From 244ec72c6d7d554518ff89598cb999d39614af0d Mon Sep 17 00:00:00 2001
From: danix <danix@danix.xyz>
Date: Wed, 4 Nov 2020 15:35:56 +0100
Subject: Removed Genericons. Added dnxcf-font which is a subset of
 fontawesome. Removed every reference to gmaps. Added honeypot field. NEEDS
 TESTING!!

modificato:             danixland-contact-form.php
modificato:             include/dnxcf_helper.php
modificato:             include/dnxcf_mail_template_danixland.php
modificato:             include/dnxcf_options-display.php
modificato:             include/dnxcf_options-register.php
modificato:             include/dnxcf_settings.php
nuovo file:             style/dnxcf-font.css
modificato:             style/dnxcf_style.css
nuovo file:             style/font/dnxcf.eot
nuovo file:             style/font/dnxcf.svg
nuovo file:             style/font/dnxcf.ttf
nuovo file:             style/font/dnxcf.woff
nuovo file:             style/font/dnxcf.woff2
eliminato:              style/genericons/Genericons.eot
eliminato:              style/genericons/Genericons.svg
eliminato:              style/genericons/Genericons.ttf
eliminato:              style/genericons/Genericons.woff
eliminato:              style/genericons/genericons.css
---
 danixland-contact-form.php | 269 +++++++++++++++++++--------------------------
 1 file changed, 111 insertions(+), 158 deletions(-)

(limited to 'danixland-contact-form.php')

diff --git a/danixland-contact-form.php b/danixland-contact-form.php
index 7d5c8bd..e5348d3 100644
--- a/danixland-contact-form.php
+++ b/danixland-contact-form.php
@@ -1,11 +1,11 @@
 <?php
-defined( 'ABSPATH' ) or die( 'No script kiddies please!' );
+defined( 'ABSPATH' ) || die( 'No script kiddies please!' );
 
 /*
 Plugin Name:    danixland contact form
 Description:    A simple yet powerful contact form plugin
 Plugin URI:     https://danix.xyz/?p=3577
-Version:        1.2
+Version:        1.3
 Author:         Danilo 'danix' Macr&igrave;
 Author URI:     http://danix.xyz
 License:        GPL2
@@ -15,7 +15,7 @@ Text Domain:    dnxcf
 */
 
 global $dnxcf_form_version;
-$dnxcf_form_version = '1.2';
+$dnxcf_form_version = '1.3';
 
 /**
  * Add plugin i18n domain: dnxcf
@@ -42,63 +42,11 @@ if ( is_admin() ) {
 
 // Add Genericons, used in the contact form.
 function dnxcf_scripts() {
-	wp_enqueue_style( 'dnxcf_genericons', plugins_url( '/style/genericons/genericons.css', __FILE__ ), array(), '3.4.1' );
+	wp_enqueue_style( 'dnxcf_icons', plugins_url( '/style/dnxcf-font.css', __FILE__ ), array(), '1.3' );
 	wp_enqueue_style( 'dnxcf_helper_style', plugins_url( '/style/dnxcf_style.css', __FILE__ ), array(), '4.4.2' );
 }
 add_action( 'wp_enqueue_scripts', 'dnxcf_scripts' );
 
