PluginProbe ʕ •ᴥ•ʔ
Contact Form 7 / 3.7.2
Contact Form 7 v3.7.2
6.1.6 5.0.2 5.0.3 5.0.4 5.0.5 5.1 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2 5.2.1 5.2.2 5.3 5.3.1 5.3.2 5.4 5.4.1 5.4.2 5.5 5.5.1 5.5.2 5.5.3 5.5.4 5.5.5 5.5.6 5.5.6.1 5.6 5.6.1 5.6.2 5.6.3 5.6.4 5.7 5.7.1 5.7.2 5.7.3 5.7.4 5.7.5 5.7.5.1 5.7.6 5.7.7 5.8 5.8.1 5.8.2 5.8.3 5.8.4 5.8.5 5.8.6 5.8.7 5.9 5.9.2 5.9.3 5.9.4 5.9.5 5.9.6 5.9.7 5.9.8 6.0 6.0.1 6.0.2 6.0.3 6.0.4 6.0.5 6.0.6 6.1 6.1.1 6.1.2 6.1.3 6.1.4 6.1.5 trunk 1.1 1.10 1.10.0.1 1.10.1 1.2 1.3 1.3.1 1.3.2 1.4 1.4.1 1.4.2 1.4.3 1.4.4 1.5 1.6 1.6.1 1.7 1.7.1 1.7.2 1.7.4 1.7.5 1.7.6 1.7.6.1 1.7.7 1.7.7.1 1.7.8 1.8 1.8.0.1 1.8.0.2 1.8.0.3 1.8.0.4 1.8.1 1.8.1.1 1.9 1.9.1 1.9.2 1.9.2.1 1.9.2.2 1.9.3 1.9.4 1.9.5 1.9.5.1 2.0 2.0-beta 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1 2.1.1 2.1.2 2.2 2.2.1 2.3 2.3.1 2.4 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 3.0 3.0-beta 3.0.1 3.0.2 3.0.2.1 3.1 3.1.1 3.1.2 3.2 3.2.1 3.3 3.3.1 3.3.2 3.3.3 3.4 3.4.1 3.4.2 3.5 3.5.1 3.5.2 3.5.3 3.5.4 3.6 3.7 3.7.1 3.7.2 3.8 3.8.1 3.9 3.9-beta 3.9.1 3.9.2 3.9.3 4.0 4.0.1 4.0.2 4.0.3 4.1 4.1-beta 4.1.1 4.1.2 4.2 4.2-beta 4.2.1 4.2.2 4.3 4.3.1 4.4 4.4.1 4.4.2 4.5 4.5.1 4.6 4.6.1 4.7 4.8 4.8.1 4.9 4.9.1 4.9.2 5.0 5.0.1
contact-form-7 / modules / file.php
contact-form-7 / modules Last commit date
acceptance.php 12 years ago akismet.php 13 years ago captcha.php 12 years ago checkbox.php 12 years ago date.php 12 years ago file.php 12 years ago flamingo.php 12 years ago jetpack.php 12 years ago number.php 12 years ago quiz.php 12 years ago response.php 15 years ago select.php 12 years ago special-mail-tags.php 13 years ago submit.php 12 years ago text.php 12 years ago textarea.php 12 years ago
file.php
342 lines
1 <?php
2 /**
3 ** A base module for [file] and [file*]
4 **/
5
6 /* Shortcode handler */
7
8 add_action( 'wpcf7_init', 'wpcf7_add_shortcode_file' );
9
10 function wpcf7_add_shortcode_file() {
11 wpcf7_add_shortcode( array( 'file', 'file*' ),
12 'wpcf7_file_shortcode_handler', true );
13 }
14
15 function wpcf7_file_shortcode_handler( $tag ) {
16 $tag = new WPCF7_Shortcode( $tag );
17
18 if ( empty( $tag->name ) )
19 return '';
20
21 $validation_error = wpcf7_get_validation_error( $tag->name );
22
23 $class = wpcf7_form_controls_class( $tag->type );
24
25 if ( $validation_error )
26 $class .= ' wpcf7-not-valid';
27
28 $atts = array();
29
30 $atts['size'] = $tag->get_size_option( '40' );
31 $atts['class'] = $tag->get_class_option( $class );
32 $atts['id'] = $tag->get_option( 'id', 'id', true );
33 $atts['tabindex'] = $tag->get_option( 'tabindex', 'int', true );
34
35 if ( $tag->is_required() )
36 $atts['aria-required'] = 'true';
37
38 $atts['aria-invalid'] = $validation_error ? 'true' : 'false';
39
40 $atts['type'] = 'file';
41 $atts['name'] = $tag->name;
42 $atts['value'] = '1';
43
44 $atts = wpcf7_format_atts( $atts );
45
46 $html = sprintf(
47 '<span class="wpcf7-form-control-wrap %1$s"><input %2$s />%3$s</span>',
48 $tag->name, $atts, $validation_error );
49
50 return $html;
51 }
52
53
54 /* Encode type filter */
55
56 add_filter( 'wpcf7_form_enctype', 'wpcf7_file_form_enctype_filter' );
57
