Category Archives: Announcement

New official logo

I’m excited to present Contact Form 7’s official logo!

Contact Form 7 logo

This elegant, minimalistic logo was designed by Cheung Vong, an artist, designer, developer, and long-time user of Contact Form 7. For more than ten years since its beginning, Contact Form 7 has had no official logo. Now I can say proudly, “This is our logo!” Thank you for your great work, Cheung!

What’s the mountain?

The mountain seen in the icon is Mount Fuji. Because I have used Hokusai’s old print art as a temporary logo for many years, and users are familiar with the image, I asked the designer to continue using Mount Fuji as a motif in the new logo.

Heads-up about spreadsheet vulnerabilities

Vulnerabilities affecting spreadsheet applications like Microsoft Excel and OpenOffice Calc have been known to exist for over 5 years, and unfortunately they seem to be still unresolved.

While it is not a vulnerability of WordPress, or its plugins, because there must be so many users of our products who are at risk of these vulnerabilities, and the damage from it could be huge, I think I should write an article here to alert you of the issue.

Continue reading Heads-up about spreadsheet vulnerabilities

on_sent_ok Is Deprecated

The Additional Setting “on_sent_ok” is used to assign a JavaScript code that will be executed when a form submission completes and mail has been sent successfully. It is often used for the purpose of tracking form submissions with web analytics services or redirecting to another page after a form submission.

The “on_sent_ok” and its sibling setting “on_submit” are deprecated and scheduled to be abolished by the end of 2017. It’s not that using those settings is unsafe, but it’s possible that enabling them will increase risk in case there are vulnerabilities in this plugin or in other components of your site. It’s time to replace them with a safer alternative.

Update: on_sent_ok and on_submit have been officially removed from Contact Form 7 5.0.

Continue reading on_sent_ok Is Deprecated

HTML is not allowed in messages

In the Messages tab in a contact form editor screen, you can edit messages that Contact Form 7 displays in different situations. In the messages, you can only use plain text; do not use HTML tags and entities.

Allowing HTML in a message can be a security risk; Contact Form 7 4.4 and later forcibly strip HTML when displaying the message. Review the Messages tab to make sure that you don’t have any HTML there.

Continue reading HTML is not allowed in messages

Translations Migrate to translate.wordpress.org

This is an announcement for volunteer translators.

Thanks to your enormous effort, Contact Form 7 is now available in 64 languages. This is great, and I appreciate your contributions.

As you may already know, translate.wordpress.org (GlotPress) has been introduced as the translation infrastructure for WordPress and related projects. It added plugin translation support last year.

Plugin Translations on WordPress.org

Translating on translate.wordpress.org has a lot of advantages; for example, you can translate collaboratively to share the burden with other translators.

We are going to migrate translations to translate.wordpress.org.

Next time you update the translation, please do it on translate.wordpress.org. For the details of translate.wordpress.org, refer to the Translator Handbook. Also, I updated the instruction page for beginner translators.

Contact Form 7 4.4 is scheduled to be released next month. I’ll check the status of translations just before the release, and if there are languages that are 100% translated at the time, I’ll remove the corresponding language (.mo) files from the plugin package so that the translations on translate.wordpress.org are used preferentially.