Title: inPIPE by Seresa
Author: Seresa
Published: <strong>July 7, 2025</strong>
Last modified: March 12, 2026

---

Search plugins

![](https://ps.w.org/inpipe-by-seresa/assets/icon-128x128.png?rev=3323178)

# inPIPE by Seresa

 By [Seresa](https://profiles.wordpress.org/seresa8/)

[Download](https://downloads.wordpress.org/plugin/inpipe-by-seresa.1.1.1.zip)

 * [Details](https://wordpress.org/plugins/inpipe-by-seresa/#description)
 * [Reviews](https://wordpress.org/plugins/inpipe-by-seresa/#reviews)
 *  [Installation](https://wordpress.org/plugins/inpipe-by-seresa/#installation)
 * [Development](https://wordpress.org/plugins/inpipe-by-seresa/#developers)

 [Support](https://wordpress.org/support/plugin/inpipe-by-seresa/)

## Description

inPIPE by Seresa allows you to generate, store, and manage UTM parameters—both plain
and coded. The plugin automatically decodes coded UTM query strings when visitors
land on your website, pushing the full UTM data to the dataLayer. This helps bypass
ad blockers and improves tracking in Google Analytics, Facebook Ads, and other platforms.

 * Generate & manage UTM query strings with ease
 * Supports both **plain and coded UTM parameters**
 * Decodes coded UTM links on-site and sends data to the dataLayer
 * Reduces tracking disruptions caused by ad blockers
 * Works with GA4, GTM, Facebook Ads & more

**Use WP inPIPE for more reliable UTM tracking and better data collection!**

### Features

 * Generate and store UTM query string URLs based on user input
 * Encode UTM parameters to enhance tracking accuracy
 * Decode UTM query strings on site visits and push the original UTM data to the
   dataLayer
 * Potentially bypass ad blockers to ensure accurate data collection

### Configuration

 * Navigate to **Admin Dashboard > inPIPE** to manage plugin settings.
 * Enable automatic UTM processing in the settings panel.
 * Use the **UTM Coder** to create, edit, or delete UTM query strings.

### External Services

This plugin connects to external services hosted by Seresa.io for the following 
purposes:

**Subscription Verification & Premium Package Downloads**
 – **Service:** The plugin
uses the API at [https://sub.seresa.app] to verify premium subscriptions and to 
download premium packages or updates. – **When:** – Subscription verification occurs
when you attempt to access premium features or validate your license. – Package 
downloads occur when you install or update premium components from within the plugin.–**
Data Sent:** – The plugin sends your license key, site URL, and (if applicable) 
the requested package identifier to the API. – **Purpose:** – To verify your entitlement
to premium features and to deliver premium package files securely. – **Terms of 
Service:** [https://seresa.io/terms] – **Privacy Policy:** [https://seresa.io/privacy]

**Other Hosted Services**
 – See below for additional premium features that may 
rely on external event processing (e.g., Transmute Engine).

 1. Subscription Verification
 2.  * What: The plugin connects to https://sub.seresa.app/premium-downloader/v1/verify-
       subscription to validate subscription codes
     * When: This occurs only when a user enters a subscription code in the admin panel
       to activate premium features
     * Data sent: Subscription code entered by the user, site URL, and WordPress version
     * Purpose: To verify the validity of subscription purchases and enable premium
       features
     * Provider: Seresa.io – [Terms of Service](https://seresa.io/terms) and [Privacy Policy](https://seresa.io/privacy)
 3. Package Installation
 4.  * What: The plugin connects to https://sub.seresa.app/premium-downloader/v1/download
       to download premium components
     * When: This occurs only after subscription verification when the user initiates
       the installation of premium features
     * Data sent: Verified subscription code, site URL, WordPress version, and PHP 
       version
     * Purpose: To securely download and install authorized premium components
     * Provider: Seresa.io – [Terms of Service](https://seresa.io/terms) and [Privacy Policy](https://seresa.io/privacy)
 5. Transmute Engine (Premium Feature)
 6.  * What: Premium users’ event data is processed through Transmute Engine, a server-
       side event processing service
     * When: When events are triggered on your website (page views, clicks, form submissions,
       etc.)
     * Data sent: Event data, UTM parameters, and tracking information
     * Purpose: To process and route event data to your configured third-party services
     * How it works: Transmute Engine acts as a first-party server to your website,
       temporarily processing data without permanent storage, and forwarding it to 
       your specified endpoints
     * Provider: Seresa.io – [Terms of Service](https://seresa.io/terms) and [Privacy Policy](https://seresa.io/privacy)

No data is shared with third parties beyond Seresa.io, and all connections use secure
HTTPS encryption. Users can choose not to use premium features, in which case no
external connections will be made.

