=== HelloForm === Contributors: simone88 Tags: contact form, quote form, helloform, form builder, recaptcha Requires at least: 6.0 Tested up to: 6.9 Requires PHP: 7.4 Stable tag: 1.0.4 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Text Domain: helloform Domain Path: /languages A customizable contact form plugin for creating quote requests with HelloForm’s drag & drop builder and reCAPTCHA support. == Description == HelloForm lets you easily build a quote request form directly from the WordPress admin area. You can: - Add, remove, and reorder fields with a simple drag & drop interface. - Choose between multiple field types: text, email, tel, textarea, select, radio, checkbox, date, number, privacy, submit. - Set required fields. - Send notifications to multiple recipients (To, CC, BCC). - Enable Google reCAPTCHA for spam protection. - Customize field labels and placeholders. The form is added to your pages via shortcode: [helloform] All messages, errors, and confirmations are translatable. == Installation == 1. Upload the plugin folder `HelloForm` to the `/wp-content/plugins/` directory. 2. Activate the plugin through the 'Plugins' menu in WordPress. 3. Go to **HelloForm** in the admin menu. 4. Configure your fields and recipient email. 5. Add `[helloform]` shortcode to any page or post. == Frequently Asked Questions == = How do I add the form to a page? = Use the shortcode `[helloform]`. = Does it support Google reCAPTCHA? = Yes. You can enable reCAPTCHA and set the site and secret keys in the plugin settings. = Can I customize the form template? = Yes. To override the default form template, copy templates/template-default.php from the plugin into your theme folder as template-parts/[helloform].php == External Services == This plugin uses **Google reCAPTCHA** (version v2 or v3) to protect the forms from spam. This feature is optional and disabled by default until configured by the user. **What data is sent and when:** When a form protected by reCAPTCHA is submitted, the plugin executes a server-side verification using the WordPress function `wp_remote_post`. This process sends the following data to Google's API: * **The reCAPTCHA response token** (`g-recaptcha-response`) generated by the client browser. * **The user's IP address** (`$_SERVER['REMOTE_ADDR']`) for verification purposes. The service is used only if the user has enabled the reCAPTCHA option in the plugin settings and attempts to submit a form. **Service Provider:** Google Inc. **Terms of Service:** https://policies.google.com/terms **Privacy Policy:** https://policies.google.com/privacy == Screenshots == 1. Admin interface for managing fields. 2. Example of frontend form. == Changelog == = 1.0.4 = * **Feature:** Optimized script loading. reCAPTCHA scripts are now registered and enqueued ONLY when the shortcode is present on the page. * **Fix:** Resolved layout conflicts (CSS/Flexbox) in search pages and global footers caused by reCAPTCHA script injection. * **Performance:** Reduced global page weight by preventing unnecessary third-party script loading on pages without forms. = 1.0.3 = * **Feature:** Added full support for Google reCAPTCHA v3 (Invisible). * **Feature:** Added option to choose between reCAPTCHA v2 and v3 in settings. * **Fix:** Corrected reCAPTCHA token validation process to fix submission errors. * **Security:** Improved handling and sanitization of user IP address ($_SERVER['REMOTE_ADDR']) to meet security standards. * **Localization:** Complete revision of Italian translations. = 1.0.2 = * Tested compatibility with WordPress 6.9. * Fixed backend field alignment issues in the form builder. * Added AJAX-based success message after form submission. * Minor UI and stability improvements. = 1.0.1 = * Bug fixes and security updates. = 1.0.0 = * Initial release. == Upgrade Notice == = 1.0.4 = Critical update for layout stability and performance. Optimized reCAPTCHA loading to prevent theme conflicts. Recommended for all users. = 1.0.3 = This update includes critical stability fixes for reCAPTCHA and new security options. Immediate update is highly recommended. = 1.0.2 = Improved backend UI alignment and added AJAX success message. Recommended update. = 1.0.1 = Maintenance release: fixes security and configuration bugs. = 1.0.0 = First public version.