2.4.15.9

change_log.txt

@@ -1,8 +1,94 @@
+### 2.4.15.9
+- Fixed an issue with the US/Canada phone field type not validating correctly when the no duplicates feature is enabled.
+
+
+### 2.4.15.8
+- Fixed the form widget and gravity_form function not suppressing the tabindex by default.
+
+
+### 2.4.15.7
+- Added security enhancements.
+
+
+### 2.4.15.6
+- Fixed a PHP notice for $phpmailer->ErrorInfo in certain sites where a third-party plugin or custom function could be altering the $phpmailer object.
+- Fixed front-end merge tag replacement returning values for fields in sections hidden by conditional logic.
+
+
+### 2.4.15.5
+- Fixed issue where [gform_input_change](https://docs.gravityforms.com/gform_input_change/) filter did not pass correct values for its parameters.
+
+
+### 2.4.15.4
+- Fixed styling conflict between Ready Classes and the Signature Add-on field.
+- Fixed password fields using the password strength feature throwing a false validation error in some multi-page form configurations.
+
+
+### 2.4.15.3
+- Fixed an issue where spaces at the beginning of a consent field's label can trigger false validation errors on a multi-page form if the field is marked as required.
+
+
+### 2.4.15.2
+- Updated the gform_version_info option so autoload is disabled.
+
+
+### 2.4.15.1
+- Fixed password visibility toggle being clickable when editing form.
+
+
+### 2.4.15 | 2019-11-06
+- Added entry notes with the sending result as part of the notification sending process. These notes can be customized or disabled using the *[gform_notification_note](https://docs.gravityforms.com/gform_notification_note/)* filter.
+- Added the *[gform_logging_message](https://docs.gravityforms.com/gform_logging_message/)* filter. Credit: Jamie Oastler.
+- Added support for disabling Confirm Password input in Password field.
+- Added password visibility toggle to Password field, enabled via new field setting.
+- Added support for osDXP.
+- Updated handling of sending notes and logging messages when no entry id is provided.
+- Updated Password field strength meter to match the WordPress password strength algorithm.
+- Updated the *[gform_{$SHORT_SLUG}_error](https://docs.gravityforms.com/gform_slug_error/)* hook to include *$error_message* as the fourth parameter.
+- Fixed update notifications on the Plugins page of a subsite when Gravity Forms or add-ons are activated on it, but aren't activated on the main site or the network.
+- Fixed an issue with invisible reCaptcha which can prevent the form from being submitted.
+- Fixed an issue where the honeypot can be assigned the wrong ID when the form contains Repeater fields.
+- Fixed a JavaScript error when conditional logic based on the radio button field other input is evaluated.
+- Fixed the form ID not being passed to the *[gform_phone_formats](https://docs.gravityforms.com/gform_phone_formats/)* filter when the field settings are sanitized on form save.
+- Fixed a PHP warning that would output if a notification is set to use conditional routing for the Send To address but no routing rules are defined.
+- Fixed active and inactive form counts not updating when changing a form's active status.
+- Fixed a corrupt confirmation being created for a form when all the confirmations have been deleted and there isn't a legacy confirmation (pre 1.7) to upgrade.
+- Fixed an issue with the address field where countries with apostrophes throw incorrect validation errors in certain situations.
+- Fixed PHP fatal errors caused by some required files not being loaded when the site path includes square brackets.
+- Removed the ability to set a placeholder in the settings UI for a consent field as the field does not use placeholders or the entered value anywhere.
+- API: Fixed an issue with field visibility evaluation for third-party integrations processing multiple entries in the same request. Credit: The GravityView team.
+- API: Fixed inactive notifications not being sent when using the v2 POST /entries/[ENTRY_ID]/notifications endpoint with the _notifications arg.
+
+
+### 2.4.14 | 2019-09-25
+- Fix an issue with the automatic update.
+
+
+### 2.4.13 | 2019-09-25
+- Added support for delaying feed processing with Stripe Add-On version 3.1 and greater when using the Stripe Checkout payment collection method.
+- Added support for defining field values when using the Form block in the WordPress editor.
+- Added the *[gform_notification_disable_from_warning](https://docs.gravityforms.com/gform_notification_disable_from_warning/)* filter to allow the from address warning to be disabled.
+- Updated *[gform_post_note_added](https://docs.gravityforms.com/gform_post_note_added/)* filter to support new note sub-type parameter.
+- Updated Import/Export page to be accessible if user has "gravityforms_edit_forms" capability.
+- Removed support for the Members plugins v1. Members v2+ integration remains.
+- Fixed the conditional logic init scripts not being output when a Repeater field is located before other fields with conditional logic.
+- Fixed an issue where HTML tags in field choices break conditional logic.
+- Fixed an issue with the merge tag UI where labels with HTML tags are not encoded.
+- Fixed an issue with the merge tag UI where the selected merge tag is incomplete if the label contains a double quote character.
+- Fixed detection of domain used for the From Email warning message in the notification settings in certain scenarios.
+- AF: Added GFPaymentAddOn::get_post_payment_actions_config() for payment add-ons to define where the Post Payment Action setting (delayed feeds) should appear on their feed configuration page.
+- AF: Added GFPaymentAddOn::trigger_payment_delayed_feeds() for payment add-ons to call when delayed feeds should be processed.
+- AF: Added the *[gform_trigger_payment_delayed_feeds](https://docs.gravityforms.com/gform_trigger_payment_delayed_feeds/)* action hook which runs when payment add-ons trigger delayed feeds.
+- AF: Added the *[gform_post_save_feed_settings](https://docs.gravityforms.com/gform_post_save_feed_settings/)* action hook which runs when the feed is saved or updated from the feed configuration page.
+- AF: Fixed an issue where multiple GFPaymentAddOn based payment add-ons would process the submission when conditional logic isn't configured on the feeds.
+- AF: Fixed issue where select fields overflow and break the settings layout.
+
+
 ### 2.4.12 | 2019-08-28
 - Added security enhancements.
 - Added From Email validation in the notifications settings.
 - Added From Email warning message in the notification settings when the site domain is not being used for this setting.
-- Added [gform_export_line](https://docs.gravityforms.com/gform_export_line/) filter to allow modifying each line of the export separately.
+- Added *[gform_export_line](https://docs.gravityforms.com/gform_export_line/)* filter to allow modifying each line of the export separately.
 - Updated the default placeholder for new Website fields. Credit: The GravityView team.
 - Fixed a typo preventing the year sub-label input from displaying when editing a date field and having sub-label placement set to be above inputs.
 - Fixed Dashicons not appearing in the block editor when using a Classic block with a Gravity Forms shortcode whose form contains a Rich Text Editor enabled Paragraph field.
@@ -45,7 +131,6 @@
 - AF: Updated + and - icons so that they are consistent accross all settings fields.
 
