GateLink Manager – Secure One‑Click Admin Login & WordPress SSO

Changelog

1.8.3

• BUG FIX: Fixed SSO login URL generation to use query parameters instead of pretty URLs
• COMPATIBILITY: SSO login now works with all permalink structures on client sites
• BUG FIX: Fixed Add Site table refresh – newly added sites now appear immediately without page reload
• UX: Improved Add Site workflow with automatic table updates and better visual feedback
• SYNC: Version synchronized with Client plugin v1.8.3 for consistency

1.8.2

• Removed trial support from Freemius configuration.

1.8.1

• FIX: Fixed Connect flow – proper nonce verification for Manager → Client REST handshake
• ENHANCEMENT: AJAX Add Site with automatic table refresh – no more page reloads
• COMPLIANCE: Enhanced nonce verification with dedicated connect_nonce for security
• UX: Improved error handling with detailed troubleshooting messages for connection failures

1.8.0

• SECURITY: Enhanced sanitization and validation of super-globals, notably $_SERVER[‘REMOTE_ADDR’]
• STANDARDIZATION: Unified all prefixes to gate_manager_ for consistent naming across the plugin
• MIGRATION: Added automatic migration logic to map old option names and keys to new unified names
• COMPATIBILITY: Maintained backward compatibility with existing installations – no data loss
• VALIDATION: Verified nonces and capability checks across all AJAX endpoints and admin forms

1.7.9

• DASHBOARD: Unlocked dashboard cards for all users including free plan – no more premium gating
• UX: Added AJAX functionality for adding and deleting sites – no more page reloads
• PERFORMANCE: Site operations now use AJAX for smoother user experience
• UI: Enhanced responsiveness and workflow for site management
• ACCESSIBILITY: Improved user experience with instant feedback for site operations

1.7.8

• WORDPRESS.ORG READY: Complete WordPress.org compliance achieved – plugin ready for directory submission and approval
• COMPLIANCE: All WordPress.org requirements met including unique prefixes, no premium gating, proper enqueuing, and security standards
• SECURITY: Enhanced HMAC-SHA256 authentication with time-limited tokens, nonce protection, and HTTPS enforcement
• ERROR HANDLING: Enhanced HTTP 404 error messages with specific troubleshooting guidance for REST API connection failures
• TROUBLESHOOTING: Added detailed diagnostic suggestions for common trust establishment issues including permalink and plugin activation checks
• UX: Improved error messages provide actionable steps for resolving “Trust establishment failed” errors
• VERSION: Synchronized version number with all plugin components for consistency

1.7.7

• CONNECT FLOW: Fixed “Connect” flow – new /wp-json/gatelink-client/v1/connect endpoint with proper HMAC/TTL payload validation
• SECURITY: Implemented HMAC-SHA256 signatures with timestamp validation, nonce replay protection, and time skew tolerance (configurable 30-600 seconds)
• DEBUG: Added debug mode setting with verbose logging for Connect/Verify operations – logs request/response details, UUIDs, and human-readable error reasons
• STATUS: Added status banner on Client Sites page showing last connect attempt details (UUID, URL, response code, reason, timestamp) when debug mode enabled
• AJAX: New gate_manager_connect action with gate_manager_connect_nonce per WordPress.org review requirements
• ENDPOINTS: Manager uses HTTPS enforcement, proper user-agent (GateLink-Manager/v1.7.7), and enhanced error handling
• CLIENT: Updated to v1.7.7 with new connect endpoint, debug logging, settings storage, and improved HMAC validation
• UI: Enhanced JavaScript with proper nonce handling for new connect action and better error display
• COMPLIANCE: WordPress.org compliance improvements – replaced static Ajax endpoint references with proper admin_url() usage
• COMPLIANCE: Fixed inline script/style enqueuing – moved all inline styles to proper wp_add_inline_style() usage
• COMPLIANCE: Enhanced Freemius integration with WordPress.org compliance mode (is_org_compliant => true)
• COMPLIANCE: Improved unique function prefixes – replaced short gm_ prefix with unique gatema_ prefix for better namespace isolation
• COMPLIANCE: Enhanced data sanitization, validation, and escaping throughout the plugin for improved security
• SECURITY: Strengthened input validation and output escaping following WordPress best practices

1.6.0

• FIX: Immediate plan unlock after license activation – no more 20-30 minute delay. Reduced cache TTL from 5 minutes to 60 seconds with fresh entitlement bypass.
• ENHANCEMENT: Added centralized plan state resolver with is_paid() and site_limit() helper methods. All features unlock instantly after license activation.
• NEW: Added gatelink_refresh_entitlements AJAX endpoint for instant UI updates without page reload after Freemius activation.
• EVENTS: Enhanced Freemius event handlers for after_account_connect, after_license_change, after_plan_change, after_premium_version_activation with immediate cache clearing and success notices.
• CACHE: Improved cache compatibility with scoped purges for LiteSpeed, NitroPack, Airlift. Fresh entitlement flag bypasses cache for immediate refresh.
• UX: Added success notices after license activation with automatic redirect to dashboard. Support/Contact menu visibility updates immediately based on plan.

