From 04de2ac5586cb49b6f121aeed8caa6c4bcfbe74c Mon Sep 17 00:00:00 2001 From: Roman Pyrih Date: Thu, 7 May 2026 10:15:04 +0200 Subject: [PATCH] docs: map existing codebase --- .paul/codebase/architecture.md | 143 ++++++++++++++++++++++++++ .paul/codebase/concerns.md | 162 ++++++++++++++++++++++++++++++ .paul/codebase/conventions.md | 115 +++++++++++++++++++++ .paul/codebase/db_schema.md | 79 +++++++++++++++ .paul/codebase/integrations.md | 111 +++++++++++++++++++++ .paul/codebase/stack.md | 86 ++++++++++++++++ .paul/codebase/structure.md | 166 +++++++++++++++++++++++++++++++ .paul/codebase/tech_changelog.md | 19 ++++ .paul/codebase/testing.md | 118 ++++++++++++++++++++++ 9 files changed, 999 insertions(+) create mode 100644 .paul/codebase/architecture.md create mode 100644 .paul/codebase/concerns.md create mode 100644 .paul/codebase/conventions.md create mode 100644 .paul/codebase/db_schema.md create mode 100644 .paul/codebase/integrations.md create mode 100644 .paul/codebase/stack.md create mode 100644 .paul/codebase/structure.md create mode 100644 .paul/codebase/tech_changelog.md create mode 100644 .paul/codebase/testing.md diff --git a/.paul/codebase/architecture.md b/.paul/codebase/architecture.md new file mode 100644 index 0000000..7c4760f --- /dev/null +++ b/.paul/codebase/architecture.md @@ -0,0 +1,143 @@ +# Architecture + +**Analysis Date:** 2026-05-07 + +## Pattern Overview + +**Overall:** WordPress monolith with theme/plugin architecture and Elementor as the page-building layer. + +**Key Characteristics:** +- Full WordPress core is present in the repository: `wp-admin/`, `wp-includes/`, and root `wp-*.php` files. +- Site behavior is split between WordPress configuration, theme files, normal plugins, and a must-use plugin. +- Landing page content/layout is likely stored mostly in the WordPress database through Elementor. +- Custom lead-generation/consent behavior is concentrated in Hello Elementor assets and the Cookie Notice Pro MU plugin. + +## Layers + +**WordPress Core:** +- Purpose: bootstrap, routing, template loading, admin, database API, plugin/theme lifecycle. +- Contains: `wp-admin/`, `wp-includes/`, `wp-settings.php`, `wp-load.php`, `wp-blog-header.php`. +- Depends on: PHP runtime and MySQL/MariaDB. +- Used by: every frontend/admin request. + +**Configuration:** +- Purpose: database constants, salts, table prefix, debug flags. +- Contains: `wp-config.php`. +- Depends on: hosting environment. +- Used by: `wp-load.php` and WordPress bootstrap. + +**Theme Layer:** +- Purpose: frontend shell, template files, theme support, local styles/scripts. +- Contains: `wp-content/themes/hello-elementor/`. +- Depends on: WordPress core and Elementor. +- Used by: public page rendering. + +**Plugin Layer:** +- Purpose: page builder, forms, anti-spam, icon/SVG support, backups, content utilities. +- Contains: `wp-content/plugins/elementor/`, `wp-content/plugins/elementor-pro/`, `wp-content/plugins/akismet/`, `wp-content/plugins/lordicon/`, `wp-content/plugins/svg-support/`, `wp-content/plugins/duplicator-pro-v4.5.16.2/`, `wp-content/plugins/copy-delete-posts/`. +- Depends on: WordPress plugin lifecycle. +- Used by: frontend, admin, forms, backup workflows. + +**Must-Use Plugin Layer:** +- Purpose: always-loaded site-specific consent/GTM behavior. +- Contains: `wp-content/mu-plugins/cookie-notice-pro-loader.php`, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`, and assets under `wp-content/mu-plugins/cookie-notice-pro/assets/`. +- Depends on: WordPress hooks and frontend assets. +- Used by: every frontend request. + +## Data Flow + +**Frontend Request:** + +1. Request enters `index.php`. +2. `index.php` loads `wp-blog-header.php`. +3. `wp-blog-header.php` loads WordPress via `wp-load.php`. +4. `wp-load.php` resolves `wp-config.php`. +5. `wp-config.php` defines DB settings and loads `wp-settings.php`. +6. `wp-settings.php` boots core, loads MU plugins from `wp-content/mu-plugins/`, normal plugins from `wp-content/plugins/`, then the active theme from `wp-content/themes/`. +7. WordPress resolves the query/template through core files such as `wp-includes/template-loader.php`. +8. Hello Elementor templates render the shell while Elementor/Elementor Pro render page builder content stored in DB. + +**State Management:** +- Persistent state lives in the WordPress database. +- Elementor page layout, form definitions, options, menus, and active plugin/theme state are database-resident and not fully visible in files. +- Filesystem state includes themes, plugins, MU plugin code, translations, and backup artifacts. + +## Key Abstractions + +**WordPress Hooks:** +- Purpose: attach behavior to WordPress lifecycle events. +- Examples: enqueue hooks and setup hooks in `wp-content/themes/hello-elementor/functions.php`; consent/GTM hooks in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Pattern: `add_action` / `add_filter`. + +**Theme Bootstrap:** +- Purpose: declare theme support, menus, Elementor locations, and frontend assets. +- Examples: `wp-content/themes/hello-elementor/functions.php`, `wp-content/themes/hello-elementor/theme.php`. +- Pattern: procedural WordPress functions plus Hello Elementor namespaced modules. + +**Elementor Modules:** +- Purpose: page builder, forms, theme builder, popups, widgets, Pro features. +- Examples: `wp-content/plugins/elementor/modules/`, `wp-content/plugins/elementor-pro/modules/forms/`. +- Pattern: plugin module architecture controlled by Elementor. + +**MU Plugin:** +- Purpose: site-specific behavior loaded automatically before normal plugins. +- Examples: `wp-content/mu-plugins/cookie-notice-pro-loader.php`, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Pattern: loader file includes plugin implementation. + +## Entry Points + +**Frontend:** +- Location: `index.php`. +- Triggers: public HTTP requests. +- Responsibilities: load WordPress and render the resolved page. + +**WordPress Bootstrap:** +- Location: `wp-blog-header.php`, `wp-load.php`, `wp-config.php`, `wp-settings.php`. +- Triggers: frontend/admin/core request