Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG	(revision 1800)
+++ branches/2.8.x/CHANGELOG	(revision 1801)
@@ -13,6 +13,10 @@
 
 
 
+31 Oct-2012 Build 1801 Dietmar Woellbrink (Luisehahne)
+! upgrade-script: update if filesRemove or remove dirs failed
+! update methode StripCodeFromText, add remove <?php ... ?>,    
+! security fixes in form modul with StripCodeFromText
 29 Oct-2012 Build 1800 Dietmar Woellbrink (Luisehahne)
 # add missing lang var in account/languages/EN.PHP 
 29 Oct-2012 Build 1799 Dietmar Woellbrink (Luisehahne)
Index: branches/2.8.x/wb/upgrade-script.php
===================================================================
--- branches/2.8.x/wb/upgrade-script.php	(revision 1800)
+++ branches/2.8.x/wb/upgrade-script.php	(revision 1801)
@@ -66,7 +66,7 @@
 			'[ADMIN]/themes/',
 		 );
 
-if(version_compare(WB_REVISION, '1791', '<'))
+if(version_compare(WB_REVISION, VERSION, '<='))
 {
     $filesRemove['0'] = array(
 
@@ -857,11 +857,11 @@
 				// try to unlink file
 				if(!unlink(WB_PATH.$file)) {
 					// save in err-list, if failed
-					$msg .= $file.'<br />';
-				} else {
-					$msg .= $file.'<br />';
-    			}
+				}
 			}
+            if( is_readable(WB_PATH.'/'.$file) ) {
+                $msg .= $file.'<br />';
+            }
     	}
 
 		if($msg != '')
@@ -911,7 +911,9 @@
 			// try to delete dir
 				if(!is_writable( $dir ) || !rm_full_dir($dir)) {
 				// save in err-list, if failed
-					$msg .= str_replace(WB_PATH,'',$dir).'<br />';
+                    if( is_readable(WB_PATH.'/'.$file) ) {
+                    	$msg .= str_replace(WB_PATH,'',$dir).'<br />';
+                    }
 				}
 			}
 		}
@@ -939,7 +941,7 @@
      * upgrade modules if newer version is available
      * $aModuleList list of proofed modules
      */
-    $sModuleList = 'news,wysiwyg,form,any';
+    $sModuleList = 'news,wysiwyg,form';
     $aModuleList = explode(',', (defined('MODULES_UPGRADE_LIST') ? MODULES_UPGRADE_LIST : $sModuleList));
     echo '<h3>Step '.(++$stepID).': Upgrade proofed modules</h3>';
 //	$aModuleList = array('news');
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php	(revision 1800)
+++ branches/2.8.x/wb/admin/interface/version.php	(revision 1801)
@@ -51,5 +51,5 @@
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
 if(!defined('VERSION')) define('VERSION', '2.8.3');
-if(!defined('REVISION')) define('REVISION', '1800');
+if(!defined('REVISION')) define('REVISION', '1801');
 if(!defined('SP')) define('SP', '');
Index: branches/2.8.x/wb/framework/class.wb.php
===================================================================
--- branches/2.8.x/wb/framework/class.wb.php	(revision 1800)
+++ branches/2.8.x/wb/framework/class.wb.php	(revision 1801)
@@ -664,7 +664,7 @@
 
