=== Ultimate Form ===
Contributors: desktopmoe
Tags: form builder, multi-step form, contact form, conditional logic, drag and drop
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 8.0
Stable tag: 2.7.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

A fast, privacy-first multi-step form builder with drag-and-drop, conditional logic, email notifications and design configurator.

== Description ==

**Ultimate Form** is a powerful, free form builder for WordPress. Build multi-step funnels, set up conditional logic, send email notifications and manage submissions — all from a single plugin with no limits on active forms.

= Key Features =

* **Drag & Drop Builder** with 20+ field types (text, email, textarea, select, checkbox, radio, file upload, date, number, ...)
* **Multi-Step Forms** with configurable progress bar and step navigation
* **Form Analytics** -- privacy-first conversion dashboard: views, conversion rate, step funnel, field drop-off, validation hotspots, device & traffic source — no cookies, no IP, fully anonymous
* **Conditional Logic** -- show/hide fields and steps based on previous answers
* **Email Notifications** -- per-form templates for customer, admin and custom recipients
* **Design Configurator** -- live preview for colors, typography, spacing, logo
* **Entries Management** -- view, search, star and export submissions as CSV
* **Webhook Integration** -- send form data to any external URL via HTTP POST
* **Honeypot Spam Protection** -- invisible spam protection for every form
* **GDPR Compliant** -- IP hashing, consent checkbox generator
* **Shortcode Embed** -- `[ultimate_form id="X"]` works with any theme or page builder

= Need More? =

**[Ultimate Form Pro](https://delta-web-solution.de/wordpress-plugins/ultimate-form/)** adds powerful features for businesses:

* Stripe & PayPal payment processing
* WooCommerce integration
* CRM integration (Brevo, HubSpot, ActiveCampaign, Pipedrive, Salesforce, Mailchimp)
* Native PDF generation from submissions
* Elementor widget
* Iframe embed for external websites
* Telegram, Discord & Slack notifications
* Zapier / Make automation
* Form cloning, A/B testing, submission limits
* GDPR data export & erasure tools
* Signature field
* Priority support

[Get Ultimate Form Pro](https://delta-web-solution.de/wordpress-plugins/ultimate-form/)

== External Services ==

This plugin does not communicate with any external service by default. All form submissions are stored locally in your WordPress database. The following optional features may connect to a third-party service, but only when explicitly enabled and configured by the site administrator:

= 1. Webhook Addon (Generic HTTP POST) =

**What it does:** Forwards form submission data to an arbitrary URL that the administrator configures inside the plugin settings (Settings → Addons → Webhook).

**When data is sent:** Only when (a) the Webhook addon is enabled, (b) a valid URL is provided by the administrator, and (c) a form submission is received that is mapped to the webhook.

**What data is sent:** The serialized form submission (form ID, submitted field values, submission ID, timestamp). The complete payload is the data the administrator configured the form to collect.

**Where it is sent:** The endpoint URL is entirely controlled by the administrator. The plugin does not ship with a pre-configured destination. There is no Ultimate Form vendor server involved at any point.

**Service provider:** N/A — the destination is user-configured. The administrator is responsible for ensuring that the receiving endpoint complies with their privacy policy and applicable law.

= 2. Plugin Support Form (delta-web-solution.de) =

**What it does:** The plugin Help page contains a contact form that, when submitted by an administrator, sends an email to `ultimate@delta-web-solution.de` (the plugin vendor) using the WordPress `wp_mail()` function.

**When data is sent:** Only when the administrator clicks "Send" on the Help page support form.

**What data is sent:** The message text and reply-to email address typed by the administrator. Nothing is sent automatically.

**Where it is sent:** Routed via the local WordPress `wp_mail()` mailer to `ultimate@delta-web-solution.de`. No third-party API is involved.

**Service provider:** Delta Web Solution (the plugin author).

* Website: [https://delta-web-solution.de](https://delta-web-solution.de)
* Terms of Use: [https://delta-web-solution.de/agb](https://delta-web-solution.de/agb)
* Privacy Policy: [https://delta-web-solution.de/datenschutz](https://delta-web-solution.de/datenschutz)

= Note on the free version =

The free Ultimate Form plugin does not contain any license server, telemetry, analytics or "phone home" code. All feature-detection happens locally inside the plugin code. There is no upgrade or activation check that contacts a remote server.

