• Resolved chaoix


    Support for a my-functions.php in wp-content/plugins/ or wp-content/plugins/cforms-custom/ is broken in the latest release.

    I have patched lib_ajax.php and lib_nonajax.php as a temporary fix to the issue:


     * Copyright (c) 2006-2012 Oliver Seidel (email : oliver.seidel @ deliciousdays.com)
     * Copyright (c) 2014-2015 Bastian Germann
     * This program is free software: you can redistribute it and/or modify
     * it under the terms of the GNU General Public License as published by
     * the Free Software Foundation, either version 3 of the License, or
     * (at your option) any later version.
     * This program is distributed in the hope that it will be useful,
     * but WITHOUT ANY WARRANTY; without even the implied warranty of
     * GNU General Public License for more details.
     * You should have received a copy of the GNU General Public License
     * along with this program.  If not, see <https://www.gnu.org/licenses/>.
    ###  ajax submission of form
    require_once(plugin_dir_path(__FILE__) . 'lib_email.php');
    require_once(plugin_dir_path(__FILE__) . 'lib_aux.php');
    add_action( 'wp_ajax_submitcomment', 'cforms2_submitcomment' );
    add_action( 'wp_ajax_nopriv_submitcomment', 'cforms2_submitcomment' );
    ###  submit comment
    function cforms2_submitcomment() {
    	check_admin_referer( 'submitcomment' );
    	global $cformsSettings, $wpdb, $subID, $track, $trackf, $Ajaxpid, $AjaxURL, $WPresp, $commentparent;
    	header ('Content-Type: text/plain');
    	$content = '';
    	if (isset($_POST['rsargs']))
    		$content = $_POST['rsargs'];
    	$content = explode('+++', $content); ###  Added special fields
    	if ( count($content) > 3 ){
    	    $commentparent = $content[1];
    	    $Ajaxpid = $content[2];
    	    $AjaxURL = $content[3];
        }else {
    	    $Ajaxpid = $content[1];
    	    $AjaxURL = $content[2];
    	$segments = explode('$#$', $content[0]);
    	$params = array();
    	$CFfunctionsC = plugin_dir_path(dirname(__FILE__)).'cforms-custom'.DIRECTORY_SEPARATOR.'my-functions.php';
        $CFfunctions = plugin_dir_path(__FILE__).'my-functions.php';
        if ( file_exists($CFfunctionsC) )
        else if ( file_exists($CFfunctions) )
    	$user = wp_get_current_user();
    	for($i = 1; $i <= sizeof($segments); $i++) {
    		$params['field_' . $i] = $segments[$i];
    	###  fix reference to first form
    	if ( $segments[0]=='1' ) $params['id'] = $no = ''; else $params['id'] = $no = $segments[0];
    	### TAF flag
        $isTAF = substr($cformsSettings['form'.$no]['cforms'.$no.'_tellafriend'],0,1);
    	###  user filter ?
    	if( function_exists('my_cforms_ajax_filter') )
    	###  init variables
    	$track = array();
    	$trackinstance = array();
     	$to_one = -1;
      	$ccme = false;
    	$field_email = '';
    	$off = 0;
    	$taf_youremail = false;
    	$taf_friendsemail = false;
    	###  form limit reached
    	if ( ($cformsSettings['form'.$no]['cforms'.$no.'_maxentries']<>'' && cforms2_get_submission_left($no)==0) || !cforms2_check_time($no) ){
    	    $pre = $segments[0].'*$#'.substr($cformsSettings['form'.$no]['cforms'.$no.'_popup'],0,1);
    	    echo $pre . preg_replace ( '|\r\n|', '<br />', stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_limittxt']));
    	$captchaopt = $cformsSettings['global']['cforms_captcha_def'];
    	for($i = 1; $i <= sizeof($params)-2; $i++) {
    			$field_stat = explode('$#$', $cformsSettings['form'.$no]['cforms'.$no.'_count_field_' . ((int)$i+(int)$off)] );
    			while ( in_array($field_stat[1],array('fieldsetstart','fieldsetend','textonly','captcha','verification')) ) {
    				if ( $field_stat[1] == 'captcha' && !(is_user_logged_in() && $captchaopt['fo']!='1') )
    				if ( cforms2_check_pluggable_captchas_authn_users($field_stat[1]) )
                    if ( $field_stat[1] == 'fieldsetstart' ){
                            $track['$$$'.((int)$i+(int)$off)] = 'Fieldset'.$fieldsetnr;
                            $track['Fieldset'.$fieldsetnr++] = $field_stat[0];
                        } elseif ( $field_stat[1] == 'fieldsetend' ){
                            $track['FieldsetEnd'.$fieldsetnr++] = '--';
                    ### get next in line...
                    $field_stat = explode('$#$', $cformsSettings['form'.$no]['cforms'.$no.'_count_field_' . ((int)$i+(int)$off)] );
                    if( $field_stat[1] == '')
                        break 2; ###  all fields searched, break both while & for
    			###  filter all redundant WP comment fields if user is logged in
    			while ( in_array($field_stat[1],array('cauthor','email','url')) && $user->ID ) {
    			    $temp = explode('|', $field_stat[0],3); ### get field name
    			    $temp = explode('#', $temp[0],2);
    		 		switch( $field_stat[1] ){
    						case 'cauthor':
    							$track['cauthor'] = $track[$temp[0]] = $user->display_name;
    							$track['$$$'.((int)$i+(int)$off)] = $temp[0];
    						case 'email':
    							$track['email'] = $track[$temp[0]] = $field_email = $user->user_email;
    							$track['$$$'.((int)$i+(int)$off)] = $temp[0];
    						case 'url':
    							$track['url'] = $track[$temp[0]] = $user->user_url;
    							$track['$$$'.((int)$i+(int)$off)] = $temp[0];
    					$field_stat = explode('$#$', $cformsSettings['form'.$no]['cforms'.$no.'_count_field_' . ((int)$i+(int)$off)] );
    					if( $field_stat[1] == '')
    						break 2; ###  all fields searched, break both while & for
    			$field_name = $field_stat[0];
    			$field_type = $field_stat[1];
    			### remove [id: ] first
    			if ( strpos($field_name,'[id:')!==false ){
    				preg_match('/^([^\[]*)\[id:([^\|\]]+(\[\])?)\]([^\|]*).*/',$field_name,$input_name); // author: cbacchini
    				$field_name = $input_name[1].$input_name[4];
    				$customTrackingID	= cforms2_sanitize_ids( $input_name[2] );
    			###  dissect field
    		    $obj = explode('|', $field_name,3);
    			###  strip out default value
    			$field_name = $obj[0];
    			###  special WP comment fields
    			if( in_array($field_stat[1],array('cauthor','email','url','comment','send2author')) ){
    			    $temp = explode('#', $field_name,2);
    				if ( $temp[0] == '' )
                    	$field_name = $field_stat[1];
                    	$field_name = $temp[0];
    				### keep copy of values
        			$track[$field_stat[1]] = stripslashes( $params['field_' . $i] );
    				if ( $field_stat[1] == 'email' )
    					$field_email = $params['field_' . $i];
    			###  special Tell-A-Friend fields
    			if ( $taf_friendsemail == '' && $field_type=='friendsemail' && $field_stat[3]=='1'){