1.5.5

• Fix: Freemius license activation/reset flow stabilized; eliminated SDK warnings after license reset; unified plan detection; enforced site limits (Free 3 / Pro 20 / Business unlimited); dynamic Support/Contact menus via Freemius.

1.5.4

• FREEMIUS: Use Freemius built-in Support/Contact menus dynamically: Free → Support forum only; Paid/Trial → Contact only. Removed custom Support/Contact pages.
• MENU: Dynamic menu visibility using Freemius SDK filters based on plan state. Menu order: Dashboard → Client Sites → Settings → (Support or Contact).
• PLAN: Support/Contact menu switches automatically when plan changes via Freemius hooks (after_account_connect, after_plan_change, after_license_change, after_premium_version_activation).
• CLEANUP: Removed entire render_contact_page method and custom support page templates in favor of Freemius native implementation.
• VERSION: Both Manager and Client plugins updated to v1.5.4 for consistency.

1.5.3

• MENU: Consolidated Contact into a single Support page (plan-aware). Removed Diagnostics tab and all related code. Menu order: Dashboard → Client Sites → Settings → Support.
• SUPPORT: Single Support page with plan-aware content (Free: forum only; Professional: forum + Freemius contact; Business: forum + Freemius contact + priority support).
• CLEANUP: Removed Diagnostics tab, functions, and AJAX endpoints. Added safe redirects for old Diagnostics URLs with dismissible notices.
• COMPLIANCE: Enhanced security with proper nonce validation, capability checks, and input sanitization.
• VERSION: Both Manager and Client plugins updated to v1.5.3 for consistency.

1.5.2

• FIX: Diagnostics tab fatal due to missing callback; consolidated Contact into a single plan-aware page (Free: forum only; Pro: forum + Freemius form; Business: forum + Freemius form + priority info); menu cleanup and UI polish; added safe guards and refresh in Diagnostics.
• MENU: Reordered plugin menu logically (Dashboard → Client Sites → Settings → Contact & Support)
• CONTACT: Implemented plan-aware Contact & Support page with different content for Free/Professional/Business plans
• DIAGNOSTICS: Added proper nonce-protected refresh functionality and defensive error handling
• SECURITY: Enhanced nonce protection, capability checks, and input sanitization across admin pages
• UI: Applied consistent styling with primary color #E91919 for CTAs and improved accessibility

1.5.1

• FIX: Dashboard & Diagnostics fatal due to missing Freemius method; unified Freemius plan API; stronger SDK guards; Diagnostics stabilized; plan gating corrected so paid/trial plans are fully enabled.
• API: Unified stable Freemius API – get_display_plan_name(), get_plan_state(), is_paid(), is_trial(), get_trial_end(), get_license_last4(), refresh_cache()
• STABILITY: Added comprehensive error handling and safe fallbacks for all Freemius SDK calls
• DIAGNOSTICS: Enhanced with unified API self-check section showing plan state, trial info, and cache status
• PERFORMANCE: Force cache invalidation on Freemius plan/license change hooks for immediate UI updates
• COMPLIANCE: Verified Business/Professional plans are properly detected and not treated as Free

1.5.0

• NEW: Dedicated Dashboard page with consolidated metrics and quick actions
• NEW: Live AJAX search on Client Sites (search by label or URL, debounced, accessible)
• RESTRUCTURE: Client Sites now focuses on site management only; dashboard metrics moved to separate page
• ENHANCEMENT: Dashboard placed above Client Sites in admin menu for better UX
• ACCESSIBILITY: Search includes aria-live announcements and keyboard support (Enter/Escape)
• PERFORMANCE: Server-side search endpoint with proper pagination and caching
• SECURITY: Search functionality secured with nonces and capability checks

1.4.4

• Fix: Freemius plan detection unified. Business/Professional (and trials) now fully unlocked. Free plan shows a simple upgrade panel and hides Logs. Correct site limits: Free 3, Pro 20, Business unlimited. Server-side gating added.