lifecycle. +- Responsibilities: configure and initialize WordPress. + +**Admin:** +- Location: `wp-admin/index.php`, `wp-admin/admin.php`, `wp-admin/admin-ajax.php`, `wp-admin/admin-post.php`. +- Triggers: WordPress admin and AJAX/action requests. +- Responsibilities: admin UI, plugin/theme settings, AJAX endpoints. + +**Theme:** +- Location: `wp-content/themes/hello-elementor/functions.php`, `wp-content/themes/hello-elementor/index.php`, `wp-content/themes/hello-elementor/header.php`, `wp-content/themes/hello-elementor/footer.php`, `wp-content/themes/hello-elementor/theme.php`. +- Triggers: theme loading and template rendering. +- Responsibilities: theme support, templates, assets. + +**Plugins:** +- Location: `wp-content/plugins/elementor/elementor.php`, `wp-content/plugins/elementor-pro/elementor-pro.php`, `wp-content/plugins/lordicon/lordicon.php`, `wp-content/plugins/svg-support/svg-support.php`, `wp-content/plugins/akismet/akismet.php`, `wp-content/plugins/copy-delete-posts/copy-delete-posts.php`, `wp-content/plugins/duplicator-pro-v4.5.16.2/duplicator-pro.php`. +- Triggers: WordPress plugin loading. +- Responsibilities: plugin-specific features. + +**MU Plugin:** +- Location: `wp-content/mu-plugins/cookie-notice-pro-loader.php`. +- Triggers: must-use plugin bootstrap. +- Responsibilities: load cookie notice/GTM logic. + +## Error Handling + +**Strategy:** WordPress/PHP runtime handles most errors; custom code should fail quietly on the frontend and avoid breaking public lead capture. + +**Patterns:** +- `WP_DEBUG` is false in `wp-config.php`. +- Custom JS currently uses direct `JSON.parse()` in `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`; malformed cookie handling needs hardening. + +## Cross-Cutting Concerns + +**Logging:** +- No dedicated application logger detected. +- Browser console logging exists in `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. + +**Validation:** +- WordPress and Elementor handle most admin/form validation. +- Cookie notice JS should validate cookie JSON more defensively. + +**Authentication:** +- WordPress native authentication via `wp-login.php` and core user/session APIs. + +--- + +*Architecture analysis: 2026-05-07* +*Update when major patterns change* diff --git a/.paul/codebase/concerns.md b/.paul/codebase/concerns.md new file mode 100644 index 0000000..0ecf2dc --- /dev/null +++ b/.paul/codebase/concerns.md @@ -0,0 +1,162 @@ +# Codebase Concerns + +**Analysis Date:** 2026-05-07 + +## Tech Debt + +**Generated backup artifacts committed:** +- Issue: Backup archive and Duplicator working files are present in the repository. +- Files: `project_backup_2026-03-26_13-38-53.zip`, `wp-content/backups-dup-pro/`. +- Why: Likely copied from hosting/restore workflow. +- Impact: Large diffs, possible secret/data exposure, noisy repository, unclear source of truth. +- Fix approach: Add a `.gitignore`, remove generated backup artifacts from version control, and rotate secrets if already exposed. + +**WordPress core and plugins committed as source:** +- Issue: Full WordPress core and third-party plugins are committed. +- Files: `wp-admin/`, `wp-includes/`, `wp-content/plugins/`. +- Why: Common FTP-style WordPress project snapshot. +- Impact: Accidental vendor/core edits are easy; updates/provenance are hard to audit; diffs become noisy. +- Fix approach: Define an update/deployment policy and keep custom changes isolated in theme/MU plugin/project-owned plugin files. + +**Missing custom JS asset referenced by theme:** +- Issue: `wp-content/themes/hello-elementor/functions.php` references `wp-content/themes/hello-elementor/assets/js/custom.js`, but that file was not found. +- Files: `wp-content/themes/hello-elementor/functions.php`, `wp-content/themes/hello-elementor/assets/js/`. +- Why: Possibly planned custom JS or removed asset. +- Impact: Extra 404 request or dead enqueue depending on existence checks and deployment state. +- Fix approach: Create the asset intentionally or remove the enqueue. + +## Known Bugs + +**Possible duplicate GTM noscript output:** +- Symptoms: GTM noscript iframe may render twice on themes that support `wp_body_open`. +- Trigger: Both `wp_body_open` and `wp_footer` actions run. +- Files: `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Workaround: Browser usually tolerates it, but markup is duplicated. +- Root cause: Same callback registered to two hooks without a one-time guard. + +**Malformed consent cookie can break banner JS:** +- Symptoms: Cookie banner initialization or helper methods can throw if stored cookie JSON is malformed. +- Trigger: User/browser has invalid consent cookie value. +- Files: `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. +- Workaround: Clear browser cookies. +- Root cause: direct `JSON.parse()` calls without defensive parsing. + +## Security Considerations + +**Secrets committed in configuration files:** +- Risk: Database credentials, WordPress salts, and Duplicator auth material are present in source files. +- Files: `wp-config.php`, `wp-content/backups-dup-pro/installer/original_files_e507eb0-03080010/source_site_wpconfig`. +- Current mitigation: Secret values are not copied into PAUL docs. +- Recommendations: rotate exposed credentials/salts/auth keys, move environment-specific secrets out of committed files, and remove generated restore artifacts from version control. + +**Backup archive may contain sensitive data:** +- Risk: Root backup archive may contain code, uploads, config, database dumps, or credentials. +- Files: `project_backup_2026-03-26_13-38-53.zip`. +- Current mitigation: none visible. +- Recommendations: inspect outside normal docs, remove from repo, rotate credentials if contents were committed/shared. + +**Installer logs expose operational details:** +- Risk: Duplicator logs may reveal server paths, restore process details, and environment data. +- Files: `wp-content/backups-dup-pro/installer/dup-installer-log__c3605a4-03080010.txt`, `wp-content/backups-dup-pro/installer/dup-installer-bootlog__c3605a4-03080010.txt`. +- Current