=== Contact Form ===
Contributors: snehalpancholi
Tags: contact form, shortcode, honeypot, rate limiting, AJAX, spam protection
Requires at least: 6.0
Tested up to: 6.7
Stable tag: 1.0.0
Requires PHP: 8.1
License: GPL-2.0+
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Simple contact form shortcode with honeypot spam protection, rate limiting, AJAX submission, and an admin submission viewer.

== Description ==

Contact Form adds a `[contact_form]` shortcode you can drop into any page or post.
Out of the box it provides:

* **Honeypot anti-spam** — an invisible field that trips up bots without annoying real visitors.
* **Rate limiting** — blocks more than 3 submissions per IP per hour using WordPress transients.
* **AJAX submission** — no page reload; inline success and error feedback.
* **Nonce protection** — every submission is verified with a WordPress nonce.
* **Server-side validation** — name, valid email, and a non-empty message are required.
* **Admin submission viewer** — browse, and delete stored submissions from Settings > Contact Form.
* **Flexible shortcode** — override the recipient email, subject, success message, and button label per-instance.
* **Translation-ready** — all strings use the `contact-form` text domain.

== Installation ==

1. Upload the `contact-form` folder to `/wp-content/plugins/`.
2. Activate the plugin through the **Plugins** screen in WordPress.
3. Go to **Settings > Contact Form** to configure the recipient email and other defaults.
4. Add `[contact_form]` to any page or post.

== Shortcode Usage ==

Basic:
`[contact_form]`

Custom recipient and button label:
`[contact_form to="hello@example.com" button="Get in Touch"]`

All attributes:
`[contact_form to="hello@example.com" subject="Website Enquiry" success="We'll be in touch soon!" button="Send Enquiry"]`

=== Shortcode Attributes ===

| Attribute | Default (from settings) | Description |
|-----------|------------------------|-------------|
| `to`      | Settings > Recipient Email or admin email | Email address that receives the submission. |
| `subject` | Settings > Default Subject | Email subject line. |
| `success` | Settings > Success Message | Message shown to the visitor after a successful send. |
| `button`  | Settings > Button Label | Label text on the submit button. |

== Frequently Asked Questions ==

= Will this work with page builders? =
Yes. Paste the shortcode into any shortcode block, Elementor HTML widget, Divi code module, or classic text widget.

= What email is used as the sender? =
The email is sent from the WordPress admin email address. The visitor's address is added as a Reply-To header so you can reply directly.

= How does rate limiting work? =
Each visitor IP may submit a maximum of 3 messages per hour. The counter is stored as a WordPress transient and expires automatically after one hour.

= Does it store submissions in the database? =
Yes, by default the last 100 submissions are saved to `wp_options` and are viewable in **Settings > Contact Form > Submissions**. You can disable storage under Settings.

= Is it GDPR-friendly? =
Submissions store the visitor's IP address and message content. You may disable storage entirely and rely on email delivery only. Always update your privacy policy to reflect what data you collect.

= How do I style the form? =
The plugin ships with `/assets/css/contact-form.css`. Override any CSS variables (`--ctf-primary`, `--ctf-border`, etc.) in your theme stylesheet.

== Screenshots ==

1. Front-end contact form with default styling.
2. Settings page — global defaults configuration.
3. Submissions tab — browseable log with delete controls.

== Changelog ==

= 1.0.0 =
* Initial release.

== Upgrade Notice ==

= 1.0.0 =
Initial release — no upgrade steps required.