1.4.3

• SETTINGS RESTORATION: Restored Settings page with tabs – now available to all users, not just premium plans
• RESET FUNCTIONALITY: Added Reset License and Reset Plugin Settings with enhanced UI and proper confirmations
• FACTORY RESET: Reset Plugin Settings now requires typing “RESET” and redirects to onboarding screen
• UNINSTALL CONTROLS: Added Uninstall/Data Cleanup tab with toggle and detailed deletion list
• COLOR SCHEME: Updated to plugin primary color #E91919 for Reset tab highlighting and primary actions
• ENHANCED MODALS: Replaced browser confirm() with accessible modal dialogs for all reset operations
• SECURITY COMPLIANCE: All actions secured with nonces and capability checks, passes Plugin Check & WPCS
• UI IMPROVEMENTS: Mobile responsive design with proper focus states and aria labels

1.4.1

• DOCUMENTATION: Complete documentation suite added to repository with comprehensive guides
• ENHANCED READMES: Updated plugin readme files with improved descriptions and expanded FAQ sections
• SECURITY GUIDANCE: Added detailed security documentation including firewall/CDN configuration
• API REFERENCE: Complete endpoint documentation with curl examples and error codes
• TROUBLESHOOTING: Comprehensive troubleshooting guide for common connection and authentication issues
• DEPLOYMENT: Added build and deployment documentation for WordPress.org and Freemius compliance

1.4.0

• FREEMIUS TRIALS: Full trial support with proper plan detection – Professional/Business trials now unlock corresponding features
• TRIAL NOTICES: In-plugin trial status, remaining time, and auto-downgrade notifications for all admins
• AUTO-DOWNGRADE: Automatic reversion to Free plan when trials expire, preserving existing site functionality
• TRIAL LIFECYCLE: Event logging for trial started/expiring/ended with comprehensive diagnostics
• PLAN BADGES: Enhanced plan display showing “Professional (Trial — X days left)” with real-time countdown
• HELP DOCUMENTATION: Updated with comprehensive trial information and upgrade guidance

1.3.2

• FREE PLAN: No license required – Free plan now works without any license key and supports up to 3 sites
• BUTTON UX: Improved action buttons – labels never disappear, show connecting/verifying states, all buttons in one row
• Enhanced button states: Connect becomes blue “Connected”, Verify becomes green “Verified”, Login restores after new tab
• Better mobile responsive design with graceful button wrapping
• Suppressed Freemius activation prompts for Free plan users
• Updated README documentation to reflect free plan behavior

1.3.1

• CRITICAL FIX: Fixed Free plan connection blocking – Connect/Verify/Login now work properly for up to 3 sites
• Improved plan enforcement – only block adding new sites when limit exceeded, not operations on existing sites
• Fixed “Connection failed” error on Free plan when exactly at site limit (3 sites)
• Enhanced blocking logic to distinguish between site operations vs. adding new sites
• Updated version numbering across both Manager and Client plugins
• Better compliance with licensing requirements for Free/Professional/Business plans

1.3.0

• Fixed Freemius deployment integration – moved uninstall logic to proper hook for analytics
• Improved free plan UX – existing sites remain fully functional when limit reached
• Enhanced Settings page with tabbed interface (General | Advanced | Reset)
• Removed standalone Reset menu, integrated into Settings as red-styled tab
• Fixed plan limit modal to show upgrade options instead of window alerts
• Better uninstall cleanup respecting Data Retention settings
• Improved WordPress.org compliance and code quality

1.2.2

• CRITICAL FIX: Fixed SSO login URL generation – login links now properly authenticate users to Client wp-admin
• WordPress.org Compliance: Removed all inline scripts and styles, properly using wp_enqueue_script/style
• Enhanced admin interface with improved JavaScript handling and modal interactions
• Fixed URL generation logic for SSO login endpoints
• Improved delete confirmation dialogs and action handling
• Better styling for dashboard cards and log tables
• Updated help documentation with clearer firewall allowlist instructions

1.2.0

• Fixed core connectivity issues with Manager-Client authentication
• Added Dashboard with statistics cards (Total, Verified, Pending/Error, Last Login)
• Implemented comprehensive logging system with admin interface
• Enhanced error handling with actionable fallback guidance
• Added no-cache headers to prevent caching of sensitive requests
• Improved manual pairing interface with copy-to-clipboard functionality
• Added Health Check diagnostics for troubleshooting connections
• Better firewall compatibility with allowlist guidance

1.0.0

Initial release: Shared‑token Verify + one‑click HMAC login, Client Sites CRUD, Tailwind UI, logs.