mitigation: none visible. +- Recommendations: treat as sensitive generated artifacts and remove from version control. + +**Default WordPress table prefix:** +- Risk: Default prefix is a minor hardening weakness, especially on older/poorly protected installs. +- Files: `wp-config.php`. +- Current mitigation: WordPress security does not rely on prefix secrecy. +- Recommendations: consider custom prefix only during rebuild/migration, not casually on a live site. + +## Performance Bottlenecks + +**Cookie notice script loaded on every frontend page:** +- Problem: Custom consent script is about 25 KB and includes inline SVG strings. +- Files: `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Measurement: file is about 438 lines / 25 KB in scan. +- Cause: MU plugin enqueues the script globally. +- Improvement path: minify it, defer where safe, and keep it cached. + +**Per-request `filemtime()` cache busting:** +- Problem: PHP calls `filemtime()` for custom assets on frontend requests. +- Files: `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Measurement: not measured; likely minor. +- Cause: development-friendly cache busting. +- Improvement path: use a fixed plugin/theme version constant if filesystem calls become a concern. + +## Fragile Areas + +**Cookie/consent frontend logic:** +- Files: `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. +- Why fragile: public page code controls consent defaults, GTM updates, DOM rendering, and cookie parsing. +- Common failures: malformed cookies, duplicate events, console noise, markup string escaping issues. +- Safe modification: add defensive parsing first, then test accept/deny/update flows manually. +- Test coverage: no automated tests detected. + +**Elementor form configuration lives in DB:** +- Files: `wp-content/plugins/elementor-pro/modules/forms/`, WordPress database. +- Why fragile: the actual form actions and field configuration are not visible in the file tree. +- Common failures: code/files appear unchanged while form delivery changes in admin/database. +- Safe modification: verify WordPress admin form settings and a real submission after any lead-flow work. +- Test coverage: no project E2E tests detected. + +**Encoding of Polish copy:** +- Files: `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`, `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. +- Why fragile: some text appears mojibake in scans. +- Common failures: broken Polish characters after edits. +- Safe modification: confirm encoding before editing copy; preserve UTF-8. +- Test coverage: manual visual verification only. + +## Scaling Limits + +**Unknown hosting/deployment capacity:** +- Current capacity: not documented. +- Limit: unknown. +- Symptoms at limit: not measured. +- Scaling path: document hosting, cache strategy, and form delivery path. + +## Dependencies at Risk + +**Duplicator Pro restore tooling with PHP 8.4 noise:** +- Risk: installer logs show PHP 8.4 deprecation noise during restore. +- Impact: future restores on newer PHP runtimes may be noisy or brittle. +- Migration plan: update Duplicator Pro before relying on it for restore, or validate restore in staging. + +**Committed plugin versions without update policy:** +- Risk: security/update status is hard to audit from repo alone. +- Impact: outdated plugins can create security and compatibility risk. +- Migration plan: document update ownership, version checks, and deployment process. + +## Missing Critical Features + +**No project-owned `.gitignore`:** +- Problem: generated artifacts and OS files are committed. +- Current workaround: manual care. +- Blocks: clean source control and safer collaboration. +- Implementation complexity: low. + +**No deployment/update notes:** +- Problem: unclear how WordPress core/plugins/theme changes are deployed. +- Current workaround: infer from FTP/SFTP/hosting behavior. +- Blocks: reliable updates and rollback planning. +- Implementation complexity: low to medium. + +## Test Coverage Gaps + +**Lead capture flow:** +- What's not tested: landing page CTA, Elementor form submission, delivery/storage, thank-you/redirect behavior. +- Files: `wp-content/plugins/elementor-pro/modules/forms/`, WordPress database configuration, `wp-content/themes/hello-elementor/assets/css/custom.scss`. +- Risk: lead form could break silently. +- Priority: High. +- Difficulty to test: requires running WordPress environment and real/staged form configuration. + +**Consent/GTM behavior:** +- What's not tested: consent defaulting, malformed cookie handling, GTM consent updates. +- Files: `wp-content/mu-plugins/cookie-notice-pro/`. +- Risk: analytics/compliance behavior can break public pages. +- Priority: High. +- Difficulty to test: moderate; JS unit tests or browser tests could cover this. + +--- + +*Concerns audit: 2026-05-07* +*Update as issues are fixed or new ones discovered* diff --git a/.paul/codebase/conventions.md b/.paul/codebase/conventions.md new file mode 100644 index 0000000..c264f82 --- /dev/null +++ b/.paul/codebase/conventions.md @@ -0,0 +1,115 @@ +# Coding Conventions + +**Analysis Date:** 2026-05-07 + +## Naming Patterns + +**Files:** +- WordPress entry/template names follow WordPress conventions: `index.php`, `functions.php`, `header.php`, `footer.php`, `comments.php`. +- MU plugin loader and implementation use descriptive plugin paths: `wp-content/mu-plugins/cookie-notice-pro-loader.php`, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Custom assets use descriptive names: `wp-content/themes/hello-elementor/assets/css/custom.scss`, `wp-content/themes/hello-elementor/assets/css/custom.css`, `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. +- Third-party plugin file naming varies by vendor; do not use vendor files as project style unless working inside that plugin intentionally. + +**Functions:** +- WordPress theme functions use prefixed snake_case, e.g. `hello_elementor_setup()` in `wp-content/themes/hello-elementor/functions.php`. +- Site-specific MU plugin functions use `cnp_*` prefix, e.g. `cnp_render_gtm_noscript()` in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- New project-owned PHP functions should use a clear prefix and WordPress-style snake_case. + +**Variables:** +- PHP variables follow WordPress/PHP conventions: `$lower_snake_case` where applicable. +- Constants use uppercase names; example: `CNP_GTM_ID` in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. + +**Types:** +- Hello Elementor theme classes use namespaces and PascalCase class names, e.g. `HelloTheme\Modules\AdminHome\Components\Ajax_Handler` in `wp-content/themes/hello-elementor/modules/admin-home/components/ajax-handler.php`. +- Most site-owned custom code is procedural WordPress PHP rather than class-based. + +## Code Style + +**Formatting:** +- Project guidance in `CLAUDE.md` says to use WordPress Coding Standards for PHP, JS, and CSS. +- `wp-content/themes/hello-elementor/functions.php` follows WordPress spacing style such as `if ( ! defined( 'ABSPATH' ) )`. +- `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php` uses 4-space indentation and less consistent WordPress spacing such as `if (!defined('ABSPATH'))`. +- New project-owned PHP should prefer WordPress Coding Standards even when older custom code is mixed. +- SCSS in `wp-content/themes/hello-elementor/assets/css/custom.scss` uses nested SCSS, Elementor-oriented selectors, and mobile breakpoints. +- `wp-content/themes/hello-elementor/assets/css/custom.css` is compiled/minified and includes a source map reference. + +**Linting:** +- No root `.eslintrc*`, `.prettierrc*`, `phpcs.xml*`, `.editorconfig`, `composer.json`, or `package.json` detected. +- No project lint command detected. + +## Import / Dependency Organization + +**PHP Loading:** +- Use WordPress hooks (`add_action`, `add_filter`) for lifecycle integration. +- Enqueue frontend styles/scripts from PHP rather than hardcoding tags. +- MU plugin loading is done through `wp-content/mu-plugins/cookie-notice-pro-loader.php`. + +**Path Aliases:** +- Not applicable; no project-owned module bundler or PHP autoload setup detected. + +## Error Handling + +**Patterns:** +- WordPress/PHP handles most runtime errors. +- Use guard checks such as `defined( 'ABSPATH' )` in PHP entry files. +- Escape frontend output with WordPress helpers (`esc_js`, `esc_attr`, etc.) as seen in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. + +**Expected Practice:** +- Avoid breaking public pages/forms if optional assets or config are missing. +- In frontend JS, guard JSON parsing and cookie access before use. + +## Logging + +**Framework:** +- No dedicated logger detected. +- Browser console logging exists in `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. + +**Patterns:** +- Avoid new production console noise unless it is behind a debug flag. + +## Comments + +**When to Comment:** +- Explain business/compliance decisions, especially consent/GTM behavior. +- Avoid comments that restate obvious WordPress API usage. + +**JSDoc/TSDoc:** +- Not used as a project standard. + +**TODO Comments:** +- Many TODOs exist in WordPress core and third-party plugins; do not treat them as project-owned debt. +- No meaningful custom TODO/FIXME debt was found in the MU plugin or theme customizations. + +## Function Design + +**Size:** +- Keep new custom PHP functions focused around a WordPress hook or one behavior. +- Extract helpers when frontend consent/form logic grows. + +**Parameters:** +- Prefer explicit arguments and small option arrays for custom helpers. + +**Return Values:** +- Use early returns for guard conditions. +- Ensure frontend helpers handle missing/malformed cookies without throwing. + +## Module Design + +**Exports:** +- WordPress hooks/functions are the main module boundary in custom code. +- For new site-owned behavior, prefer a dedicated MU plugin or project-owned plugin over editing third-party plugin files. + +**Barrel Files:** +- Not applicable. + +## Editing Boundaries + +- Do not edit `wp-admin/` or `wp-includes/`. +- Do not edit third-party plugin code in `wp-content/plugins/` unless explicitly required. +- Prefer custom work in `wp-content/themes/hello-elementor/assets/`, `wp-content/themes/hello-elementor/functions.php`, or a site-owned plugin/MU plugin. +- Confirm file encoding before editing Polish copy in `wp-content/mu-plugins/cookie-notice-pro/`; some text appears mojibake. + +--- + +*Convention analysis: 2026-05-07* +*Update when patterns change* diff --git a/.paul/codebase/db_schema.md b/.paul/codebase/db_schema.md new file mode 100644 index 0000000..c95b1fe --- /dev/null +++ b/.paul/codebase/db_schema.md @@ -0,0 +1,79 @@ +# Database Schema + +**Updated:** 2026-05-07 | **Total tables:** Unknown from files | **Engine:** MySQL/MariaDB via WordPress | **Charset:** Not available from files + +--- + +## WordPress Core Schema + +This repository does not include an authoritative live database dump or project-owned migration set. The site depends on the standard WordPress schema managed by WordPress core and plugins. + +Expected core tables use the configured table prefix from `wp-config.php`: + +| Table | Purpose | Source | +|-------|---------|--------| +| `wp_posts` | Pages, posts, Elementor documents, attachments, revisions | WordPress core | +| `wp_postmeta` | Post/page/Elementor metadata | WordPress core | +| `wp_options` | Site options, plugin settings, active theme/plugin state | WordPress core | +| `wp_users` | WordPress users | WordPress core | +| `wp_usermeta` | User metadata/capabilities | WordPress core | +| `wp_terms` | Terms/categories/tags | WordPress core | +| `wp_term_taxonomy` | Term taxonomy definitions | WordPress core | +| `wp_term_relationships` | Content-to-term relationships | WordPress core | +| `wp_comments` | Comments/submissions where applicable | WordPress core | +| `wp_commentmeta` | Comment metadata | WordPress core | + +Elementor page layouts, form definitions, menus, options, and active plugin/theme state are database-resident and are not fully visible in this file tree. + +--- + +## Elementor Pro Tables + +Elementor Pro includes plugin-managed