-/*
- * This function displays a google map by adding a js script to the wp_footer
- * @since 1.0
- */
-function dnxcf_gmap_enqueue() {
-	global $dnxcf_options;
-	$dnxcf_options = get_option( 'dnxcf_options' );
-	$latitude = $dnxcf_options['dnxcf_latitude'];
-	$longitude = $dnxcf_options['dnxcf_longitude'];
-	$apikey = $dnxcf_options['dnxcf_apikey'];
-	$sitename = get_bloginfo( 'name' );
-	$siteurl = get_bloginfo( 'url' );
-	$sitemsg = $dnxcf_options['dnxcf_gmap_message'];
-	$visitus = __( 'Come visit us', 'dnxcf' );
-
-	$popup_content = <<< DNX6655788EOT
-<div id="content">
-    <div id="siteNotice">
-    </div>
-    <h1 id="firstHeading" class="firstHeading">$sitename</h1>
-    <div id="bodyContent">
-        <p>$sitemsg</p>
-        <p><a href="$siteurl">$visitus</a></p>
-    </div>
-</div>
-DNX6655788EOT;
-	?>
-<script>
-	function initMap() {
-		var location = {lat: <?php echo $latitude; ?>, lng: <?php echo $longitude; ?> };
-		var map = new google.maps.Map( document.getElementById('dnxcf_gmap'), {zoom: 15, center: location} );
-
-		contentString = <?php echo json_encode( $popup_content ); ?>;
-		var infowindow = new google.maps.InfoWindow( {content: contentString} );
-
-		var marker = new google.maps.Marker( {position: location, map: map, animation: google.maps.Animation.DROP} );
-		marker.addListener('click', function() { infowindow.open(map, marker); });
-	}
-</script>
-
-<script src="https://maps.googleapis.com/maps/api/js?key=<?php echo $apikey; ?>&callback=initMap" async defer></script>
-
-	<?php
-}
-
-global $dnxcf_options;
-$dnxcf_options = get_option( 'dnxcf_options' );
-if ( ! empty( $dnxcf_options['dnxcf_apikey'] ) ) {
-	add_action( 'wp_footer', 'dnxcf_gmap_enqueue' );
-}
-
-
 /*
  * The actual contact form displayed using a shortcode
  * @since 0.1
@@ -156,82 +104,89 @@ function dnxcf_display_form() {
 		// security checks before submitting the form
 		if ( $_SERVER['REQUEST_URI'] == $_POST['_wp_http_referer'] && wp_verify_nonce( $_POST[ $dnxcf_form_name ], $dnxcf_form_action ) ) {
 
-			$dnxcf_posted = array();
-			// let's gather some data about the user submitting the form
-			$dnxcf_ltd    = trim( strip_tags( stripslashes( current_time( 'mysql' ) ) ) );
-			$dnxcf_hst    = trim( strip_tags( stripslashes( getenv( 'REMOTE_ADDR' ) ) ) );
-			$dnxcf_ua     = trim( strip_tags( stripslashes( $_SERVER['HTTP_USER_AGENT'] ) ) );
-			// our posted options, arranged in one nice array
-			$dnxcf_posted['dnxcf_name'] = sanitize_text_field( $_POST['dnxcf_name'] );
-			$dnxcf_posted['dnxcf_email'] = sanitize_email( $_POST['dnxcf_email'] );
-			$dnxcf_posted['dnxcf_website'] = esc_url( $_POST['dnxcf_website'] );
-			$dnxcf_posted['dnxcf_subject'] = sanitize_text_field( $_POST['dnxcf_subject'] );
-			$dnxcf_posted['dnxcf_message'] = wp_kses( $_POST['dnxcf_message'], $valid_html );
-			// let's begin with our email data, like receiver email, subject ecc.
-			$dnxcf_to         = $dnxcf_options['dnxcf_recv_email'];
-			$dnxcf_headers    = 'Reply-To: ' . $dnxcf_posted['dnxcf_email'];
-			$dnxcf_subject    = __( 'Contact from "', 'dnxcf' ) . get_bloginfo( 'name' ) . '" - ' . $dnxcf_posted['dnxcf_subject'];
+			// nonce and referrer are correct. Let's verify if the honeypot field is empty.
+			if ( empty( $_POST['dnxcf_pagelikes'] ) ) {
 