== Installation ==

1. Upload the plugin files to the `/wp-content/plugins/ultimate-form` directory, or install via **Plugins > Add New**.
2. Activate the plugin through the **Plugins** menu in WordPress.
3. Go to **Ultimate Form** in the admin sidebar to create your first form.
4. Use the shortcode `[ultimate_form id="1"]` to embed forms on any page or post.

== Frequently Asked Questions ==

= How many forms can I create? =
There is no limit. You can create and publish as many forms as you need. The free plugin has no form quotas, time limits or feature gates.

= Does the plugin send data to external servers? =
By default, no. All form submissions are stored in your WordPress database. The plugin does not contact any external server unless you explicitly enable and configure the Webhook addon. See the "External Services" section for full details.

= Is it GDPR compliant? =
Yes. IP addresses are hashed (not stored raw), a consent checkbox generator is included. No data leaves your server unless you explicitly enable an external integration.

= Which page builders are supported? =
The shortcode `[ultimate_form id="X"]` works with Gutenberg, Elementor, Divi, Bricks, Beaver Builder, Oxygen and the classic editor. The dedicated Elementor widget is available in Ultimate Form Pro.

= What are the minimum requirements? =
WordPress 6.0+ and PHP 8.0+. Recommended: WordPress 6.4+ and PHP 8.1+.

= Is there a Pro version? =
Yes. Ultimate Form Pro adds payment processing, WooCommerce integration, CRM connections, PDF generation and more. The Pro version is hosted separately on the author's website and is NOT included in or required by the free plugin distributed via WordPress.org. Visit [delta-web-solution.de](https://delta-web-solution.de/wordpress-plugins/ultimate-form/) for details.

== Screenshots ==

1. Form builder -- drag-and-drop interface with field palette and live preview
2. Multi-step form with progress bar on the frontend
3. Email template editor per form
4. Design configurator with live preview
5. Entries list with export

== Changelog ==

= 2.7.3 =
* Fixed: saving the General settings tab no longer wipes the Email-template settings (and vice-versa) — each tab now saves only its own fields. This also stops the admin notification address and the honeypot/analytics toggles from being reset.
* Fixed: the "Confirmation message" and "Redirect URL" fields are visible again on the Settings screen (a broken script kept both rows hidden).
* Fixed: "Redirect to URL" after submission now actually redirects (the saved option was read under the wrong name).
* Fixed: spam protection no longer blocks legitimate submissions on forms that contain an unrelated field whose name ends in "_token".
* Fixed: leaving a field's min/max length empty in the builder now means "no limit" again instead of forcing it to 0.
* Fixed: importing a form/template with incomplete conditional-logic rules no longer creates broken rules or warnings.
* Fixed: entry detail no longer double-encodes form titles that contain "&" or special characters.
* Improved: a saved global e-mail heading is now used for customer confirmations; hardened a few output paths against PHP 8.1 notices.

= 2.7.2 =
* Fixed: floating labels now display correctly on the public form — the field label sits inside the field as a placeholder and lifts up on focus/fill (a bulletproof CSS rule was forcing the label to stay bold and static on forms that use the Design configurator).
* Fixed: removed a broken script on the form editor screen that threw a JavaScript console error (a stray template artifact).
* Fixed: creating a form from a template now generates a clean slug (e.g. "contact") instead of carrying the internal template prefix (e.g. "tpl_contact").
* Fixed: the form-editor preview button now reads "Submit" instead of a leftover checkout label.

= 2.7.1 =
* New: **Step-abandonment analysis** in Form Analytics — a visual funnel showing exactly which step visitors reach before leaving an unfinished form, with the drop-off rate and the field they last touched at each step.
* Improved: clearer "where visitors stop" reporting to pinpoint the steps and fields that cost you conversions.