 
-
 ### 2.4.10 | 2019-06-12
 - Added the Form block to the editor.
 - Updated the default scroll positions to display the error or confirmation message for AJAX forms.

common.php

@@ -286,6 +286,50 @@ public static function get_base_path() {
 		return dirname( __FILE__ );
 	}
 
+	/**
+	 * Returns an array of files/directories which match the supplied pattern.
+	 *
+	 * @since 2.4.15
+	 *
+	 * @param string $pattern   The pattern to be appended to the base path when performing the search.
+	 * @param string $base_path The base path. Defaults to the plugin's root folder.
+	 *
+	 * @return array|false
+	 */
+	public static function glob( $pattern, $base_path = '' ) {
+		if ( empty( $base_path ) ) {
+			$base_path = self::get_base_path();
+		}
+
+		// Escape any brackets in the base path.
+		$base_path = str_replace( array( '[', ']' ), array( '\[', '\]' ), $base_path );
+		$base_path = str_replace( array( '\[', '\]' ), array( '[[]', '[]]' ), $base_path );
+
+		return glob( $base_path . $pattern );
+	}
+
+	/**
+	 * Requires and returns an array of files which match the supplied pattern.
+	 *
+	 * @since 2.4.15
+	 *
+	 * @param string $pattern   The pattern to be appended to the base path when performing the search.
+	 * @param string $base_path The base path. Defaults to the plugin's root folder.
+	 *
+	 * @return array|false
+	 */
+	public static function glob_require_once( $pattern, $base_path = '' ) {
+		$files = self::glob( $pattern, $base_path );
+
+		if ( is_array( $files ) ) {
+			foreach ( $files as $file ) {
+				require_once $file;
+			}
+		}
+
+		return $files;
+	}
+
 	public static function get_email_fields( $form ) {
 		$fields = array();
 		foreach ( $form['fields'] as $field ) {
@@ -1271,6 +1315,7 @@ public static function get_submitted_fields( $form, $lead, $display_empty = fals
 
 			switch ( $field->type ) {
 				case 'captcha' :
+				case 'password' :
 					break;
 
 				case 'section' :
@@ -1302,9 +1347,6 @@ public static function get_submitted_fields( $form, $lead, $display_empty = fals
 					$field_data .= $field_value;
 
 					break;
-				case 'password' :
-					//ignore password fields
-					break;
 
 				default :
 
@@ -1740,7 +1782,7 @@ public static function send_notification( $notification, $form, $lead, $data = a
 
 		$email_to = rgar( $notification, 'to' );
 		//do routing logic if "to" field doesn't have a value (to support legacy notifications that will run routing prior to this method)
-		if ( empty( $email_to ) && rgar( $notification, 'toType' ) == 'routing' ) {
+		if ( empty( $email_to ) && rgar( $notification, 'toType' ) == 'routing' && ! empty( $notification['routing'] ) ) {
 			$email_to = array();
 			foreach ( $notification['routing'] as $routing ) {
 				if ( rgempty( 'email', $routing ) ) {
@@ -1991,17 +2033,29 @@ public static function send_email( $from, $to, $bcc, $reply_to, $subject, $messa
 			$from = get_bloginfo( 'admin_email' );
 		}
 
+		// Array containing email details.
+		$email = compact( 'from', 'to', 'bcc', 'reply_to', 'subject', 'message', 'from_name', 'message_format', 'attachments', 'cc' );
+
 		$error = false;
 		if ( ! GFCommon::is_valid_email_list( $to ) ) {
 
+			$error_info = esc_html__( 'Cannot send email because the TO address is invalid.', 'gravityforms' );
+			GFFormsModel::add_notification_note( $entry_id, false, $notification, $error_info, $email );
+
 			$error = new WP_Error( 'invalid_to', 'Cannot send email because the TO address is invalid.' );
 
 		} elseif ( empty( $subject ) && empty( $message ) ) {
 
+			$error_info = esc_html__( 'Cannot send email because there is no SUBJECT and no MESSAGE.', 'gravityforms' );
+			GFFormsModel::add_notification_note( $entry_id, false, $notification, $error_info, $email );
+
 			$error = new WP_Error( 'missing_subject_and_message', 'Cannot send email because there is no SUBJECT and no MESSAGE.' );
 
 		} elseif ( ! GFCommon::is_valid_email( $from ) ) {
 
+			$error_info = esc_html__( 'Cannot send email because the FROM address is invalid.', 'gravityforms' );
+			GFFormsModel::add_notification_note( $entry_id, false, $notification, $error_info, $email );
+
 			$error = new WP_Error( 'invalid_from', 'Cannot send email because the FROM address is invalid.' );
 		}
 
@@ -2041,7 +2095,7 @@ public static function send_email( $from, $to, $bcc, $reply_to, $subject, $messa
 			 * @param array  $entry   The Entry object
 			 *
 			 */
-			do_action( 'gform_send_email_failed', $error, compact( 'from', 'to', 'bcc', 'reply_to', 'subject', 'message', 'from_name', 'message_format', 'attachments', 'cc' ), $entry );
+			do_action( 'gform_send_email_failed', $error, $email, $entry );
 
 			return;
 		}
@@ -2097,6 +2151,10 @@ public static function send_email( $from, $to, $bcc, $reply_to, $subject, $messa
 		extract( apply_filters( 'gform_pre_send_email', compact( 'to', 'subject', 'message', 'headers', 'attachments', 'abort_email' ), $message_format, $notification, $entry ) );
 
 		$is_success = false;
+
+		// Determine when to add entry id information to the logging message.
+		$entry_info = $entry_id ? ' for entry #' . $entry_id : '';
+
 		if ( ! $abort_email ) {
 
 			GFCommon::log_debug( __METHOD__ . '(): Sending email via wp_mail().' );
@@ -2115,23 +2173,29 @@ public static function send_email( $from, $to, $bcc, $reply_to, $subject, $messa
 