-			// check for our content type and arrange our info accordingly
-			if ( 'text/html' == $dnxcf_email_output ) {
-				require( apply_filters( 'dnxcf_template_file', dirname( __FILE__ ) . '/include/dnxcf_mail_template_danixland.php' ) );
-				$dnxcf_email_data = array(
-					'ownname' => $dnxcf_options['dnxcf_recv_name'],
-					'site' => get_bloginfo( 'name' ),
-					'time' => $dnxcf_ltd,
-					'host' => $dnxcf_hst,
-					'ua' => $dnxcf_ua,
-				);
-				$dnxcf_message = dnxcf_email_content( $dnxcf_email_data, $dnxcf_posted );
-			} else { // content_type is set to text/plain
-				$dnxcf_message = sprintf(
-					__( "Hello \"%1\$s\",\nyou are being contacted by %2\$s on %3\$s.\n%4\$s has provided the following informations:\n\tEmail:\t\t%5\$s\n\tWebsite:\t%6\$s\n\tMessage:\n\n%7\$s", 'dnxcf' ),
-					$dnxcf_options['dnxcf_recv_name'],
-					$dnxcf_posted['dnxcf_name'],
-					get_bloginfo( 'name' ),
-					$dnxcf_posted['dnxcf_name'],
-					$dnxcf_posted['dnxcf_email'],
-					$dnxcf_posted['dnxcf_website'],
-					$dnxcf_posted['dnxcf_message']
-				);
-				$dnxcf_message .= "\n\n##-----------#-----------#-----------##\n\n";
-				$dnxcf_message .= sprintf(
-					__( "We have also collected the following informations:\n\tBrowser:\t%1\$s\n\tTime:\t\t%2\$s\n\tIP Address:\t%3\$s\n", 'dnxcf' ),
-					$dnxcf_ua,
-					$dnxcf_ltd,
-					$dnxcf_hst
-				);
-			} // end check for mail_content_type
-			$dnxcf_mailed = wp_mail( $dnxcf_to, $dnxcf_subject, $dnxcf_message, $dnxcf_headers );
-			if ( $dnxcf_mailed ) {
-				?>
-			<p id="dnxcf_success"><?php _e( 'your email was sent successfully. Here\'s the data you submitted via our form.', 'dnxcf' ); ?></p>
-			<p>
-				<dl>
-					<dt><?php _e( 'Your Name:', 'dnxcf' ); ?></dt>
-					<dd><?php echo $dnxcf_posted['dnxcf_name']; ?></dd>
-					<dt><?php _e( 'Your e-mail:', 'dnxcf' ); ?></dt>
-					<dd><?php echo $dnxcf_posted['dnxcf_email']; ?></dd>
-					<dt><?php _e( 'Subject of your message:', 'dnxcf' ); ?></dt>
-					<dd><?php echo $dnxcf_posted['dnxcf_subject']; ?></dd>
-					<dt><?php _e( 'Text of your Message:', 'dnxcf' ); ?></dt>
-					<dd><blockquote><?php echo wptexturize( wpautop( $dnxcf_posted['dnxcf_message'] ) ); ?></blockquote></dd>
-				</dl>
-			</p>
-			<p><?php _e( 'we also collected some data for tecnical reasons.', 'dnxcf' ); ?></p>
-			<p>
-				<dl>
-					<dt><?php _e( 'Your IP address:', 'dnxcf' ); ?></dt>
-					<dd><?php echo $dnxcf_hst; ?></dd>
-					<dt><?php _e( 'Your Browser:', 'dnxcf' ); ?></dt>
-					<dd><?php echo $dnxcf_ua; ?></dd>
-				</dl>
-			</p>
-			<?php } else { ?>
-			<p id="dnxcf_result_failure"><?php printf( __( 'there was a problem processing your email. Please contact the <a href="mailto:%s">administrator</a>.', 'dnxcf' ), get_bloginfo( 'admin_email' ) ); ?></p>
-			<?php } ?>
+				$dnxcf_posted = array();
+				// let's gather some data about the user submitting the form
+				$dnxcf_ltd    = trim( strip_tags( stripslashes( current_time( 'mysql' ) ) ) );
+				$dnxcf_hst    = trim( strip_tags( stripslashes( getenv( 'REMOTE_ADDR' ) ) ) );
+				$dnxcf_ua     = trim( strip_tags( stripslashes( $_SERVER['HTTP_USER_AGENT'] ) ) );
+				// our posted options, arranged in one nice array
+				$dnxcf_posted['dnxcf_name'] = sanitize_text_field( $_POST['dnxcf_name'] );
+				$dnxcf_posted['dnxcf_email'] = sanitize_email( $_POST['dnxcf_email'] );
+				$dnxcf_posted['dnxcf_website'] = esc_url( $_POST['dnxcf_website'] );
+				$dnxcf_posted['dnxcf_subject'] = sanitize_text_field( $_POST['dnxcf_subject'] );
+				$dnxcf_posted['dnxcf_message'] = wp_kses( $_POST['dnxcf_message'], $valid_html );
+				// let's begin with our email data, like receiver email, subject ecc.
+				$dnxcf_to         = $dnxcf_options['dnxcf_recv_email'];
+				$dnxcf_headers    = 'Reply-To: ' . $dnxcf_posted['dnxcf_email'];
+				$dnxcf_subject    = __( 'Contact from "', 'dnxcf' ) . get_bloginfo( 'name' ) . '" - ' . $dnxcf_posted['dnxcf_subject'];
 