    					preg_match("/^[_a-z0-9+-]+(\.[_a-z0-9+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/i", $params ['field_' . $i], $r);
    					$field_email = $taf_friendsemail = $r[1];  // double checking anti spam TAF
    			if ( $taf_youremail == '' && $field_type=='youremail' && $field_stat[3]=='1')
    					$taf_youremail = $params ['field_' . $i];
    			if ( $field_type=='friendsname' )
    					$taf_friendsname = $params ['field_' . $i];
    			if ( $field_type=='yourname' )
    					$taf_yourname = $params ['field_' . $i];
    			###  lets find an email field ("Is Email") and that's not empty!
    			if ( $field_email == '' && $field_stat[3]=='1') {
    					$field_email = $params ['field_' . $i];
    			###  special case: select & radio
    			if ( $field_type == "multiselectbox" || $field_type == "selectbox" || $field_type == "radiobuttons" || $field_type == "checkboxgroup") {
    			  $field_name = explode('#',$field_name);
    			  $field_name = $field_name[0];
    			###  special case: check box
    			if ( $field_type == "checkbox" || $field_type == "ccbox" ) {
    			  $field_name = explode('#',$field_name);
    			  $field_name = ($field_name[1]=='')?$field_name[0]:$field_name[1];
    			  $field_name = explode('|',$field_name);
    			  $field_name = $field_name[0];
    				###  if ccbox & checked
    			  if ($field_type == "ccbox" && $params ['field_' . $i]<>"" ) //10.2. removed "-"
    			      ##$ccme = 'field_' . $i;
    			      $ccme = $field_name;
    			if ( $field_type == "emailtobox" ){  			### special case where the value needs to bet get from the DB!
                    $to_one = $params ['field_' . $i];
    				$field_name = explode('#',$field_stat[0]);  ### can't use field_name, since '|' check earlier
    	            $tmp = explode('|', $field_name[$to_one+1] );   ###  remove possible |set:true
    	            $value  = $tmp[0];                              ###  values start from 0 or after!
    				$to = $replyto = stripslashes($tmp[1]);
    				$field_name = $field_name[0];
    			else {
    			    if ( strtoupper(get_option('blog_charset')) <> 'UTF-8' && function_exists('mb_convert_encoding'))
            		    $value = mb_convert_encoding(utf8_decode( stripslashes( $params['field_' . $i] ) ), get_option('blog_charset'));   ###  convert back and forth to support also other than UTF8 charsets
                        $value = stripslashes( $params['field_' . $i] );
    			### only if hidden!
    			if( $field_type == 'hidden' )
    				$value = rawurldecode($value);
    			### check boxes
    			if ( $field_type == "checkbox" || $field_type == "ccbox" ) {
    					if ( $value == 'on' )
    						$value = '(x)';
    						$value = '';
    			### determine tracked field name
    			if ( array_key_exists($trackname, $track) ){
    				if ( $trackinstance[$trackname]=='' )
    				$inc = '___'.($trackinstance[$trackname]++);
    			$track['$$$'.(int)($i+$off)] = $trackname.$inc;
    			$track[$trackname.$inc] = $value;
    			if( $customTrackingID<>'' )
    				$track['$$$'.$customTrackingID] = $trackname.$inc;
    	} ###  for
    	###  prefilter user input
    	if( function_exists('my_cforms_filter') )
    	###  assemble text & html email
    	$r = cforms2_format_email($track,$no);
        $formdata = $r['text'];
        $htmlformdata = $r['html'];
    	###  record:
    	$subID = ( $isTAF=='2' && $track['send2author']<>'1' )?'noid':cforms2_write_tracking_record($no,$field_email);
    	###  allow the user to use form data for other apps
    	$trackf['id'] = $no;
    	$trackf['data'] = $track;
    	if( function_exists('my_cforms_action') ) {
    		try {
    		} catch ( Exception $exc ) {
    			echo $segments[0].'*$#y' . $exc->getMessage() .'|---';
    	$isAjaxWPcomment = substr($cformsSettings['form'.$no]['cforms'.$no.'_tellafriend'], 0, 1) === '2';
        ###  Catch WP-Comment function | if send2author just continue
        if ( $isAjaxWPcomment!==false && (!isset($track['send2author']) || $track['send2author']=='0') ){
    		require_once (plugin_dir_path(__FILE__) . 'lib_WPcomment.php');
    	    ###  Catch WP-Comment function: error
    	    if ( !$WPsuccess ) {
        	    echo $segments[0].'*$#'.substr($cformsSettings['form'.$no]['cforms'.$no.'_popup'],1,1) . $WPresp .'|---';
        } ### Catch WP-Comment function
    	###  multiple recipients? and to whom is the email sent? to_one = picked recip.
    	if ( $isAjaxWPcomment!==false && $track['send2author']=='1' ) {
    		$to = $wpdb->get_results($wpdb->prepare("SELECT U.user_email FROM $wpdb->users as U, $wpdb->posts as P WHERE P.ID = %d AND U.ID=P.post_author", $Ajaxpid));
    		$to = $replyto = ($to[0]->user_email<>'')?$to[0]->user_email:$replyto;
    	else if ( !($to_one<>-1 && $to<>'') ){
    		$to = $replyto = preg_replace( array('/;|#|\|/'), array(','), stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_email']) );
    	### from
    	$frommail = cforms2_check_cust_vars(stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_fromemail']),$track);
    	###  T-A-F override?
    	if ( $isTAF=='1' && $taf_youremail && $taf_friendsemail )
    		$replyto = "\"{$taf_yourname}\" <{$taf_youremail}>";
        ### logic: dynamic admin email address
        if ( function_exists('my_cforms_logic') )
            $to = my_cforms_logic($trackf, $to,'adminTO');  ### use trackf!
    	### either use configured subject or user determined
    	$vsubject = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_subject']);
    	if (function_exists('my_cforms_logic'))
    		$vsubject = my_cforms_logic($trackf,$vsubject,'adminEmailSUBJ');
    	$vsubject = cforms2_check_default_vars($vsubject,$no);
    	$vsubject = cforms2_check_cust_vars($vsubject,$track);
    	###  prep message text, replace variables
    	$message = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_header']);
    	if ( function_exists('my_cforms_logic') )
    		$message = my_cforms_logic($trackf, $message,'adminEmailTXT');
    	$message = cforms2_check_default_vars($message,$no);
    	$message = cforms2_check_cust_vars($message,$track);
    	###  actual user message
        if( substr($cformsSettings['form'.$no]['cforms'.$no.'_formdata'],2,1)=='1' ){
    		$htmlmessage = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_header_html']);
    	    if ( function_exists('my_cforms_logic') )
    	        $htmlmessage = my_cforms_logic($trackf, $htmlmessage,'adminEmailHTML');
    		$htmlmessage = cforms2_check_default_vars($htmlmessage,$no);
    	    $htmlmessage = cforms2_check_cust_vars($htmlmessage,$track,true);
    	### custom user ReplyTo handling
    	if ( function_exists('my_cforms_logic') )
    		$userReplyTo = my_cforms_logic($trackf, $field_email, 'ReplyTo');
