I’ve just committed v0.12.7 of TDO Mini Forms into WordPress Extend SVN, so it should be available for download shortly from WordPress.org/Extend.
I know I said the next version will be v0.13 with Editing Support, but that’s not to be. This release includes a fix for a pretty critical bug. If you are using a Windows host please upgrade immediately!
A combination of WordPress legacy implementation, Windows file name and TDOMF could end up attempting to delete you’re hosts harddrive. This sadly lead to a number of users, who were using their personal Windows PCs as development hosts to lose many personal files.
This would happen if you used the Upload Files widget and uploaded files and then attempted to delete the file using the WordPress admin. The file path would be stored by TDOMF in a Custom Field. However, the WordPress internal API (add_post_meta specifically), currently strips back-slashes from all data put in. This was because originally add_post_meta was only used by the admin backend, but is now a wildly used function by plugins and other parts of WordPress. (IMHO it doesn’t make sense that add_post_meta modifies your input data and also this “feature” is not currently documented anywhere). Windows paths uses back slashes as directory separators, however Unix and Linux systems use forward slashes. Therefore file paths in Unix were stored successfully but Windows file paths were corrupted. So when the post was deleted, TDOMF would try to delete the associated files with that post but end up attempting to delete the hard drive because of the corrupted file path. This problem is not specific to any single version of TDOMF, but any version of TDOMF with the Upload Files widget.
Additionally in this release is a fix for the Queuing of Submissions which was broken on the move to WordPress 2.7, a “double-opt-in” feature to Auto Respond Email widget, a necessary update to the core widget class (which may break your existing configuration, so make sure to double check) and a fix to the default Form code for the Form Hacker.
Please keep in mind that this plugin is free and any support I provide is also free. If you found it useful you can show your appreciation via a small donation or buying me a book!
Hi, I want to report maybe a small bug for most of you but for me is very annoying. When image files are uploaded with spaces in their names TDO Mini Forms does not change the space with “-” as WordPress does. In consequence, these files cannot be used by plugins as phpThumb or Post Thumb for WordPress with the functionality to resize the image to the dimensions want. Please repair this in your next version. Thank you!
Would this not be a problem with phpThumb not supporting a valid filename? Filenames can have spaces and while it’s nice that WordPress sanatizes it a bit, it’s still a valid name. Has the author of phpThumb said anything about it?
I don’t think I’ll get such a change into the next release, a lot of stuff is changing already.
Actually the blank spaces stop TDO Mini Forms template functions from showing the image. If you have a custom loop this is a huge problem!
Is there any way of stripping the spaces or replacing them with ‘-‘
I think it just needs something like this adding in the
tdomf-upload-inline.php around line 184 but i carnt get it to work
Really need it as it breaks my site when people upload with whitespace in the filename
//strip the whitespace
$upload_file_name = $_FILES[‘file’][‘name’];
$upload_file_name = preg_replace(“/[^a-zA-Z0-9]/”, “”, $upload_file_name);
Hi Mark, many WordPress plugins created to resize or manage images don’t take in consideration filenames with spaces. I really think this compatibility issue must be resolved for TDO Mini Forms and not asking all other authors to take in consideration images with spaces in filename. Please try to fix this in your next releases
solution tested with wordpress 3.1.1 and TDO 0.13.9 (build 56),
in tdomf-upload-inline.php, on line 179 replace :
$upload_file_name = $_FILES[“uploadfile”.$form_id.’_’.$index.”_”.$i][‘name’];
with
$upload_file_name = sanitize_file_name($_FILES[“uploadfile”.$form_id.’_’.$index.”_”.$i][‘name’]);
using the wordpress function sanitize_file_name() the filename get’s cleaned, you see it directly after the file is uploaded and the form still submitted and everything goes perfect, keep up the good work with this plug, it’s awesome
http://codex.wordpress.org/Function_Reference/sanitize_file_name
Hi, thank you for this one, it’s working!
I also tried to insert in posts the uploaded images in “large” size.
I’ve done that with a small change in tdomf-upload-functions.php on line 799
from this: $thumburi = $options[‘url’].”/$post_ID/”.$attachment_metadata[‘sizes’][‘thumbnail’][‘file’];
to:
Hi, thank you for this one, it’s working!
I also tried to insert in posts the uploaded images in “large” size.
I’ve done that with a smoall change in tdomf-upload-functions.php on line 799
$thumburi = $options[‘url’].”/$post_ID/”.$attachment_metadata[‘sizes’][‘large’][‘file’];
But when the uploade file size is smaller than the large size i get a broken link like src=”www.site.com/post_id/”
Any ideas how to tell it to fall back and display the original file or the thumbnail?