migrations for form submissions and notes. + +**Form submissions** - lead/form submission storage +- Migration: `wp-content/plugins/elementor-pro/modules/forms/submissions/database/migrations/initial.php`. +- Creates submission, submission value, and form action log tables via WordPress `dbDelta`. +- Exact live table names depend on WordPress table prefix. + +**Notes** - Elementor collaboration/notes features +- Migration: `wp-content/plugins/elementor-pro/modules/notes/database/migrations/initial.php`. +- Creates note-related custom tables via plugin migration infrastructure. + +Other database migration/update infrastructure exists under: +- `wp-content/plugins/elementor/core/database`. +- `wp-content/plugins/elementor-pro/core/database`. +- `wp-content/plugins/elementor/modules/*/database`. + +--- + +## Backup / Installer Database Logic + +Duplicator Pro contains database packaging and installer logic, but this is restore tooling rather than the authoritative application schema. + +Relevant paths: +- `wp-content/plugins/duplicator-pro-v4.5.16.2/classes`. +- `wp-content/plugins/duplicator-pro-v4.5.16.2/installer`. +- `wp-content/backups-dup-pro/`. + +No extracted SQL dump was found during the scan. + +--- + +## Schema Characteristics + +| Property | Value | +|----------|-------| +| Engine | MySQL/MariaDB through WordPress | +| Charset | Not available from files | +| Encrypted columns | Not detected in project-owned schema | +| Soft deletes | Not detected in project-owned schema | +| Audit via JSON | Not detected in project-owned schema | +| Migrations | WordPress core/plugin-managed; no project-owned migration directory detected | +| Deferred indexes | Not documented | +| Table prefix | Configured in `wp-config.php`; value intentionally not repeated here | + +## Verification Notes + +- For planning that touches form submissions, leads, Elementor layouts, or page content, verify live schema/content via database access, WP-CLI, or WordPress admin. +- Do not rely on file tree alone for Elementor page structure or active form settings. diff --git a/.paul/codebase/integrations.md b/.paul/codebase/integrations.md new file mode 100644 index 0000000..c43ec8b --- /dev/null +++ b/.paul/codebase/integrations.md @@ -0,0 +1,111 @@ +# External Integrations + +**Analysis Date:** 2026-05-07 + +## APIs & External Services + +**Email/Lead Forms:** +- Elementor Pro Forms - lead capture and form handling. + - Implementation: `wp-content/plugins/elementor-pro/modules/forms/`. + - Actions include email, redirect, webhook, Slack, Discord, Mailchimp, Drip, ActiveCampaign, GetResponse, ConvertKit, MailerLite, MailPoet, and submission logging. + - Action registry: `wp-content/plugins/elementor-pro/modules/forms/registrars/form-actions-registrar.php`. + +**External APIs:** +- Akismet - anti-spam API integration. + - Files: `wp-content/plugins/akismet/class.akismet.php`, `wp-content/plugins/akismet/class.akismet-admin.php`, `wp-content/plugins/akismet/class.akismet-rest-api.php`. +- Google Tag Manager / Google Consent Mode - custom MU plugin integration. + - Files: `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`, `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. + - GTM ID is hardcoded in the MU plugin; value intentionally omitted here. +- Google reCAPTCHA / reCAPTCHA v3 - available through Elementor Pro forms. + - Files: `wp-content/plugins/elementor-pro/modules/forms/classes/recaptcha-handler.php`, `wp-content/plugins/elementor-pro/modules/forms/classes/recaptcha-v3-handler.php`. +- Elementor account/license/cloud library services. + - Files: `wp-content/plugins/elementor-pro/core/connect/apps/activate.php`, `wp-content/plugins/elementor-pro/modules/cloud-library/module.php`, `wp-content/plugins/elementor-pro/core/app/modules/kit-library/module.php`. +- Lordicon service/plugin integration. + - Files: `wp-content/plugins/lordicon/lordicon.php`, `wp-content/plugins/lordicon/dist/block.js`. + +## Data Storage + +**Databases:** +- MySQL/MariaDB - primary WordPress database. + - Connection: constants in `wp-config.php`. + - Table prefix: configured in `wp-config.php`. + - Client: WordPress `$wpdb` and plugin database helpers. + - Migrations: WordPress core/plugin-managed; no project-owned migration directory detected. + +**File Storage:** +- WordPress filesystem uploads are expected, but `wp-content/uploads/` is not present in this checkout. +- Duplicator Pro includes remote storage addons: + - Amazon S3 / compatible providers: `wp-content/plugins/duplicator-pro-v4.5.16.2/addons/amazons3addon/`. + - Dropbox: `wp-content/plugins/duplicator-pro-v4.5.16.2/addons/dropboxaddon/`. + - Google Drive: `wp-content/plugins/duplicator-pro-v4.5.16.2/addons/gdriveaddon/`. + - OneDrive: `wp-content/plugins/duplicator-pro-v4.5.16.2/addons/onedriveaddon/`. + - FTP/SFTP: `wp-content/plugins/duplicator-pro-v4.5.16.2/addons/ftpaddon/`. + +**Caching:** +- No dedicated cache plugin/service detected in files. + +## Authentication & Identity + +**Auth Provider:** +- WordPress native user/session system. + - Core files: `wp-login.php`, `wp-includes/pluggable.php`, `wp-admin/`. + +**OAuth Integrations:** +- Not detected as site-specific configuration. +- Elementor/Lordicon/third-party plugin account integrations may exist through their plugin dashboards. + +## Monitoring & Observability + +**Error Tracking:** +- Dedicated service not detected. + +**Analytics:** +- Google Tag Manager / Consent Mode through `wp-content/mu-plugins/cookie-notice-pro/`. + +**Logs:** +- WordPress/PHP hosting logs are likely external to repo. +- Duplicator installer logs are present under `wp-content/backups-dup-pro/installer/`; treat them as sensitive generated artifacts. + +## CI/CD & Deployment + +**Hosting:** +- Not documented. +- Project appears to be a WordPress filesystem checkout, likely managed through hosting/FTP/SFTP outside the repository. + +**CI Pipeline:** +- Not detected. + +## Environment Configuration + +**Development:** +- Required values are currently direct constants in `wp-config.php`. +- `.env.example`: not detected. + +**Staging:** +- Not documented. + +**Production:** +- Secrets management appears file-based in `wp-config.php`. +- Recommended future direction: move environment-specific secrets out of committed files and document deployment responsibilities. + +## Webhooks & Callbacks + +**Incoming:** +- Elementor Pro supports generic webhook form actions via `wp-content/plugins/elementor-pro/modules/forms/actions/webhook.php`. +- Actual configured form actions live in the WordPress database and are not visible in this file tree. + +**Outgoing:** +- Elementor Pro form integrations can call marketing/email/chat services depending on form configuration stored in DB. + +## Not Detected + +- WooCommerce plugin. +- SEO plugins such as Yoast or Rank Math. +- Contact Form 7 / WPForms / Gravity Forms. +- Dedicated SMTP/email delivery plugin. +- Root-level custom API client code outside installed plugins. + +--- + +*Integration audit: 2026-05-07* +*Update when adding/removing external services* diff --git a/.paul/codebase/stack.md b/.paul/codebase/stack.md new file mode 100644 index 0000000..4ab9421 --- /dev/null +++ b/.paul/codebase/stack.md @@ -0,0 +1,86 @@ +# Technology Stack + +**Analysis Date:** 2026-05-07 + +## Languages + +**Primary:** +- PHP - WordPress core, theme, plugins, and MU plugin code. Examples: `wp-settings.php`, `wp-content/themes/hello-elementor/functions.php`, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. + +**Secondary:** +- JavaScript - frontend/admin assets in WordPress, Elementor, Lordicon, and the cookie notice MU plugin. Examples: `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`, `wp-content/plugins/lordicon/dist/block.js`. +- CSS/SCSS - theme and plugin styling. Examples: `wp-content/themes/hello-elementor/assets/css/custom.scss`, `wp-content/themes/hello-elementor/assets/css/custom.css`, `wp-content/plugins/svg-support/scss/`. +- Twig - detected in vendor/plugin code. + +## Runtime + +**Environment:** +- WordPress 6.9.4 - detected in `wp-includes/version.php`. +- Required PHP version from WordPress core: 7.2.24 - `wp-includes/version.php`. +- Required MySQL version from WordPress core: 5.5.5 - `wp-includes/version.php`. +- Database configured through constants in `wp-config.php`; secret values are intentionally not documented. + +**Package Manager:** +- No root `composer.json` detected. +- No root `package.json` detected. +- Plugin/theme-local manifests exist but are not a project-level dependency contract: `wp-content/plugins/svg-support/composer.json`, `wp-content/themes/twentytwentyfive/package.json`, `wp-content/themes/twentytwentyfive/package-lock.json`. +- Composer lockfile: not detected. +- Yarn/pnpm lockfiles: not detected. + +## Frameworks + +**Core:** +- WordPress - CMS/application runtime in `wp-admin/`, `wp-includes/`, `wp-content/`. +- Hello Elementor 3.4.7 - installed theme in `wp-content/themes/hello-elementor/style.css`. +- Elementor 3.35.9 - page builder plugin in `wp-content/plugins/elementor/elementor.php`. +- Elementor Pro 3.35.1 - forms, theme builder, popups, and Pro modules in `wp-content/plugins/elementor-pro/elementor-pro.php`. + +**Testing:** +- Not detected at project level. + +**Build/Dev:** +- Twenty Twenty-Five has npm/PostCSS/cssnano scripts in `wp-content/themes/twentytwentyfive/package.json`, but this applies to the bundled default theme. +- No project-owned build pipeline detected for the Hello Elementor customizations. + +## Key Dependencies + +**Critical:** +- Elementor 3.35.9 - primary page-building layer, `wp-content/plugins/elementor/elementor.php`. +- Elementor Pro 3.35.1 - forms and lead capture features, `wp-content/plugins/elementor-pro/elementor-pro.php`. +- Cookie Notice Pro MU plugin 1.0.0 - consent/GTM behavior, `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Hello Elementor 3.4.7 - active/customized theme candidate, `wp-content/themes/hello-elementor/style.css`. + +**Infrastructure:** +- Duplicator Pro 4.5.16.2 - backup/migration tooling, `wp-content/plugins/duplicator-pro-v4.5.16.2/duplicator-pro.php`. +- Akismet Anti-spam 5.6 - spam protection, `wp-content/plugins/akismet/akismet.php`. +- Copy & Delete Posts 1.5.3 - content duplication, `wp-content/plugins/copy-delete-posts/copy-delete-posts.php`. +- Lordicon 1.0 - icon/media integration, `wp-content/plugins/lordicon/lordicon.php`. +- SVG Support 2.5.14 - SVG upload/render support, `wp-content/plugins/svg-support/svg-support.php`. + +## Configuration + +**Environment:** +- Primary configuration is in `wp-config.php`. +- `wp-config.php` contains DB constants, salts, table prefix, `WP_DEBUG`, and a Duplicator auth key. Do not copy secret values into documentation. +- `.env` files: not detected. +- Root environment example/config manifest: not detected. + +**Build:** +- No root build config detected. +- Custom theme CSS source exists at `wp-content/themes/hello-elementor/assets/css/custom.scss` and compiled CSS at `wp-content/themes/hello-elementor/assets/css/custom.css`. + +## Platform Requirements + +**Development:** +- PHP + MySQL/MariaDB environment capable of running WordPress. +- Database/content is required for the actual Elementor landing page; page layouts are not fully represented by files alone. + +**Production:** +- WordPress hosting with PHP and MySQL/MariaDB. +- Deployment process not documented in the repository. +- Backup artifacts are present in `project_backup_2026-03-26_13-38-53.zip` and `wp-content/backups-dup-pro/`. + +--- + +*Stack analysis: 2026-05-07* +*Update after major dependency changes* diff --git a/.paul/codebase/structure.md b/.paul/codebase/structure.md new file mode 100644 index 0000000..44a9770 --- /dev/null +++ b/.paul/codebase/structure.md @@ -0,0 +1,166 @@ +# Codebase Structure + +**Analysis Date:** 2026-05-07 + +## Directory Layout + +``` +luxmed2.pagedev.pl/ +|-- .paul/ # PAUL project state and codebase documentation +|-- wp-admin/ # WordPress admin application (vendor/core) +|-- wp-includes/ # WordPress core libraries (vendor/core) +|-- wp-content/ # Mutable site layer: themes, plugins, MU plugins, languages, backups +| |-- themes/ # Installed themes +| |-- plugins/ # Installed normal plugins +| |-- mu-plugins/ # Must-use plugins loaded automatically +| |-- languages/ # WordPress/plugin translations +| `-- backups-dup-pro/ # Duplicator generated backup/installer artifacts +|-- index.php # WordPress frontend entry +|-- wp-config.php # Environment/database configuration with secrets +|-- wp-*.php # WordPress root bootstrap/admin endpoints +|-- CLAUDE.md # Project working rules +`-- project_backup_2026-03-26_13-38-53.zip # Backup archive artifact +``` + +## Directory Purposes + +**`wp-admin/`:** +- Purpose: WordPress admin application. +- Contains: admin screens, AJAX endpoints, install/update/admin logic. +- Key files: `wp-admin/admin.php`, `wp-admin/admin-ajax.php`, `wp-admin/index.php`. +- Modification rule: treat as vendor/core; do not edit directly. + +**`wp-includes/`:** +- Purpose: WordPress core libraries. +- Contains: bootstrap, template loader, database API, user/session APIs, block/editor support. +- Key files: `wp-includes/version.php`, `wp-includes/template-loader.php`. +- Modification rule: treat as vendor/core; do not edit directly. + +**`wp-content/themes/`:** +- Purpose: installed themes. +- Contains: `hello-elementor`, `twentytwentyfive`, `twentytwentyfour`, `twentytwentythree`. +- Key files: `wp-content/themes/hello-elementor/functions.php`, `wp-content/themes/hello-elementor/style.css`, `wp-content/themes/hello-elementor/assets/css/custom.scss`. + +**`wp-content/themes/hello-elementor/`:** +- Purpose: primary customized theme candidate. +- Contains: theme templates, theme bootstrap, admin modules, custom assets. +- Key files: `functions.php`, `theme.php`, `header.php`, `footer.php`, `assets/css/custom.scss`, `assets/css/custom.css`. +- Note: `functions.php` references `assets/js/custom.js`, but that file was not found. + +**`wp-content/plugins/`:** +- Purpose: installed WordPress plugins. +- Contains: Elementor, Elementor Pro, Akismet, Duplicator Pro, Copy & Delete Posts, Lordicon, SVG Support. +- Key files: plugin main entry files such as `wp-content/plugins/elementor/elementor.php` and `wp-content/plugins/elementor-pro/elementor-pro.php`. +- Modification rule: treat third-party plugin code as vendor unless explicitly choosing to patch it. + +**`wp-content/mu-plugins/`:** +- Purpose: must-use plugins loaded automatically by WordPress. +- Contains: `cookie-notice-pro-loader.php` and `cookie-notice-pro/`. +- Key files: `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`, `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. +- This is the main site-specific custom code found in the scan. + +**`wp-content/backups-dup-pro/`:** +- Purpose: Duplicator Pro generated backup/installer working files. +- Contains: installer logs, restore artifacts, original config copies. +- Key files: `wp-content/backups-dup-pro/installer/dup-installer-log__c3605a4-03080010.txt`. +- Treat as generated sensitive state, not source. + +## Key File Locations + +**Entry Points:** +- `index.php` - public WordPress frontend entry. +- `wp-blog-header.php` - loads the WordPress environment. +- `wp-load.php` - resolves and loads config. +- `wp-config.php` - environment/database configuration. +- `wp-login.php` - WordPress login entry. +- `xmlrpc.php` - legacy XML-RPC entry. +- `wp-cron.php` - WordPress cron entry. + +**Configuration:** +- `wp-config.php` - DB constants, salts, table prefix, debug flag, Duplicator auth key. +- `CLAUDE.md` - project rules for future coding sessions. +- `.paul/config.md` - PAUL configuration. + +**Core Logic / Customization:** +- `wp-content/themes/hello-elementor/functions.php` - theme setup and asset enqueue hooks. +- `wp-content/themes/hello-elementor/assets/css/custom.scss` - local custom CSS source. +- `wp-content/themes/hello-elementor/assets/css/custom.css` - compiled/minified local CSS. +- `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php` - consent/GTM plugin PHP. +- `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js` - consent banner frontend logic. + +**Testing:** +- No project-owned test directory or config detected. + +**Documentation:** +- `.paul/PROJECT.md` - business context. +- `.paul/ROADMAP.md` - planning skeleton. +- `.paul/STATE.md` - PAUL session state. +- `.paul/codebase/*.md` - codebase map. +- `readme.html` - WordPress core documentation, not project-specific docs. + +## Naming Conventions + +**Files:** +- WordPress root/core files use `wp-*` naming: `wp-load.php`, `wp-settings.php`. +- Theme templates use standard WordPress names: `index.php`, `header.php`, `footer.php`, `comments.php`, `sidebar.php`. +- Theme fragments live under `template-parts/`. +- Custom assets use descriptive/kebab-case names: `wp-content/themes/hello-elementor/assets/css/custom.scss`, `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. + +**Directories:** +- WordPress conventional directories: `wp-admin/`, `wp-includes/`, `wp-content/`. +- Plugin/theme directories are lower-case or kebab-case: `hello-elementor`, `elementor-pro`, `copy-delete-posts`, `cookie-notice-pro`. + +**Special Patterns:** +- Hello Elementor functions use `hello_elementor_*` prefixes in `wp-content/themes/hello-elementor/functions.php`. +- MU plugin custom functions use `cnp_*` prefix in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php`. +- Plugin class files often use `class-*.php`, e.g. `wp-content/plugins/lordicon/includes/class-plugin.php`. + +## Where to Add New Code + +**New Landing Page Styling:** +- Primary code: `wp-content/themes/hello-elementor/assets/css/custom.scss`. +- Compiled output: `wp-content/themes/hello-elementor/assets/css/custom.css`. +- Verify Elementor selectors against rendered page and mobile breakpoints. + +**New Frontend Behavior:** +- Prefer a site-specific file under `wp-content/themes/hello-elementor/assets/js/` and enqueue from `wp-content/themes/hello-elementor/functions.php`. +- Note: `assets/js/custom.js` is referenced but missing; create or remove the enqueue deliberately. + +**New