= 2.7.0 =
* New: **Form Analytics** — a privacy-first conversion dashboard. See views, start rate, conversion rate, average time-to-complete, a step-by-step funnel, where visitors drop off, which fields throw the most errors, plus device and traffic-source breakdowns. No cookies, no IP, no personal data — anonymous and aggregated, with an automatic data-retention cleanup and a Do-Not-Track option.
* New: privacy controls under Settings → "Analytics & privacy" (enable/disable tracking, honour Do-Not-Track, set retention days).
* Design: the public-facing form is fully redesigned — modern floating labels that sit inside each field and lift up on focus, softer inputs, a clearer focus ring, and primary buttons with subtle depth and a smooth hover lift.
* Added: a trust line under every form ("Spam-protected · GDPR-compliant").
* Improved: the entire plugin (admin + frontend) now shares one consistent brand colour system.
* Fixed: the focus ring and the red "invalid field" border are reliably visible again (a defensive style reset was hiding them).
* Maintenance: uninstall now also removes view counters, analytics tables, the retention cron and orphaned per-field options.
* Note: floating labels apply to text, email, phone, URL, number, password, textarea, select and date/time fields; choice, file, rating and composite fields keep their static labels for clarity and accessibility.

= 2.5.9 =
* Design: unified the entire admin colour scheme to a single brand blue (previously 5 different blue tones were mixed across screens)
* Design: redesigned the "Create New Form" screen — colourful template icons, a feature highlight bar, a clear "start from scratch" entry, hover states and full-width gallery
* Improved: template meta now uses correct singular/plural ("1 step" vs "3 steps") and is fully translatable
* Improved: replaced inconsistent emoji template icons with crisp inline SVG icons

= 2.5.8 =
* Fix: creating a form from a template now opens the editor correctly instead of a blank screen (import routine now returns the new form ID)
* Fix: the email template editor now saves all fields — greeting, footer, recipient, CC, BCC, custom HTML and field selection were previously discarded on save
* Fix: conditional logic rules are now stored correctly (the save handler read the wrong field keys, so rules were saved empty and never applied on the frontend)
* Fix: the password field strength meter now renders and works (a duplicate switch case had disabled it)
* Improved: admin notification emails now set Reply-To to the submitter's address, so replying goes straight to the lead
* Improved: deleting a form now also removes its entries, entry fields and view stats (no more orphaned rows)
* Security: email From header is stripped of CR/LF to prevent header injection via stored settings

= 2.5.7 =
* Maintenance: removed non-WordPress.org contributor handle from the Contributors header (silences the import warning shown only to plugin authors)

= 2.5.6 =
* Compliance: radio-card label now escapes the raw option value via `esc_html()` at the output site (no longer relies on a pre-escaped variable Plugin Check cannot trace)
* Compliance: the TTL-preserving rate-limit counter increment on `wp_options` now carries an explicit Plugin Check annotation explaining why the transient API cannot be used here

= 2.5.5 =
* Compliance: added `/* translators: */` annotations to every `__()`/`esc_html__()` call that uses placeholders (Plugin Check requirement)
* Compliance: replaced `rand()` with `wp_rand()` in the math-captcha renderer
* Compliance: every `wp_redirect()` in admin page callbacks replaced with `wp_safe_redirect()`
* Compliance: explicit output escaping for `$total_unread` and radio-card `alt` attributes
* Compliance: `error_log()` debug calls gated behind `WP_DEBUG` + `WP_DEBUG_LOG` (no production logging)
* Documentation: class-level PHPCS justifications added to `UltimateForm_Admin` and `UltimateForm_Form_Manager` explaining the plugin's custom-table architecture, the nonce-verification helper indirection, and the intentional cache bypass

= 2.5.4 =
* Fix: registered the public REST route `ultimateform/v1/checkout` that the frontend form engine posts submissions to (this route was previously only shipped with the Pro edition, which left the free version unable to submit forms)
* Improved: client IP resolution falls back through CF-Connecting-IP, X-Forwarded-For and REMOTE_ADDR, with strict IPv4/IPv6 validation
* Improved: confirmation message is now passed through `wp_kses_post()` before output