 			$result = is_wp_error( $is_success ) ? $is_success->get_error_message() : $is_success;
 
+			// Get $phpmailer->ErrorInfo value if available.
+			$error_info = is_object( $phpmailer ) ? $phpmailer->ErrorInfo : '';
+
+			// Add note with sending result ?
+			GFFormsModel::add_notification_note( $entry_id, $result, $notification, $error_info, $email );
+
 			GFCommon::log_debug( __METHOD__ . "(): Result from wp_mail(): {$result}" );
 
 			if ( ! is_wp_error( $is_success ) && $is_success ) {
-				GFCommon::log_debug( __METHOD__ . "(): WordPress successfully passed the notification email (#{$notification['id']} - {$notification['name']}) for entry #{$entry_id} to the sending server." );
+				GFCommon::log_debug( sprintf( '%s(): WordPress successfully passed the notification email (#%s - %s)%s to the sending server.', __METHOD__, $notification['id'], $notification['name'], $entry_info ) );
 			} else {
-				GFCommon::log_error( __METHOD__ . "(): WordPress was unable to send the notification email (#{$notification['id']} - {$notification['name']}) for entry #{$entry_id}." );
+				GFCommon::log_error( sprintf( '%s(): WordPress was unable to send the notification email (#%s - %s)%s to the sending server.', __METHOD__, $notification['id'], $notification['name'], $entry_info ) );
 			}
 
 			if ( has_filter( 'phpmailer_init' ) ) {
 				GFCommon::log_debug( __METHOD__ . '(): The WordPress phpmailer_init hook has been detected, usually used by SMTP plugins. It can alter the email setup/content or sending server, and impact the notification deliverability.' );
 			}
 
-			if ( ! empty( $phpmailer->ErrorInfo ) ) {
-				GFCommon::log_debug( __METHOD__ . '(): PHPMailer class returned an error message: ' . print_r( $phpmailer->ErrorInfo, 1 ) );
+			if ( ! empty( $error_info ) ) {
+				GFCommon::log_debug( __METHOD__ . '(): PHPMailer class returned an error message: ' . $error_info );
 			}
 		} else {
-			GFCommon::log_debug( __METHOD__ . "(): Aborting notification (#{$notification['id']} - {$notification['name']}) for entry #{$entry_id}. The gform_pre_send_email hook was used to set the abort_email parameter to true." );
+			GFCommon::log_debug( sprintf( '%s(): Aborting notification (#%s - %s)%s. The gform_pre_send_email hook was used to set the abort_email parameter to true.', __METHOD__, $notification['id'], $notification['name'], $entry_info ) );
 		}
 
 		self::add_emails_sent();
@@ -2637,7 +2701,7 @@ public static function get_version_info( $cache = true ) {
 			$version_info['timestamp'] = time();
 
 			// Caching response.
-			update_option( 'gform_version_info', $version_info ); //caching version info
+			update_option( 'gform_version_info', $version_info, false ); //caching version info
 		}
 
 		return $version_info;
@@ -6033,15 +6097,24 @@ public static function update_site_registration( $new_key, $is_md5 = false ) {
 	 * @return bool
 	 */
 	public static function email_domain_matches( $email_address, $domain = '' ) {
+
+		GFCommon::log_debug( __METHOD__ . '(): Email address: ' . $email_address );
+
 		if ( ! is_email( $email_address ) ) {
+			GFCommon::log_debug( __METHOD__ . '(): Email address failed is_email() validation.' );
 			return false;
 		}
 
 		if ( empty( $domain ) ) {
 			$domain = parse_url( get_bloginfo( 'url' ), PHP_URL_HOST );
 		}
 
-		$domain_matches = ( strpos( $email_address, $domain ) !== false ) ? true : false;
+		GFCommon::log_debug( __METHOD__ . '(): Domain or URL: ' . $domain );
+
+		$email_domain = explode( '@', $email_address );
+
+		$domain_matches = ( strpos( $domain, array_pop( $email_domain ) ) !== false ) ? true : false;
+		GFCommon::log_debug( __METHOD__ . '(): Domain matches? '. var_export( $domain_matches, true ) );
 
 		return $domain_matches;
   }