains( $tag->raw_name, '.' ) ) {
return true;
return $this->add_error( $section,
'dots_in_names',
array(
'message' => __( "Dots are used in form-tag names.", 'contact-form-7' ),
)
);
}
}
@@ -223,7 +177,12 @@ trait WPCF7_ConfigValidator_Form {
foreach ( $tags as $tag ) {
if ( str_contains( $tag->raw_name, ':' ) ) {
return true;
return $this->add_error( $section,
'colons_in_names',
array(
'message' => __( "Colons are used in form-tag names.", 'contact-form-7' ),
)
);
}
}
@@ -268,7 +227,12 @@ trait WPCF7_ConfigValidator_Form {
foreach ( $tags as $tag ) {
if ( $upload_max_filesize < $tag->get_limit_option() ) {
return true;
return $this->add_error( $section,
'upload_filesize_overlimit',
array(
'message' => __( "Uploadable file size exceeds PHPs maximum acceptable size.", 'contact-form-7' ),
)
);
}
}

462
wp/wp-content/plugins/contact-form-7/includes/config-validator/mail.php
View File

@@ -2,27 +2,11 @@
trait WPCF7_ConfigValidator_Mail {
/**
* Replaces all mail-tags in the given content.
*/
public function replace_mail_tags( $content, $args = '' ) {
$args = wp_parse_args( $args, array(
'html' => false,
'callback' =>
array( $this, 'replace_mail_tags_with_minimum_input_callback' ),
) );
$content = new WPCF7_MailTaggedText( $content, $args );
return $content->replace_tags();
}
/**
* Callback function for WPCF7_MailTaggedText. Replaces mail-tags with
* the most conservative inputs.
*/
public function replace_mail_tags_with_minimum_input_callback( $matches ) {
public function replace_mail_tags_with_minimum_input( $matches ) {
// allow [[foo]] syntax for escaping a tag
if ( $matches[1] === '[' and $matches[4] === ']' ) {
return substr( $matches[0], 1, -1 );
@@ -140,253 +124,109 @@ trait WPCF7_ConfigValidator_Mail {
'attachments' => '',
) );
$this->validate_mail_subject(
$template,
$components['subject']
$callback = array( $this, 'replace_mail_tags_with_minimum_input' );
$subject = new WPCF7_MailTaggedText(
$components['subject'],
array( 'callback' => $callback )
);
$this->validate_mail_sender(
$template,
$components['sender']
$subject = $subject->replace_tags();
$subject = wpcf7_strip_newline( $subject );
$this->detect_maybe_empty( sprintf( '%s.subject', $template ), $subject );
$sender = new WPCF7_MailTaggedText(
$components['sender'],
array( 'callback' => $callback )
);
$this->validate_mail_recipient(
$template,
$components['recipient']
$sender = $sender->replace_tags();
$sender = wpcf7_strip_newline( $sender );
$invalid_mailbox = $this->detect_invalid_mailbox_syntax(
sprintf( '%s.sender', $template ),
$sender
);
$this->validate_mail_additional_headers(
$template,
$components['additional_headers']
);
$this->validate_mail_body(
$template,
$components['body']
);
$this->validate_mail_attachments(
$template,
$components['attachments']
);
}
/**
* Runs error detection for the mail subject section.
*/
public function validate_mail_subject( $template, $content ) {
$section = sprintf( '%s.subject', $template );
if ( $this->supports( 'maybe_empty' ) ) {
if ( $this->detect_maybe_empty( $section, $content ) ) {
$this->add_error( $section, 'maybe_empty',
array(
'message' => __( "There is a possible empty field.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'maybe_empty' );
}
}
}
/**
* Runs error detection for the mail sender section.
