=== Typo Hunter === Contributors: skyminds Tags: spelling, typo, proofreading, corrections, crowdsource Requires at least: 5.0 Tested up to: 6.9 Stable tag: 1.5.0 Requires PHP: 8.1 License: GPLv3 or later License URI: https://www.gnu.org/licenses/gpl-3.0.html Turn your readers into proofreaders. Crowdsource spelling and typo corrections with a simple, gamified interface. == Description == Typo Hunter transforms your readers into active contributors by gamifying the proofreading process. Let your audience help you maintain professional, error-free content while building community engagement. = Key Features = * **๐ŸŽฏ Gamified Experience** - Turn typo hunting into an engaging activity for your readers * **โšก Quick Reporting** - Keyboard shortcut (Ctrl/Cmd + Enter) for instant submissions * **๐Ÿ›ก๏ธ Spam Protection** - Rate limiting (5 reports/hour) and duplicate detection * **๐Ÿ“Š Admin Dashboard** - Clean, sortable table to manage all typo reports * **๐Ÿš€ Performance First** - Assets only load where needed, optimized for PHP 8.3+ * **๐Ÿ”’ Enterprise Security** - SQL injection protection, input validation, nonce verification * **๐Ÿ’พ Smart Storage** - Optional database logging with indexed queries * **๐ŸŽจ Modern UI** - Native HTML dialog with beautiful, responsive design = How It Works = 1. Reader spots a typo on your site 2. Selects the incorrect text 3. Presses Ctrl/Cmd + Enter (or clicks footer link) 4. Submits correction in sleek modal form 5. You review and fix in the admin dashboard 6. Content quality improves continuously! = Perfect For = * **๐Ÿ“ฐ Blogs & News Sites** - Crowdsource proofreading at scale * **๐Ÿ“š Documentation Sites** - Community-driven accuracy improvements * **๐ŸŽ“ Educational Platforms** - Maintain high-quality learning content * **๐Ÿ›’ E-commerce Stores** - Professional product descriptions * **๐Ÿข Corporate Websites** - Brand reputation through polished content * **๐Ÿ“– Publishing Platforms** - Engage readers as quality contributors = Security & Privacy = * โœ… Rate limiting prevents abuse (5 reports/hour per IP) * โœ… IP addresses hashed for privacy compliance * โœ… All inputs sanitized and validated * โœ… SQL injection protection with prepared statements * โœ… Nonce verification for all AJAX requests * โœ… GDPR-friendly (no personal data stored) == Installation == = Automatic Installation = 1. Log in to your WordPress admin panel 2. Navigate to Plugins > Add New 3. Search for "Typo Hunter" 4. Click "Install Now" and then "Activate" = Manual Installation = 1. Download the plugin ZIP file 2. Log in to your WordPress admin panel 3. Navigate to Plugins > Add New > Upload Plugin 4. Choose the ZIP file and click "Install Now" 5. Activate the plugin = Configuration = 1. Go to Settings > Typo Hunter 2. Enable "Text Highlighting" for keyboard shortcut (Ctrl/Cmd+Enter) 3. Enable "Database Logging" to store reports 4. Save and start hunting typos! == Frequently Asked Questions == = How do visitors report typos? = Two easy methods: 1. Click the "Report a typo" link at the bottom of posts 2. Select text and press Ctrl+Enter (Cmd+Enter on Mac) - fastest way! = Where can I view typo reports? = Go to the WordPress admin panel and click "Typo Hunter" in the sidebar menu. You'll see all reports in a clean, sortable table. = Can I prevent spam submissions? = Yes! The plugin includes built-in rate limiting (5 reports per hour per IP) and duplicate detection to prevent spam. = Does this work with all themes? = Absolutely! Typo Hunter works with any WordPress theme. The report link is automatically added to single posts and pages. = Will this slow down my site? = Not at all! Assets only load on single posts/pages. Built with PHP 8.3+ optimizations, typed properties, and indexed database queries for maximum performance. = Can I customize the look? = Yes! Add custom CSS to override default styles. All elements use standard CSS classes (`.typohunter-*`) for easy customization. = Is it GDPR compliant? = The plugin doesn't collect personal information. IP addresses are hashed for rate limiting purposes only and are not stored permanently. = Does it work with caching plugins? = Yes, the plugin is fully compatible with caching plugins as it uses AJAX for form submissions. = Can I export the reports? = Yes! Pro users can export reports to CSV or PDF directly from the Reports tab, with optional date range and post ID filtering. = What happens to old reports? = Reports are stored indefinitely. You can manually delete them from the admin panel. An auto-cleanup feature may be added in future versions. == Screenshots == 1. Sleek modal form with selected text pre-filled 2. Admin dashboard - clean, sortable typo reports 3. Simple settings page - enable features in seconds 4. Unobtrusive report link at post footer == Changelog == = 1.5.0 - June 2026 = * ๐Ÿข **VIP Compliance** - Full WordPress VIP coding standards compliance * โšก **Object Cache** - Migrated rate limiting from transients to `wp_cache_*` (Redis/Memcached ready) * ๐Ÿ” **Enhanced Hashing** - Implemented `wp_hash()` (HMAC-SHA256 with WordPress salts) for IP rate limiting keys * ๐Ÿ“Š **Query Optimization** - All queries use specific column selection instead of SELECT * * ๐Ÿ—‘๏ธ **Cache Cleanup** - Simplified uninstall cache cleanup with `wp_cache_flush_group()` = 1.4.0 - March 2026 = * ๐Ÿ“Š **Free Analytics Dashboard** - Free users now see basic stats (Total, Today, This Week, This Month) on the Analytics tab instead of a locked screen * ๐Ÿ–ผ๏ธ **SVG Icon Fix** - Added viewBox attribute to plugin SVG icons so they scale correctly on the Freemius pricing page * ๐ŸŽจ **Modern Modal Redesign** - Glassmorphism backdrop, slide-up entrance animation, refined typography, gradient submit button with hover lift, modern focus rings, and polished inline close button * ๐Ÿ› **Theme Compatibility** - Fixed "Report a typo" link not appearing on some themes by replacing timing-dependent wp_script_is guard with did_action('wp') check = 1.3.0 - March 2026 = * ๐Ÿ›’ **WooCommerce Compatibility** - Fixed "Report a typo" link appearing in WooCommerce emails by guarding against non-frontend contexts * โœ๏ธ **Custom Link Text** - New free setting to customize the "Report a typo" link text shown to visitors * ๐ŸŒ **String Consistency** - Unified all link text strings to "Report a typo" (removed inconsistent "Report a spelling mistake") * ๐Ÿ“ **Translation Cleanup** - Removed stale translation entries from .pot and .po files * ๐Ÿš€ **Zero-Dependency Chart** - Replaced Chart.js CDN (65 KB) with lightweight inline SVG chart (~80 lines of vanilla JS) = 1.2.0 - February 2026 = * ๐Ÿ”’ **Security Hardening** - Comprehensive security re-audit with all findings resolved * ๐Ÿ›ก๏ธ **XSS Prevention** - Escaped all dynamic output in admin templates (esc_html, esc_url, esc_attr) * ๐Ÿ” **Input Sanitization** - Added wp_unslash() consistently before all sanitization calls * โœ… **Allowlist Validation** - Email frequency setting validated against strict allowlist * ๐ŸŒ **Internationalization** - Full i18n support with wp_localize_script for all frontend strings * ๐Ÿ“ **Translation Ready** - Added .pot file and French (fr_FR) translation * ๐Ÿ›ก๏ธ **SRI Protection** - Subresource Integrity hash for Chart.js CDN to prevent supply-chain attacks * โšก **jQuery Removed** - Frontend report.js now uses native Fetch API (zero jQuery dependency) * โŒจ๏ธ **Accessibility** - Escape key closes the report modal * ๐Ÿ”’ **Directory Protection** - Added index.php silence files to all plugin directories * ๐Ÿ“„ **CSV Export Fix** - Quoted filename in Content-Disposition header per RFC 6266 * ๐Ÿ› **JS Guard** - Protected premium-only JS (email test, chart rendering) from ReferenceError on free version * ๐Ÿงน **Code Quality** - Consistent escaping across admin interface, email templates, and PDF export = 1.1.0 - February 2026 = * ๐ŸŽ‰ **NEW PRO VERSION**: Premium features now available! * ๐Ÿ“Š **Analytics Dashboard** - View comprehensive stats, 30-day trends, and most reported posts (Pro) * ๐Ÿ“ง **Email Notifications** - Instant, daily, and weekly digest options with configurable recipients (Pro) * ๐Ÿ“ค **Export Features** - Export reports to CSV or PDF with date/post filtering (Pro) * ๐ŸŽจ **Tabbed Admin Interface** - Modern, organized admin experience with Analytics, Reports, Settings, and Email tabs * โšก **Enhanced Rate Limiting** - Pro users get 30 reports/hour (vs 5/hour for free) * ๐Ÿš€ **Performance Boost** - Added 5-minute object caching for analytics and reports list * ๐Ÿ”’ **Security