V4.0.0 (#330)

* Improve translation on Settings pages.

* Fix test.

* Login/Signup Popup Login Form.

* Login/Signup Popup Register Form.

* Login/Signup Popup add hCaptcha reset.

* Login/Signup Popup update readme.txt.

* Add CoBlocks integration.

* Add CoBlocks integration.

* Fix hash error preventing first sending of the form.

* Make request.php test coverage 100%.

* WPCS.

* Make Migrations test coverage 100%.

* Identify and fix change in the Siteverify Error Codes Table.

* Add Enterprise params to System Info.

* Check the Enterprise params before saving.

* Show console errors on General page when updating hCaptcha API script.

* Show console errors on General page when updating hCaptcha API script.

* WPCS.

* Update readme.txt.

* Security and other updates of packages.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Update actions/cache to v4.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix CI tests.

* Fix integration tests on CI.

* Fix integration tests on CI.

* Update migrations to use 2-digit version numbers.

* Fix Migrations tests.

* Fix Settings layout for Chrome 122.

* Fix Settings layout for Chrome 122.

* Add Elementor Pro Login integration.

* Fix tests.

* Update readme.txt.

* Fix CSP headers.

* Fix Jetpack form styling.

* WPCS.

* Add Force hCaptcha check feature.

* Add Force hCaptcha check to Jetpack.

* Add Force hCaptcha check feature.

* Update readme.txt.

* Fix grammar and styling in readme.txt.

* Add force argument to the shortcode and update readme.txt.

* Fix tests.

* Fix Jetpack tests.

* WPCS.

* ESLint.

* Fix Jetpack tests.

* Prevent submit when force widget was manually solved.

* Prevent submit when force widget was manually solved.

* Do not execute hCaptcha twice.

* Fix Jest.

* Tested with WooCommerce 8.6.

* Tested with WooCommerce 8.6.

* Fix Migrations test.

* Fix Migrations test.

* Add tracking info class.

* WPCS.

* Add registered report domain.

* Change tracking event name.

* Change tracking event name.

* Add 3.10.0 migration.

* Revert test change.

* Update readme.txt according to new standards.

* Add User-Agent header to TrackingInfo.php.

* Fix error codes in request_verify.

* Change event name to the custom one.

* Fix fatal error with Formidable Forms 6.8.2.

* Block Formidable hCaptcha settings.

* Always add hcaptcha-widget.

* Fix 40 tests after widget update.

* WPCS.

* WPCS.

* Save hCaptcha events.

* Update GH infrastructure.

* Save hCaptcha events.

* Save hCaptcha events.

* Fix tests.

* Use in CF7 the latest HCaptcha features.

* Fix cf7-hcaptcha shortcode to save event form_id.

* Create Events list page.

* Create Events list page.

* Date axis and scaling issues in Chart.

* Date axis and scaling issues in Chart.

* Make Chart responsive.

* Tested with WordPress 6.5.

* Rename EventsInfo class.

* Rename EventsInfo class.

* Improve language on Events page.

* Create Forms page.

* Create Forms page.

* Create Forms page.

* Block Forms page when Statistics switch is off.

* Add Statistics settings section.

* Add sample Foms Page image.

* Add sample Events Page image.

* Do not write statistics when switch is off.

* Add collection switches.

* Do not collect items if not selected.

* Fix tests.

* Shrink the tracking information.

* Send tracking info on plugin update.

* Fix test.

* Add Enterprise to Tracking info.

* Fix CSP issue.

* Fix Tracking Info.

* Store all class instances into repository.

* Update readme.txt.

* Flatten the tracking info.

* Update changelog.txt.

* Change custom event name.

* Update readme.txt.

* Update softprops/action-gh-release.

* Fix Content Security Policy headers processing.

* Fix test.

* Raise the version to the latest released one.

* Update changelog.txt and readme.txt.

* Move migration to 4.0.0, add test.

* Create Events table on migration only.
Rename Tracking to Stats.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Fix test.

* Add CSP headers filter.

* Add actions and filters descriptions.

* Remove deprecated code.

* Replace tracking wording to statistics.

* Add form arguments.

* Update readme.txt.

* Add force hCaptcha option.

* Add force hCaptcha option.

* Fix tests.

* Fix force in shortcode.

* Fix test.

* Update readme.txt.

* WPCS.

* Fix issue with Divi Contact Form Helper plugin and File Upload field.

* Use helper in hcaptcha-back-in-stock-notifier.js.

* Use helper in hcaptcha-passster.js.

* Use helper in hcaptcha-beaver-builder.js.

* ESLint.