*/
public function validate_mail_sender( $template, $content ) {
$section = sprintf( '%s.sender', $template );
if ( $this->supports( 'invalid_mailbox_syntax' ) ) {
if ( $this->detect_invalid_mailbox_syntax( $section, $content ) ) {
$this->add_error( $section, 'invalid_mailbox_syntax',
array(
'message' => __( "Invalid mailbox syntax is used.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'invalid_mailbox_syntax' );
}
if ( ! $invalid_mailbox and ! wpcf7_is_email_in_site_domain( $sender ) ) {
$this->add_error( sprintf( '%s.sender', $template ),
'email_not_in_site_domain',
array(
'message' => __( "Sender email address does not belong to the site domain.", 'contact-form-7' ),
)
);
}
if ( $this->supports( 'email_not_in_site_domain' ) ) {
$this->remove_error( $section, 'email_not_in_site_domain' );
$recipient = new WPCF7_MailTaggedText(
$components['recipient'],
array( 'callback' => $callback )
);
if ( ! $this->has_error( $section, 'invalid_mailbox_syntax' ) ) {
$sender = $this->replace_mail_tags( $content );
$sender = wpcf7_strip_newline( $sender );
$recipient = $recipient->replace_tags();
$recipient = wpcf7_strip_newline( $recipient );
if ( ! wpcf7_is_email_in_site_domain( $sender ) ) {
$this->add_error( $section, 'email_not_in_site_domain',
array(
'message' => __( "Sender email address does not belong to the site domain.", 'contact-form-7' ),
)
);
}
}
}
}
$this->detect_invalid_mailbox_syntax(
sprintf( '%s.recipient', $template ),
$recipient
);
$additional_headers = new WPCF7_MailTaggedText(
$components['additional_headers'],
array( 'callback' => $callback )
);
/**
* Runs error detection for the mail recipient section.
*/
public function validate_mail_recipient( $template, $content ) {
$section = sprintf( '%s.recipient', $template );
$additional_headers = $additional_headers->replace_tags();
$additional_headers = explode( "\n", $additional_headers );
$mailbox_header_types = array( 'reply-to', 'cc', 'bcc' );
$invalid_mail_header_exists = false;
if ( $this->supports( 'invalid_mailbox_syntax' ) ) {
if ( $this->detect_invalid_mailbox_syntax( $section, $content ) ) {
$this->add_error( $section, 'invalid_mailbox_syntax',
array(
'message' => __( "Invalid mailbox syntax is used.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'invalid_mailbox_syntax' );
}
}
if ( $this->supports( 'unsafe_email_without_protection' ) ) {
$this->remove_error( $section, 'unsafe_email_without_protection' );
if ( ! $this->has_error( $section, 'invalid_mailbox_syntax' ) ) {
if (
$this->detect_unsafe_email_without_protection( $section, $content )
) {
$this->add_error( $section, 'unsafe_email_without_protection',
array(
'message' => __( "Unsafe email config is used without sufficient protection.", 'contact-form-7' ),
)
);
}
}
}
}
/**
* Runs error detection for the mail additional headers section.
*/
public function validate_mail_additional_headers( $template, $content ) {
$section = sprintf( '%s.additional_headers', $template );
$invalid_mail_headers = array();
$invalid_mailbox_fields = array();
$unsafe_email_fields = array();
foreach ( explode( "\n", $content ) as $header ) {
foreach ( $additional_headers as $header ) {
$header = trim( $header );
if ( '' === $header ) {
continue;
}
$is_valid_header = preg_match(
'/^([0-9A-Za-z-]+):(.*)$/',
$header,
$matches
);
if ( ! $is_valid_header ) {
$invalid_mail_headers[] = $header;
continue;
}
$header_name = $matches[1];
$header_value = trim( $matches[2] );
if (
in_array(
strtolower( $header_name ), array( 'reply-to', 'cc', 'bcc' )
) and
'' !== $header_value and
$this->detect_invalid_mailbox_syntax( $section, $header_value )
) {
$invalid_mailbox_fields[] = $header_name;
continue;
}
if (
in_array( strtolower( $header_name ), array( 'cc', 'bcc' ) ) and
$this->detect_unsafe_email_without_protection( $section, $header_value )
) {
$unsafe_email_fields[] = $header_name;
}
}
if ( $this->supports( 'invalid_mail_header' ) ) {
if ( ! empty( $invalid_mail_headers ) ) {
$this->add_error( $section, 'invalid_mail_header',
array(
'message' => __( "There are invalid mail header fields.", 'contact-form-7' ),
)
);
if ( ! preg_match( '/^([0-9A-Za-z-]+):(.*)$/', $header, $matches ) ) {
$invalid_mail_header_exists = true;
} else {
$this->remove_error( $section, 'invalid_mail_header' );
}
}
$header_name = $matches[1];
$header_value = trim( $matches[2] );
if ( $this->supports( 'invalid_mailbox_syntax' ) ) {
if ( ! empty( $invalid_mailbox_fields ) ) {
foreach ( $invalid_mailbox_fields as $header_name ) {
$this->add_error( $section, 'invalid_mailbox_syntax',
if ( in_array( strtolower( $header_name ), $mailbox_header_types )
and '' !== $header_value ) {
$this->detect_invalid_mailbox_syntax(
sprintf( '%s.additional_headers', $template ),
$header_value,
array(
'message' => __( "Invalid mailbox syntax is used in the %name% field.", 'contact-form-7' ),
'params' => array( 'name' => $header_name ),
'params' => array( 'name' => $header_name )
)
);
}
} else {
$this->remove_error( $section, 'invalid_mailbox_syntax' );
}
}
if ( $this->supports( 'unsafe_email_without_protection' ) ) {
if ( ! empty( $unsafe_email_fields ) ) {
$this->add_error( $section, 'unsafe_email_without_protection',
array(
'message' => __( "Unsafe email config is used without sufficient protection.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'unsafe_email_without_protection' );
}
if ( $invalid_mail_header_exists ) {
$this->add_error( sprintf( '%s.additional_headers', $template ),
'invalid_mail_header',
array(
'message' => __( "There are invalid mail header fields.", 'contact-form-7' ),
)
);
}
}
$body = new WPCF7_MailTaggedText(
$components['body'],
array( 'callback' => $callback )
);
/**
* Runs error detection for the mail body section.