### Third-Party Libraries

This plugin uses the following third-party libraries:

 1.  Vue.js
 2.   * What: A progressive JavaScript framework for building user interfaces
      * Website: https://vuejs.org/
      * License: MIT License – https://github.com/vuejs/vue/blob/main/LICENSE
 3.  Vue Toastification
 4.   * What: Toast notification library for Vue.js
      * Website: https://github.com/Maronato/vue-toastification
      * License: MIT License
 5.  Lucide Icons
 6.   * What: Beautiful & consistent icon toolkit for Vue.js
      * Website: https://lucide.dev/
      * License: ISC License – https://github.com/lucide-icons/lucide/blob/main/LICENSE
 7.  Axios
 8.   * What: Promise-based HTTP client for JavaScript
      * Website: https://axios-http.com/
      * License: MIT License
 9.  Pinia
 10.  * What: State management library for Vue.js
      * Website: https://pinia.vuejs.org/
      * License: MIT License
 11. Vue I18n
 12.  * What: Internationalization plugin for Vue.js
      * Website: https://vue-i18n.intlify.dev/
      * License: MIT License
 13. Tailwind CSS
 14.  * What: Utility-first CSS framework
      * Website: https://tailwindcss.com/
      * License: MIT License
 15. WordPress JavaScript Libraries
 16.  * What: Official WordPress JavaScript libraries (@wordpress/api-fetch, @wordpress/
        components, @wordpress/element, @wordpress/i18n)
      * Website: https://developer.wordpress.org/block-editor/reference-guides/packages/
      * License: GPL-2.0+ License

All third-party libraries used are compatible with the GPL-2.0+ license of this 
plugin.

### Build Tools and Source Code Access

This plugin uses modern frontend tools (Vue.js, Vite, Axios) to build its admin 
interface. The full, human-readable source code is included directly within the 
plugin package under the /src directory.

Included source code:
 • /src/ contains all original Vue 3 components, Pinia store,
and JavaScript modules • /dist/ contains the compiled production build • /src/README.
md contains full build instructions and configuration references

Build Toolchain:
 • Vue.js 3 • Vite • Tailwind CSS • PostCSS • Vitest • Grunt

To rebuild the admin interface from source:
 1. Navigate to the /src directory 2.
Run npm install 3. Run npm run build:free or npm run build:premium to compile assets
to /dist

This ensures full compliance with WordPress.org’s guidelines requiring human-readable
source code for all minified or bundled assets.

For detailed developer instructions, see /src/README.md.

### License

This plugin is licensed under the GNU General Public License v2.0 or later.
 For
more details, visit: https://www.gnu.org/licenses/gpl-2.0.html

### Support

For **free users**: Report issues on our GitHub page:
 🔗 [GitHub Issues](https://github.com/seresa8/inPIPE-by-Seresa-issues/issues)

For **general inquiries**, contact us at [support@seresa.io](https://wordpress.org/plugins/inpipe-by-seresa/support@seresa.io?output_format=md).

For **premium users**: Get priority support at 🔗 [seresa.io/support](https://seresa.io/support).

## Installation

 1. Upload the plugin folder to your WordPress plugin directory (`wp-content/plugins/`).
 2. Activate the plugin through the **Plugins > Installed Plugins** menu in WordPress.

## FAQ

### Can I use this plugin just to generate UTM parameter query strings?

Yes! The plugin allows you to easily generate **UTM parameter query strings** for
your marketing campaigns. You can create both **plain and coded UTM query strings**
with simple click options. If you only need to generate and use UTM parameters without
decoding, you can do so without enabling the decoding feature.

### Can I use plain UTM parameters instead of coded ones?

Yes! The plugin supports both **plain and coded UTM parameters**. If you don’t enable
decoding, your standard UTM parameters will work as usual. If you want extra protection
against ad blockers, you can enable decoding in the plugin settings.

