=== Conflict Guard ===
Contributors: mwangip
Tags: conflict, troubleshooting, debug, rollback, woocommerce
Requires at least: 6.0
Tested up to: 7.0
Stable tag: 1.0.5
Requires PHP: 8.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Detect, isolate, and fix WordPress plugin conflicts. Safe Test Mode, Smart Isolation, One-Click Rollback, and Real-Time Error Monitoring.

== Description ==

**Conflict Guard** is the ultimate free WordPress plugin troubleshooting tool. Stop manually disabling plugins one-by-one. Our intelligent conflict detection engine finds the problem automatically.

**"Find plugin conflicts before your users do."**

= Core Features =

**🔍 Automatic Plugin Conflict Detection**
Scan all active plugins, detect compatibility issues, monitor PHP fatal errors, JavaScript conflicts, AJAX failures, and REST API errors. Every plugin receives a Stability Score.

**🧪 Safe Test Mode**
Session-based sandbox lets you disable plugins only for your admin session. Visitors continue seeing the live site normally — zero downtime, zero risk.

**🔬 Smart Conflict Isolation Engine**
Binary search algorithm intelligently narrows down which plugin is causing your issue. Disable plugins one-by-one inside Safe Mode until errors disappear.

**⏪ One-Click Rollback**
Download and restore previous plugin versions from WordPress.org. Automatic restore points are created before every plugin update.

**📊 Real-Time Error Monitor**
Live dashboard showing PHP errors, fatal crashes, JavaScript conflicts, AJAX failures, REST API issues, and memory usage.

**🛒 WooCommerce Compatibility Scanner**
Dedicated WooCommerce diagnostics: checkout issue detection, payment gateway conflict analysis, and WooCommerce-safe plugin badges.

**🚨 Emergency Recovery Mode**
If WordPress crashes, use your personal Recovery URL to access a lightweight emergency interface — even when WP Admin is inaccessible.

**📅 Conflict Timeline**
Visual event timeline tracing every plugin activation, deactivation, update, crash, rollback, and conflict detection.

**⚡ Plugin Health Scoring**
Each plugin receives Stability, Security, Update Activity, and Performance impact scores.

= Why Conflict Guard? =

- 100% FREE — no locked features, no aggressive upsells
- Lightweight — uses async background scans, transient caching
- Beginner-friendly — clear, modern SaaS-style dashboard
- Developer-grade — binary isolation, detailed error reporting
- Non-invasive — Safe Mode only affects your admin session
- Secure — nonce verification, capability checks, prepared SQL

= Compatibility =

* WordPress 6.0+
* PHP 8.0+
* WooCommerce (full integration)
* Elementor
* Gutenberg
* WordPress Multisite
* Shared & cloud hosting environments

= How It Works =

1. Install and activate Conflict Guard
2. Go to **Conflict Guard** in your WP Admin menu
3. Click **Run Scan** to analyze all your plugins
4. Review stability scores and conflict risks
5. Use **Safe Mode** to test without plugins one-by-one
6. Use **Rollback** to revert problematic updates
7. Bookmark your **Emergency Recovery URL** just in case

== Installation ==

1. Upload the `conflict-guard` folder to `/wp-content/plugins/`
2. Activate the plugin through the **Plugins** menu in WordPress
3. Navigate to **Conflict Guard** in your admin menu
4. Run your first scan

== Frequently Asked Questions ==

= Does Safe Mode affect my visitors? =
No. Safe Mode is session-based — only your admin browser session sees plugin changes. All visitors continue seeing the normal live site.

= Can I rollback a plugin that's not on WordPress.org? =
Currently, automatic version downloads work for WordPress.org-hosted plugins. For premium/third-party plugins, restore points are created automatically before updates.

= Is this plugin really free? =
Yes, 100% free forever. There are no locked features, no premium version, and no mandatory upgrades.

= What happens when I uninstall? =
All plugin data (database tables, options, transients, scheduled events) is completely removed on uninstall.

= Does it work with WooCommerce? =
Yes! There's a dedicated WooCommerce scanner that checks checkout health, payment gateways, and detects common WooCommerce plugin conflicts.

= How do I support the plugin? =
The plugin is free forever. If it helped you, you can donate via PayPal from the Settings tab inside the plugin dashboard. Even a small amount helps keep it maintained!

= Who can use the Rollback and Emergency Recovery features on a multisite network? =
On a multisite network, rollback and recovery actions are restricted to network administrators (users with the `manage_network_options` capability), since these actions affect plugin files shared across the entire network. On a single-site install, any user with `manage_options` (typically the site admin) can use them.

== Screenshots ==

1. Main dashboard with site health score and plugin stability table.
2. Safe Test Mode — enable session-based sandbox to test without plugins.
3. Real-time error monitoring dashboard showing PHP, AJAX, and REST errors.
4. Conflict timeline — visual history of every plugin event and crash.
5. One-click rollback — select a plugin and restore a previous version.
6. Emergency recovery mode — accessible even when WP Admin is broken.
7. Diagnostics panel — system info, connectivity tests, and report export.
8. Settings page with donation support section.