    		$userReplyTo = $field_email;
    	$mail = new cforms2_mail($no,$frommail,$to,$userReplyTo, true);
    	$mail->subj  = $vsubject;
    	### HTML email
    	if ( $mail->html_show ) {
    	    $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$htmlmessage.( $mail->f_html?$mail->eol.$htmlformdata:'').$mail->eol."</body></html>".$mail->eol;
    	    $mail->body_alt  =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	    $mail->body     =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
        if( $cformsSettings['form'.$no]['cforms'.$no.'_emailoff']=='1' || ($WPsuccess && $cformsSettings['form'.$no]['cforms'.$no.'_tellafriend']!='21') )
            $sentadmin = 1;
    	    $sentadmin = $mail->send();
    	if( $sentadmin == 1 )
    		###  send copy or notification?
    	    if ( ($cformsSettings['form'.$no]['cforms'.$no.'_confirm']=='1' && $field_email<>'') || ($ccme&&$trackf[data][$ccme]<>'') )  ###  not if no email & already CC'ed
    	                $frommail = cforms2_check_cust_vars(stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_fromemail']),$track);
    	                ###  actual user message
    	                $cmsg = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_cmsg']);
    	                if ( function_exists('my_cforms_logic') )
    	                    $cmsg = my_cforms_logic($trackf, $cmsg,'autoConfTXT');
    	                $cmsg = cforms2_check_default_vars($cmsg,$no);
    	                $cmsg = cforms2_check_cust_vars($cmsg,$track);
    	                ###  HTML text
    	                if( substr($cformsSettings['form'.$no]['cforms'.$no.'_formdata'],3,1)=='1' ){
    	                    $cmsghtml = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_cmsg_html']);
    	                    if ( function_exists('my_cforms_logic') )
    	                        $cmsghtml = my_cforms_logic($trackf, $cmsghtml,'autoConfHTML');
    	                    $cmsghtml = cforms2_check_default_vars($cmsghtml,$no);
    	                    $cmsghtml = cforms2_check_cust_vars($cmsghtml,$track,true);
    	                ### subject
    	                $subject2 = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_csubject']);
    					if (function_exists('my_cforms_logic'))
    						$subject2 = my_cforms_logic($trackf,$subject2,'autoConfSUBJ');
    					$subject2 = cforms2_check_default_vars($subject2,$no);
    	                $subject2 = cforms2_check_cust_vars($subject2,$track);
    	                ###  different cc & ac subjects?
    	                $s[1] = ($s[1]<>'') ? $s[1] : $s[0];
    	                ###  email tracking via 3rd party?
    	                ###  if in Tell-A-Friend Mode, then overwrite header stuff...
    	                if ( $taf_youremail && $taf_friendsemail && $isTAF=='1' )
    	                    $field_email = "\"{$taf_friendsname}\" <{$taf_friendsemail}>"; ### sanitize taf_friendsemail !!!
    	                    $field_email = ($cformsSettings['form'.$no]['cforms'.$no.'_tracking']<>'')?$field_email.$cformsSettings['form'.$no]['cforms'.$no.'_tracking']:$field_email;
    	                $mail = new cforms2_mail($no,$frommail,$field_email,$replyto);
    	                ### auto conf attachment?
    	                $a = $cformsSettings['form'.$no]['cforms'.$no.'_cattachment'][0];
    	                $a = (substr($a,0,1)=='/') ? $a : plugin_dir_path(__FILE__).$a;
    	                if ( $a<>'' && file_exists( $a ) ) {
    	                    $mail->add_file($a); ### optional name
    	                ### CC or auto conf?
    	                if ( $ccme&&$trackf[data][$ccme]<>'' ) {
    	                        $mail->subj = $s[1];
    	                        if ( $mail->html_show ) {  // 3.2.2012 changed from html_show_ac > admin email setting dictates this!
    	                            $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$htmlmessage.( $mail->f_html?$mail->eol.$htmlformdata:'').$mail->eol."</body></html>".$mail->eol;
    	                            $mail->body_alt  =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	                            $mail->body     =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	                        $sent = $mail->send();
    	                else {
    	                        $mail->subj = $s[0];
    	                        if ( $mail->html_show_ac ) {
    	                            $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$cmsghtml."</body></html>".$mail->eol;
    	                            $mail->body_alt  =  $cmsg;
    	                            $mail->body     =  $cmsg;
    	                        $sent = $mail->send();
    	                if( $sent<>'1' ) {
    	                    $err = __('Error occurred while sending the auto confirmation message: ','cforms') . '<br />'. $mail->err;
    	                    $pre = $segments[0].'*$#'.substr($cformsSettings['form'.$no]['cforms'.$no.'_popup'],1,1);
    	                    echo $pre . $err .'|!!!';
    	    } ###  cc
    		###  return success msg
    	    $pre = $segments[0].'*$#'.substr($cformsSettings['form'.$no]['cforms'.$no.'_popup'],0,1);
    		###  WP-Comment: override
    		if ( $WPsuccess )
    			$successMsg = $WPresp;
            	$successMsg	= cforms2_check_default_vars(stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_success']),$no);
    			$successMsg	= str_replace ( $mail->eol, '<br />', $successMsg);
    		$successMsg	= cforms2_check_cust_vars($successMsg,$track);
    	    ### logic: possibly change usermessage
    	    if ( function_exists('my_cforms_logic') )
    	        $successMsg = my_cforms_logic($trackf, $successMsg,'successMessage');
    		###  hide?
            if ( $cformsSettings['form'.$no]['cforms'.$no.'_hide'] || cforms2_get_submission_left($no)==0 )
    			$opt .= '|~~~';
    		###  redirect to a different page on suceess?
    		if ( $cformsSettings['form'.$no]['cforms'.$no.'_redirect'] ) {
    			if ( function_exists('my_cforms_logic') ){
    				$red = my_cforms_logic($trackf, $cformsSettings['form'.$no]['cforms'.$no.'_redirect_page'],'redirection');
                	if ( $red<>'' )
                    	$opt .= '|>>>' . $red;  ### use trackf!
                } else
    				$opt .= '|>>>' . $cformsSettings['form'.$no]['cforms'.$no.'_redirect_page'];
    	    echo $pre.$successMsg.$opt;
    	else {  ###  no admin mail sent!
    		###  return error msg
    		$err = __('Error occurred while sending the message: ','cforms') . '<br />'. $mail->err;
    	    $pre = $segments[0].'*$#'.substr($cformsSettings['form'.$no]['cforms'.$no.'_popup'],1,1);
    	    echo $pre . $err .'|!!!';