*/
public function validate_mail_body( $template, $content ) {
$section = sprintf( '%s.body', $template );
$body = $body->replace_tags();
if ( $this->supports( 'maybe_empty' ) ) {
if ( $this->detect_maybe_empty( $section, $content ) ) {
$this->add_error( $section, 'maybe_empty',
array(
'message' => __( "There is a possible empty field.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'maybe_empty' );
}
}
}
$this->detect_maybe_empty( sprintf( '%s.body', $template ), $body );
/**
* Runs error detection for the mail attachments section.
*/
public function validate_mail_attachments( $template, $content ) {
$section = sprintf( '%s.attachments', $template );
$total_size = 0;
$files_not_found = array();
$files_out_of_content = array();
if ( '' !== $content ) {
if ( '' !== $components['attachments'] ) {
$attachables = array();
$tags = $this->contact_form->scan_form_tags(
@@ -396,7 +236,7 @@ trait WPCF7_ConfigValidator_Mail {
foreach ( $tags as $tag ) {
$name = $tag->name;
if ( ! str_contains( $content, "[{$name}]" ) ) {
if ( ! str_contains( $components['attachments'], "[{$name}]" ) ) {
continue;
}
@@ -409,61 +249,41 @@ trait WPCF7_ConfigValidator_Mail {
$total_size = array_sum( $attachables );
foreach ( explode( "\n", $content ) as $line ) {
$has_file_not_found = false;
$has_file_not_in_content_dir = false;
foreach ( explode( "\n", $components['attachments'] ) as $line ) {
$line = trim( $line );
if ( '' === $line or str_starts_with( $line, '[' ) ) {
continue;
}
if ( $this->detect_file_not_found( $section, $line ) ) {
$files_not_found[] = $line;
} elseif ( $this->detect_file_not_in_content_dir( $section, $line ) ) {
$files_out_of_content[] = $line;
} else {
$has_file_not_found = $this->detect_file_not_found(
sprintf( '%s.attachments', $template ), $line
);
if ( ! $has_file_not_found and ! $has_file_not_in_content_dir ) {
$has_file_not_in_content_dir = $this->detect_file_not_in_content_dir(
sprintf( '%s.attachments', $template ), $line
);
}
if ( ! $has_file_not_found ) {
$path = path_join( WP_CONTENT_DIR, $line );
$total_size += (int) @filesize( $path );
}
}
}
if ( $this->supports( 'file_not_found' ) ) {
if ( ! empty( $files_not_found ) ) {
foreach ( $files_not_found as $line ) {
$this->add_error( $section, 'file_not_found',
array(
'message' => __( "Attachment file does not exist at %path%.", 'contact-form-7' ),
'params' => array( 'path' => $line ),
)
);
}
} else {
$this->remove_error( $section, 'file_not_found' );
}
}
if ( $this->supports( 'file_not_in_content_dir' ) ) {
if ( ! empty( $files_out_of_content ) ) {
$this->add_error( $section, 'file_not_in_content_dir',
array(
'message' => __( "It is not allowed to use files outside the wp-content directory.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'file_not_in_content_dir' );
}
}
if ( $this->supports( 'attachments_overweight' ) ) {
$max = 25 * MB_IN_BYTES; // 25 MB
if ( $max < $total_size ) {
$this->add_error( $section, 'attachments_overweight',
$this->add_error( sprintf( '%s.attachments', $template ),
'attachments_overweight',
array(
