=== Spotlight Search – Find Anything, Anywhere ===
Contributors: pixarlabs, litonice13
Donate link: https://ko-fi.com/litonarefin
Tags: admin search, post search, user search, media search, quick update
Requires at least: 6.2
Tested up to: 7.0
Stable tag: 1.2.2
Requires PHP: 7.4
License: GPLv3 or later
License URI: https://www.gnu.org/licenses/gpl-3.0.html

Find posts, users, plugins, themes, media and comments. Manage WordPress updates from a single search bar on the dashboard and frontend.

== Description ==

The [Spotlight plugin](https://wpspotlight.pro/) adds a keyboard-driven search bar for WordPress administrators. It lets you find and act on posts, users, plugins, themes, media files, and comments — all from a unified search interface available on both the dashboard and the frontend.

[Live Demo](https://demo.pixarlabs.com/?pl-product=spotlight) | [Docs](https://wpspotlight.pro/docs/spotlight/plugin-installation-activation) | [Upgrade to Pro](https://wpspotlight.pro/pricing/) | [Video Tutorials](https://www.youtube.com/playlist?list=PLqpMw0NsHXV-8xb6sbnLfNjzWrvRc0Ehe)

[youtube https://www.youtube.com/watch?v=XZ0sBGkbvY4]

= Dashboard Navigation =

Navigate the WordPress admin using keyboard shortcuts. Type to find any admin page, settings screen, or menu item and jump to it directly.

= Frontend Access =

The search bar is accessible on the frontend, letting you search and manage content, plugins, themes, and media without returning to the dashboard.

= Post Search and Management =

Search posts, pages, and custom post types by title or content. Open them directly in the editor — Elementor, Gutenberg, and Bricks are supported.

= Plugin Management =

Find, install, activate, deactivate, delete, and update plugins from the search bar without navigating to the Plugins screen.

= User Search and Management =

Search WordPress users by name or email. Send password reset links and edit user profiles directly from search results.

= Theme Search and Updates =

Search for, install, and activate themes. Apply pending theme updates without visiting the Themes screen.

= Media File Management =

Search, view, edit, and download media files. Upload new media directly from the search interface without opening the Media Library.

= Multisite Navigation =

On WordPress multisite networks, switch between sites and perform plugin updates or content actions across the network from a single search bar.

= Comment Management =

Approve, unapprove, reply, edit, mark as spam, trash, restore, or delete comments directly from search results.

= Quick Updates Manager =

View and apply all pending WordPress updates — plugins, themes, and core — from one place. Works on both the dashboard and the frontend.

= Customizable Keyboard Shortcuts =

Assign custom keyboard shortcuts (up to 4-key combinations) to any search type or action for a faster, personalized workflow.

= Dark Mode Switcher =

Toggle between dark and light admin modes directly from the search bar.

= Related Plugins by Jewel Theme =

- [Adminify - White Label Admin Menu Editor, Login Customizer](https://wordpress.org/plugins/adminify/) - Admin customization with Dark Mode, Menu Editor, Login Customizer, and Admin Columns.
- [Master Addons for Elementor](https://wordpress.org/plugins/master-addons/) - 55+ Elementor widgets and extensions including Theme Builder and Popup Builder.

== Pro Features ==

Upgrade to Pro for:

- **Post Content Search**: Search within post content with full support for Divi, Oxygen, and Bricks.
- **Comment Management**: Approve, edit, reply, or delete comments from the search bar.
- **Media Search**: Edit and download media files directly from the search bar.
- **Quick Updates Manager**: Update plugins and themes in bulk or individually with full control.
- **WordPress Core Updates**: Update WordPress core in one click from the search bar.
- **User Management**: Send password reset links and update user roles from search.
- **Frontend Access**: Use the full search bar on both the dashboard and the frontend.
- **Dark Mode**: Toggle dark and light admin mode directly from the search bar.

== Frequently Asked Questions ==

= Is Spotlight compatible with WordPress multisite? =
Yes. It has been tested on WordPress multisite and configured to work correctly across network sites.

= Is Spotlight translation ready? =
Yes. It is WPML-compatible and all strings can be translated into your language.

= Is it RTL ready? =
Yes. Spotlight supports right-to-left text direction.

= Is Spotlight keyboard accessible? =
Yes. The plugin is fully keyboard accessible with customizable shortcuts supporting up to 4-key combinations.

= Which page builders does Spotlight support? =
Currently Elementor, Bricks, and Gutenberg are supported. Support for Divi and Oxygen is in development.

= Does it affect frontend page speed? =
No. The plugin does not load extra scripts on the frontend for regular site visitors.

= Is there a demo where I can try Pro features? =
Yes. Visit the [Spotlight live demo](https://demo.pixarlabs.com/?pl-product=spotlight) to explore all features including Pro.

= How can I get support? =
Post a topic in the [Spotlight support forum](https://wordpress.org/support/plugin/spotlight/). Our team will respond as quickly as possible.