     * Copyright (c) 2006-2012 Oliver Seidel (email : oliver.seidel @ deliciousdays.com)
     * Copyright (c) 2014-2015 Bastian Germann
     * This program is free software: you can redistribute it and/or modify
     * it under the terms of the GNU General Public License as published by
     * the Free Software Foundation, either version 3 of the License, or
     * (at your option) any later version.
     * This program is distributed in the hope that it will be useful,
     * but WITHOUT ANY WARRANTY; without even the implied warranty of
     * GNU General Public License for more details.
     * You should have received a copy of the GNU General Public License
     * along with this program.  If not, see <https://www.gnu.org/licenses/>.
    ###  Validate all fields
    $CFfunctionsC = plugin_dir_path(dirname(__FILE__)) . 'cforms-custom'.DIRECTORY_SEPARATOR.'my-functions.php';
    $CFfunctions = plugin_dir_path(__FILE__) . 'my-functions.php';
    if ( file_exists($CFfunctionsC) )
    else if ( file_exists($CFfunctions) )
    require_once (plugin_dir_path(__FILE__) . 'lib_validate.php');
    if( isset($_POST['sendbutton'.$no]) && $all_valid ) {
    	###  all valid? get ready to send
    	if( function_exists('my_cforms_filter') )
    	if ( ($cformsSettings['form'.$no]['cforms'.$no.'_maxentries']<>'' && cforms2_get_submission_left($no)==0) || !cforms2_check_time($no) ){
    		$cflimit = 'reached';
    	$usermessage_text = preg_replace ( '|\r\n|', '<br />', stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_success']) );
    	$track = array();
    	$trackinstance = array();
    	$to_one = -1;
    	$ccme = false;
    	$field_email = '';
    	$taf_youremail = false;
    	$taf_friendsemail = false;
    	$send2author = false;
    	$inpFieldArr = array(); // for var[] type input fields
    	$captchas = cforms2_get_pluggable_captchas();
    	$key = 0;
    	for($i = 1; $i <= $field_count; $i++) {
    		if ( !$custom )
    			$field_stat = explode('$#$', $cformsSettings['form'.$no]['cforms'.$no.'_count_field_' . $i ]);
    			$field_stat = explode('$#$', $customfields[$i-1]);
    		$field_stat[] = "";
    		###  filter non input fields
    		while ( in_array($field_stat[1],array('fieldsetstart','fieldsetend','textonly','captcha','verification')) ) {
    			if ( $field_stat[1] == 'captcha' && !(is_user_logged_in() && !$captchaopt['fo']=='1') )
    			if ( cforms2_check_pluggable_captchas_authn_users($field_stat[1]) )
    			if ( $field_stat[1] == 'fieldsetstart' ){
    				$track['$$$'.$i] = 'Fieldset'.$fieldsetnr;
    				$track['Fieldset'.$fieldsetnr++] = $field_stat[0];
    			}elseif ( $field_stat[1] == 'fieldsetend' ){
    				$track['FieldsetEnd'.$fieldsetnr++] = '--';
    			### get next in line...
    			if ( !$custom )
    				$field_stat = explode('$#$', $cformsSettings['form'.$no]['cforms'.$no.'_count_field_' . $i ]);
    				$field_stat = explode('$#$', $customfields[$i-1]);
    			$field_stat[] = "";
    			if( $field_stat[1] == '')
    					break 2; ###  all fields searched, break both while & for
    		$field_name = $field_stat[0];
    		$field_type = $field_stat[1];
    		$custom_names = ($cformsSettings['form'.$no]['cforms'.$no.'_customnames']=='1')?true:false;
    		if ( $custom_names ){
    			$tmpName = $field_name; ###hardcoded for now
    			if ( strpos($tmpName,'[id:')!==false ){
    				$isFieldArray = strpos($tmpName,'[]');
    			preg_match('/^([^\[]*)\[id:([^\|\]]+(\[\])?)\]([^\|]*).*/',$tmpName,$input_name); // author: cbacchini
    			$field_name = $input_name[1].$input_name[4];
    			$customTrackingID	= cforms2_sanitize_ids( $input_name[2] );
    			$current_field = cforms2_sanitize_ids( $customTrackingID );
    			} else{
    				if( strpos($tmpName,'#')!==false && strpos($tmpName,'#')==0 )
    					preg_match('/^#([^\|]*).*/',$field_name,$input_name); ###special case with checkboxes w/ right label only & no ID
    					preg_match('/^([^#\|]*).*/',$field_name,$input_name); ###just take front part
    				$current_field = cforms2_sanitize_ids($input_name[1]);
    			$current_field = 'cf'.$no.'_field_' . $i;
    		cforms2_dbg("lib_nonajax.php: looking at field: $current_field");
    		###  dissect field
    		$obj = explode('|', $field_name,3);
    		$defaultval = stripslashes($obj[1]);
    		###  strip out default value
    		$field_name = $obj[0];
    		if (!isset ($_POST[$current_field]))
    			$_POST[$current_field] = "";
    		###  special Tell-A-Friend fields
    		if ( !$taf_friendsemail && $field_type=='friendsemail' && $field_stat[3]=='1')
    				$field_email = $taf_friendsemail = $_POST[$current_field];
    		if ( !$taf_youremail && $field_type=='youremail' && $field_stat[3]=='1')
    				$taf_youremail = $_POST[$current_field];
    		if ( $field_type=='friendsname' )
    				$taf_friendsname = $_POST[$current_field];
    		if ( $field_type=='yourname' )
    				$taf_yourname = $_POST[$current_field];
    		###  special email field in WP Commente
    		if ( $field_type=='email' )
    				$field_email = (isset($_POST['email']))?$_POST['email']:$user->user_email;
    		###  special radio button WP Comments
    		if( $field_type=='send2author' && $_POST['send2author']=='1') {
    			continue; ###  don't record it.
    		###  find email address
    		if ( $field_email == '' && $field_stat[3]=='1')
    				$field_email = $_POST[$current_field];
    		###  special case: select box & radio box
