=== RIACO Feedback – User Feedback, Feature Requests & Voting Board === Contributors: prototipo88 Tags: feedback, feature-requests, voting, roadmap, user-feedback Requires at least: 6.2 Tested up to: 7.0 Requires PHP: 8.0 Stable tag: 1.1.0 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Collect user feedback, feature requests, and votes. Display a public board and product roadmap anywhere on your site with a shortcode. == Description == **RIACO Feedback** lets your visitors submit feature requests, vote on existing ideas, and track progress through a public roadmap — all without leaving your WordPress site. It takes minutes to set up and requires no coding. Install the plugin, drop a shortcode on any page, and your users can start submitting and voting immediately. Admins review and approve submissions from the WordPress dashboard before they go public. = Core Features = **Feedback Board** * Visitors submit ideas via a clean, customizable form (title + description) * Submitted feedback is held in a moderation queue until you approve it * Approved items appear on a public, vote-sorted board * Filter by status (Open, Planned, In Progress, Completed) or search by keyword * Sort by most votes, newest, or oldest * Content cards expand inline — no page reload needed * Paginated AJAX loading — no page refreshes **Voting System** * One vote per visitor, tracked by a salted SHA-256 hash of IP + User-Agent — no account required * Toggle upvote / unvote with a single click * Vote counts update live via AJAX * Voting is automatically disabled on completed items * Duplicate votes are rejected at the database level (UNIQUE constraint) **Product Roadmap** * Three-column kanban view: Planned / In Progress / Completed * Each column paginates independently * Compact cards show title, vote button, and completion date (completed items) * Embed on any page with `[riaco_feedback_roadmap]` **Admin Tools** * Dedicated **Feedback** menu in the WordPress admin * Pending-count bubble on the menu item (mirrors the Comments counter) * One-click **Approve** action per item; bulk approve supported * Dashboard widget showing the 5 most recent pending submissions * Status and Project dropdown filters on the list table * Admin email notification when new feedback is submitted (opt-in) **Customization & Settings** * 8 color pickers for upvote button and form appearance — no CSS required * Configurable items per page (default 20) * Multiple **Projects** — scope each shortcode to a project slug * All colors output as direct CSS class rules so they always win the cascade **For Developers** * Clean service-container architecture with a `ServiceInterface` contract * 5 action hooks: `riaco_feedback_submitted`, `riaco_feedback_upvoted`, `riaco_feedback_unvoted`, `riaco_feedback_approved`, `riaco_feedback_loaded` * Filterable email recipient, subject, and message body * `riaco_feedback_submission_data` filter to modify post arguments before creation * `riaco_feedback_item_html` filter to override the rendered card HTML * `riaco_feedback_services` filter to add or replace services in the container * PSR-4 autoloading via Composer = Perfect For = * **SaaS and software teams** — let users vote on the next feature to build * **WordPress theme / plugin developers** — collect roadmap requests from customers * **Community sites and forums** — give members a structured way to suggest ideas * **Agencies** — drop a branded feedback board on any client project * **Internal tools** — gather employee suggestions on a private intranet page = Shortcodes = **`[riaco_feedback_features project="main"]`** Renders the submission form alongside the full feedback board. This is the all-in-one shortcode for most setups. **`[riaco_feedback_features_board project="main"]`** Renders only the feedback board (no form). Use this when you want the form and the list on separate pages. **`[riaco_feedback_roadmap project="main"]`** Renders the three-column kanban roadmap grouped by status. All shortcodes accept a `project` attribute that scopes the display to a specific project slug (default: `main`). Create additional projects from **Feedback → Projects** in the admin. == Installation == 1. Upload the `riaco-feedback` folder to `/wp-content/plugins/`, or install directly from the WordPress plugin directory. 2. Activate the plugin through **Plugins → Installed Plugins**. 3. Add `[riaco_feedback_features]` to any page or post where you want the submission form and feedback board to appear. 