=== Erdo Draft Links ===
Contributors:      erdincbulat
Tags:              draft, preview, share, link, private
Requires at least: 6.0
Tested up to:      7.0
Requires PHP:      7.4
Stable tag:        1.0.1
License:           GPLv2 or later
License URI:       https://www.gnu.org/licenses/gpl-2.0.html

Share draft posts with anyone via a secure, temporary link — no WordPress login required.

== Description ==

**Erdo Draft Links** lets you generate a secure, token-based URL for any draft, private, or published post or page. Share it with clients, reviewers, or collaborators — they can read the content without needing a WordPress account.

Think of it like Google Docs' "Anyone with the link can view" — but for WordPress.

= How it works =

1. Open any post or page in the editor (Block Editor or Classic Editor).
2. Click **"Generate Draft Link"** in the sidebar panel or meta box.
3. Choose an expiry: 24 hours, 48 hours, 7 days, or never.
4. Share the link. Recipients can view the content — no login needed.

= Features =

* Works with both the **Block Editor (Gutenberg)** and the **Classic Editor**
* Supports **posts**, **pages**, and any custom post type via a filter
* Secure **32-character cryptographic tokens** — brute-force resistant
* Configurable expiry: 24 hours, 48 hours, 7 days, or no expiry
* **View count** tracking per link
* **Revoke or regenerate** any link at any time
* Tokens are stored **hashed** in the database — raw tokens are never stored after the redirect
* Two-step flow: token URL → cookie → clean permalink (token never appears in browser history)
* No external API calls, no phone-home, no subscriptions
* Translation-ready (English default, Turkish included)

= Developer Notes =

Developers can add support for custom post types using the `erdo_draft_links_supported_post_types` filter:

`add_filter( 'erdo_draft_links_supported_post_types', function( $types ) {
    $types[] = 'product';
    return $types;
} );`

= Source Code =

The full source code including build tools is included in the plugin's `assets/js/src/` directory.

== Installation ==

1. Upload the `erdo-draft-links` folder to the `/wp-content/plugins/` directory.
2. Activate the plugin through the **Plugins** menu in WordPress.
3. Open any post or page and find the **Erdo Draft Links** panel in the editor sidebar or meta box.

== Frequently Asked Questions ==

= Does this work with custom post types? =

Yes. By default Erdo Draft Links supports posts and pages. Add more post types using the `erdo_draft_links_supported_post_types` filter.

= Is the shared link secure? =

Yes. Tokens are 32 characters of cryptographic randomness generated by WordPress's built-in `wp_generate_password`. The raw token appears in the URL only once — subsequent visits use a signed HttpOnly cookie. Tokens are stored as SHA-256 HMAC hashes in the database.

= What happens when a link expires? =

The recipient sees a clear message: "This draft link has expired and is no longer accessible." The post remains a draft — nothing is published.

= Can I have multiple active links for the same post? =

Currently one active link per post. Regenerating creates a new token and resets the view count.

= Does this work with password-protected posts? =

No. Erdo Draft Links is designed for draft and private posts. Password-protected posts use WordPress's own mechanism.

= Does this plugin affect site performance? =

Erdo Draft Links only runs on requests that include a `?erdo_token=` parameter or a valid session cookie. Normal site traffic is not affected.

== Screenshots ==

1. Erdo Draft Links panel in the Block Editor sidebar — generate, copy, and manage your link.
2. Erdo Draft Links meta box in the Classic Editor — same functionality, same REST API.
3. Draft post viewed via Erdo Draft Links by a non-logged-in visitor.

== Changelog ==

= 1.0.1 =
* Fix: Replace deprecated `current_time('timestamp')` with `time()` for correct UTC handling.

= 1.0.0 =
* Initial release.

== Upgrade Notice ==

= 1.0.1 =
Minor code quality fix; no functional changes.

= 1.0.0 =
Initial release.