= 2.5.3 =
* Hardened output escaping in the upgrade comparison table (per-cell if/else instead of conditional echo expressions)
* Field renderer attribute output split into separate echo statements with explicit per-line phpcs annotations

= 2.5.2 =
* Security: added nonce verification to the entry-detail admin screen before marking an entry as read (prevents CSRF state changes via crafted GET URLs)
* Compliance: removed the Plugin URI header (no broken external link in the directory listing)
* Compliance: contributor list now includes the WordPress.org account that owns the plugin

= 2.5.1 =
* Security: recursive sanitization for all JSON-decoded administrator inputs (logic, conditions, visible_fields, import payloads)
* Security: all REST endpoints use a custom permission callback with rate limiting (no `__return_true`)
* Compliance: removed `load_plugin_textdomain()` call (WordPress 4.6+ auto-loads translations)
* Compliance: every PHP file with executable code starts with an `ABSPATH` direct-access guard
* Compliance: file/path resolution uses `plugin_dir_path()`, `plugin_dir_url()` and `wp_upload_dir()` only (no hardcoded `site_url()` → `ABSPATH` string replacements)
* Documentation: External Services section expanded with per-service data flow, destination and provider information
* Documentation: clarification that the free plugin contains no license server calls or telemetry of any kind

= 2.5 =
* Security: replaced permissive permission callbacks with nonce validation and IP rate limiting on all REST endpoints
* Improved: inline scripts and styles replaced with properly enqueued assets via `wp_enqueue_script()` / `wp_add_inline_script()`
* Improved: all administrator-facing output properly escaped via `esc_html()`, `esc_attr()` and `esc_url()`
* Plugin version constant updated throughout

= 2.4 =
* Split save button: Save as Draft vs Publish in form editor
* Toast notifications redesigned (fixed full-width banner bug)
* Delete form action fixed (double event handler removed)

== Upgrade Notice ==

= 2.7.3 =
Important bug-fix release: fixes settings being wiped when saving one tab, hidden confirmation fields, redirect-after-submit, and a spam false-positive. Recommended for all users.

= 2.7.2 =
Bug-fix release: floating labels render correctly on the public form again, plus form-editor and template-slug fixes. Recommended for all users.

= 2.7.1 =
Adds step-abandonment analysis to the Form Analytics dashboard — see exactly where visitors drop off. No breaking changes.

= 2.7.0 =
New Form Analytics dashboard (privacy-first conversion tracking) plus a fully redesigned live form with floating labels. New tables are created automatically on update. No breaking changes.

= 2.5.9 =
Visual update: unified admin colour scheme and a redesigned, clearer "Create New Form" screen. No breaking changes.

= 2.5.8 =
Important bug-fix release: fixes form creation from templates, the email template editor, conditional logic saving, and the password strength meter. Strongly recommended for all installations.

= 2.5.7 =
Minor maintenance release. No functional changes. Safe to skip if you are already on 2.5.6.

= 2.5.6 =
Two more Plugin Check Tool compliance fixes (radio-card label escaping, rate-limit query annotation). Recommended for all installations.

= 2.5.5 =
Compliance pass for the WordPress.org Plugin Check Tool: translators comments, `wp_rand()`, `wp_safe_redirect()`, escape-hardening, and gated debug logging. Recommended for all installations.

= 2.5.4 =
Critical fix: form submissions now work in the free version (the REST submit route was previously only present in the Pro edition). Strongly recommended.

= 2.5.3 =
Minor escape-hardening for two admin templates. Recommended for all installations.

= 2.5.2 =
Security and compliance update: nonce check on the entry-detail screen to block CSRF state changes, removed invalid Plugin URI header, and contributor list updated. Recommended for all installations.

= 2.5.1 =
Compliance and documentation update for the WordPress.org plugin directory. Expands the External Services section with per-service detail and adds recursive sanitization to all JSON-decoded administrator inputs. Recommended for all installations.

= 2.5 =
Security update -- REST API endpoints now validate nonces and apply IP rate limiting. Update recommended for all installations.