 	/**
      *
-     * remove [[text]], link, script, scriptblock and styleblock from a given string
+     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
      * and return the cleaned string
 	 *
 	 * @param string $sValue
@@ -672,8 +672,9 @@
      *    false: if @param is not a string
      *    string: cleaned string
 	 */
-	public function StripCodeFromText($sValue){
+	public function StripCodeFromText($sValue, $bPhpCode=false){
         if(!is_string($sValue)) { return false; }
+        $sValue = ( ($bPhpCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
         $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
         return (preg_replace ($sPattern, '', $sValue));
 	}
Index: branches/2.8.x/wb/modules/form/modify_settings.php
===================================================================
--- branches/2.8.x/wb/modules/form/modify_settings.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/modify_settings.php	(revision 1801)
@@ -160,7 +160,7 @@
 	<tr>
 		<td class="frm-setting_name"><?php echo $TEXT['DISPLAY_NAME']; ?>:</td>
 		<td class="frm-setting_value">
-			<input type="text" name="email_fromname" id="email_fromname" style="width: 98%;  ?>;" maxlength="255" value="<?php  echo $setting['success_email_fromname'];  ?>" />
+			<input type="text" name="email_fromname" id="email_fromname" style="width: 98%;  ?>;" maxlength="255" value="<?php  echo $setting['email_fromname'];  ?>" />
 		</td>
 	</tr>
 	<tr>
Index: branches/2.8.x/wb/modules/form/view.php
===================================================================
--- branches/2.8.x/wb/modules/form/view.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/view.php	(revision 1801)
@@ -62,14 +62,14 @@
 	function make_option(&$n, $k, $values) {
 		// start option group if it exists
 		if (substr($n,0,2) == '[=') {
-		 	$n = '<optgroup label="'.substr($n,2,strlen($n)).'">'.PHP_EOL;
+		 	$n = '<optgroup label="'.substr($n,2,strlen($n)).'">';
 		} elseif ($n == ']') {
-			$n = '</optgroup>'.PHP_EOL;
+			$n = '</optgroup>'."\n";
 		} else {
 			if(in_array($n, $values)) {
-				$n = '<option selected="selected" value="'.$n.'">'.$n.'</option>'.PHP_EOL;
+				$n = '<option selected="selected" value="'.$n.'">'.$n.'</option>'."\n";
 			} else {
-				$n = '<option value="'.$n.'">'.$n.'</option>'.PHP_EOL;
+				$n = '<option value="'.$n.'">'.$n.'</option>'."\n";
 			}
 		}
 	}
@@ -82,9 +82,9 @@
 
 		$label_id = 'wb_'.preg_replace('/[^a-z0-9]/i', '_', $key).$field_id;
 		if(in_array($key, $params[1])) {
-			$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</lable>'.$seperator.PHP_EOL;
+			$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</lable>'.$seperator;
 		} else {
-			$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</label>'.$seperator.PHP_EOL;
+			$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</label>'.$seperator;
 		}
 	}
 }
@@ -96,9 +96,9 @@
 		$seperator = $params[2];
 		$label_id = 'wb_'.preg_replace('/[^a-z0-9]/i', '_', $n).$field_id;
 		if($n == $params[3]) {
-			$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" checked="checked" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator.PHP_EOL;
+			$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" checked="checked" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator;
 		} else {
-			$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator.PHP_EOL;
+			$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator;
 		}
 	}
 }
@@ -202,11 +202,11 @@
 				if (($field['type'] == "radio") || ($field['type'] == "checkbox")) {
 					$field_title = $field['title'];
 				} else {
-					$field_title = '<label for="field'.$field_id.'">'.$field['title'].'</label>'.PHP_EOL;
+					$field_title = '<label for="field'.$field_id.'">'.$field['title'].'</label>';
 				}
 				$values = array($field_title);
 				if ($field['required'] == 1) {
-					$values[] = '<span class="frm-required">*</span>'."\n";
+					$values[] = '<span class="frm-required">*</span>';
 				} else {
 					$values[] = '';
 				}
@@ -213,10 +213,10 @@
 				if($field['type'] == 'textfield') {
 					$vars[] = '{FIELD}';
 					$max_lenght_para = (intval($field['extra']) ? ' maxlength="'.intval($field['extra']).'"' : '');
-					$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'"'.$max_lenght_para.' value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'" class="frm-textfield" />'.PHP_EOL;
+					$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'"'.$max_lenght_para.' value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'" class="frm-textfield" />';
 				} elseif($field['type'] == 'textarea') {
 					$vars[] = '{FIELD}';
-					$values[] = '<textarea name="field'.$field_id.'" id="field'.$field_id.'" class="frm-textarea" cols="30" rows="8">'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'</textarea>'.PHP_EOL;
+					$values[] = '<textarea name="field'.$field_id.'" id="field'.$field_id.'" class="frm-textarea" cols="30" rows="8">'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'</textarea>';
 				} elseif($field['type'] == 'select') {
 					$vars[] = '{FIELD}';
 					$options = explode(',', $value);
@@ -223,7 +223,7 @@
 					array_walk($options, 'make_option', (isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:array()));
 					$field['extra'] = explode(',',$field['extra']);
 					$field['extra'][1] = ($field['extra'][1]=='multiple') ? $field['extra'][1].'="'.$field['extra'][1].'"' : '';
-					$values[] = '<select name="field'.$field_id.'[]" id="field'.$field_id.'" size="'.$field['extra'][0].'" '.$field['extra'][1].' class="frm-select">'.implode($options).'</select>'.PHP_EOL;
+					$values[] = '<select name="field'.$field_id.'[]" id="field'.$field_id.'" size="'.$field['extra'][0].'" '.$field['extra'][1].' class="frm-select">'.implode($options).'</select>'."\n";
 				} elseif($field['type'] == 'heading') {
 					$vars[] = '{FIELD}';
 					$str = '<input type="hidden" name="field'.$field_id.'" id="field'.$field_id.'" value="===['.$field['title'].']===" />';
@@ -247,7 +247,7 @@
 				} elseif($field['type'] == 'email') {
 					$vars[] = '{FIELD}';
 					$max_lenght_para = (intval($field['extra']) ? ' maxlength="'.intval($field['extra']).'"' : '');
-					$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'" value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:'').'"'.$max_lenght_para.' class="frm-email" />'.PHP_EOL;
+					$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'" value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:'').'"'.$max_lenght_para.' class="frm-email" />';
 				}
 				if(isset($_SESSION['field'.$field_id])) unset($_SESSION['field'.$field_id]);
 				if($field['type'] != '') {
@@ -381,6 +381,26 @@
 		}
 		if(isset($_SESSION['captcha'])) { unset($_SESSION['captcha']); }
 
