v0.12.7 of TDO Mini Forms just released

I’ve just committed v0.12.7 of TDO Mini Forms into WordPress Extend SVN, so it should be available for download shortly from WordPress.org/Extend.

I know I said the next version will be v0.13 with Editing Support, but that’s not to be. This release includes a fix for a pretty critical bug. If you are using a Windows host please upgrade immediately! 

A combination of WordPress legacy implementation, Windows file name and TDOMF could end up attempting to delete you’re hosts harddrive. This sadly lead to a number of users, who were using their personal Windows PCs as development hosts to lose many personal files.

This would happen if you used the Upload Files widget and uploaded files and then attempted to delete the file using the WordPress admin. The file path would be stored by TDOMF in a Custom Field. However, the WordPress internal API (add_post_meta specifically), currently strips back-slashes from all data put in. This was because originally add_post_meta was only used by the admin backend, but is now a wildly used function by plugins and other parts of WordPress. (IMHO it doesn’t make sense that add_post_meta modifies your input data and also this “feature” is not currently documented anywhere). Windows paths uses back slashes as directory separators, however Unix and Linux systems use forward slashes. Therefore file paths in Unix were stored successfully but Windows file paths were corrupted. So when the post was deleted, TDOMF would try to delete the associated files with that post but end up attempting to delete the hard drive because of the corrupted file path. This problem is not specific to any single version of TDOMF, but any version of TDOMF with the Upload Files widget.

Additionally in this release is a fix for the Queuing of Submissions which was broken on the move to WordPress 2.7, a “double-opt-in” feature to Auto Respond Email widget, a necessary update to the core widget class (which may break your existing configuration, so make sure to double check) and a fix to the default Form code for the Form Hacker.

Please keep in mind that this plugin is free and any support I provide is also free. If you found it useful you can show your appreciation via a small donation or buying me a book!

Related Posts: