=== DeepClick Reflow === Contributors: deepclick Tags: integration, sdk Requires at least: 5.0 Tested up to: 6.9 Stable tag: 1.0.0 Requires PHP: 7.4 License: GNU General Public License v3.0 License URI: https://www.gnu.org/licenses/gpl-3.0.html Official DeepClick extension for WordPress integration. == Description == Official DeepClick extension for WordPress integration. ## Features - **Admin Panel Integration**: Adds DeepClick menu in WordPress admin panel - **Installation Status**: Display installation status and app information - **Authorization Flow**: One-click authorization to DeepClick console - **REST API Webhook**: Receive configuration data (icon, name, sdk_code, mch_id) from external services - **Frontend SDK Injection**: Automatically inject DeepClick JS SDK on WordPress pages - **Data Cleanup**: Automatically remove all plugin data on uninstall ## Installation ### Method 1: WordPress Admin Panel 1. Upload the plugin folder to `/wp-content/plugins/` directory 2. Go to WordPress Admin → Plugins 3. Activate "DeepClick Reflow" plugin ### Method 2: Upload ZIP 1. Compress the plugin files into a ZIP file 2. Go to WordPress Admin → Plugins → Add New → Upload Plugin 3. Select the ZIP file and install 4. Activate the plugin ## Usage ### Initial Setup 1. After activation, navigate to **DeepClick Reflow** in WordPress admin menu 2. You will see one of two states: **Not Installed State:** - Shows an "Authorize" button - Click to open DeepClick console in a new tab for authorization **Installed State:** - Displays app information including: - App icon - App name - App description ### Webhook Configuration The plugin provides a REST API endpoint to receive configuration from external services: **Endpoint:** `POST /wp-json/deepre/v1/webhook` **Request Body:** ```json { "icon": "https://cdn.example.com/app-icon.png", "name": "DeepClick App", "sdk_code": "your-sdk-code", "mch_id": "your-merchant-id" } ``` **Response (Success):** ```json { "success": true, "data": { "icon": "https://cdn.example.com/app-icon.png", "name": "DeepClick App", "sdk_code": "your-sdk-code", "mch_id": "your-merchant-id" } } ``` **Response (Error):** ```json { "success": false, "message": "name and sdk_code are required" } ``` **Example cURL:** ```bash curl -X POST "https://your-site.com/wp-json/deepre/v1/webhook" \ -H "Content-Type: application/json" \ -d '{ "icon": "https://cdn.example.com/app-icon.png", "name": "DeepClick App", "sdk_code": "3267c1de", "mch_id": "4" }' ``` ### Frontend SDK Injection Once configured with `sdk_code` and `mch_id`, the plugin automatically injects the DeepClick JS SDK on WordPress frontend pages (not in admin area). The script is only loaded when both `sdk_code` and `mch_id` are properly configured. The script is loaded with `defer` attribute for optimal performance. The injected script URL format: ``` https://storage.deepclick.com/dc-cdn/js-sdk/{environment}/deep-click.js?mch_id={mch_id}&sdk_code={sdk_code}&integration_type=wordpress&from_source=app_stores ``` **Note:** The SDK is only injected on frontend pages when the plugin is properly configured. If `sdk_code` or `mch_id` is missing, the script will not be loaded. ## File Structure ``` deepclick/ ├── deepclick.php # Main plugin file (plugin name:DeepClick Reflow) └── README.md # Documentation ``` ## System Requirements - WordPress 5.0 or higher - PHP 7.4 or higher ## Data Storage The plugin stores configuration data in WordPress `wp_options` table: - `deepre_app_installed`: Boolean flag indicating installation status - `deepre_app_info`: Array containing: - `icon`: App icon URL - `name`: App name - `sdk_code`: SDK code for integration - `mch_id`: Merchant ID All data is automatically removed when the plugin is uninstalled. ## External Services This plugin connects to external services provided by DeepClick to enable its core functionality. The following external services are used: ### 1. DeepClick Storage Service (storage.deepclick.com) **Purpose:** This service provides the JavaScript SDK and Service Worker files required for the DeepClick integration to function on your WordPress site. **Data Sent and When:** - **JavaScript SDK**: On every page load of your WordPress site (frontend pages only), the plugin loads the DeepClick JavaScript SDK from `https://storage.deepclick.com/dc-cdn/js-sdk/{environment}/deep-click.js` - The following query parameters are sent with the request: - `mch_id`: Your merchant ID (configured via webhook) - `sdk_code`: Your SDK code (configured via webhook) - `integration_type`: Set to "wordpress" - `from_source`: Set to "app_stores" - **Service Worker**: Service Worker files are included in the plugin assets directory but are not automatically registered by this plugin. If you need Service Worker functionality, you would need to implement custom registration logic. **Service Provider:** DeepClick **Terms of Service:** https://deepclick.com/docs/service-terms **Privacy Policy:** https://deepclick.com/docs/privacy-policy ### 2. DeepClick Console Service (console.deepclick.com) **Purpose:** This service provides the authorization interface where you can configure and authorize your DeepClick integration. **Data Sent and When:** - **Authorization Flow**: When you click the "Authorize" button in the WordPress admin panel, you are redirected to the DeepClick console - The following data is sent as a query parameter: - `wordpress_url`: Your WordPress site URL (sent only during the authorization redirect) **Service Provider:** DeepClick **Terms of Service:** https://deepclick.com/docs/service-terms **Privacy Policy:** https://deepclick.com/docs/privacy-policy ### Data Transmission Summary - **Frontend Pages**: The JavaScript SDK is loaded on every frontend page view, sending your merchant ID and SDK code to DeepClick's servers - **Authorization**: Your site URL is sent to DeepClick console only when you initiate the authorization process - **No Personal Data**: The plugin does not transmit personal user data, email addresses, or other personally identifiable information to external services - **Configuration Data**: App configuration (icon, name, sdk_code, mch_id) is received via webhook from external services and stored locally in WordPress options **Note:** All external service connections are required for the plugin's core functionality. If you do not wish to use these services, you should not activate this plugin. ## Security - Direct file access protection - Input sanitization for all user data - URL escaping for external links - REST API endpoint requires `manage_options` capability (admin users only) ## Development Notes ### Key Components 1. **Deepre_Plugin Class**: Main plugin class handling all functionality 2. **Admin Menu**: Standalone menu in WordPress admin panel 3. **REST API Webhook**: Receives external configuration updates 4. **Script Enqueuing**: Proper WordPress way to inject external scripts 5. **Uninstall Hook**: Ensures clean removal of plugin data ### WordPress Best Practices - Uses `wp_enqueue_script()` for script injection - Implements `wp_script_add_data()` for defer attribute - Follows WordPress coding standards - Uses WordPress sanitization functions - Implements proper uninstall hook ## Customization ### Authorization URL To change the authorization URL, modify the `$deepre_auth_url` in the `admin_page()` method: ```php $deepre_auth_url = 'https://console.deepclick.com/product-library?site_url=' . rawurlencode(get_site_url()); ``` ### Webhook Security To add authentication to the webhook endpoint, modify the `permission_callback` in `register_rest_routes()`: ```php 'permission_callback' => function() { // Add your authentication logic here return current_user_can('manage_options'); } ``` ## Uninstallation When the plugin is uninstalled (not just deactivated), all stored data is automatically removed: - `deepre_app_info` option - `deepre_app_installed` option This ensures no leftover data remains in your WordPress database. == License == This plugin is licensed under GPLv2 or later. == Changelog == = 1.0.0 = * Initial release * Admin panel integration * REST API webhook support * Frontend SDK injection * Automatic data cleanup on uninstall ## Support For issues or questions: 1. Verify WordPress and PHP versions meet requirements 2. Check browser console for JavaScript errors 3. Verify REST API endpoint is accessible ## Author **DeepClick** - Website: https://deepclick.com - Plugin URI: https://deepclick.com