'message' => __( "The total size of attachment files is too large.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'attachments_overweight' );
}
}
}
@@ -474,12 +294,17 @@ trait WPCF7_ConfigValidator_Mail {
*
* @link https://contactform7.com/configuration-errors/invalid-mailbox-syntax/
*/
public function detect_invalid_mailbox_syntax( $section, $content ) {
$content = $this->replace_mail_tags( $content );
$content = wpcf7_strip_newline( $content );
public function detect_invalid_mailbox_syntax( $section, $content, $args = '' ) {
$args = wp_parse_args( $args, array(
'message' => __( "Invalid mailbox syntax is used.", 'contact-form-7' ),
'params' => array(),
) );
if ( ! wpcf7_is_mailbox_list( $content ) ) {
return true;
return $this->add_error( $section,
'invalid_mailbox_syntax',
$args
);
}
return false;
@@ -492,11 +317,13 @@ trait WPCF7_ConfigValidator_Mail {
* @link https://contactform7.com/configuration-errors/maybe-empty/
*/
public function detect_maybe_empty( $section, $content ) {
$content = $this->replace_mail_tags( $content );
$content = wpcf7_strip_newline( $content );
if ( '' === $content ) {
return true;
return $this->add_error( $section,
'maybe_empty',
array(
'message' => __( "There is a possible empty field.", 'contact-form-7' ),
)
);
}
return false;
@@ -512,7 +339,13 @@ trait WPCF7_ConfigValidator_Mail {
$path = path_join( WP_CONTENT_DIR, $content );
if ( ! is_readable( $path ) or ! is_file( $path ) ) {
return true;
return $this->add_error( $section,
'file_not_found',
array(
'message' => __( "Attachment file does not exist at %path%.", 'contact-form-7' ),
'params' => array( 'path' => $content ),
)
);
}
return false;
@@ -528,73 +361,12 @@ trait WPCF7_ConfigValidator_Mail {
$path = path_join( WP_CONTENT_DIR, $content );
if ( ! wpcf7_is_file_path_in_content_dir( $path ) ) {
return true;
}
return false;
}
/**
* Detects errors of that unsafe email config is used without
* sufficient protection.
*
* @link https://contactform7.com/configuration-errors/unsafe-email-without-protection/
*/
public function detect_unsafe_email_without_protection( $section, $content ) {
static $is_recaptcha_active = null;
if ( null === $is_recaptcha_active ) {
$is_recaptcha_active = call_user_func( function () {
$service = WPCF7_RECAPTCHA::get_instance();
return $service->is_active();
} );
}
if ( $is_recaptcha_active ) {
return false;
}
$example_email = 'example@example.com';
// Replace mail-tags connected to an email type form-tag first.
$content = $this->replace_mail_tags( $content, array(
'callback' => function ( $matches ) use ( $example_email ) {
// allow [[foo]] syntax for escaping a tag
if ( $matches[1] === '[' and $matches[4] === ']' ) {
return substr( $matches[0], 1, -1 );
}
$tag = $matches[0];
$tagname = $matches[2];
$values = $matches[3];
$mail_tag = new WPCF7_MailTag( $tag, $tagname, $values );
$field_name = $mail_tag->field_name();
$form_tags = $this->contact_form->scan_form_tags(
array( 'name' => $field_name )
);
if ( $form_tags ) {
$form_tag = new WPCF7_FormTag( $form_tags[0] );
if ( 'email' === $form_tag->basetype ) {
return $example_email;
}
}
return $tag;
},
) );
// Replace remaining mail-tags.
