=== PagePin – Client Feedback & Bug Reporting === Contributors: pagepin Donate link: https://pagepin.io Tags: feedback, bug reporting, screenshot, client feedback, annotations Requires at least: 6.4 Tested up to: 6.9 Requires PHP: 8.1 Stable tag: 1.0.3.4 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Pin it. Ship it. Visual feedback infrastructure for WordPress. == Description == **PagePin** gives WordPress agencies and developers two tools for client feedback and bug reporting — **Pinshots** for screenshot-based bug reports and **Pinpoints** for DOM-based comment threads. Self-hosted, GDPR compliant, no cloud dependencies. = Pinshots — Bug Reporting = Screenshot-based feedback with visual markers. Place numbered markers anywhere on the page, add notes, and capture everything in a single screenshot. Perfect for quick bug reports, design reviews, and client feedback rounds. * **Three Marker Types** — Negative (red) for bugs, Positive (green) for approvals, Note (orange) for comments * **One-Click Screenshots** — Capture the current page instantly with all markers included * **Email Delivery** — Send feedback with screenshot attachment to up to 5 recipients * **Custom Watermark** — Brand every screenshot with your own text * **Adjustable Compression** — Image quality from 10% to 100% * **Undo/Redo** — Ctrl+Z / Ctrl+Y to undo and redo marker placements * **Drag & Drop** — Reposition markers by dragging them to the correct location = Pinpoints — Client Feedback = DOM-based comment threads attached directly to page elements — like Google Docs comments, but for your live website. Comments persist even when the page layout changes, making it ideal for ongoing collaboration and iterative design feedback. * **Element-Attached Threads** — Click any element to start a comment thread on it * **Smart Element Matching** — Comments survive layout changes through CSS selectors, content fingerprinting, and multi-signal scoring * **@Mentions** — Mention team members or external guests in comments to notify them * **Resolve & Reopen** — Mark threads as resolved and reopen them when needed * **Sidebar Overview** — All pinpoints listed in a slide-out sidebar with unread badges * **Visual Indicators** — Numbered badges on the page show where pinpoints are attached * **Tag System** — Organize pinpoints with custom colored tags (Bug, Design, Content, Urgent, or your own) = How It Works = 1. **Pin** — Press Ctrl+Alt+F (or click the floating button) and click anywhere on your site 2. **Capture** — Screenshot, element position, and browser context are captured automatically 3. **Ship** — Feedback is delivered to your inbox or discussed in a pinpoint thread = Key Features = **Screenshots & Markers** * Three annotation tools with automatic numbering * Keyboard shortcuts: Ctrl+Alt+F to activate, keys 1/2/3 for tool selection * Customizable floating feedback button with inactivity auto-hide * Dual screenshot engines (html2canvas and html-to-image) * Touch support for tablets and mobile devices **Collaboration** * **External Collaborators** — Invite anyone via Magic Link email or shareable URL (no WordPress account needed) * **Collaborator Reuse** — Grant existing guests access to additional pinpoints without creating new links * **@Mention Notifications** — Mention collaborators in comments to send email notifications with Magic Link access * **Auto-Grant Access** — Mentioning a collaborator automatically grants them access if they don't have it yet * **Share Modal** — Internal link for team members, external sharing with guest dropdown or new guest creation * **Thread Notifications** — All thread participants (including collaborators) are notified of new comments * **Configurable Link Expiry** — Set Magic Links to expire after 7, 30, or 90 days **Admin & Management** * Admin dashboard with feedback statistics and quick links * Feedback overview with status filters (New, Sent, Resolved) and bulk actions * Post/Page metabox showing pinpoint count per content * Admin bar integration with live feedback counter badge * Collaborator management with type display, inline email editing, and access control * Tag management with custom colors and usage statistics * 8-step setup wizard for first-time configuration **Security & Access Control** * Role-based