Can’t change the email receiver | WordPress.org

Resolved mumbomedia
(@mumbomedia)

3 years, 1 month ago
A client of us coouldn’t change the value of the “To”-field.
So I debug it and found the cause of this issue.

In deprecated/includes/admin/save.php:23 each item of $_POST which doesn’t start with an underscore will be passed through esc_html.

But this is what the contents of $_POST look like
```
notification_id: '22'
settings: array (
  'name' => 'E-Mail',
  'type' => 'email',
  'from_name' => 'Name of the Form',
  'from_address' => 'field_62',
  'to' => 'test@example.com',
  'email_subject' => 'email subject',
  'email_message' => '[ninja_forms_all_fields]',
  'attach_csv' => '0',
  'email_format' => 'html',
  'reply_to' => '',
  'cc' => '',
  'bcc' => '',
  'redirect_url' => '',
  'success_msg' => '',
)
```
As you see settings is an array and when passed through esc_html it become to ‘Array’. Therefore the content of $_POST[‘settings’] are ignored.

After altering the foreach-loop to
```
foreach ( $_POST as $key => $val ) {
				if ( substr($key, 0, 1) != '_') {
					if($key != 'settings'){
						$data_array[$key] = esc_html($val);
					}
					else{
						$data_array[$key] = $val;
					}
				}
			}
```
the settings are saved as expected.

If you want to have my fixed version please contact me and I will send the file to you asap.

Viewing 1 replies (of 1 total)

Plugin Contributor Justin McElhaney
(@jmcelhaney)

3 years ago

It appears that you are still using the deprecated, 2.9.x codebase. You can upgrade to the 3 codebase by following this documentation. https://ninjaforms.com/docs/conversion/

Viewing 1 replies (of 1 total)

The topic ‘Can’t change the email receiver’ is closed to new replies.

Tags

settings

In: Plugins
1 reply
2 participants
Last reply from: Justin McElhaney
Last activity: 3 years ago
Status: resolved