+/* for StripCodeFromText test only
+[[loginbox]]
+
+<script type="text/javascript">
+var WB_URL = '{WB_URL}';
+var THEME_URL = '{THEME_URL}';
+var ADMIN_URL = '{ADMIN_URL}';
+var LANGUAGE = '{LANGUAGE}';
+</script>
+
+Hier testen wir Module und stellen Tutorials zur Verfügung
+
+<?php
+function confirm_link(message, url) {
+	if(confirm(message)) location.href = url;
+}
+?>
+*/
+//
+
 		// Loop through fields and add to message body
 		// Get list of fields
 		$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'mod_form_fields` ';
@@ -393,25 +413,33 @@
 					if($field['type'] != '') {
 						if(!empty($_POST['field'.$field['field_id']]))
 						{
-							// do not allow droplets in user input!
-							if (is_array($_POST['field'.$field['field_id']])) {
-								$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("&#91;&#91;", "&#93;&#93;"), $wb->strip_slashes($_POST['field'.$field['field_id']]));
+                            $sPostVar = '';
+                            $aPostVar['field'.$field['field_id']] = array();
+                            // do not allow code in user input!
+                            if (is_array($_POST['field'.$field['field_id']])) {
+
+                                foreach ($_POST['field'.$field['field_id']] as $key=>$val) {
+                                	$aPostVar['field'.$field['field_id']][$key] =  $wb->strip_slashes($wb->StripCodeFromText($val),true);
+                                }
+                                $_SESSION['field'.$field['field_id']] = $aPostVar['field'.$field['field_id']];
 							} else {
-								$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("&#91;&#91;", "&#93;&#93;"), htmlspecialchars($wb->strip_slashes($_POST['field'.$field['field_id']])));
+                                $sPostVar = $wb->strip_slashes($wb->StripCodeFromText($wb->get_post('field'.$field['field_id']),true));
+                                $_SESSION['field'.$field['field_id']] = $sPostVar;
 							}
 
-							if($field['type'] == 'email' AND $wb->validate_email($_POST['field'.$field['field_id']]) == false) {
+							if($field['type'] == 'email' AND $wb->validate_email($sPostVar) == false) {
 								$email_error = $MESSAGE['USERS_INVALID_EMAIL'];
 								$required[]= '';
 							}
 							if($field['type'] == 'heading') {
-								$email_body .= $_POST['field'.$field['field_id']]."\n\n";
-							} elseif (!is_array($_POST['field'.$field['field_id']])) {
-								$email_body .= $field['title'].': '.$_POST['field'.$field['field_id']]."\n\n";
-							} else {
-								$email_body .= $field['title'].": \n";
-								foreach ($_POST['field'.$field['field_id']] as $k=>$v) {
-									$email_body .= $v."\n";
+								$email_body .= $sPostVar."\n\n";
+
+							} elseif (($sPostVar!='')) {
+								$email_body .= $field['title'].": ".$sPostVar."\n\n";
+							} elseif(sizeof($aPostVar['field'.$field['field_id']] > 0) ) {
+								$email_body .= $field['title'].": ";
+								foreach ($aPostVar['field'.$field['field_id']] as $key=>$val) {
+									$email_body .= $val."\n";
 								}
 								$email_body .= "\n";
 							}
@@ -561,7 +589,7 @@
 		}  // email_error
 	} else {
 