58 function wpcf7_file_form_enctype_filter( $enctype ) {
59 $multipart = (bool) wpcf7_scan_shortcode( array( 'type' => array( 'file', 'file*' ) ) );
60
61 if ( $multipart )
62 $enctype = ' enctype="multipart/form-data"';
63
64 return $enctype;
65 }
66
67
68 /* Validation + upload handling filter */
69
70 add_filter( 'wpcf7_validate_file', 'wpcf7_file_validation_filter', 10, 2 );
71 add_filter( 'wpcf7_validate_file*', 'wpcf7_file_validation_filter', 10, 2 );
72
73 function wpcf7_file_validation_filter( $result, $tag ) {
74 $tag = new WPCF7_Shortcode( $tag );
75
76 $name = $tag->name;
77
78 $file = isset( $_FILES[$name] ) ? $_FILES[$name] : null;
79
80 if ( $file['error'] && UPLOAD_ERR_NO_FILE != $file['error'] ) {
81 $result['valid'] = false;
82 $result['reason'][$name] = wpcf7_get_message( 'upload_failed_php_error' );
83 return $result;
84 }
85
86 if ( empty( $file['tmp_name'] ) && $tag->is_required() ) {
87 $result['valid'] = false;
88 $result['reason'][$name] = wpcf7_get_message( 'invalid_required' );
89 return $result;
90 }
91
92 if ( ! is_uploaded_file( $file['tmp_name'] ) )
93 return $result;
94
95 $allowed_file_types = array();
96
97 if ( $file_types_a = $tag->get_option( 'filetypes' ) ) {
98 foreach ( $file_types_a as $file_types ) {
99 $file_types = explode( '|', $file_types );
100
101 foreach ( $file_types as $file_type ) {
102 $file_type = trim( $file_type, '.' );
103 $file_type = str_replace( array( '.', '+', '*', '?' ),
104 array( '\.', '\+', '\*', '\?' ), $file_type );
105 $allowed_file_types[] = $file_type;
106 }
107 }
108 }
109
110 $allowed_file_types = array_unique( $allowed_file_types );
111 $file_type_pattern = implode( '|', $allowed_file_types );
112
113 $allowed_size = 1048576; // default size 1 MB
114
115 if ( $file_size_a = $tag->get_option( 'limit' ) ) {
116 $limit_pattern = '/^([1-9][0-9]*)([kKmM]?[bB])?$/';
117
118 foreach ( $file_size_a as $file_size ) {
119 if ( preg_match( $limit_pattern, $file_size, $matches ) ) {
120 $allowed_size = (int) $matches[1];
121
122 if ( ! empty( $matches[2] ) ) {
123 $kbmb = strtolower( $matches[2] );
124
125 if ( 'kb' == $kbmb )
126 $allowed_size *= 1024;
127 elseif ( 'mb' == $kbmb )
128 $allowed_size *= 1024 * 1024;
129 }
130
131 break;
132 }
133 }
134 }
135
136 /* File type validation */
137
138 // Default file-type restriction
139 if ( '' == $file_type_pattern )
140 $file_type_pattern = 'jpg|jpeg|png|gif|pdf|doc|docx|ppt|pptx|odt|avi|ogg|m4a|mov|mp3|mp4|mpg|wav|wmv';
141
142 $file_type_pattern = trim( $file_type_pattern, '|' );
143 $file_type_pattern = '(' . $file_type_pattern . ')';
144 $file_type_pattern = '/\.' . $file_type_pattern . '$/i';
145
146 if ( ! preg_match( $file_type_pattern, $file['name'] ) ) {
147 $result['valid'] = false;
148 $result['reason'][$name] = wpcf7_get_message( 'upload_file_type_invalid' );
149 return $result;
150 }
151
152 /* File size validation */
153
154 if ( $file['size'] > $allowed_size ) {
155 $result['valid'] = false;
156 $result['reason'][$name] = wpcf7_get_message( 'upload_file_too_large' );
157 return $result;
158 }
159
160 $uploads_dir = wpcf7_upload_tmp_dir();
161 wpcf7_init_uploads(); // Confirm upload dir
162
163 $filename = $file['name'];