    		if ( $field_type == "checkboxgroup" || $field_type == "multiselectbox" || $field_type == "selectbox" || $field_type == "radiobuttons" ) { ### only needed for field name
    		  $field_name = explode('#',$field_name);
    		  $field_name = $field_name[0];
    		###  special case: check box
    		if ( $field_type == "checkbox" || $field_type == "ccbox" ) {
    		  $field_name = explode('#',$field_name);
    		  $field_name = ($field_name[1]=='')?$field_name[0]:$field_name[1];
    			###  if ccbox
    		  if ($field_type == "ccbox" && isset($_POST[$current_field]) ){
    			if( $isMPform )
    			  $ccme = 'cf_form'.$no.'_'.$field_name;
    			  $ccme = $field_name;
    		if ( $field_type == "emailtobox" ){  				### special case where the value needs to bet get from the DB!
                $to_one = $_POST[$current_field];
                $field_name = explode('#',$field_stat[0]);  	### can't use field_name, since '|' check earlier
    			$tmp = explode('|', $field_name[$to_one+1] );	###  remove possible |set:true
                $value 	= $tmp[0];								###  values start from 0 or after!
    			$to = $replyto = stripslashes($tmp[1]);
                $field_name = $field_name[0];
     		else if ( $field_type == "upload" ){
    			if ( is_array($file) && is_array($file['name']) && isset($file['name'][$filefield])) {
    				### $fsize = $file['size'][$filefield]/1000;
    				$value = str_replace(' ','_',$file['name'][$filefield++]);
    				$value = '';
     		else if ( $field_type == "multiselectbox" || $field_type == "checkboxgroup"){
                $all_options = $_POST[$current_field];
     		    if ( count($all_options) > 0)
                    $value = stripslashes(implode(',', $all_options));
                    $value = '';
    		else if ( $field_stat[1] == 'captcha' )
    			$value = $_POST['cforms_captcha'.$no];
    		else if ( array_key_exists($field_stat[1], $captchas) )
    			$value = $_POST[ $field_stat[1] ];
    		else if( $field_type == 'cauthor' )  ###  WP Comments special fields
    			$value = ($user->display_name<>'')?$user->display_name:$_POST[$field_type];
    		else if( $field_type == 'url')
    			$value = ($user->user_url<>'')?$user->user_url:$_POST[$field_type];
    		else if( $field_type == 'email' )
    			$value = ($user->user_email<>'')?$user->user_email:$_POST[$field_type];
    		else if( $field_type == 'comment' )
    			$value = $_POST[$field_type];
    		else if( $field_type == 'hidden' )
    			$value = rawurldecode($_POST[$current_field]);
    		else {
    			if( $isFieldArray ) {
    				if( !$inpFieldArr[$current_field] || $inpFieldArr[$current_field]=='' ) {
    				$value = $_POST[$current_field][$inpFieldArr[$current_field]++];       ###  covers all other fields' values
    			} else
    				$value = $_POST[$current_field];       ###  covers all other fields' values
    		### check boxes
    		if ( $field_type == "checkbox" || $field_type == "ccbox" ) {
    				if ( $value == 'on' )
    					$value = '(x)';
    					$value = '';
    		### determine tracked field name
            $trackname = trim( ($field_type == "upload") ? $field_name.'[*'.($no==''?1:$no).']' : $field_name );
            if ( array_key_exists($trackname, $track) ){
                if ( !isset ($trackinstance[$trackname]) || $trackinstance[$trackname]==''  )
                $inc = '___'.($trackinstance[$trackname]++);
            $track['$$$'.$i] = $trackname.$inc;
            $track[$trackname.$inc] = $value;
            if( $customTrackingID<>'' )
                $track['$$$'.$customTrackingID] = $trackname.$inc;
    	} ### for all fields
    	###  prefilter user input
    	if( function_exists('my_cforms_filter') )
        ### multi-form session
    	$ongoingSession = 'noSess';
    	if( $cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_form'] ) {
    		if( $field_email<>'' )
    		if( $ccme<>'' )
    	    $_SESSION['cforms']['cf_form'.$no] = $track;
    		### debug
    		cforms2_dbg( "(lib_nonajax) In Session tracking for ($no)...".print_r($_SESSION,1) );
            $field_email = $_SESSION['cforms']['email']; ### fetch from prev. def
       		$ccme = $_SESSION['cforms']['ccme'];
    		$ongoingSession = '1';
    	###  assemble text & html email
    	if( $cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_form'] &&
        	!$cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_email'] &&
        	$cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_next']==-1 &&
            is_array($_SESSION['cforms']) ){
    			$track = cforms2_all_tracks($_SESSION['cforms']);
                $ongoingSession = '0';
    	### debug
    	cforms2_dbg( '$track = '.print_r($track,1) );
        $r = cforms2_format_email($track,$no);
        $formdata = $r['text'];
        $htmlformdata = $r['html'];
    	###  FIRST into the database is required!
    	global $subID, $wpdb;
    	$subID = ( $isTAF =='2' && !$send2author )?'noid':cforms2_write_tracking_record($no,$field_email);
    	###  allow the user to use form data for other apps
    	$trackf['id'] = $no;
    	$trackf['data'] = $track;
    	if( function_exists('my_cforms_action') ) {
    		try {
    		} catch ( Exception $exc ) {
    			$usermessage_text = $exc->getMessage();
    			$sentadmin = 1;
    	### set reply-to & watch out for T-A-F
    	$replyto = preg_replace( array('/;|#|\|/'), array(','), stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_email']) );
    	###  WP comment form > email to author
    	if ( $isTAF=='2' && $track['send2author']=='1'){
