=== Mailstroom Subscribe ===
Contributors: maildeliver
Tags: newsletter, subscription, email, mailstroom, signup form
Requires at least: 5.0
Tested up to: 7.0
Stable tag: 1.0.4
Requires PHP: 7.4
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Newsletter subscription form that integrates with Mailstroom - a newsletter system for municipalities and organizations.

== Description ==

Mailstroom Subscribe is a WordPress plugin that allows visitors to easily subscribe to your newsletter through a modern modal form.

**Features:**

* Modern, accessible modal form
* Fully responsive (desktop, tablet, mobile)
* AJAX processing without page reload
* Double opt-in (GDPR compliant)
* Customizable colors and texts
* Shortcode for flexible placement
* Secure: nonces, escaping and sanitization built-in

**How it works:**

1. Place the shortcode `[mailstroom_button newsletter="ID"]` on your page
2. Visitors click the button
3. A modal opens with the subscription form
4. After filling in, they receive a confirmation email
5. After confirmation, they are subscribed

**Requirements:**

* An active Mailstroom account
* API credentials (available in your Mailstroom admin panel)

== Installation ==

1. Download the plugin ZIP
2. Go to Plugins > Add New > Upload Plugin
3. Select the ZIP file and click "Install Now"
4. Activate the plugin
5. Go to Settings > Mailstroom
6. Enter your API URL and API Key (found in Mailstroom under "WordPress Plugin")
7. Place the shortcode on your page

== Frequently Asked Questions ==

= Where do I find my API credentials? =

Log in to your Mailstroom admin portal, go to the newsletter and click "WordPress Plugin" in the menu. There you will find the API URL, API Key and List ID.

= What data is collected? =

The form asks for email address (required), first name, last name and organization (optional). All data is sent directly to Mailstroom.

= Is the plugin GDPR compliant? =

Yes. The plugin:
- Sends data directly to Mailstroom (no local storage)
- Uses double opt-in
- Does not store cookies
- Only collects necessary data

Make sure you have a privacy statement on your website.

= Can I customize the style? =

Yes, in two ways:
1. Via Settings > Mailstroom you can adjust the primary color
2. All elements have CSS classes with prefix `mailstroom-` that you can override

= Can I offer multiple newsletters? =

Yes, place multiple shortcodes with different newsletter IDs:
`[mailstroom_button newsletter="1" text="Newsletter A"]`
`[mailstroom_button newsletter="2" text="Newsletter B"]`

== Screenshots ==

1. The subscribe button on a page
2. The modal subscription form
3. Settings page in WordPress
4. API configuration in Mailstroom

== Changelog ==

= 1.0.4 =
* Send the page URL (source_url) where the signup was made
* Send the plugin version with each subscription

= 1.0.2 =
* SSRF protection: API URL must be HTTPS and may not resolve to an internal/private address
* Send client IP with the subscription for abuse prevention
* Prevent double form submission (JS guard)
* Sanitize and unslash the client IP before use

= 1.0.1 =
* Added input sanitization callbacks to all registered settings
* Unslash POST data before sanitization in the AJAX handler
* Removed debug logging
* Improved API error message parsing

= 1.0.0 =
* Initial release
* Modal subscription form
* Shortcode support
* Customizable colors and texts
* AJAX form submission
* Double opt-in support

== Upgrade Notice ==

= 1.0.0 =
Initial release of Mailstroom Subscribe.

== Privacy ==

This plugin:
* Sends submitted data to the Mailstroom API
* Does not store personal data locally
* Does not place tracking cookies
* Uses WordPress nonces for form security

For more information about how Mailstroom handles data, see the privacy policy of your Mailstroom administrator.