* Update readme.txt.

* Squeeze plugin stats.

* Detect and use Pro account.

* Add notifications for statistics new admin pages.

* Fix test.

* Add blinking of options mentioned in url hash.

* Compact readme.txt.

* Add blinking of options mentioned in url hash.

* Add blinking of options mentioned in url hash.

* Disable Enter in the search input on Integrations page.

* Ignore 'recaptchacompat disabled' in displayed js console messages.

* Ignore 'recaptchacompat disabled' in displayed js console messages.

* Grammar.

* Send statistics on turning on the switch.

* Fix Force with Spectra.

* ESLint.

* Fix Force with Passster.

* Fix Force with Passster.

* Fix Force with Passster.

* Fix Force with Beaver Builder.

* Fix Force with Beaver Builder.

* Fix Force with Passster.

* Fix tests.

* Fix Force with NF.

* Fix jest.

* Fix Force with NF.

* Send license name in stats.

* Send license name in stats.

* Fix module issue and racing condition in Passter.

* Fix module issue and racing condition in Back-In-Stock-Notifier.

* Fix module issue and racing condition in Beaver Builder.

* Do not add type="module" twice.

* Fix module issue and racing condition in Ninja Forms.

* Fix module issue and racing condition in Divi.

* Fix jest.

* Update readme.txt.

* WC tested up to: 8.7.

* Fix Force with wpDiscuz.

* Fix Force with Support Candy.

* Fix Force with Kadence.

* Fix undefined message on Integrations after re-login.

* Fix tests.

* Fix tests.

* WPCS.

* WPCS.

* Rework Otter to follow all modern features.

* Update readme.txt.

* Blur Custom and Enterprise sections with a Free account.

* Do not save settings twice.

* Allow using custom params with Free in admin only for educational purposes.

* Add notification for Force and improve notification logic.

* Do not check nonce in CF7 for not logged-in users.

* Update readme.txt.

* Add Custom Theme Editor.

* Make SettingsBase test coverage 100%.

* Make SettingsBase test coverage 100%.

* Make SettingsBase test coverage 100%.

* Make PluginSettingsBase test coverage 100%.

* Make General test coverage 100%.

* Make General test coverage 100%.

* WPCS.

* Make Integrations test coverage 100%.

* Make Settings test coverage 100%.

* Fix code for php 7.0.

* Fix code for php 7.0.

* Make SystemInfo test coverage 100%.

* Make SystemInfo test coverage 100%.

* Integration with Essential Addon Login.

* Integration with Essential Addon Login.

* Integration with Essential Addon Login.

* Integration with Essential Addons Register.

* Integration with Essential Addons Register.

* Bump up version.

* Update readme.txt

* Apply suggestions from code review

* Update readme.txt

Co-authored-by: e271828- <e271828-@users.noreply.github.com>

* Add stats screenshots.

---------

Co-authored-by: e271828- <e271828-@users.noreply.github.com>

Author: kagg-design

.tests/js/assets-js-files/hcaptcha-beaver-builder.test.js

@@ -12,6 +12,13 @@ describe( 'hCaptcha Beaver Builder', () => {
 	};
 
 	beforeEach( () => {
+		global.wp = {
+			hooks: {
+				addFilter: jest.fn(),
+				applyFilters: jest.fn( ( hook, content ) => content ),
+			},
+		};
+
 		// Mock jQuery.ajaxPrefilter
 		$.ajaxPrefilter = jest.fn( ( callback ) => {
 			ajaxPrefilterCallback = callback;
@@ -49,4 +56,12 @@ describe( 'hCaptcha Beaver Builder', () => {
 		expect( options.data ).not.toContain( 'hcaptcha_beaver_builder_nonce' );
 		expect( options.data ).not.toContain( 'hcaptcha_login_nonce' );
 	} );
+
+	test( 'does not append anything when data is not a string', () => {
+		options.data = {};
+		ajaxPrefilterCallback( options );
+		expect( options.data ).not.toContain( 'h-captcha-response' );
+		expect( options.data ).not.toContain( 'hcaptcha_beaver_builder_nonce' );
+		expect( options.data ).not.toContain( 'hcaptcha_login_nonce' );
+	} );
 } );