= Where do I report security bugs found in this plugin? =
Please report security bugs found in the source code of the Spotlight plugin through the [Patchstack Vulnerability Disclosure  Program](https://patchstack.com/database/vdp/9e5fb28c-6aca-45c6-816b-a242d35915be). The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.

== Screenshots ==
1. Frontend Search
2. Plugin Search
3. Post Search
4. Media Management
5. Update Management
6. User Search
7. Multisite Search

== Installation ==

1. In your WordPress dashboard, go to **Plugins → Add New** and search for **"Jewel Theme Spotlight"**.
2. Click **Install Now**, then click **Activate** to enable the plugin.
3. Alternatively, download the ZIP file and upload it via **Plugins → Add New → Upload Plugin**.
4. You can also extract the ZIP and upload the `spotlight` folder to `/wp-content/plugins/` via FTP, then activate from the Plugins screen.

== Source Code ==

The JavaScript files included in this plugin are compiled from source using npm and webpack.

The complete source code, including all unminified files and build configuration, is publicly available at:

https://github.com/litonarefin/spotlight-free.git

Build tools: npm, webpack.

To build from source:

1. Clone the repository: `git clone https://github.com/litonarefin/spotlight-free.git`
2. Install dependencies: `npm install`
3. Build production assets: `npm run build`

For development:
1. Install dependencies: `npm install`
2. Builds with source maps for easier debugging: `npm run dev`

== External services ==

This plugin connects to the external services listed below. Each entry states what the service is, what data is sent and when, and links to its Terms of Service and Privacy Policy. No data is sent in the background without your action.

1) Pixar Labs subscription/feedback service (https://pixarlabs.com)
What it is and what it is used for: an email/feedback service used to (a) send you a discount code when you submit the optional subscribe form, and (b) receive your optional plugin deactivation feedback.
What data is sent and when: only when you explicitly submit the subscribe form or the deactivation feedback form. The data sent is limited to the name and email you type in the form, the deactivation reason you select (deactivation form only), your site URL, and the plugin slug. No server details, WordPress details, user counts, installed-plugin lists, or WooCommerce/billing data are sent.
Endpoint: https://pixarlabs.com/api/plugin/subscribe/
Terms of Service: https://pixarlabs.com/terms-of-use
Privacy Policy: https://pixarlabs.com/privacy-policy

2) Pixar Labs promotional content service (https://pixarlabs.com)
What it is and what it is used for: retrieves promotional notices/offers shown inside the plugin admin.
What data is sent and when: a periodic outbound request to fetch content; no personal or site data is transmitted (read-only fetch).
Endpoint: https://pixarlabs.com/api/plugin/update/wp_spotlight
Terms of Service: https://pixarlabs.com/terms-of-use
Privacy Policy: https://pixarlabs.com/privacy-policy

3) Jewel Theme news feed (https://jeweltheme.com)
What it is and what it is used for: displays the latest blog/news items in the plugin dashboard widget.
What data is sent and when: an outbound request to fetch the public RSS feed when the dashboard widget loads; no personal or site data is transmitted.
Feed URL: https://jeweltheme.com/feed.xml
Terms of Service: https://jeweltheme.com/terms-of-use
Privacy Policy: https://jeweltheme.com/privacy-policy

This plugin also uses the official WordPress.org APIs (api.wordpress.org / downloads.wordpress.org) to look up and install/update plugins and themes, exactly as WordPress core does. These are first-party WordPress services governed by https://wordpress.org/about/privacy/.

== Changelog ==
= 1.2.2 =
* Changed: Standardized every internal identifier — functions, classes, namespace, constants, option/transient keys, hooks, AJAX actions, REST API namespace, and the localized script object — to a single unique plugin prefix per WordPress.org guidelines.
* Added: One-time automatic data migration that preserves your existing settings (key bindings, dark/light mode, onboarding tour status, and notice state) when upgrading.
* Added: The REST API namespace is now defined in one place (a single constant) for easier maintenance.
* Changed: Plugin and theme install/update now go through the WordPress core upgrader instead of writing packages directly into the plugins/themes folders.
* Changed: Deactivation feedback and the subscribe form now send only what you enter (name, email, and reason). Server details, WordPress details, the installed-plugin list, user counts, and WooCommerce billing data are no longer transmitted.
* Security: REST API endpoints now check the correct capability for each action (for example install_plugins, update_themes, upload_files, edit_posts, delete_users) instead of a broad capability.
* Security: Added missing output escaping and input sanitization across admin and REST requests.
* Improved: Admin inline scripts and styles are now loaded through the WordPress enqueue system instead of being printed inline.
* Improved: Removed unnecessary loading of WordPress core files and added proper translator comments for internationalization.
* Improved: Documented all external services (endpoints, data sent, and Terms/Privacy links) in the readme.

= 1.1.3 =
* Updated: Compatibility improvements and stability fixes.

= 1.1.2 =
* Updated: General improvements.

= 1.1.1 =
* Fixed: Minor bug fixes.

== Upgrade Notice ==

= 1.1.3 =
Recommended update for compatibility and stability improvements.
