=== HelloForm ===
Contributors: simone88
Tags: contact form, quote form, helloform, form builder, recaptcha
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 1.0.4
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Text Domain: helloform
Domain Path: /languages

A customizable contact form plugin for creating quote requests with HelloForm’s drag & drop builder and reCAPTCHA support.

== Description ==

HelloForm lets you easily build a quote request form directly from the WordPress admin area.

You can:
- Add, remove, and reorder fields with a simple drag & drop interface.
- Choose between multiple field types: text, email, tel, textarea, select, radio, checkbox, date, number, privacy, submit.
- Set required fields.
- Send notifications to multiple recipients (To, CC, BCC).
- Enable Google reCAPTCHA for spam protection.
- Customize field labels and placeholders.

The form is added to your pages via shortcode:

[helloform]

All messages, errors, and confirmations are translatable.

== Installation ==

1. Upload the plugin folder `HelloForm` to the `/wp-content/plugins/` directory.
2. Activate the plugin through the 'Plugins' menu in WordPress.
3. Go to **HelloForm** in the admin menu.
4. Configure your fields and recipient email.
5. Add `[helloform]` shortcode to any page or post.

== Frequently Asked Questions ==

= How do I add the form to a page? =
Use the shortcode `[helloform]`.

= Does it support Google reCAPTCHA? =
Yes. You can enable reCAPTCHA and set the site and secret keys in the plugin settings.

= Can I customize the form template? =
Yes. To override the default form template, copy templates/template-default.php from the plugin into your theme folder as template-parts/[helloform].php

== External Services ==

This plugin uses **Google reCAPTCHA** (version v2 or v3) to protect the forms from spam. This feature is optional and disabled by default until configured by the user.

**What data is sent and when:**
When a form protected by reCAPTCHA is submitted, the plugin executes a server-side verification using the WordPress function `wp_remote_post`. This process sends the following data to Google's API:
* **The reCAPTCHA response token** (`g-recaptcha-response`) generated by the client browser.
* **The user's IP address** (`$_SERVER['REMOTE_ADDR']`) for verification purposes.

The service is used only if the user has enabled the reCAPTCHA option in the plugin settings and attempts to submit a form.

**Service Provider:** Google Inc.
**Terms of Service:** https://policies.google.com/terms
**Privacy Policy:** https://policies.google.com/privacy

== Screenshots ==
1. Admin interface for managing fields.
2. Example of frontend form.

== Changelog ==

= 1.0.4 =
* **Feature:** Optimized script loading. reCAPTCHA scripts are now registered and enqueued ONLY when the shortcode is present on the page.
* **Fix:** Resolved layout conflicts (CSS/Flexbox) in search pages and global footers caused by reCAPTCHA script injection.
* **Performance:** Reduced global page weight by preventing unnecessary third-party script loading on pages without forms.

= 1.0.3 =
* **Feature:** Added full support for Google reCAPTCHA v3 (Invisible).
* **Feature:** Added option to choose between reCAPTCHA v2 and v3 in settings.
* **Fix:** Corrected reCAPTCHA token validation process to fix submission errors.
* **Security:** Improved handling and sanitization of user IP address ($_SERVER['REMOTE_ADDR']) to meet security standards.
* **Localization:** Complete revision of Italian translations.

= 1.0.2 =
* Tested compatibility with WordPress 6.9.
* Fixed backend field alignment issues in the form builder.
* Added AJAX-based success message after form submission.
* Minor UI and stability improvements.

= 1.0.1 =
* Bug fixes and security updates.

= 1.0.0 =
* Initial release.

== Upgrade Notice ==

= 1.0.4 =
Critical update for layout stability and performance. Optimized reCAPTCHA loading to prevent theme conflicts. Recommended for all users.

= 1.0.3 =
This update includes critical stability fixes for reCAPTCHA and new security options. Immediate update is highly recommended.

= 1.0.2 =
Improved backend UI alignment and added AJAX success message. Recommended update.

= 1.0.1 =
Maintenance release: fixes security and configuration bugs.

= 1.0.0 =
First public version.