access — control who can create, view, and resolve feedback * Granular pinpoint permissions (create, view, resolve per role) * Spam protection: honeypot, submission timing, rate limiting with escalation * Optional CAPTCHA: reCAPTCHA v2/v3, hCaptcha, Cloudflare Turnstile * Rate limit escalation (5 min → 15 min → 1 hour → 6 hours → 24 hours) **Privacy & Standards** * 100% self-hosted — your server, your database, your data * GDPR compliant — no external calls unless CAPTCHA is enabled * Clean uninstall — all data removed when plugin is deleted * Multilingual — English and German included, translation-ready * WordPress Coding Standards (WPCS 3.0) and PHPStan Level 5 = Use Cases = * **Web Agencies** — Collect and manage client feedback across projects * **Developers** — QA testing, bug reporting, and code review workflows * **Support Teams** — Visual bug reports from users with full context * **Design Reviews** — Attach comments to specific design elements for iterative feedback * **Content Teams** — Request page changes with visual annotations * **Client Onboarding** — Share feedback links with clients who don't have WordPress accounts = Public Feedback Mode = Enable public feedback to allow website visitors (even without login) to submit visual feedback. Protected by multiple spam prevention measures: * Honeypot fields * Submission timing checks * Rate limiting per IP and session * Optional CAPTCHA (reCAPTCHA v2/v3, hCaptcha, Cloudflare Turnstile) For more information visit [pagepin.io](https://pagepin.io) == Installation == = Automatic Installation = 1. Go to **Plugins > Add New** in your WordPress admin 2. Search for "PagePin" 3. Click **Install Now** and then **Activate** 4. Complete the setup wizard = Manual Installation = 1. Download the plugin ZIP file 2. Go to **Plugins > Add New > Upload Plugin** 3. Select the ZIP file and click **Install Now** 4. Activate the plugin 5. Complete the setup wizard = Configuration = 1. The setup wizard guides you through initial configuration on first activation 2. Or navigate to **PagePin > Settings** to configure manually: 3. Set up email recipients for feedback delivery 4. Select authorized user roles for each feature 5. Enable/disable floating button, public feedback, and collaborators 6. Create tags for organizing feedback == Frequently Asked Questions == = What are Pinshots? = Pinshots are screenshot-based bug reports. Activate the toolbar with Ctrl+Alt+F, place numbered markers (Bug/OK/Note) anywhere on the page, add optional notes, and capture a screenshot. The feedback is sent via email with the screenshot attached. = What are Pinpoints? = Pinpoints are DOM-based comment threads attached to specific elements on your page. Click any element to start a discussion thread on it. Comments persist even when the page layout changes, similar to comments in Google Docs. = What is the difference between Pinshots and Pinpoints? = **Pinshots** are for quick, one-time bug reports — take a screenshot with markers and send it via email. **Pinpoints** are for ongoing discussions — attach comment threads to page elements for iterative feedback and collaboration. = What is the keyboard shortcut to activate the tool? = * **Windows/Linux:** Ctrl + Alt + F * **Mac:** Cmd + Option + F You can also use keys 1, 2, 3 to quickly select marker tools, and Ctrl+Z / Ctrl+Y for undo/redo. Alternatively, click the floating feedback button (if enabled in settings). = Who can use the feedback tool? = By default, only Administrators. You can enable additional roles (Editor, Author, etc.) in the plugin settings. For pinpoints, you can separately control who can create, view, and resolve threads. = Can visitors submit feedback without logging in? = Yes! Enable "Public Feedback" in settings. This allows any website visitor to submit visual feedback. Multiple spam protection measures are included. = How do external collaborators work? = Enable "External Collaborators" in Settings > Collaborators. You can then invite guests via the share modal in any pinpoint thread — either with an email (sends a Magic Link) or without (generates a shareable URL). Collaborators can view and comment on assigned pinpoints without a WordPress account. Mentioning a collaborator with @ in a comment automatically grants them access if