    			$to = $wpdb->get_results($wpdb->prepare("SELECT U.user_email FROM $wpdb->users as U, $wpdb->posts as P WHERE P.ID = %d AND U.ID=P.post_author", $_POST['comment_post_ID'.$no]));
    			$to = $replyto =  ($to[0]->user_email<>'')?$to[0]->user_email:$replyto;
    	else if ( !($to_one<>-1 && $to<>'') ){
    		$to = $replyto = preg_replace( array('/;|#|\|/'), array(','), stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_email']) );
    	### T-A-F overwrite
    	if ( $taf_youremail && $taf_friendsemail && $isTAF=='1' )
    		$replyto = "\"{$taf_yourname}\" <{$taf_youremail}>";
    	###  Files attached?? create $_SESSION['cforms']['upload'] via cforms2_move_files()
    	    if( $subID<>-1 && $ongoingSession!='0' )
    	        cforms2_move_files($track, $no, $subID);
    	        cforms2_move_files($track, $no, 'xx');
    	### end of session:
        if( $ongoingSession=='0' && is_array($_SESSION['cforms']['upload']) ){
        	foreach ( array_keys($_SESSION['cforms']['upload']) as $n ) {
    			if (  is_array( $_SESSION['cforms']['upload'][$n]['files']) ) {
    				foreach ( array_keys($_SESSION['cforms']['upload'][$n]['files']) as $m ) {
    					if( file_exists($_SESSION['cforms']['upload'][$n]['files'][$m]) )
    	###  ready to send email
    	$frommail = cforms2_check_cust_vars(stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_fromemail']),$track);
        ### logic: dynamic admin email address
        if ( function_exists('my_cforms_logic') )
            $to = my_cforms_logic($trackf, $to,'adminTO');  ### use trackf!
    	### either use configured subject or user determined
    	### now replace the left over {xyz} variables with the input data
    	$vsubject = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_subject']);
    	if (function_exists('my_cforms_logic'))
    		$vsubject = my_cforms_logic($trackf,$vsubject,'adminEmailSUBJ');
    	$vsubject = cforms2_check_default_vars($vsubject,$no);
    	$vsubject = cforms2_check_cust_vars($vsubject,$track);
    	###  prep message text, replace variables
    	$message	= stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_header']);
    	if ( function_exists('my_cforms_logic') ){
    		$message = my_cforms_logic($trackf, $message,'adminEmailTXT');
    		$formdata = my_cforms_logic($trackf, $formdata,'adminEmailDataTXT');
    	$message	= cforms2_check_default_vars($message,$no);
    	$message	= cforms2_check_cust_vars($message,$track);
        ###  actual user message
        if( substr($cformsSettings['form'.$no]['cforms'.$no.'_formdata'],2,1)=='1' ){
    	    $htmlmessage = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_header_html']);
    	    if ( function_exists('my_cforms_logic') ){
    	        $htmlmessage = my_cforms_logic($trackf, $htmlmessage,'adminEmailHTML');
    			$htmlformdata = my_cforms_logic($trackf, $htmlformdata,'adminEmailDataHTML');
    		$htmlmessage = cforms2_check_default_vars($htmlmessage,$no);
    	    $htmlmessage = cforms2_check_cust_vars($htmlmessage,$track,true);
    	### custom user ReplyTo handling
    	if ( function_exists('my_cforms_logic') )
    		$userReplyTo = my_cforms_logic($trackf, $field_email, 'ReplyTo');
    		$userReplyTo = $field_email;
    	$mail = new cforms2_mail($no,$frommail,$to,$userReplyTo, true);
    	$mail->subj  = $vsubject;
    	### HTML email
    	if ( $mail->html_show ) {
    	    $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$htmlmessage.( $mail->f_html?$mail->eol.$htmlformdata:'').$mail->eol."</body></html>".$mail->eol;
    	    $mail->body_alt  =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	    $mail->body     =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	### Skip admin email when MP form
        $MPok = !$cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_form'] || ($cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_form'] && !$cformsSettings['form'.$no]['cforms'.$no.'_mp']['mp_email']);
    	if ( $MPok ){
    	    ### adding attachments now
    		global $fdata, $fpointer;
    		$fdata = array();
    		$fpointer = 0;
    		### debug
    		cforms2_dbg( 'File Attachments:' );
    		### attachments wanted for current form? (tracking session form uploads handled above!)
    		$doAttach = !($cformsSettings['form'.$no]['cforms'.$no.'_noattachments']);
    		### form w/ files, within session or single form
    		if ( $doAttach && $ongoingSession!='0' && is_array($file)  && !empty($file) ){
    			foreach( $file['tmp_name'] as $fn ){
    				cforms2_base64($fn, $doAttach);
    				### debug
    				cforms2_dbg( "File = $fn, attach = $doAttach" );
    		### end of session w/ files
    		if( $ongoingSession=='0' && is_array($_SESSION['cforms']['upload']) ){
    			foreach ( array_keys($_SESSION['cforms']['upload']) as $n ) {
    				foreach ( array_keys($_SESSION['cforms']['upload'][$n]['files']) as $m ){
    					cforms2_base64(str_replace('xx',$subID,$_SESSION['cforms']['upload'][$n]['files'][$m]), $_SESSION['cforms']['upload'][$n]['doAttach'] );
    					### debug
    					cforms2_dbg( "(end of session) File = ".$_SESSION['cforms']['upload'][$n]['files'][$m].", attach = ".$_SESSION['cforms']['upload'][$n]['doAttach'] );
    		### parse through all files (both single and mp forms)
    		foreach ( $fdata as $file ) {
    			if ( $file[doAttach] && $file['name'] <> '' ){
    				$mail->add_file($file['name']); ### optional name
    				### debug
    				cforms2_dbg( 'Attaching file ('.$file['name'].') to email' );