-			<?php
+				// check for our content type and arrange our info accordingly
+				if ( 'text/html' == $dnxcf_email_output ) {
+					require( apply_filters( 'dnxcf_template_file', dirname( __FILE__ ) . '/include/dnxcf_mail_template_danixland.php' ) );
+					$dnxcf_email_data = array(
+						'ownname' => $dnxcf_options['dnxcf_recv_name'],
+						'site' => get_bloginfo( 'name' ),
+						'time' => $dnxcf_ltd,
+						'host' => $dnxcf_hst,
+						'ua' => $dnxcf_ua,
+					);
+					$dnxcf_message = dnxcf_email_content( $dnxcf_email_data, $dnxcf_posted );
+				} else { // content_type is set to text/plain
+					$dnxcf_message = sprintf(
+						__( "Hello \"%1\$s\",\nyou are being contacted by %2\$s on %3\$s.\n%4\$s has provided the following informations:\n\tEmail:\t\t%5\$s\n\tWebsite:\t%6\$s\n\tMessage:\n\n%7\$s", 'dnxcf' ),
+						$dnxcf_options['dnxcf_recv_name'],
+						$dnxcf_posted['dnxcf_name'],
+						get_bloginfo( 'name' ),
+						$dnxcf_posted['dnxcf_name'],
+						$dnxcf_posted['dnxcf_email'],
+						$dnxcf_posted['dnxcf_website'],
+						$dnxcf_posted['dnxcf_message']
+					);
+					$dnxcf_message .= "\n\n##-----------#-----------#-----------##\n\n";
+					$dnxcf_message .= sprintf(
+						__( "We have also collected the following informations:\n\tBrowser:\t%1\$s\n\tTime:\t\t%2\$s\n\tIP Address:\t%3\$s\n", 'dnxcf' ),
+						$dnxcf_ua,
+						$dnxcf_ltd,
+						$dnxcf_hst
+					);
+				} // end check for mail_content_type
+
+				$dnxcf_mailed = wp_mail( $dnxcf_to, $dnxcf_subject, $dnxcf_message, $dnxcf_headers );
+
+				if ( $dnxcf_mailed ) {
+					?>
+				<p id="dnxcf_success"><?php _e( 'your email was sent successfully. Here\'s the data you submitted via our form.', 'dnxcf' ); ?></p>
+				<p>
+					<dl>
+						<dt><?php _e( 'Your Name:', 'dnxcf' ); ?></dt>
+						<dd><?php echo $dnxcf_posted['dnxcf_name']; ?></dd>
+						<dt><?php _e( 'Your e-mail:', 'dnxcf' ); ?></dt>
+						<dd><?php echo $dnxcf_posted['dnxcf_email']; ?></dd>
+						<dt><?php _e( 'Subject of your message:', 'dnxcf' ); ?></dt>
+						<dd><?php echo $dnxcf_posted['dnxcf_subject']; ?></dd>
+						<dt><?php _e( 'Text of your Message:', 'dnxcf' ); ?></dt>
+						<dd><blockquote><?php echo wptexturize( wpautop( $dnxcf_posted['dnxcf_message'] ) ); ?></blockquote></dd>
+					</dl>
+				</p>
+				<p><?php _e( 'we also collected some data for tecnical reasons.', 'dnxcf' ); ?></p>
+				<p>
+					<dl>
+						<dt><?php _e( 'Your IP address:', 'dnxcf' ); ?></dt>
+						<dd><?php echo $dnxcf_hst; ?></dd>
+						<dt><?php _e( 'Your Browser:', 'dnxcf' ); ?></dt>
+						<dd><?php echo $dnxcf_ua; ?></dd>
+					</dl>
+				</p>
+				<?php } else { ?>
+				<p id="dnxcf_result_failure"><?php printf( __( 'there was a problem processing your email. Please contact the <a href="mailto:%s">administrator</a>.', 'dnxcf' ), get_bloginfo( 'admin_email' ) ); ?></p>