4. Optionally add `[riaco_feedback_roadmap]` to a separate page for the kanban roadmap view. 5. Visit **Feedback → Settings** to configure email notifications, items per page, and button/form colors. == Frequently Asked Questions == = How do I add the feedback form to a page? = Edit any page or post and insert the shortcode `[riaco_feedback_features]`. The form and the board will both appear at that location. You can also use the Gutenberg shortcode block or a classic text widget. = Can I have separate boards for different products or projects? = Yes. Go to **Feedback → Projects** and create a project for each product. Then pass the project slug to the shortcode: `[riaco_feedback_features project="my-product"]` `[riaco_feedback_roadmap project="my-product"]` Each shortcode will only show feedback assigned to that project. = How does the voting system prevent duplicate votes? = Each voter is identified by a salted SHA-256 hash of their IP address and User-Agent string — no account or cookie is required. The database enforces a UNIQUE constraint on `(post_id, voter_hash)`, so duplicate votes are impossible at the storage level. = Can I change the colors of the upvote button and the form? = Yes. Go to **Feedback → Settings** and use the eight color pickers to set the upvote button background, text, voted-state colors, submit button colors, form background, and form border. Changes take effect immediately — no CSS editing needed. = What happens to feedback after it is submitted? = Newly submitted feedback is saved with `pending` status and does not appear on the public board. An admin (or editor) must approve it from **Feedback → Feedback** by clicking **Approve** in the row actions or using the bulk approve action. Once approved, the item is published and visible to visitors. = Can I get an email when someone submits feedback? = Yes. Go to **Feedback → Settings** and enable the **Notify admin on new submission** option. The email goes to the address configured in **Settings → General**. You can override the recipient, subject, and message body using the `riaco_feedback_email_to`, `riaco_feedback_email_subject`, and `riaco_feedback_email_message` filters. = Is there a limit on how many times one person can submit feedback? = Yes. By default, each IP address is limited to 3 submissions per hour. You can change this limit with the `riaco_feedback_rate_limit` filter: `add_filter( 'riaco_feedback_rate_limit', fn() => 5 );` The form also includes a honeypot field that silently rejects most bot submissions. = Can visitors vote on items in the roadmap? = Yes. The roadmap shortcode `[riaco_feedback_roadmap]` shows upvote buttons on Planned and In Progress items. Completed items display the completion date but voting is intentionally disabled for them. = How do I display only the feedback list without the submission form? = Use `[riaco_feedback_features_board project="main"]` instead of `[riaco_feedback_features]`. This renders the filter bar and paginated list only, with no submission form. = Is this plugin compatible with multisite? = The plugin is tested on standard WordPress installations. On multisite, activate it per-site (not network-activated) to ensure each site gets its own database table and settings. = Does it work with page builders like Elementor or Divi? = Yes. Any page builder that supports WordPress shortcodes can render RIACO Feedback. Add a Shortcode widget/element and paste in `[riaco_feedback_features]`. = Is the plugin free? = Yes, RIACO Feedback is 100% free and open source under the GPLv2 license. == Screenshots == 1. **Feedback board** — The public-facing board with filter bar (search, status pills, sort pills) and vote-sorted feedback cards. 2. **Roadmap** — Three-column kanban view showing items grouped by Planned, In Progress, and Completed status. 3. **Admin list table** — The Feedback admin screen with the Approve row action, pending count bubble, and Status/Project filters. 4. **Settings page** — Color pickers, items-per-page setting, and admin notification toggle under Feedback → Settings. 5. **Shortcodes help page** — Quick-start guide and shortcode attribute reference under Feedback → Shortcodes. == Changelog == = 1.1.0 = * Security: Vote and unvote cookies now set with `HttpOnly`, `Secure`, and `SameSite=Lax` flags. * Security: Admin single-approve action now validates the target post is a `riaco_feedback` post before publishing. * Fix: Vote handler now correctly rejects the request when the database insert fails (e.g. duplicate vote after cookie deletion) instead of silently returning success. * Fix: Unvote handler now returns an error if the vote row does not exist rather than silently returning success. * Fix: Feedback submission now validates the project slug exists as a taxonomy term before creating the post, preventing orphaned posts and rate-limit bypass. * Fix: `wp_insert_post()` return value is now checked for `WP_Error` in addition to falsy zero. * Tooling: Corrected `.phpcs.xml.dist` — prefix was `my-plugin`, now `riaco,RIACO`; text domain was `my-plugin`, now `riaco-feedback`; minimum supported WP version updated to 6.2. = 1.0.0 = * Initial release. * Frontend feedback submission form with honeypot spam protection and IP-based rate limiting. * AJAX voting system with SHA-256 voter hash and database-level duplicate prevention. * Feedback board shortcode with filter bar (search, status, sort) and paginated AJAX loading. * Roadmap shortcode with three-column kanban and independent column pagination. * Admin moderation queue with single and bulk approve actions and pending count bubble. * Dashboard widget showing 5 most recent pending submissions. * Status and Project custom taxonomies with radio-button metaboxes. * Settings page with 8 color pickers, items-per-page option, and admin email notification. * Shortcodes help page with attribute reference and quick-start guide. * Developer hooks: 5 action hooks and multiple filters for full extensibility.