== External Services ==

This plugin connects to the following external services:

= WordPress.org Plugin API =
**What it is:** The official WordPress.org plugin information API.
**What it is used for:** Fetching available previous versions of a plugin when you request a rollback. This only happens when you click "Load Versions" on the Rollback tab.
**What data is sent:** The slug (folder name) of the plugin you want to roll back. No personal data, no site data.
**When data is sent:** Only on demand, when you request version history for a specific plugin.
**Endpoint:** `https://api.wordpress.org/plugins/info/1.0/{plugin-slug}.json`
**Service provider:** Automattic / WordPress.org
**Terms of Service:** https://wordpress.org/about/privacy/
**Privacy Policy:** https://automattic.com/privacy/

= WordPress.org Plugin Downloads =
**What it is:** The official WordPress.org plugin download server.
**What it is used for:** Downloading the actual plugin ZIP file for the version you select during a rollback.
**What data is sent:** Plugin slug and version number only. No personal data.
**When data is sent:** Only when you click "Perform Rollback" for a specific plugin and version.
**Endpoint:** `https://downloads.wordpress.org/plugin/{slug}.{version}.zip`
**Service provider:** Automattic / WordPress.org
**Terms of Service:** https://wordpress.org/about/privacy/
**Privacy Policy:** https://automattic.com/privacy/

= PayPal =
**What it is:** PayPal's payment platform.
**What it is used for:** Optional, voluntary donations to support plugin development. This is completely optional.
**What data is sent:** No data is sent automatically. If you click the donate button, you are redirected to PayPal's website where PayPal's own terms apply.
**When data is sent:** Only if you voluntarily click the donate button.
**Service provider:** PayPal, Inc.
**Terms of Service:** https://www.paypal.com/us/legalhub/useragreement-full
**Privacy Policy:** https://www.paypal.com/us/legalhub/privacy-full

== Changelog ==

= 1.0.5 =
* Fixed: DROP TABLE in uninstall.php used an interpolated variable directly in the query string — now uses the %i identifier placeholder (WP 6.2+) with a safe allow-list fallback for older WordPress versions
* Fixed: DELETE FROM query in uninstall.php now uses $wpdb->prepare() with %s/%i placeholders instead of interpolating $wpdb->options directly into the SQL string
* Fixed: Documented why uninstall.php's one-time cleanup queries don't use object-cache functions (wp_cache_get/wp_cache_set) — they run once during uninstall, not on a normal read path, so there's no cacheable result to store
* Fixed: Shortened the 1.0.4 upgrade notice to fit within the 300-character WordPress.org limit

= 1.0.4 =
* Fixed: Emergency Recovery module was never booted (Recovery::instance() was missing from the plugin's init sequence), so the recovery key was never generated and the recovery page never worked
* Fixed: Database table creation used "CREATE TABLE IF NOT EXISTS", which dbDelta() cannot parse correctly (it misreads the table name as the literal word "IF"); also combined three CREATE TABLE statements into a single dbDelta() call, which is unreliable — each table now uses its own statement and call, with the required two-space "PRIMARY  KEY" formatting
* Fixed: Uninstall routine's DROP TABLE used $wpdb->prepare() with a %s placeholder wrapped in backticks, which produced invalid SQL (quotes inside backticks) — table names are plugin-controlled constants, not user input, so they're now sanitized directly
* Fixed: Removed the incorrect "Network: true" plugin header, which forced network-only activation on multisite and hid the plugin from per-site activation — this contradicted the plugin's own per-site, per-user design
* Fixed: Replaced deprecated wp.element.render() (deprecated since WP 6.2) with createRoot(), falling back to render() only on WordPress 6.0/6.1 where createRoot() isn't available
* Fixed: Corrected several stale/incorrect strings in the translation template (languages/conflict-guard.pot): wrong "Author" entry, a malformed support-forum URL, and an outdated project version
* Fixed: Removed a stray empty directory accidentally bundled into the plugin ZIP since an early build

= 1.0.3 =
* Fixed: Recovery page now uses wp_enqueue_style() via template_redirect instead of inline <style> tags
* Fixed: Removed unnecessary core file loads (class-wp-upgrader.php, class-wp-ajax-upgrader-skin.php) from download_version() — these are now only loaded where actually used, in perform_rollback()
* Fixed: Added a stricter permission_callback (check_sensitive_permission) for routes that change plugin files or expose the recovery URL — requires manage_network_options on multisite, manage_options on single-site
* Improved: New assets/css/recovery.css file for the emergency recovery page styling

= 1.0.2 =
* Fixed: SchemaChange phpcs warning in uninstall.php with proper documentation
* Fixed: Short description trimmed to under 150 characters
* Fixed: Prefixed all global variables in uninstall.php
* Fixed: set_error_handler phpcs warning with inline justification
* Fixed: PreparedSQL interpolation warning in DROP TABLE statement
* Improved: All PCD prefixes replaced with CONFGU (4+ chars) per WP.org guidelines
* Improved: Removed load_plugin_textdomain() — auto-loaded since WP 4.6
* Improved: External Services section added to readme.txt

= 1.0.0 =
* Initial release
* Automatic plugin conflict detection
* Safe Test Mode with session sandbox
* Smart binary conflict isolation
* One-click rollback system
* Real-time error monitoring
* WooCommerce compatibility scanner
* Emergency recovery mode
* Conflict timeline
* Plugin health scoring system
* Diagnostic report export

== Upgrade Notice ==

= 1.0.5 =
Code-quality fix: uninstall.php now uses properly prepared/escaped SQL for table and option cleanup instead of interpolated variables. No functional change for end users — safe to update.

= 1.0.4 =
Important bug fix: Emergency Recovery was not activating in prior versions, and database table creation/removal had SQL formatting bugs. Update recommended, especially if you rely on Emergency Recovery.