.tests/js/assets-js-files/hcaptcha-divi.test.js

@@ -27,4 +27,14 @@ describe( 'hCaptcha ajaxStop binding', () => {
 		$( document ).trigger( 'ajaxSuccess', [ xhr, settings ] );
 		expect( hCaptchaBindEvents ).toHaveBeenCalledTimes( 1 );
 	} );
+
+	test( 'hCaptchaBindEvents is not called when ajaxSuccess event is triggered with unexpected data', () => {
+		const xhr = {};
+		const settings = {};
+
+		// Unexpected object having data which is not a string.
+		settings.data = {};
+		$( document ).trigger( 'ajaxSuccess', [ xhr, settings ] );
+		expect( hCaptchaBindEvents ).not.toHaveBeenCalled();
+	} );
 } );

.tests/js/assets-js-files/hcaptcha-support-candy.test.js

@@ -9,6 +9,13 @@ describe( 'hCaptcha ajaxStop binding', () => {
 	let hCaptchaBindEvents;
 
 	beforeEach( () => {
+		global.wp = {
+			hooks: {
+				addFilter: jest.fn(),
+				applyFilters: jest.fn( ( hook, content ) => content ),
+			},
+		};
+
 		hCaptchaBindEvents = jest.fn();
 		global.hCaptchaBindEvents = hCaptchaBindEvents;
 

.tests/js/assets-js-files/ncaptcha-nf.test.js

@@ -14,6 +14,13 @@ describe( 'Ninja Forms hCaptcha', () => {
 	let controller;
 
 	beforeEach( () => {
+		global.wp = {
+			hooks: {
+				addFilter: jest.fn(),
+				applyFilters: jest.fn( ( hook, content ) => content ),
+			},
+		};
+
 		require( '../../../assets/js/hcaptcha-nf.js' );
 
 		// Execute DOMContentLoaded event

.tests/js/hcaptcha/hcaptcha.test.js

@@ -16,6 +16,13 @@ describe( 'HCaptcha', () => {
 
 	beforeEach( () => {
 		hCaptcha = new HCaptcha();
+
+		global.wp = {
+			hooks: {
+				addFilter: jest.fn(),
+				applyFilters: jest.fn( ( hook, content ) => content ),
+			},
+		};
 	} );
 
 	test( 'GenerateID', () => {

.tests/php/integration/AAAMainTest.php

@@ -41,6 +41,7 @@
 use ReflectionException;
 use stdClass;
 use tad\FunctionMocker\FunctionMocker;
+use HCaptcha\Admin\PluginStats;
 use HCaptcha\Admin\Events\Events;
 
 /**
@@ -648,6 +649,7 @@ public function test_get_api_src() {
 				'image_host'           => 'imgs-cn1.hcaptcha.com',
 				'report_api'           => 'reportapi-cn1.hcaptcha.com',
 				'sentry'               => 'cn1.hcaptcha.com',
+				'license'              => 'pro',
 			]
 		);
 
@@ -862,6 +864,7 @@ function delayedLoad() {
 				// phpcs:ignore WordPress.WP.AlternativeFunctions.json_encode_json_encode
 				'config_params'        => json_encode( $config_params ),
 				'delay'                => - 100,
+				'license'              => 'pro',
 			]
 		);
 
@@ -878,7 +881,7 @@ function delayedLoad() {
 
 		$script = wp_scripts()->registered['hcaptcha'];
 		self::assertSame( HCAPTCHA_URL . '/assets/js/apps/hcaptcha.js', $script->src );
-		self::assertSame( [], $script->deps );
+		self::assertSame( [ 'wp-hooks' ], $script->deps );
 		self::assertSame( HCAPTCHA_VERSION, $script->ver );
 		self::assertSame( $expected_extra, $script->extra );
 
@@ -907,7 +910,7 @@ function delayedLoad() {
 
 		$script = wp_scripts()->registered['hcaptcha'];
 		self::assertSame( HCAPTCHA_URL . '/assets/js/apps/hcaptcha.js', $script->src );
-		self::assertSame( [], $script->deps );
+		self::assertSame( [ 'wp-hooks' ], $script->deps );
 		self::assertSame( HCAPTCHA_VERSION, $script->ver );
 		self::assertSame( $expected_extra, $script->extra );
 
@@ -1073,7 +1076,10 @@ static function () use ( &$activate ) {
 
 		// Test with hCaptcha plugin not active.
 		$subject->load_modules();
-		$expected_loaded_classes = [];
+		$expected_loaded_classes = [
+			PluginStats::class,
+			Events::class,
+		];
 		$loaded_classes          = $this->get_protected_property( $subject, 'loaded_classes' );
 
 		self::assertSame( $expected_loaded_classes, array_keys( $loaded_classes ) );