$content = $this->replace_mail_tags( $content );
$content = wpcf7_strip_newline( $content );
if ( str_contains( $content, $example_email ) ) {
return true;
return $this->add_error( $section,
'file_not_in_content_dir',
array(
'message' => __( "It is not allowed to use files outside the wp-content directory.", 'contact-form-7' ),
)
);
}
return false;

28
wp/wp-content/plugins/contact-form-7/includes/config-validator/messages.php
View File

@@ -12,27 +12,14 @@ trait WPCF7_ConfigValidator_Messages {
return;
}
if (
isset( $messages['captcha_not_match'] ) and
! wpcf7_use_really_simple_captcha()
) {
if ( isset( $messages['captcha_not_match'] )
and ! wpcf7_use_really_simple_captcha() ) {
unset( $messages['captcha_not_match'] );
}
foreach ( $messages as $key => $message ) {
$section = sprintf( 'messages.%s', $key );
if ( $this->supports( 'html_in_message' ) ) {
if ( $this->detect_html_in_message( $section, $message ) ) {
$this->add_error( $section, 'html_in_message',
array(
'message' => __( "HTML tags are used in a message.", 'contact-form-7' ),
)
);
} else {
$this->remove_error( $section, 'html_in_message' );
}
}
$this->detect_html_in_message( $section, $message );
}
}
@@ -45,8 +32,13 @@ trait WPCF7_ConfigValidator_Messages {
public function detect_html_in_message( $section, $content ) {
$stripped = wp_strip_all_tags( $content );
if ( $stripped !== $content ) {
return true;
if ( $stripped != $content ) {
return $this->add_error( $section,
'html_in_message',
array(
'message' => __( "HTML tags are used in a message.", 'contact-form-7' ),
)
);
}
return false;

72
wp/wp-content/plugins/contact-form-7/includes/config-validator/validator.php
View File

@@ -4,7 +4,6 @@ require_once path_join( __DIR__, 'form.php' );
require_once path_join( __DIR__, 'mail.php' );
require_once path_join( __DIR__, 'messages.php' );
require_once path_join( __DIR__, 'additional-settings.php' );
require_once path_join( __DIR__, 'actions.php' );
/**
@@ -14,10 +13,15 @@ require_once path_join( __DIR__, 'actions.php' );
*/
class WPCF7_ConfigValidator {
use WPCF7_ConfigValidator_Form;
use WPCF7_ConfigValidator_Mail;
use WPCF7_ConfigValidator_Messages;
use WPCF7_ConfigValidator_AdditionalSettings;
/**
* The plugin version in which important updates happened last time.
*/
const last_important_update = '5.8.1';
const last_important_update = '5.6.1';
const error_codes = array(
'maybe_empty',
@@ -35,18 +39,10 @@ class WPCF7_ConfigValidator {
'dots_in_names',
'colons_in_names',
'upload_filesize_overlimit',
'unsafe_email_without_protection',
);
use WPCF7_ConfigValidator_Form;
use WPCF7_ConfigValidator_Mail;
use WPCF7_ConfigValidator_Messages;
use WPCF7_ConfigValidator_AdditionalSettings;
private $contact_form;
private $errors = array();
private $include;
private $exclude;
/**
@@ -70,21 +66,8 @@ class WPCF7_ConfigValidator {
/**
* Constructor.
*/
public function __construct( WPCF7_ContactForm $contact_form, $args = '' ) {
$args = wp_parse_args( $args, array(
'include' => null,
'exclude' => null,
) );
public function __construct( WPCF7_ContactForm $contact_form ) {
$this->contact_form = $contact_form;
if ( isset( $args['include'] ) ) {
$this->include = (array) $args['include'];
}
if ( isset( $args['exclude'] ) ) {
$this->exclude = (array) $args['exclude'];
}
}
@@ -104,24 +87,6 @@ class WPCF7_ConfigValidator {
}
/**
* Returns true if the given error code is supported by this instance.
*/
public function supports( $error_code ) {
if ( isset( $this->include ) ) {
$supported_codes = array_intersect( self::error_codes, $this->include );
} else {
$supported_codes = self::error_codes;
}
if ( isset( $this->exclude ) ) {
$supported_codes = array_diff( $supported_codes, $this->exclude );
}
return in_array( $error_code, $supported_codes, true );
}
/**
* Counts detected errors.
*/
@@ -230,27 +195,6 @@ class WPCF7_ConfigValidator {
}
/**
* Returns true if the specified section has the specified error.
*
* @param string $section The section where the error detected.
* @param string $code The unique code of the error.
*/
public function has_error( $section, $code ) {
if ( empty( $this->errors[$section] ) ) {
return false;
}
foreach ( (array) $this->errors[$section] as $error ) {
if ( isset( $error['code'] ) and $error['code'] === $code ) {
return true;
}
}
return false;
}
/**
* Adds a validation error.
*
@@ -320,6 +264,8 @@ class WPCF7_ConfigValidator {
* @return bool True if there is no error detected.
*/
public function validate() {
$this->errors = array();
$this->validate_form();
$this->validate_mail( 'mail' );
$this->validate_mail( 'mail_2' );