=== Eatransform FormLeak ===
Contributors: eatransform
Tags: form, conversion, ux, contact form 7, analytics
Requires at least: 5.8
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 1.3.7
License: GPLv2 or later

Find out where visitors get stuck and abandon your contact or booking forms, without collecting any personal data.

== Description ==

Eatransform FormLeak shows you exactly where visitors hesitate and leave your contact or booking forms, so you know what to fix.

* Personal data (name, phone number, etc.) is **never collected or stored**.
* Only behavior is measured: time spent on each field, backspace count, and error count.
* Uses `navigator.sendBeacon` so abandonment data is captured reliably even when the visitor closes the tab.
* Automatically scans input fields inside `<form>` elements, including Contact Form 7, MW WP Form, WooCommerce, and forms rendered dynamically via JavaScript (detected with MutationObserver).
* The dashboard shows a "drop-off risk score" for each field, so you can see at a glance which field is the biggest obstacle.

= Privacy =
FormLeak never collects the content typed into form fields. It only stores behavioral statistics: time spent per field, backspace count, and error count.

= Data Collection Security =
The data collection endpoint only accepts requests originating from the same site and applies a per-IP rate limit.

== Installation ==

1. Upload the plugin to `wp-content/plugins/` and activate it.
2. Visitor interactions on pages with forms are recorded automatically.
3. Check the drop-off risk score for each form under "FormLeak > Dashboard" in the admin menu.
4. (Optional) If you need to track a JavaScript form that doesn't use a `<form>` tag, specify its CSS selector under "Settings".

== Frequently Asked Questions ==

= Does this collect any personal information? =

No. FormLeak only measures behavior (time on field, backspaces, errors). The text a visitor types is never sent to the server or stored.

= Does it work with page builders or custom JavaScript forms? =

Yes. Standard `<form>` elements are detected automatically. For JavaScript-rendered forms without a `<form>` tag, you can specify a CSS selector in Settings.

== Changelog ==

= 1.3.7 =
* Applied a unique prefix (eatrfo_ / EATRFO_ / Eatrfo_) to all classes, constants, options, transients, cron hooks, REST namespace and script globals to prevent naming collisions, per WordPress.org review feedback.

= 1.3.6 =
* Fixed WordPress.org automated scan warning: unified Text Domain to match the plugin slug (eatransform-formleak).

= 1.3.5 =
* Fixed WordPress.org submission error: Plugin URI and Author URI were identical. Plugin URI now points to the announcement article.

= 1.3.4 =
* Renamed plugin to "Eatransform FormLeak" and updated slug to eatransform-formleak for the WordPress.org submission.

= 1.3.3 =
* Fixed a UI typo ("人ぶん" -> "人分").
* Fixed remaining misplaced phpcs:ignore comments for multi-line SQL strings; added missing NoCaching code to one ignore comment (Plugin Check: 0 errors, 0 warnings).

= 1.3.2 =
* Fixed misplaced phpcs:ignore comments so suppressions correctly target the flagged line (Plugin Check now reports 0 errors, 0 warnings).

= 1.3.1 =
* Renamed main file (formleak-ai.php → formleak.php) and unified text domain to 'formleak'.
* Fixed unescaped output, missing input unslashing, and added justified phpcs:ignore comments for safe table-name SQL interpolation (WordPress.org Plugin Check clean-up).
* Rewrote readme.txt in English; updated "Tested up to" to 7.0.

= 1.3.0 =
* Changed data retention period from 90 days to 30 days (auto-deleted after 30 days).
* Added a "last 30 days" daily trend chart to the dashboard (submitted vs. abandoned, SVG line chart).
* Added a per-session drop-off risk card with timestamp.

= 1.1.0 =
* Removed the AI report and estimated-loss display; the plugin now focuses solely on behavior tracking and drop-off risk visualization.
* Added same-origin validation and per-IP rate limiting to the data collection endpoint.

= 1.0.0 =
* Initial release.