.tests/php/integration/Admin/NotificationsTest.php

@@ -94,6 +94,30 @@ public function test_init( bool $empty_keys ) {
 					'text' => 'Get started',
 				],
 			],
+			'statistics'          => [
+				'title'   => 'Events statistics and Forms admin page',
+				'message' => '<a href="http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=general#statistics_1" target="_blank">Turn on</a> events statistics and <a href="http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=forms" target="_blank">see</a> how your forms are used.',
+				'button'  => [
+					'url'  => 'http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=general#statistics_1',
+					'text' => 'Turn on stats',
+				],
+			],
+			'events_page'         => [
+				'title'   => 'Events admin page',
+				'message' => '<a href="http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=general#statistics_1" target="_blank">Turn on</a> events statistics and <a href="https://dashboard.hcaptcha.com/?r=wp&utm_source=wordpress&utm_medium=wpplugin&utm_campaign=not" target="_blank">upgrade to Pro</a> to <a href="http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=events" target="_blank">see</a> complete statistics on form events.',
+				'button'  => [
+					'url'  => 'http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=general#statistics_1',
+					'text' => 'Turn on stats',
+				],
+			],
+			'force'               => [
+				'title'   => 'Force hCaptcha',
+				'message' => 'Force hCaptcha check before submitting the form and simplify the user experience.',
+				'button'  => [
+					'url'  => 'http://test.test/wp-admin/options-general.php?page=hcaptcha&tab=general#force_1',
+					'text' => 'Turn on force',
+				],
+			],
 		];
 
 		if ( ! $empty_keys ) {

.tests/php/integration/MainPluginFileTest.php

@@ -60,8 +60,6 @@ public function test_main_file_content() {
 		self::assertTrue( function_exists( 'hcaptcha_get_verify_message_html' ) );
 
 		// functions.php was required.
-		self::assertTrue( function_exists( 'hcap_form' ) );
-		self::assertTrue( function_exists( 'hcap_form_display' ) );
 		self::assertTrue( function_exists( 'hcap_shortcode' ) );
 		self::assertTrue( shortcode_exists( 'hcaptcha' ) );
 	}

.tests/php/integration/Migrations/MigrationsTest.php

@@ -7,6 +7,7 @@
 
 namespace HCaptcha\Tests\Integration\Migrations;
 
+use HCaptcha\Admin\Events\Events;
 use HCaptcha\Migrations\Migrations;
 use HCaptcha\Tests\Integration\HCaptchaWPTestCase;
 use Mockery;
@@ -111,7 +112,11 @@ public function test_migrate() {
 			'woocommerce_wishlists_status' => [],
 			'wpforms_status'               => [ 'form' ],
 			'wpforo_status'                => [],
+			'force'                        => [],
 			'custom_themes'                => [],
+			'statistics'                   => [],
+			'collect_ip'                   => [],
+			'collect_ua'                   => [],
 			'_network_wide'                => [],
 		];
 
@@ -180,4 +185,52 @@ public function test_migrate_360_when_wpforms_status_not_set() {
 
 		self::assertSame( $option, get_option( 'hcaptcha_settings', [] ) );
 	}
+
+	/**
+	 * Test migrate_4_0_0().
+	 *
+	 * @return void
+	 * @throws ReflectionException ReflectionException.
+	 */
+	public function test_migrate_4_0_0() {
+		global $wpdb;
+
+		$method          = 'migrate_4_0_0';
+		$subject         = Mockery::mock( Migrations::class )->makePartial();
+		$table_name      = Events::TABLE_NAME;
+		$charset_collate = $wpdb->get_charset_collate();
+		$actual_query    = '';
+		$expected_query  = "CREATE TABLE IF NOT EXISTS $wpdb->prefix$table_name (
+		    id          BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
+		    source      VARCHAR(256)    NOT NULL,
+		    form_id     VARCHAR(20)     NOT NULL,
+		    ip          VARCHAR(39)     NOT NULL,
+		    user_agent  VARCHAR(256)    NOT NULL,
+		    uuid        VARCHAR(36)     NOT NULL,
+		    error_codes VARCHAR(256)    NOT NULL,
+		    date_gmt    DATETIME        NOT NULL,
+		    PRIMARY KEY (id),
+		    KEY source (source),
+		    KEY form_id (form_id),
+		    KEY hcaptcha_id (source, form_id),
+		    KEY ip (ip),
+		    KEY uuid (uuid),
+		    KEY date_gmt (date_gmt)
+		) $charset_collate;";
+
+		add_filter(
+			'dbdelta_queries',
+			static function ( $queries ) use ( &$actual_query ) {
+				$actual_query = $queries;
+
+				return $queries;
+			}
+		);
+
+		$this->set_method_accessibility( $subject, $method );
+
+		$subject->$method();
+
+		self::assertSame( array_filter( explode( ';', $expected_query ) ), $actual_query );
+	}
 }

