=== NT Image WebP & AVIF Converter ===
Contributors: nurullah2006
Tags: webp, image optimization, performance
Requires at least: 5.8
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 1.0.7
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Convert JPEG/PNG images to WebP with bulk and automatic conversion tools, plus logs and stats.

== Description ==
**NT Image WebP & AVIF Converter** is a lightweight image optimization plugin focused on fast, practical WebP generation and safe delivery.

### Features:
- Convert JPEG/PNG images to WebP
- Bulk convert with progress indicator
- Automatic conversion on upload
- `<picture>`-based delivery for broad compatibility
- Dashboard + Logs + Stats
- Restore tool (remove generated variants anytime)

This plugin is designed to improve performance and help PageSpeed/UX by reducing image sizes while keeping originals intact.

== Installation ==
1. Upload the `nt-image-webp-avif-converter` folder to `/wp-content/plugins/`.
2. Activate the plugin from WordPress Admin → Plugins.
3. Go to **NT Image WebP & AVIF Converter → Settings**, choose quality & delivery mode.

== Frequently Asked Questions ==

= Will my originals be deleted? =
No. Originals always stay intact. Only `.webp` variants are created.
Use **Restore** to remove generated variants anytime.

= Does it work with WooCommerce and page builders? =
Yes, tested with WooCommerce, Elementor, WPBakery and most themes.

= Will it slow down my website? =
No. Conversions are performed once per image; delivery uses lightweight markup.

= Does it work with CDN or cache plugins? =
Yes. Works with most cache plugins (WP Rocket, LiteSpeed, W3TC) and CDNs (Cloudflare, BunnyCDN).
After enabling, clear your cache/CDN so new images are served.

== External Services ==

This plugin may connect to the following external endpoints operated by QuickGuideHub **only when triggered by an admin action**:

* https://license.quickguidehub.com/nt3-api/support-message.php — optional support message submission
* https://license.quickguidehub.com/nt3-api/report.php — optional diagnostic report submission

**Data that may be sent:**
- Site URL, plugin version, WordPress version, PHP version
- Technical error/debug payload (only when initiated by the admin)
- No post content or private media is intentionally sent

**When data is sent:**
- During support form submission (admin-initiated)
- During optional diagnostic report sending (admin-initiated)

Privacy Policy: https://quickguidehub.com/privacy-policy/
Terms of Service: https://quickguidehub.com/terms/

== Screenshots ==
1. Dashboard overview
2. Bulk conversion panel
3. Selected Images panel
4. Settings screen
5. Logs & Alerts
6. Stats Table
7. Stats Graphics

== External Services ==

This plugin optionally connects to a service operated by QuickGuideHub for the in-plugin support form only.

* **When**: Only when a user manually submits a support request via the Help page form.
* **What is sent**: The message text, reply email address, and optionally basic system info (WP/PHP version, active theme, server capabilities) if the user enables the "Include system info" checkbox.
* **No automatic data collection**: The plugin does not send any data automatically in the background.
* **Service**: QuickGuideHub Support API (`https://license.quickguidehub.com`)
* **Terms of Service**: https://quickguidehub.com/terms/
* **Privacy Policy**: https://quickguidehub.com/privacy/

== Changelog ==

= 1.0.7 =
* Security: all bare error_log() calls wrapped with WP_DEBUG guard across all files.
* Security: service-stats.php fatal error fixed (// DEBUG } syntax causing unclosed brace on activation).
* Security: image-processor.php NT_CONVERTER_DEBUG replaced with WP_DEBUG; duplicate debug function removed.
* Security: settings.php preferred_format now validated against whitelist (webp/avif/auto).
* Security: logs.php $_POST['days'] now uses wp_unslash().
* Security: preflight.php shell_exec() guarded with function_exists() check.
* Performance: converter files (image-processor, encoders, optimizers) now lazy-loaded — not parsed on frontend requests.
* Performance: repo-daily.php loaded only in admin or cron context.
* Architecture: core/ module system added — class-loader, class-logger, class-options, class-security, class-db.
* Architecture: modules/ directory added — each admin tab (converter, stats, dashboard, bulk, settings, logs, tools, selected) is now an independent module.
* Architecture: Loader::boot() moved into plugins_loaded hook for correct WP initialization timing.
* Architecture: duplicate wp_generate_attachment_metadata hook removed — handled exclusively by converter module.
* Fix: footer.php date() replaced with gmdate() for timezone consistency.
* Fix: dashboard.php admin_notices handled correctly without breaking other plugins.


= 1.0.6 =
* Fixed: Plugin logo now correctly loads from assets/ folder in admin panel.

= 1.0.5 =
* Fixed: media-health.php inline CSS replaces external <link> tag (wp_enqueue compliance).
* Fixed: paths.php URL generation uses content_url() instead of ABSPATH/site_url().

= 1.0.4 =
* Fixed: AVIF conversion fully enabled in free version (removed pro_effective gate).
* Fixed: AVIF button now visible in Selected Images page.
* Fixed: .bak backup files moved to uploads/nt-image-webp-avif-converter/bak/ directory.
* Fixed: plugins-compat.php notices now properly escaped with wp_kses().

= 1.0.3 =
* Removed automatic remote error/telemetry reporting — no background data transmission.
* Support form remains available (user-initiated only, opt-in system info).
* Added External Services documentation to readme.
* Code: all remaining _e() calls replaced with esc_html_e().
* Code: PHP short tags removed.
* Code: error_reporting() removed from production code.
* Fixed readme Tested up to version format.

= 1.0.2 =
* Bug fix: removed orphan cron hook (nt_webp_cron_check_license) that had no handler.
* Bug fix: fixed media health AJAX nonce mismatch causing 403 errors.
* Bug fix: removed duplicate AJAX action registration (get-last-ops.php).
* Bug fix: scoped admin footer filters to NT WebP pages only.
* Security: removed sslverify=false SSL retry fallback in support proxy.
* Code: added phpcs suppress comments on safe unprepared DB queries.
* i18n: completed Turkish (tr_TR) translation - 14 missing strings filled.
= 1.0.1 =
* Review update: security/compliance fixes and Plugin Check improvements.

= 1.0.0 =
* Initial public release
* WebP conversion, picture delivery, bulk convert, auto on upload, logs & stats