they don't have it yet. = Where are screenshots stored? = Screenshots are stored locally in `/wp-content/uploads/pagepin/`. They are NOT added to the Media Library. = Can I customize the watermark? = Yes, you can set custom watermark text in the plugin settings. It appears on every screenshot. = Is the plugin GDPR compliant? = Yes. The plugin only stores necessary data locally on your server. No data is sent to external services (unless you enable third-party CAPTCHA). = Does it work with any theme? = Yes, the plugin uses isolated CSS with high z-index values that don't conflict with themes. The "Ember Glass" design system provides a consistent dark-mode UI. = What spam protection is included? = For public feedback: Honeypot fields, submission timing validation, IP-based rate limiting with escalation (blocks increase from 5 minutes to 24 hours), session rate limiting, and optional CAPTCHA integration (reCAPTCHA v2/v3, hCaptcha, Cloudflare Turnstile). = Can I use multiple email recipients? = Yes, you can configure up to 5 email recipients with custom subject lines. The first recipient receives the email directly, others are added as BCC. = What happens when I uninstall the plugin? = All data is removed: database tables, plugin options, and uploaded screenshots. This ensures a clean uninstall. = Does it support touch devices? = Yes, the tool fully supports touch interactions on tablets and mobile devices. == Screenshots == 1. Setup wizard — guided initial configuration 2. Dashboard — Pinshots and Pinpoints at a glance 3. Pinshot tool — annotate pages with markers and notes 4. Send feedback — select recipients and submit annotations 5. Pinshot management — filter, track status, and bulk actions 6. Pinpoints overview — DOM-based comment threads 7. Pinpoint sidebar — threaded comments on page elements == Changelog == = 1.0.3.4 = * Fix: Plugin frontend not loading when theme deregisters jQuery (e.g. custom themes without jQuery) * Fix: Robust jQuery re-registration via wp_print_scripts to survive late deregistration = 1.0.3.3 = * Fix: jQuery re-registration for themes that deregister it on the frontend = 1.0.3.2 = * Fix: Expired collaborator tokens are now auto-renewed when visiting a share link or granting access * Fix: Collaborator floating button added so guests can reopen the Pinpoint sidebar after closing it * Fix: AJAX 400 errors for collaborators caused by non-public endpoint calls (updateMatchScore, openPinpointFromUrl) * New: Guest collaborators can now use @mentions to reference team members and other collaborators * Improvement: Pinpoint sidebar auto-opens for collaborators on page load = 1.0.3.1 = * Fix: Missing vendor libraries (html2canvas, html-to-image, tribute) caused 404 errors and broken frontend feedback mode * Thanks to Stefan for reporting this issue = 1.0.3 = * Improvement: Setup wizard fully localized in English with translation support * Fix: Contrast issue with Pinpoint role headings in setup wizard * Fix: Duplicate @mention notifications prevented * Fix: Self-mention no longer triggers email notification * Fix: Collaborator and email mentions now work in initial pinpoint comments * Fix: Guest collaborators show generic avatar in mention autocomplete * Fix: Pinpoint reply textarea sizing and overflow * Improvement: Inline styles moved to CSS classes for better maintainability * Improvement: Refined wizard step descriptions for clarity = 1.0.2 = * New: Tag/Label system for organizing feedback and pinpoints * New: External collaborators via Magic Link (no WordPress account needed) * New: Token-based shareable links for quick feedback rounds * New: Redesigned share modal with internal link, guest reuse, and new guest creation * New: Collaborator reuse — grant existing guests access to additional pinpoints * New: @mention collaborators in comments with automatic email notification * New: Auto-grant access when mentioning a collaborator who cannot see the pinpoint yet * New: Collaborators see all accessible pinpoints across pages in sidebar * New: Copy link button for active external access entries * New: Admin collaborator list with type column, inline email editing * New: Admin bar integration with badge counter * New: Comment count badges on pinpoint indicators * New: Extended setup wizard with collaborator and tag configuration * Improvement: Enhanced mention system with @email invites and !