=== VendorVerse aistore multi vendor store for WooCommerce ===
Contributors: susheelhbti
Tags: multi-vendor, marketplace, woocommerce, vendors, commissions, affiliate, fraud detection, REST API
Requires at least: 5.8
Tested up to: 6.5
Stable tag: 2.0.0
Requires PHP: 7.4
WC requires at least: 5.0
WC tested up to: 8.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

VendorVerse aistore multi vendor store for WooCommerce is a complete multi-vendor marketplace solution for WooCommerce with advanced analytics, fraud detection, REST API, and GDPR compliance.

== Description ==

VendorVerse aistore multi vendor store for WooCommerce transforms your WooCommerce store into a fully-featured multi-vendor marketplace. Vendors get their own dashboard, storefront, product management, order tracking, wallet system, and withdrawal requests.

**Key Features:**

= Vendor Management =
* Vendor registration & admin approval workflow
* Vendor dashboard with real-time analytics & 30-day sales chart
* Public vendor storefront with banner, logo, bio, follow system
* Tiered commission system (Free / Pro / Enterprise plans)
* Vendor subscription plan management

= Product Management =
* Add, edit, delete products from the front end
* Product approval workflow with admin review
* Support for virtual and downloadable products
* Gallery images, tags, categories
* Product publishing controls (publish / unpublish)

= Order & Payout System =
* Vendor-specific order listing and order detail page
* Automated payout on order completion
* Tiered commission rates based on sales volume
* Refund reversal — automatically reverses payout on refunded orders
* Add-to-cart tracking and conversion rate reporting

= Wallet & Withdrawals =
* Vendor wallet with full transaction history
* Withdrawal requests (Bank, PayPal, UPI, Cryptocurrency)
* Admin approval / rejection with email notifications
* Bank details form with lock feature
* Configurable minimum withdrawal amount

= Advanced Analytics & Reports =
* Platform revenue chart (7 / 30 / 90 / 365-day views)
* Top vendors doughnut chart
* Top products by orders table
* Cart-to-order conversion rate
* CSV export of all transactions

= Live Chat & Messaging =
* Vendor-customer messaging system
* Conversation list with unread badge
* New message email notifications
* Message history with timestamps

= Vendor Reviews =
* Star rating system (1–5)
* Verified purchase badge for order-linked reviews
* Vendor reply to reviews
* Review management in vendor dashboard

= Fraud Detection =
* Order velocity checks (too many orders in short time)
* Large order threshold alerts
* IP multi-account detection
* Registration spam detection
* Admin email alerts for high-severity events
* Fraud alert management panel

= Developer Tools =
* Full REST API (`/wp-json/vendorverse/v1/`)
* Webhooks with HMAC-SHA256 signatures (new_order, order_completed, low_stock)
* Webhook log viewer

= Privacy & Compliance =
* Full GDPR compliance via WordPress Privacy Tools
* Personal data export for all vendor data
* Personal data erasure

= Backward Compatibility =
All original `[aistore_*]` shortcodes still work. Existing pages using old shortcodes require no changes.

= Developer for Hire =
Need custom features or a complete marketplace project?
Contact: **susheelhbti@gmail.com** (Freelance & Project Basis)

== Installation ==

1. Upload the `vendorverse` folder to `/wp-content/plugins/`
2. Activate the plugin through the **Plugins** menu in WordPress
3. Go to **VendorVerse → Settings** to configure commission rates, pages, and features
4. Assign shortcode pages:
   - Add a page with `[vv_vendor_dashboard]` and set it in Settings → Vendor Dashboard Page
   - Add a page with `[vv_add_product]` for the Add Product page
   - Add a page with `[vv_product_list]` for the Product List page
   - Add a page with `[vv_order_list]` for the Order List page
   - Add a page with `[vv_withdrawal]` for the Withdrawal page
5. To approve a user as a vendor: go to **Users**, find the user, and click **Approve as Vendor**

== Frequently Asked Questions ==

= Do I need to update my existing pages? =
No. All original `[aistore_*]` shortcodes continue to work. VendorVerse is fully backward compatible.

= How does the commission system work? =
When an order is marked complete, VendorVerse automatically credits the vendor's wallet minus the commission fee. The admin earns the commission. Rates can be set globally, per-vendor, or per-product, with tiered rates for high-volume sellers.