Always-On Site Logic:** +- Use `wp-content/mu-plugins/cookie-notice-pro/` only when behavior must always load and is related to consent/GTM. +- For unrelated custom behavior, prefer a separate MU plugin directory or project-owned plugin rather than editing third-party plugins. + +**New Elementor/Form Configuration:** +- Likely configured in WordPress admin and stored in DB; export/document separately if it must be versioned. + +**Tests/Tooling:** +- No current project-owned setup. If introduced, add root-level tooling and document commands in `.paul/codebase/testing.md` and `CLAUDE.md`. + +## Special Directories + +**`wp-admin/` and `wp-includes/`:** +- Purpose: WordPress core. +- Source: upstream WordPress release. +- Committed: yes. +- Handling: avoid direct edits; update through WordPress release process. + +**`wp-content/plugins/`:** +- Purpose: third-party plugin code. +- Source: installed plugins. +- Committed: yes. +- Handling: avoid direct edits unless explicitly patching vendor code. + +**`wp-content/backups-dup-pro/`:** +- Purpose: Duplicator generated restore/backup artifacts. +- Source: generated by Duplicator. +- Committed: yes, but should be treated as sensitive generated state. + +**`.paul/`:** +- Purpose: PAUL planning and memory files. +- Source: generated/maintained by PAUL workflows. +- Committed: intended. + +--- + +*Structure analysis: 2026-05-07* +*Update when directory structure changes* diff --git a/.paul/codebase/tech_changelog.md b/.paul/codebase/tech_changelog.md new file mode 100644 index 0000000..8991502 --- /dev/null +++ b/.paul/codebase/tech_changelog.md @@ -0,0 +1,19 @@ +# Technical Changelog + +> Chronological log of technical changes - what and why. + +## 2026-05-07 - Codebase Map Initialized + +**Co zrobiono / What changed:** +- Created initial PAUL codebase documentation in `.paul/codebase/`. +- Captured WordPress/Elementor stack, architecture, structure, conventions, testing gaps, integrations, database notes, and concerns. + +**Dlaczego / Why:** +- Establish technical context before planning landing page lead-generation work. +- Preserve warnings about secrets, backup artifacts, and custom consent/form boundaries for future sessions. + +--- + +## Earlier entries + +No earlier technical changelog entries recorded. diff --git a/.paul/codebase/testing.md b/.paul/codebase/testing.md new file mode 100644 index 0000000..68aafcf --- /dev/null +++ b/.paul/codebase/testing.md @@ -0,0 +1,118 @@ +# Testing Patterns + +**Analysis Date:** 2026-05-07 + +## Test Framework + +**Runner:** +- No project-level automated test framework detected. +- No root `composer.json`, `package.json`, `phpunit.xml`, Jest config, Playwright config, Cypress config, `.eslintrc`, `.prettierrc`, or `phpcs.xml` detected. +- `CLAUDE.md` states that no standard test command was detected. + +**Assertion Library:** +- Not detected. + +**Run Commands:** +```bash +# No project-owned automated test command detected. +# Current practice: manual verification in browser / WordPress environment. +``` + +## Test File Organization + +**Location:** +- No site-owned `tests/`, `__tests__/`, `*.test.*`, or `*.spec.*` files detected. +- Duplicator installer validation classes under `wp-content/plugins/duplicator-pro-v4.5.16.2/installer/dup-installer/classes/validation/tests/` are runtime validation classes, not the project test suite. + +**Naming:** +- Not established for project-owned tests. + +**Structure:** +``` +luxmed2.pagedev.pl/ +|-- wp-content/ +| |-- mu-plugins/cookie-notice-pro/ # custom code without automated tests +| `-- themes/hello-elementor/assets/ # custom assets without automated tests +`-- (no project-owned tests directory detected) +``` + +## Test Structure + +**Suite Organization:** +- Not established. + +**Patterns:** +- Manual QA is the current practical verification path. +- For frontend changes, verify page rendering, mobile layout, consent behavior, and form submission. +- For lead form changes, verify Elementor Pro form configuration in WordPress admin and a real submission path in the target environment. + +## Mocking + +**Framework:** +- Not detected. + +**Patterns:** +- Not established. + +**What to Mock:** +- If tests are introduced later: mock WordPress hooks/database for unit tests, and test browser behavior with Playwright or similar for consent/form flows. + +**What NOT to Mock:** +- Do not mock the final manual verification of Elementor form submission; that should be tested against a real WordPress environment when possible. + +## Fixtures and Factories + +**Test Data:** +- Not established. + +**Location:** +- Not established. + +## Coverage + +**Requirements:** +- No enforced coverage target. + +**Configuration:** +- No coverage tooling detected. + +**View Coverage:** +```bash +# Not available. +``` + +## Test Types + +**Unit Tests:** +- Not currently present. +- Good future candidates: consent cookie parsing and defaulting in `wp-content/mu-plugins/cookie-notice-pro/assets/cookienoticepro.script.js`. + +**Integration Tests:** +- Not currently present. +- Good future candidates: WordPress enqueue behavior in `wp-content/mu-plugins/cookie-notice-pro/cookie-notice-pro.php` and `wp-content/themes/hello-elementor/functions.php`. + +**E2E Tests:** +- Not currently present. +- Good future candidates: landing page load, mobile layout, cookie banner, form submission, redirect/thank-you behavior. + +## Common Manual Verification + +**Landing Page:** +- Open the public page in desktop and mobile widths. +- Confirm hero/content renders without layout overlap. +- Confirm CTA leads to the form. +- Confirm the form is visible, usable, and submits successfully. + +**Consent/GTM:** +- Verify initial consent defaults. +- Accept/deny/update cookie preferences. +- Confirm malformed cookies do not break the banner once hardened. + +**Elementor/Form:** +- Verify Elementor assets load. +- Submit the form and confirm delivery/storage/integration configured in WordPress admin. + +--- + +*Testing analysis: 2026-05-07* +*Update when test patterns change*