    	    ### end adding attachments
    		### debug
    		### Shoot:
    		if( $cformsSettings['form'.$no]['cforms'.$no.'_emailoff']=='1' )
    	        $sentadmin = 1;
    	        $sentadmin = $mail->send();
    	    if( $sentadmin == 1 ) {
    				if (isset($trackf['data'][$ccme]))
    					cforms2_dbg("is CC: = $ccme, active = {$trackf['data'][$ccme]} | ");
    	            ###  send copy or notification?
                    ###  not if no email & already CC'ed
    	            if ( ($cformsSettings['form'.$no]['cforms'.$no.'_confirm']=='1' && $field_email<>'') || ($ccme&&$trackf[data][$ccme]<>'') ){
    	                $frommail = cforms2_check_cust_vars(stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_fromemail']),$track);
    	                ###  actual user message
    	                $cmsg = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_cmsg']);
    	                if ( function_exists('my_cforms_logic') )
    	                    $cmsg = my_cforms_logic($trackf, $cmsg,'autoConfTXT');
    	                $cmsg = cforms2_check_default_vars($cmsg,$no);
    	                $cmsg = cforms2_check_cust_vars($cmsg,$track);
    	                ###  HTML text
    					if( substr($cformsSettings['form'.$no]['cforms'.$no.'_formdata'],3,1)=='1' ){
    	                    $cmsghtml = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_cmsg_html']);
    	                    if ( function_exists('my_cforms_logic') )
    	                        $cmsghtml = my_cforms_logic($trackf, $cmsghtml,'autoConfHTML');
    	                    $cmsghtml = cforms2_check_default_vars($cmsghtml,$no);
    	                    $cmsghtml =	cforms2_check_cust_vars($cmsghtml,$track,true);
                        ### subject
    	                $subject2 = stripslashes($cformsSettings['form'.$no]['cforms'.$no.'_csubject']);
    					if (function_exists('my_cforms_logic'))
    						$subject2 = my_cforms_logic($trackf,$subject2,'autoConfSUBJ');
    	                $subject2 = cforms2_check_default_vars($subject2,$no);
    	                $subject2 = cforms2_check_cust_vars($subject2,$track);
    	                ###  different cc & ac subjects?
    	                $s[1] = ($s[1]<>'') ? $s[1] : $s[0];
    	                ###  email tracking via 3rd party?
    	                ###  if in Tell-A-Friend Mode, then overwrite header stuff...
    	                if ( $taf_youremail && $taf_friendsemail && $isTAF=='1' )
    	                    $field_email = "\"{$taf_friendsname}\" <{$taf_friendsemail}>";
    		                $field_email = ($cformsSettings['form'.$no]['cforms'.$no.'_tracking']<>'')?$field_email.$cformsSettings['form'.$no]['cforms'.$no.'_tracking']:$field_email;
    	                $mail = new cforms2_mail($no,$frommail,$field_email,$replyto);
    					### auto conf attachment?
    	                $a = $cformsSettings['form'.$no]['cforms'.$no.'_cattachment'][0];
    	                $a = (substr($a,0,1)=='/') ? $a : plugin_dir_path(__FILE__).$a;
    	                if ( $a<>'' && file_exists( $a ) ) {
    	                    $mail->add_file($a); ### optional name
                        ### CC or auto conf?
    	                if ( $ccme&&$trackf[data][$ccme]<>'' ) {
    							$mail->subj = $s[1];
    	                        if ( $mail->html_show ) {  // 3.2.2012 changed from html_show_ac > admin email setting dictates this!
    	                            $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$htmlmessage.( $mail->f_html?$mail->eol.$htmlformdata:'').$mail->eol."</body></html>".$mail->eol;
    	                            $mail->body_alt  =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	                            $mail->body     =  $message . ($mail->f_txt?$mail->eol.$formdata:'');
    	                        $sent = $mail->send();
    	                else { // ac below
    							$mail->subj = $s[0];
    	                        if ( $mail->html_show_ac ) {
    	                            $mail->body     =  $cformsSettings['global']['cforms_style_doctype'] .$mail->eol."<html xmlns=\"https://www.w3.org/1999/xhtml\">".$mail->eol."<head><title></title></head>".$mail->eol."<body {$cformsSettings['global']['cforms_style']['body']}>".$cmsghtml."</body></html>".$mail->eol;
    	                            $mail->body_alt  =  $cmsg;
    	                            $mail->body     =  $cmsg;
    	                        $sent = $mail->send();
    	                if( $sent<>'1' )
    				        $usermessage_text = __('Error occurred while sending the auto confirmation message: ','cforms') . '<br />'. $mail->err;
    	        ###  redirect to a different page on suceess?
    	        if ( $cformsSettings['form'.$no]['cforms'.$no.'_redirect'] && !$isWPcommentForm ) {
    	            if ( function_exists('my_cforms_logic') )
    	                $rp = my_cforms_logic($trackf, $cformsSettings['form'.$no]['cforms'.$no.'_redirect_page'],'redirection');  ### use trackf!
    	                $rp = $cformsSettings['form'.$no]['cforms'.$no.'_redirect_page'];
    	            if ( $rp <> '' ){ // TODO rework to do this via HTTP?
    	                <script type="text/javascript">
    	                    location.href = '<?php echo $rp; ?>';
    	    } ###  if $sentadmin
    	        $usermessage_text = __('Error occurred while sending the message: ','cforms') . '<br />'. $mail->err;
    	} ### if $MPok
    } ### if isset & valid sendbutton