= Can vendors manage their own products? =
Yes. Vendors can add, edit, and delete products from the front end. If product approval is enabled, new/updated products go into a pending queue for admin review.

= What withdrawal methods are supported? =
Bank Transfer, PayPal, UPI, and Cryptocurrency. Admins see the vendor's saved bank details when processing withdrawals.

= Is it GDPR compliant? =
Yes. VendorVerse registers exporters and erasers with WordPress's built-in Privacy Tools, covering transactions, withdrawals, messages, and bank details.

= Where is the REST API documented? =
Base URL: `/wp-json/vendorverse/v1/`
Endpoints include: GET vendor, GET vendor products, GET/POST orders, GET/POST messages, POST review, POST withdrawal.
Authentication uses WordPress Application Passwords or cookie auth.

== Shortcodes ==

| Shortcode | Description |
|---|---|
| `[vv_vendor_dashboard]` | Vendor analytics dashboard |
| `[vv_add_product]` | Add new product form |
| `[vv_product_list]` | Vendor's product list |
| `[vv_product_edit]` | Edit product form (requires `?pid=ID`) |
| `[vv_order_list]` | Vendor's order list |
| `[vv_order_edit]` | Order detail & status update (requires `?oid=ID`) |
| `[vv_withdrawal]` | Withdrawal request form + history |
| `[vv_bank_account]` | Bank details form |
| `[vv_vendor_store]` | Public vendor storefront (add `slug="username"`) |
| `[vv_vendor_reviews]` | Leave a review for a vendor |
| `[vv_messages]` | Vendor-customer messaging |
| `[vv_cart_report]` | Add-to-cart tracking report |

**Legacy shortcodes (still work):** `[aistore_add_product]`, `[aistore_product_list]`, `[aistore_product_edit]`, `[aistore_order_list]`, `[aistore_order_edit]`, `[aistore_saksh_withdrawal_system]`, `[aistore_bank_account]`

== REST API Endpoints ==

`GET  /wp-json/vendorverse/v1/vendor/{id}` — Public vendor profile
`GET  /wp-json/vendorverse/v1/vendor/{id}/products` — Vendor's published products
`GET  /wp-json/vendorverse/v1/vendor/{id}/orders` — Vendor's orders (auth required)
`GET  /wp-json/vendorverse/v1/vendor/{id}/stats` — Vendor stats (auth required)
`POST /wp-json/vendorverse/v1/products` — Create product (vendor auth)
`PUT  /wp-json/vendorverse/v1/products/{id}` — Update product (vendor auth)
`POST /wp-json/vendorverse/v1/withdrawal` — Request withdrawal (vendor auth)
`POST /wp-json/vendorverse/v1/reviews` — Submit review (auth required)
`GET  /wp-json/vendorverse/v1/messages` — Get messages (auth required)
`POST /wp-json/vendorverse/v1/messages` — Send message (auth required)

== Changelog ==

= 2.0.0 =
* Complete rewrite from aistore-multi-vendor-store
* Fixed critical SQL injection vulnerability in withdrawal requests
* Fixed multi-item order payout bug (only last vendor was credited)
* Fixed missing ob_start() in frontend render functions
* Fixed downloadable file validation (was using getimagesize() on non-images)
* Added: Vendor dashboard with Chart.js analytics
* Added: Product approval workflow
* Added: Fraud detection system with admin alerts
* Added: Full REST API with 10 endpoints
* Added: Webhook system with HMAC-SHA256 signatures
* Added: GDPR compliance (export + erase)
* Added: Vendor subscription plans (Free / Pro / Enterprise)
* Added: Live chat / messaging system
* Added: Vendor reviews with star ratings and vendor replies
* Added: Follow/unfollow vendor stores
* Added: Tiered commission system
* Added: Affiliate program structure
* Added: CSV export for reports
* Added: Backward-compatible shortcodes (all aistore_* still work)
* Added: Bootstrap 5 responsive UI for all vendor pages

== Upgrade Notice ==

= 2.0.0 =
Major rewrite. All original shortcodes still work. Run database update via activate/deactivate if upgrading from v1.

== Credits ==

Built by susheelhbti — Available for freelance & project-basis work.
Contact: susheelhbti@gmail.com