### How do I enable coded UTM decoding?

Go to **Settings > WP inPIPE** and turn on the option for **Coded UTM Processing**.
When enabled, the plugin will detect and decode coded UTM query strings, replacing
them with the full UTM parameters in the URL bar and pushing them to the dataLayer.

### How does this help with Google Tag Manager (GTM)?

By pushing **decoded UTM parameters** directly into the **dataLayer**, Web GTM can
receive the data without requiring extra configurations to extract and manage UTM
values. This simplifies tracking setup and ensures cleaner data in your analytics.

## Reviews

![](https://secure.gravatar.com/avatar/f079c2a396d18b1ae8f735d18beebb3073ff6000379d4a299fce65a1b3560acd?
s=60&d=retro&r=g)

### 󠀁[Premium version](https://wordpress.org/support/topic/premium-version-85/)󠁿

 [ender015](https://profiles.wordpress.org/ender015/) July 7, 2025 1 reply

Hi, I just downloaded your plugin — it’s really helpful for suppressing adblockers.
I was wondering if you have plans to release a premium version soon? Looking forward
to it!

 [ Read all 1 review ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/)

## Contributors & Developers

“inPIPE by Seresa” is open source software. The following people have contributed
to this plugin.

Contributors

 *   [ Seresa ](https://profiles.wordpress.org/seresa8/)

[Translate “inPIPE by Seresa” into your language.](https://translate.wordpress.org/projects/wp-plugins/inpipe-by-seresa)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/inpipe-by-seresa/),
check out the [SVN repository](https://plugins.svn.wordpress.org/inpipe-by-seresa/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/inpipe-by-seresa/)
by [RSS](https://plugins.trac.wordpress.org/log/inpipe-by-seresa/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.1.1 – 2026-02-12

**UTM Import, Dropdown Options Management, Edit UX Overhaul, Validation & Security
Enhancements**

#### NEW FEATURES

 * **Quick Import UTM**: Paste any URL containing UTM parameters and auto-fill the
   form
    - Supports full URLs, query-only strings, bare parameters, and URLs without 
      protocol
    - Six-step validation chain: empty check, 512-char length cap, multiple URL 
      detection, dangerous protocol blocking, URL parsing with fallbacks, and UTM
      parameter extraction
    - Extracts standard UTM parameters (source, medium, campaign, term, content,
      id)
    - Now also picks up all non-standard query parameters as custom parameters (
      up to 3), not just `utm_*` prefixed ones
    - Domain validation: rejects URLs that don’t match the site domain
    - Warning toast when custom parameters exceed the limit, showing how many were
      skipped
    - Landing path extracted from URL and auto-confirmed
    - Import UTM button in card header next to Reset All
 * **UTM Dropdown Options Management**: Custom dropdown values for all six UTM parameter
   fields
    - New `inpipe_utm_options` database table with seeded defaults and user-added
      values
    - Add custom values inline via dropdown input (auto-saved to server immediately)
    - Delete any option (including defaults) via delete icon in dropdown
    - Options loaded from server on mount via `InPipe_UTM_Options_Manager` with 
      24-hour object caching
    - Toast feedback on add (“{value} added”) and delete (“{value} removed”)
 * **Landing Page Path Confirmation**: Confirm-before-edit workflow for the landing
   page path
    - Three-state field: editable input with checkmark  confirmed display  live 
      query preview
    - Five-layer path validation: query characters (`?#&=`), UTM parameter patterns,
      character allowlist, path traversal/dot abuse, consecutive slashes
    - UTM params lock overlay when path is typed but not confirmed (prevents editing
      UTM fields until path is confirmed)
    - Users can skip the path entirely and go straight to UTM params
 * **Live UTM Query Preview**: Real-time preview of the URL being built inside the
   landing page field
    - Shows `page/subpage?utm_source=google&utm_medium=cpc&custom_key=value` as 
      params are selected
    - Replaces the editable input once any UTM parameter has a value