+				<?php }
+			} else {
+				// dnxcf_pagelikes was not empty. This is a problem. ?>
+				<p id="dnxcf_spammer"><?php _e( 'looks like you don\'t belong here. We don\'t like spammers. Go away now!', 'dnxcf' ); ?></p>
+			<?php }
 		} else { // Houston we have a problem, spammer detected
 				// we might want to use the data we have and send a mail to the admin just in case...
 			?>
@@ -243,41 +198,39 @@ function dnxcf_display_form() {
 		$dnxcf_options = get_option( 'dnxcf_options' );
 		?>
 	<!-- begin #dnxcf_form -->
-	<form id="dnxcf_form" method="post" action="<?php echo htmlentities( $_SERVER['REQUEST_URI'] ); ?>">
-		<?php
-		wp_nonce_field( 'dnxcf_submit_' . $dnxcf_form_id, 'dnxcf_form_' . $dnxcf_pid, true, true );
-		if ( ! empty( $dnxcf_options['dnxcf_apikey'] ) ) :
-			?>
-		<h4><?php _e( 'Our location', 'dnxcf' ); ?></h4>
-		<div id="dnxcf_gmap"></div>
-		<?php endif; ?>
+	<form id="dnxcf_form" method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>">
+		<?php wp_nonce_field( 'dnxcf_submit_' . $dnxcf_form_id, 'dnxcf_form_' . $dnxcf_pid, true, true ); ?>
 		<p class="comment-notes"><?php _e( 'Required fields are marked ', 'dnxcf' ); ?><span class="required">*</span></p>
-		<fieldset id="dnxcf_formwrap">
+		<section id="dnxcf_formwrap">
 		<?php if ( $dnxcf_options['dnxcf_privacy'] ) : ?>
-			<fieldset id="dnxcf_privacy">
+			<section id="dnxcf_privacy">
 				<h4><?php _e( 'Privacy:', 'dnxcf' ); ?></h4>
 				<div class="policy"><?php echo wpautop( wptexturize( $dnxcf_options['dnxcf_privacy'] ) ); ?></div>
-			</fieldset>
+			</section>
 		<?php endif; ?>
-			<fieldset id="dnxcf_personal">
+			<section id="dnxcf_personal">
 				<h4><?php _e( 'Personal Informations:', 'dnxcf' ); ?></h4>
-				<p class="dnxcf-name">
-					<label class="genericon genericon-user" for="name"><span class="screen-reader-text"><?php _e( 'Full Name', 'dnxcf' ); ?></span><span class="required">*</span></label>
+				<p class="dnxcf-form-name">
+					<label class="dnxcf-user" for="name"><span class="screen-reader-text"><?php _e( 'Full Name', 'dnxcf' ); ?></span><span class="required">*</span></label>
 					<input name="dnxcf_name" id="name" size="35" maxlength="40" type="text" placeholder="<?php _e( 'name', 'dnxcf' ); ?>" required autocomplete="name">
 				</p>
-				<p class="dnxcf-email">
-					<label class="genericon genericon-mail" for="email"><span class="screen-reader-text"><?php _e( 'email address', 'dnxcf' ); ?></span><span class="required">*</span></label>
+				<p class="dnxcf-form-email">
+					<label class="dnxcf-mail" for="email"><span class="screen-reader-text"><?php _e( 'email address', 'dnxcf' ); ?></span><span class="required">*</span></label>