@name share links * Improvement: Collaborator thread notifications include magic link for direct access = 1.0.0 = * Initial WordPress.org release * Screenshot capture with html2canvas and html-to-image * Three feedback tools (Negative, Positive, Note) with automatic numbering * Pinpoint feature: DOM-based comment threads with @mentions * Email sending with screenshot attachment and watermark * Admin interface with overview, settings, and bulk actions * Public feedback mode with spam protection (honeypot, rate limiting, CAPTCHA) * Role-based access control for authenticated users * Undo/Redo functionality (Ctrl+Z / Ctrl+Y) * Drag & Drop marker repositioning with touch support * Multilingual support (German/English) * WordPress Coding Standards and PHPStan Level 5 compliance == Upgrade Notice == = 1.0.3 = Setup wizard fully English and translatable. Fixed duplicate mention notifications, self-mentions, and collaborator mentions in initial pinpoints. = 1.0.2 = New collaboration features: Tag system, external collaborators via Magic Link, shareable feedback links, collaborator reuse, @mention notifications, and admin bar integration. = 1.0.0 = Initial release of PagePin - Visual feedback infrastructure for WordPress. == Support == * Website: [pagepin.io](https://pagepin.io) * Support: service@pagepin.io == Third Party Services == This plugin connects to external services ONLY when you explicitly enable CAPTCHA protection: = Google reCAPTCHA (v2 or v3) = When enabled, user interaction data is sent to Google for spam verification. * Service: https://www.google.com/recaptcha/ * Privacy Policy: https://policies.google.com/privacy * Terms of Service: https://policies.google.com/terms = hCaptcha = When enabled, user interaction data is sent to hCaptcha for spam verification. * Service: https://www.hcaptcha.com/ * Privacy Policy: https://www.hcaptcha.com/privacy * Terms of Service: https://www.hcaptcha.com/terms = Cloudflare Turnstile = When enabled, user interaction data is sent to Cloudflare for spam verification. * Service: https://www.cloudflare.com/products/turnstile/ * Privacy Policy: https://www.cloudflare.com/privacypolicy/ * Terms of Service: https://www.cloudflare.com/website-terms/ **Important:** No data is sent to external services unless you explicitly enable CAPTCHA in the plugin settings. Without CAPTCHA, the plugin operates entirely on your own server. == Privacy == = Data Collection = This plugin collects and stores the following data locally on your WordPress server: **For authenticated users (logged-in):** * User ID (WordPress user reference) * Feedback content (screenshots, markers, messages) * Page URL where feedback was submitted * Timestamp **For public/anonymous feedback (when enabled):** * Email address (if provided by the visitor) * IP address (for rate limiting only) * Session token (anonymous identifier) * Feedback content (screenshots, markers, messages) * Page URL and timestamp **For external collaborators (when enabled):** * Display name * Email address (optional, for Magic Link invitations and @mention notifications) * Authentication token (for session-based access) * Access grants (which pinpoints the collaborator can view) * Last access timestamp = Data Retention = * **Feedback data:** Stored until manually deleted by an administrator * **Rate limiting data (IP/Session):** Automatically deleted after 24 hours * **Screenshots:** Stored until feedback is deleted * **Collaborator data:** Stored until manually deleted by an administrator = Data Location = * Database: WordPress database tables (prefixed with your WordPress table prefix) * Screenshots: `/wp-content/uploads/pagepin/` directory = GDPR Compliance = * All data is stored locally on your server * No analytics or tracking is performed * No data is shared with third parties (unless CAPTCHA is enabled) * Data can be exported and deleted upon request via WordPress admin * IP addresses are pseudonymized after rate limit period = Consent = For public feedback mode, we recommend: * Linking to your privacy policy in the feedback form * Enabling the GDPR consent checkbox in plugin settings * Informing visitors about data collection in your site's privacy policy