Enhancement** - Replaced md5() with wp_hash() for IP hashing * ๐Ÿข **VIP Compliance** - Fully WordPress VIP compliant (replaced file operations, optimized queries) * ๐Ÿ’พ **Query Optimization** - SELECT specific columns instead of SELECT *, added proper indexes * ๐Ÿ” **Capability Checks** - Added current_user_can() checks on all admin methods * ๐Ÿ› **Bug Fix**: Fixed admin notice display to prevent duplicates * ๐Ÿ“ **Code Quality**: Improved error handling and logging throughout * ๐ŸŒ **Freemius Integration** - Seamless license management and updates = 1.0.1 - January 2026 = * โœจ **Enhancement**: Added proper output escaping with esc_attr() for checkbox values * ๐Ÿงน **Cleanup**: Added uninstall.php to properly clean up database table and options on uninstall = 1.0.0 - December 2025 = * ๐ŸŽ‰ Initial release of Typo Hunter * โšก Lightning-fast keyboard shortcut (Ctrl/Cmd + Enter) * ๐ŸŽจ Beautiful native HTML dialog interface * ๐Ÿ“Š Admin dashboard with sortable reports * ๐Ÿ›ก๏ธ Rate limiting (5 reports/hour per IP) * ๐Ÿ” Duplicate detection (5-minute window) * ๐Ÿ’พ Optional database logging * ๐Ÿ”’ Enterprise-grade security (SQL injection protection) * ๐Ÿš€ PHP 8.3+ optimizations (typed properties, match expressions) * โšก Performance-first (conditional asset loading, DB indexes) * ๐ŸŽฏ Gamified user experience == Upgrade Notice == = 1.3.0 = Fixes "Report a typo" link appearing in WooCommerce emails. Adds customizable link text setting (free). Cleans up inconsistent translation strings. = 1.2.0 = Security hardening release. Comprehensive re-audit with full output escaping, input sanitization, SRI for CDN assets, i18n support, and jQuery removal from frontend. Recommended update for all users. = 1.1.0 = ๐ŸŽ‰ Major update! Pro version now available with Analytics Dashboard, Email Notifications, and Export features. Free version includes performance improvements and VIP compliance. Fully backward compatible. = 1.0.1 = Minor improvements to output escaping and uninstall cleanup. = 1.0.0 = Welcome to Typo Hunter! Turn your readers into proofreaders with this gamified typo reporting tool. == Technical Details == = Database Schema = Custom table: `typohunter_reports` * `id` - Unique report identifier (bigint, primary key) * `post_id` - Associated WordPress post ID (bigint, indexed) * `text` - Incorrect text (varchar 255) * `suggestion` - Suggested correction (varchar 255) * `url` - Page URL (varchar 500) * `timestamp` - Submission time (datetime, indexed) Optimized with indexes on `post_id` and `timestamp` for fast queries. = Security Features = * ๐Ÿ”’ SQL injection protection (`$wpdb->prepare()` with placeholders) * โœ… Nonce verification for all AJAX requests * ๐Ÿ›ก๏ธ Rate limiting via WordPress object cache (Redis/Memcached compatible) * ๐Ÿงน Input sanitization (`sanitize_text_field()`, `esc_url_raw()`) * ๐Ÿ” Duplicate detection (5-minute window) * โœ“ Post validation (ensures posts exist) * ๐Ÿ” Secure IP detection with fallback = Performance Optimizations = * โšก Assets only load on single posts/pages (conditional loading) * ๐Ÿ’พ Options cached in class property (reduces DB calls) * ๐Ÿ“Š Database indexes on `post_id` and `timestamp` * ๐ŸŽฏ Minimal JavaScript footprint (vanilla JS, no jQuery) * ๐Ÿš€ PHP 8.3+ features (typed properties, readonly, match expressions) * ๐Ÿ”ฅ First-class callable syntax for hooks * โšก Null coalescing operators for cleaner code == Support == For support, feature requests, or bug reports: ๐Ÿ› GitHub: https://github.com/skyminds/typo-hunter ๐Ÿ’ฌ Support Forum: WordPress.org support tab == Roadmap == **Available in Pro Version (v1.1.0+):** * ๐Ÿ“Š Analytics dashboard with stats and 30-day trend charts * ๐Ÿ“ง Email notifications (instant, daily digest, weekly digest) * ๐Ÿ“ค Export reports (CSV/PDF with filtering) * โšก Enhanced rate limiting (30 reports/hour vs 5/hour) * ๐ŸŽจ Modern tabbed admin interface **Coming in Future Updates:** * ๐Ÿค– AI-powered correction suggestions * ๐Ÿ‘ฅ Team collaboration features * ๐ŸŽจ Custom branding options * ๐Ÿ”Œ Grammarly API integration * ๐ŸŒ Multi-language improvements == Credits == Developed with โค๏ธ by Matt Biscay ๐ŸŒ https://mattbiscay.com ๐Ÿ™ https://github.com/skyminds **Like Typo Hunter?** Please rate it โญโญโญโญโญ on WordPress.org!