At LegitSquares, we take a proactive approach to development—regularly testing, updating, and refining our plugin to ensure maximum compatibility, performance, and reliability with every new release of WordPress and Contact Form 7. We’re committed to delivering a stable, secure experience while continuously improving based on user feedback and evolving best practices. Below is a detailed log of all updates, enhancements, and fixes. These are all of the change made to the Sender Click Authorization for Contact Form 7 WordPress Plugin.
Tweaked Hide the CF7 form after submit when verification is required and smoothly scroll to the on-page notice.
Updated Email subject now includes the site host for clearer context.
Fixed Additional mail headers are sanitized line-by-line to prevent malformed output.
improvement Hardened capability checks and nonces across admin actions and settings pages.
New **Envato-ready** build (CodeCanyon packaging): standardized readme/changelog, verified GPL headers, included POT for translations.
Tweaked Added “Settings” link on the Plugins list for quick access.
Fixed Admin stylesheet loads only on the plugin’s settings page to avoid conflicts.
New **Blocked Domains** management with add/remove UI and front-end enforcement via CF7 email validation filters.
Tweaked Default blocklist now includes the site’s own host to prevent self-address submissions.
Updated “Submission Details” view shows captured fields as key/value pairs.
Fixed Consistent escaping in admin tables and chips UI.
New Hourly cleanup job to prune expired, unverified submissions with a “Pruning Jobs” status card (timestamp, status, records).
Tweaked Interception uses `wpcf7_before_send_mail` with `$abort = true` to hold delivery until verification.
Fixed Scheduled cleanup hook is cleared on deactivation to prevent orphaned events.
New **Timeout (hours)** option controlling verification link validity.
New **Delete data on deactivation** and **delete on uninstall** toggles for clean removals.
Tweaked Default post-submit message clarifies flow, bolds `[your-email]`, and references `[timeout_hours]`.
Updated Registered settings now include sanitize callbacks for all options.
New **Templates** tab—customize verification email (plain text) and post-submit message (HTML) with placeholders (`[your-name]`, `[your-email]`, `[_site_title]`, `[_site_url]`, `[verification_url]`, `[timeout_hours]`).
Tweaked Added color options for the on-page post-submit notice (background/border).
Fixed Internationalized email subjects render correctly.
New Core **Sender Click Authorization** flow—store submission, email verification link, deliver CF7 mail only after verification.
New On-page post-submit notice injected into CF7’s AJAX response and rendered via footer JS (with optional colors).
Fixed Graceful error when no valid email field is found on a form.
New Initial public beta—database table creation, admin menu (Submissions / Settings / Templates), pending-submission listing, and basic logging.