-	echo '<p>&nbsp;</p>'.PHP_EOL.'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'.PHP_EOL;
+	echo '<p>&nbsp;</p>'."\n".'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'."\n";
 	}
 
 	$success_page = ( (isset($success_page) ) ? $success_page : $page_id);
@@ -647,7 +675,7 @@
 	} else {
 		if(isset($success) && $success == false) {
 			echo '<br />'.$MOD_FORM['ERROR'];
-			echo '<p>&nbsp;</p>'.PHP_EOL.'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'.PHP_EOL;
+			echo '<p>&nbsp;</p>'."\n".'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'."\n";
 		}
 	}
 
Index: branches/2.8.x/wb/modules/form/save_settings.php
===================================================================
--- branches/2.8.x/wb/modules/form/save_settings.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/save_settings.php	(revision 1801)
@@ -48,68 +48,63 @@
 // load module language file
 $lang = (dirname(__FILE__)) . '/languages/' . LANGUAGE . '.php';
 require_once(!file_exists($lang) ? (dirname(__FILE__)) . '/languages/EN.php' : $lang );
-// later in upgrade.php
+// later in upgrade.php (add pagination)
 $table_name = TABLE_PREFIX.'mod_form_settings';
 $field_name = 'perpage_submissions';
 $description = "INT NOT NULL DEFAULT '10' AFTER `max_submissions`";
-if(!$database->field_exists($table_name,$field_name)) {
-	$database->field_add($table_name, $field_name, $description);
-}
+$database->field_add($table_name, $field_name, $description);
 
-
 // This code removes any <?php tags and adds slashes
 $friendly = array('&lt;', '&gt;', '?php');
 $raw = array('<', '>', '');
-$header     = $admin->add_slashes($_POST['header']);
-$field_loop = $admin->add_slashes($_POST['field_loop']);
-$footer     = $admin->add_slashes($_POST['footer']);
-$email_to   = $admin->add_slashes($_POST['email_to']);
+
+//$header     = CleanInput('header');
+$header = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('header'),true));
+//$field_loop = CleanInput('field_loop');
+$field_loop = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('field_loop'),true));
+//$footer     = CleanInput('footer');
+$footer = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('footer'),true));
+//$email_to   = CleanInput('email_to');
+$email_to = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_to'),true));
 $email_to   = ($email_to != '' ? $email_to : emailAdmin());
 $email_from = $admin->add_slashes(SERVER_EMAIL);
-$use_captcha = $admin->add_slashes($_POST['use_captcha']);
-/*
-if( isset($_POST['email_from_field']) && ($_POST['email_from_field'] != '')) {
-	$email_from = $admin->add_slashes($_POST['email_from_field']);
-} else {
-	$email_from = $admin->add_slashes($_POST['email_from']);
-}
-*/
+//$use_captcha =CleanInput('use_captcha');
+$use_captcha = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('use_captcha'),true));
+
 if( isset($_POST['email_fromname_field']) && ($_POST['email_fromname_field'] != '')) {
-	$email_fromname = $admin->add_slashes($_POST['email_fromname_field']);
+    $email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_fromname_field'),true));
 } else {
-	$email_fromname = $admin->add_slashes($_POST['email_fromname']);
+    $email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_fromname'),true));
 }
 
-$email_subject = $admin->add_slashes($_POST['email_subject']);
-$email_subject = (($email_subject  != '') ? $email_subject : '');
-$success_page = $admin->add_slashes($_POST['success_page']);
-$success_email_to = $admin->add_slashes($_POST['success_email_to']);
+$email_fromname = ($email_fromname != '' ? $email_fromname : WBMAILER_DEFAULT_SENDERNAME);
+$email_subject = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_subject'),true));
+$success_page = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_page'),true));
+$success_email_to = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_to'),true));
 $success_email_from = $admin->add_slashes(SERVER_EMAIL);
-$success_email_fromname = $admin->add_slashes($_POST['success_email_fromname']);
-$success_email_fromname = ($success_email_fromname != '' ? $success_email_fromname : WBMAILER_DEFAULT_SENDERNAME);
-$success_email_text = $admin->add_slashes($_POST['success_email_text']);
+$success_email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_fromname'),true));
+$success_email_fromname = ($success_email_fromname != '' ? $success_email_fromname : $email_fromname);
+$success_email_text = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_text'),true));
 $success_email_text = (($success_email_text != '') ? $success_email_text : '');
-$success_email_subject = $admin->add_slashes($_POST['success_email_subject']);
+$success_email_subject = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_subject'),true));
 $success_email_subject = (($success_email_subject  != '') ? $success_email_subject : '');
 