 					<input name="dnxcf_email" id="email" size="35" maxlength="50" type="email" placeholder="<?php _e( 'e-mail', 'dnxcf' ); ?>" required autocomplete="email">
 				</p>
-				<p class="dnxcf-website">
-					<label for="website" class="genericon genericon-website"><span class="screen-reader-text"><?php _e( 'website', 'dnxcf' ); ?></span></label>
+				<p class="dnxcf-form-website">
+					<label for="website" class="dnxcf-website"><span class="screen-reader-text"><?php _e( 'website', 'dnxcf' ); ?></span></label>
 					<input name="dnxcf_website" id="website" size="35" maxlength="50" type="url" placeholder="<?php _e( 'website', 'dnxcf' ); ?>" autocomplete="url">
 				</p>
-			</fieldset>
-			<fieldset id="dnxcf_message">
+				<p class="dnxcf-form-pagelikes">
+					<label for="pagelikes" class="dnxcf-like"><span class="screen-reader-text"><?php _e( 'pages you liked', 'dnxcf' ); ?></span></label>
+					<input name="dnxcf_pagelikes" id="pagelikes" size="35" maxlength="50" type="text" placeholder="<?php _e( 'what pages you liked?', 'dnxcf' ); ?>" autocomplete="off">
+				</p>
+			</section>
+			<section id="dnxcf_message">
 				<h4><?php _e( 'your message:', 'dnxcf' ); ?></h4>
-				<p class="dnxcf-subject">
-					<label class="genericon genericon-tag" for="subject"><span class="screen-reader-text"><?php _e( 'subject', 'dnxcf' ); ?></span><span class="required">*</span></label>
+				<p class="dnxcf-form-subject">
+					<label class="dnxcf-tag" for="subject"><span class="screen-reader-text"><?php _e( 'subject', 'dnxcf' ); ?></span><span class="required">*</span></label>
 					<select name="dnxcf_subject" id="subject" required>
 					<?php
 					global $dnxcf_options;
@@ -289,15 +242,15 @@ function dnxcf_display_form() {
 					?>
 					</select>
 				</p>
-				<p class="dnxcf-message">
-					<label class="genericon genericon-comment" for="message"><span class="screen-reader-text"><?php _e( 'message', 'dnxcf' ); ?></span><span class="required">*</span></label>
+				<p class="dnxcf-form-message">
+					<label class="dnxcf-message" for="message"><span class="screen-reader-text"><?php _e( 'message', 'dnxcf' ); ?></span><span class="required">*</span></label>
 					<textarea name="dnxcf_message" id="message" cols="60" rows="12" placeholder="<?php _e( 'Comment Here', 'dnxcf' ); ?>" required></textarea>
 				</p>
-			</fieldset>
-			<fieldset id="dnxcf_send">
+			</section>
+			<section id="dnxcf_send">
 				<input type="submit" name="<?php echo $dnxcf_send_value; ?>" id="<?php echo $dnxcf_send_value; ?>" value="<?php _e( 'send message', 'dnxcf' ); ?>">
-			</fieldset>
-		</fieldset><!-- #formwrap -->
+			</section>
+		</section><!-- #formwrap -->
 	</form>
 	<!-- end #dnxcf_form -->
 		<?php
-- 
cgit v1.2.3