=== Kanshi ===
Contributors: kanshi
Tags: forms, spam, validation, security, elementor
Requires at least: 6.2
Tested up to: 6.6
Requires PHP: 7.4
Stable tag: 1.1.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Protect WordPress forms by validating submissions with the Kanshi API before accepted entries reach form handlers and notifications.

== Description ==

Kanshi validates form submissions in the WordPress backend before accepted entries continue through the site's normal form workflow.

Supported integrations include:

* Elementor Forms
* Contact Form 7
* WPForms
* Gravity Forms
* Formidable Forms
* Generic fallback for many custom frontend forms

Only accepted submissions continue to the form plugin's own handling, such as emails, stored entries, redirects, and follow-up actions.

== External services ==

This plugin connects to Kanshi-operated API endpoints:

* `https://api.kanshi.works/api/v1/license/verify`
* `https://api.kanshi.works/api/v1/validate`

The license endpoint sends:

* the API key entered by the site administrator
* the site URL of the current WordPress installation

The validation endpoint sends:

* submitted text/scalar form fields
* file metadata only, such as file name, MIME type, and size

The plugin does not send:

* passwords
* file binaries
* nonce fields
* captcha values
* internal WordPress request metadata not needed for validation

Data is sent only to provide Kanshi's validation and license verification features.

Privacy policy:

* https://kanshi.works/privacy-policy

== Installation ==

1. Upload the plugin to `/wp-content/plugins/kanshi/` or install it through the WordPress plugins screen.
2. Activate the plugin.
3. Open `Kanshi` in the WordPress admin menu.
4. Enter your Kanshi API key.
5. Save settings and confirm the license status.

If you do not yet have a Kanshi account, use the in-plugin link to start a free trial.

== Privacy ==

Kanshi sends selected form submission data to its API for validation and sends the WordPress site URL plus API key-based license verification requests for subscription checks.

Sent for validation:

* text/scalar field values
* file metadata only

Not sent:

* passwords
* file binaries
* nonce values
* captcha values

Privacy Policy:

* https://kanshi.works/privacy-policy

== Frequently Asked Questions ==

= Does the plugin validate in the browser? =

No. Kanshi validation happens on the WordPress backend so the API key is not exposed in frontend JavaScript.

= What happens when Kanshi rejects a submission? =

The plugin can either show an error or silently drop the submission, depending on plugin settings.

= What happens if the Kanshi API is unavailable? =

You can configure the plugin to accept entries, reject entries, or disable form handling until the API becomes reachable again.

= Does the plugin include hidden tracking? =

No. The plugin does not include hidden analytics or tracking code. It only communicates with Kanshi endpoints required for license verification and form validation.

== Screenshots ==

1. Kanshi dashboard with validation statistics and license status.
2. Kanshi settings page with API key, privacy disclosure, and behavior controls.
3. Kanshi logs page showing recent validation and license activity.

== Changelog ==

= 1.1.0 =

* Initial plugin release.
* Added backend form validation through Kanshi.
* Added Elementor, Contact Form 7, WPForms, Gravity Forms, and Formidable integrations.
* Added license verification, logs, and dashboard reporting.