164 $filename = wpcf7_antiscript_file_name( $filename );
165 $filename = wp_unique_filename( $uploads_dir, $filename );
166
167 $new_file = trailingslashit( $uploads_dir ) . $filename;
168
169 if ( false === @move_uploaded_file( $file['tmp_name'], $new_file ) ) {
170 $result['valid'] = false;
171 $result['reason'][$name] = wpcf7_get_message( 'upload_failed' );
172 return $result;
173 }
174
175 // Make sure the uploaded file is only readable for the owner process
176 @chmod( $new_file, 0400 );
177
178 if ( $contact_form = wpcf7_get_current_contact_form() ) {
179 $contact_form->uploaded_files[$name] = $new_file;
180
181 if ( empty( $contact_form->posted_data[$name] ) )
182 $contact_form->posted_data[$name] = $filename;
183 }
184
185 return $result;
186 }
187
188
189 /* Messages */
190
191 add_filter( 'wpcf7_messages', 'wpcf7_file_messages' );
192
193 function wpcf7_file_messages( $messages ) {
194 return array_merge( $messages, array(
195 'upload_failed' => array(
196 'description' => __( "Uploading a file fails for any reason", 'contact-form-7' ),
197 'default' => __( 'Failed to upload file.', 'contact-form-7' )
198 ),
199
200 'upload_file_type_invalid' => array(
201 'description' => __( "Uploaded file is not allowed file type", 'contact-form-7' ),
202 'default' => __( 'This file type is not allowed.', 'contact-form-7' )
203 ),
204
205 'upload_file_too_large' => array(
206 'description' => __( "Uploaded file is too large", 'contact-form-7' ),
207 'default' => __( 'This file is too large.', 'contact-form-7' )
208 ),
209
210 'upload_failed_php_error' => array(
211 'description' => __( "Uploading a file fails for PHP error", 'contact-form-7' ),
212 'default' => __( 'Failed to upload file. Error occurred.', 'contact-form-7' )
213 )
214 ) );
215 }
216
217
218 /* Tag generator */
219
220 add_action( 'admin_init', 'wpcf7_add_tag_generator_file', 50 );
221
222 function wpcf7_add_tag_generator_file() {
223 if ( ! function_exists( 'wpcf7_add_tag_generator' ) )
224 return;
225
226 wpcf7_add_tag_generator( 'file', __( 'File upload', 'contact-form-7' ),
227 'wpcf7-tg-pane-file', 'wpcf7_tg_pane_file' );
228 }
229
230 function wpcf7_tg_pane_file( &$contact_form ) {
231 ?>
232 <div id="wpcf7-tg-pane-file" class="hidden">
233 <form action="">
234 <table>
235 <tr><td><input type="checkbox" name="required" />&nbsp;<?php echo esc_html( __( 'Required field?', 'contact-form-7' ) ); ?></td></tr>
236 <tr><td><?php echo esc_html( __( 'Name', 'contact-form-7' ) ); ?><br /><input type="text" name="name" class="tg-name oneline" /></td><td></td></tr>
237 </table>
238
239 <table>
240 <tr>
241 <td><code>id</code> (<?php echo esc_html( __( 'optional', 'contact-form-7' ) ); ?>)<br />
242 <input type="text" name="id" class="idvalue oneline option" /></td>
243
244 <td><code>class</code> (<?php echo esc_html( __( 'optional', 'contact-form-7' ) ); ?>)<br />
245 <input type="text" name="class" class="classvalue oneline option" /></td>
246 </tr>
247
248 <tr>
249 <td><?php echo esc_html( __( "File size limit", 'contact-form-7' ) ); ?> (<?php echo esc_html( __( 'bytes', 'contact-form-7' ) ); ?>) (<?php echo esc_html( __( 'optional', 'contact-form-7' ) ); ?>)<br />