-//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.''.' );</strong>  basename: '.basename(__FILE__).'  line: '.__LINE__.' -> <br />';
-//print_r( $_POST ); print '</pre>';
-
 if(!is_numeric($_POST['max_submissions'])) {
 	$max_submissions = 50;
 } else {
-	$max_submissions = $_POST['max_submissions'];
+	$max_submissions = intval($_POST['max_submissions']);
 }
 if(!is_numeric($_POST['stored_submissions'])) {
 	$stored_submissions = 100;
 } else {
-	$stored_submissions = $_POST['stored_submissions'];
+	$stored_submissions = intval($_POST['stored_submissions']);
 }
 if(!is_numeric($_POST['perpage_submissions'])) {
 	$perpage_submissions = 10;
 } else {
-	$perpage_submissions = $_POST['perpage_submissions'];
+	$perpage_submissions = intval($_POST['perpage_submissions']);
 }
+
 // Make sure max submissions is not greater than stored submissions if stored_submissions <>0
 if($max_submissions > $stored_submissions) {
 	$max_submissions = $stored_submissions;
Index: branches/2.8.x/wb/modules/form/languages/NL.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/NL.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/NL.php	(revision 1801)
@@ -55,6 +55,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/NO.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/NO.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/NO.php	(revision 1801)
@@ -55,6 +55,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/EN.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/EN.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/EN.php	(revision 1801)
@@ -55,6 +55,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/DA.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/DA.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/DA.php	(revision 1801)
@@ -55,6 +55,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/RU.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/RU.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/RU.php	(revision 1801)
@@ -54,6 +54,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/FR.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/FR.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/FR.php	(revision 1801)
@@ -55,6 +55,7 @@
 $MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields';
 $MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!';
 $MOD_FORM['ERROR'] = 'E-Mail could not send!!';
+$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! ';
 
 $TEXT['GUEST'] = 'Guest';
 $TEXT['PRINT_PAGE'] = 'Print page';
Index: branches/2.8.x/wb/modules/form/languages/DE.php
===================================================================
--- branches/2.8.x/wb/modules/form/languages/DE.php	(revision 1800)
+++ branches/2.8.x/wb/modules/form/languages/DE.php	(revision 1801)
@@ -48,7 +48,6 @@
 $MOD_FORM['TO'] = 'Empf&auml;nger';
 
 $MOD_FORM['EXCESS_SUBMISSIONS'] = 'Dieses Formular wurde zu oft aufgerufen. Bitte versuchen Sie es in einer Stunde noch einmal.';
-$MOD_FORM['ERROR'] = 'E-Mail konnte nicht gesendet werden!!';
 $MOD_FORM['INCORRECT_CAPTCHA'] = 'Die eingegebene Pr&uuml;fziffer stimmt nicht &uuml;berein. Wenn Sie Probleme mit dem Lesen der Pr&uuml;fziffer haben, bitte schreiben Sie eine E-Mail an den <a href="mailto:{{webmaster_email}}">Webmaster</a>';
 
 $MOD_FORM['PRINT']  = 'E-Mail Best&auml;tigung erfolgt nur an die g&uuml;ltige E-Mail Adresse eines jeweils angemeldeten Benutzers! Versand an ungepr&uuml;fte Adressen ist nicht m&ouml;glich! ';
@@ -56,6 +55,7 @@
 
 $MOD_FORM['REQUIRED_FIELDS'] = 'Bitte folgende Angaben erg&auml;nzen';
 $MOD_FORM['RECIPIENT'] = 'E-Mail Best&auml;tigung erfolgt nur an die g&uuml;ltige E-Mail Adresse des jeweils angemeldeten Benutzers! Versand an ungepr&uuml;fte Adressen ist nicht m&ouml;glich!';
+$MOD_FORM['ERROR'] = 'E-Mail konnte nicht gesendet werden!!';
 $MOD_FORM['SPAM'] = 'ACHTUNG! Beantworten einer ungeprüften E-Mail kann als Spam abgemahnt werden! ';
 
 $TEXT['GUEST'] = 'Gast';