Viewing 7 replies - 1 through 7 (of 7 total)
  • jbauguss


    I just experienced this same issue. The problem is they’ve completely changed how this works. It doesn’t auto look for cforms-custom anymore. It expects you to make a plugin out of your my-functions.php file. The instructions are not very clear really. I was able to get the gist of what they wanted with the new method though.

    What I did was renamed my-functions.php in cforms-custom to cforms-custom.php.

    I then put this at the top of my new cforms-custom.php
    * Plugin Name: cforms2 custom handler
    * Description: some description

    Then go to the plugins admin. You will now see a new plugin called cforms2 custom handler. Enable it.

    Your custom code should now work.

    As an aside to the new devs…This was a horrible thing to do. You completely killed backwards compatibility and if someone had auto update turned on, they’d likely not figure out their custom code wasn’t working for quite some time.

    What was the downside to the old method? What is the upside to this new method?

    Luckily I figured this out the hard way on a site in development. I have started using the new plugin tho as a replacement to the original. I’m just lucky I’ve only used it on a couple sites and I haven’t upgraded to 14.9 which broke the old functionality.

    Plugin Author bgermann



    joshbauguss has got it right. The reason for changing this is that I want to get rid of that cforms-custom folder completely, because it is not good style to depend on special directory names. If you have auto update enabled, you bear much more risks. Sites that cannot allow themselves to misbehave for some time should never bear such risks and put it off. Actually if you update the plugin manually, you should see this message: “If you use my-functions.php, you have to take action (see my-functions.php.txt).”

    What would be a better instruction to be clear for you?

    Thread Starter chaoix


    Might I suggest adding the appropriate actions and filters to replace the custom functions. I agree with you it isn’t good practice, but backwards compatibility should be a concern for these types of changes. We need at least two releases with the actions and my-functions.php stuff working together to give people time to migrate.

    Becky Melton


    I tried both solutions offered by chaoix and joshbauguss, but neither fix helped solve the problem. The admin area is now completely broken in our WordPress 4.2 sites.

    Would love to get this plugin working again, as it is really a great plugin.

    Becky Melton


    Can you recommend a workaround for editing forms until this problem can be fixed? Is editing the database the only way to make changes right now?

    Thread Starter chaoix



    This is problem is not related to any 4.2 issues. You should start a new thread for that and post any relevant PHP errors.


    Plugin Author bgermann


    @chaoix I will introduce such actions and filters, but I will also support the current behaviour (as a client of the filters to come). But I won’t reintroduce the cforms-custom way.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘my-functions.php support is broken in latest release’ is closed to new replies.