250 <input type="text" name="limit" class="filesize oneline option" /></td>
251
252 <td><?php echo esc_html( __( "Acceptable file types", 'contact-form-7' ) ); ?> (<?php echo esc_html( __( 'optional', 'contact-form-7' ) ); ?>)<br />
253 <input type="text" name="filetypes" class="filetype oneline option" /></td>
254 </tr>
255 </table>
256
257 <div class="tg-tag"><?php echo esc_html( __( "Copy this code and paste it into the form left.", 'contact-form-7' ) ); ?><br /><input type="text" name="file" class="tag wp-ui-text-highlight code" readonly="readonly" onfocus="this.select()" /></div>
258
259 <div class="tg-mail-tag"><?php echo esc_html( __( "And, put this code into the File Attachments field below.", 'contact-form-7' ) ); ?><br /><input type="text" class="mail-tag wp-ui-text-highlight code" readonly="readonly" onfocus="this.select()" /></div>
260 </form>
261 </div>
262 <?php
263 }
264
265
266 /* Warning message */
267
268 add_action( 'wpcf7_admin_notices', 'wpcf7_file_display_warning_message' );
269
270 function wpcf7_file_display_warning_message() {
271 if ( ! $contact_form = wpcf7_get_current_contact_form() ) {
272 return;
273 }
274
275 $has_tags = (bool) $contact_form->form_scan_shortcode(
276 array( 'type' => array( 'file', 'file*' ) ) );
277
278 if ( ! $has_tags )
279 return;
280
281 $uploads_dir = wpcf7_upload_tmp_dir();
282 wpcf7_init_uploads();
283
284 if ( ! is_dir( $uploads_dir ) || ! wp_is_writable( $uploads_dir ) ) {
285 $message = sprintf( __( 'This contact form contains file uploading fields, but the temporary folder for the files (%s) does not exist or is not writable. You can create the folder or change its permission manually.', 'contact-form-7' ), $uploads_dir );
286
287 echo '<div class="error"><p><strong>' . esc_html( $message ) . '</strong></p></div>';
288 }
289 }
290
291
292 /* File uploading functions */
293
294 function wpcf7_init_uploads() {
295 $dir = wpcf7_upload_tmp_dir();
296 wp_mkdir_p( trailingslashit( $dir ) );
297 @chmod( $dir, 0733 );
298
299 $htaccess_file = trailingslashit( $dir ) . '.htaccess';
300 if ( file_exists( $htaccess_file ) )
301 return;
302
303 if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
304 fwrite( $handle, "Deny from all\n" );
305 fclose( $handle );
306 }
307 }
308
309 function wpcf7_upload_tmp_dir() {
310 if ( defined( 'WPCF7_UPLOADS_TMP_DIR' ) )
311 return WPCF7_UPLOADS_TMP_DIR;
312 else
313 return wpcf7_upload_dir( 'dir' ) . '/wpcf7_uploads';
314 }
315
316 function wpcf7_cleanup_upload_files() {
317 $dir = trailingslashit( wpcf7_upload_tmp_dir() );
318
319 if ( ! is_dir( $dir ) )
320 return false;
321 if ( ! is_readable( $dir ) )
322 return false;
323 if ( ! wp_is_writable( $dir ) )
324 return false;
325
326 if ( $handle = @opendir( $dir ) ) {
327 while ( false !== ( $file = readdir( $handle ) ) ) {
328 if ( $file == "." || $file == ".." || $file == ".htaccess" )
329 continue;
330
331 $stat = stat( $dir . $file );
332 if ( $stat['mtime'] + 60 < time() ) // 60 secs
333 @unlink( $dir . $file );
334 }
335 closedir( $handle );
336 }
337 }
338
339 if ( ! is_admin() && 'GET' == $_SERVER['REQUEST_METHOD'] )
340 wpcf7_cleanup_upload_files();
341
342 ?>