.tests/php/unit/HCaptchaTestCase.php

@@ -293,10 +293,6 @@ protected function get_test_settings(): array {
 				[],
 			'recaptcha_compat_off'         =>
 				[],
-			'custom_theme_params'          => '{
-   "theme": "dark",
-   "size": "compact"
-}',
 			'config_params'                => '',
 			'whitelisted_ips'              => '4444444.777.2
 220.45.45.1
@@ -541,6 +537,15 @@ protected function get_test_general_form_fields(): array {
 				'default' => General::MODE_LIVE,
 				'helper'  => 'Select live or test mode. In test mode, predefined keys are used.',
 			],
+			'force'                    => [
+				'label'   => 'Force hCaptcha',
+				'type'    => 'checkbox',
+				'section' => General::SECTION_APPEARANCE,
+				'options' => [
+					'on' => 'Force hCaptcha',
+				],
+				'helper'  => 'Force hCaptcha check before submit.',
+			],
 			'custom_themes'            => [
 				'label'   => 'Custom Themes',
 				'type'    => 'checkbox',
@@ -561,6 +566,19 @@ protected function get_test_general_form_fields(): array {
 					)
 				),
 			],
+			'custom_prop'              => [
+				'label'   => 'Property',
+				'type'    => 'select',
+				'options' => [],
+				'section' => 'custom',
+				'helper'  => 'Select custom theme property.',
+			],
+			'custom_value'             => [
+				'label'   => 'Value',
+				'type'    => 'text',
+				'section' => 'custom',
+				'helper'  => 'Set property value.',
+			],
 			'config_params'            => [
 				'label'   => 'Config Params',
 				'type'    => 'textarea',
@@ -680,6 +698,32 @@ protected function get_test_general_form_fields(): array {
 				'step'    => 100,
 				'helper'  => 'Delay time for loading the hCaptcha API script. Any negative value will prevent the API script from loading until user interaction: mouseenter, click, scroll or touch. This significantly improves Google Pagespeed Insights score.',
 			],
+			'statistics'               => [
+				'label'   => 'Statistics',
+				'type'    => 'checkbox',
+				'section' => General::SECTION_STATISTICS,
+				'options' => [
+					'on' => 'Enable Statistics',
+				],
+				'helper'  => 'By turning the statistics on, you agree to the collection of non-personal data to improve the plugin.',
+			],
+			'collect_ip'               => [
+				'label'   => 'Collection',
+				'type'    => 'checkbox',
+				'section' => General::SECTION_STATISTICS,
+				'options' => [
+					'on' => 'Collect IP',
+				],
+				'helper'  => 'Allow collecting of IP addresses from which forms were sent.',
+			],
+			'collect_ua'               => [
+				'type'    => 'checkbox',
+				'section' => General::SECTION_STATISTICS,
+				'options' => [
+					'on' => 'Collect User Agent',
+				],
+				'helper'  => 'Allow collecting of User Agent headers of users sending forms.',
+			],
 		];
 
 		if ( ! ( function_exists( 'is_multisite' ) && is_multisite() ) ) {
@@ -873,6 +917,14 @@ protected function get_test_integrations_form_fields(): array {
 							'login' => 'Login',
 						],
 				],
+			'essential_addons_status'          => [
+				'label'   => 'Essential Addons',
+				'type'    => 'checkbox',
+				'options' => [
+					'login'    => 'Login',
+					'register' => 'Register',
+				],
+			],
 			'fluent_status'                    =>
 				[
 					'label'   => 'Fluent Forms',
@@ -1197,4 +1249,36 @@ protected function get_test_integrations_form_fields(): array {
 				],
 		];
 	}
+
+	/**
+	 * Sort fields. First, by enabled status, then by label.
+	 *
+	 * @param array $fields Fields.
+	 *
+	 * @return array
+	 */
+	public function sort_fields( array $fields ): array {
+		uasort(
+			$fields,
+			static function ( $a, $b ) {
+				$a_disabled = $a['disabled'] ?? false;
+				$b_disabled = $b['disabled'] ?? false;
+
+				$a_label = strtolower( $a['label'] ?? '' );
+				$b_label = strtolower( $b['label'] ?? '' );
+
+				if ( $a_disabled === $b_disabled ) {
+					return $a_label <=> $b_label;
+				}
+
+				if ( ! $a_disabled && $b_disabled ) {
+					return -1;
+				}
+
+				return 1;
+			}
+		);
+
+		return $fields;
+	}
 }