#### UTM EDIT UX OVERHAUL

 * **Editing State Indicator**: Blue banner below card header when editing a stored
   UTM
    - Shows pencil icon, “Editing UTM:” label, and the UTM ID in a monospace badge
    - Cancel button to exit edit mode and clear the form
 * **Save Button Context**: Button changes from “Save UTM” to “Update UTM” with 
   pencil icon when editing
 * **Active UTM Highlight**: Stored UTM item being edited gets a blue border and
   tint
 * **Saved UTM Highlight**: Newly saved or updated UTM gets a primary-color highlight
   with 3-second fade-out animation, auto-scrolls into view
 * **Auto-Copy on Save**: Coded URL is automatically copied to clipboard after saving
    - Toast message: “UTM saved — coded URL copied to clipboard!”
    - Graceful fallback if clipboard access is denied
 * **Param Value Indicators**: UTM parameter cards show primary-color border when
   they have a value
 * **Scroll Behavior**: Edit and import scroll to the top of the UTM Parameters 
   card; save scrolls to the highlighted stored UTM

#### EDIT BUG FIXES

 * **Fixed hasUnsavedChanges**: Now compares against a snapshot of the loaded UTM
   values instead of static empty defaults
 * **Fixed Coded URL Regeneration**: Editing a UTM no longer generates a new random
   coded URL value on every keystroke — preserves the original coded URL so shared
   links aren’t broken
 * **Fixed Watcher During Edit Load**: Added `isLoadingEdit` guard to prevent the
   deep watcher from firing multiple times while populating the form during edit
 * **Fixed Custom Params Shallow Copy**: Edit now deep-copies custom parameters 
   to prevent mutation of stored UTM data

#### SECURITY ENHANCEMENTS

 * **Allowlist-Based Sanitization**: Replaced blocklist `sanitizeUtmValue()` with
   normalize-and-allowlist approach
    - NFKC normalization collapses fullwidth characters (e.g., `ｇｏｏｇｌｅ`  `
      google`)
    - Strips zero-width characters, directional overrides, and BOM marks
    - Allowlist filter: only `a-z`, `0-9`, `_`, `-`, `.`, space survive
    - Blocks emoji, non-standard whitespace, control characters, and all non-Latin
      input
 * **Strict Custom Key Sanitization**: New `sanitizeCustomKey()` function for custom
   parameter keys
    - Only `a-z`, `0-9`, `_`, `-` allowed (no spaces or periods)
 * **Custom Parameter Input Validation**: Blur-based validation for custom parameter
   keys and values
    - Key validation: rejects invalid characters, standard UTM name collisions, `
      utm_` prefix, and duplicate keys
    - Value validation: rejects query-breaking and injection characters
    - Immediate feedback via warning toasts — invalid input is rejected and field
      is cleared on blur
    - Uppercase input silently normalized to lowercase on blur (e.g., `TEST`  `test`)
    - Save-time sanitization via `sanitizeCustomKey()` / `sanitizeUtmValue()` as
      final safety net
 * **Dropdown Value Sanitization**: `handleAddFromDropdown()` sanitizes via allowlist
   before setting v-model
    - Strict equality check rejects any input altered by sanitization (e.g., `<script
      >alert(1)</script>`  rejected)
    - Dirty value guard in watcher silently clears pre-existing dirty options on
      selection
 * **Landing Page Path Hardening**: Five-layer validation for the landing page path
    - Layer 3: Character allowlist — only `a-z`, `0-9`, `-`, `_`, `.`, `/` allowed(
      rejects commas, spaces, special chars)
    - Layer 4: Path traversal protection — blocks `../`, `./`, leading/trailing 
      dots, `/.` patterns
    - Layer 5: Malformed path detection — blocks consecutive slashes (`//`)
 * **Import Domain Validation**: Imported URLs are validated against the site domain—
   mismatched domains are rejected with a clear error message

#### IMPROVEMENTS

 * **inPipeBaseSelect Component**: Complete rebuild with custom dropdown mode
    - Custom dropdown with deletable options, inline custom value input, keyboard
      navigation
    - ARIA combobox/listbox roles for accessibility
    - Click-outside close, escape key handling, arrow key navigation with highlighted
      index
    - Falls back to native `<select>` when `deletableOptions` is not provided
 * **Coded URL Landing Path**: Both full URL and coded URL now include the landing
   page path
 * **Placeholder Update**: Landing page placeholder changed to `page/subpage`
 * **Emoji to Lucide Icons**: Replaced all emoji icons in UTM Coder with Lucide 
   icon components (Download, RefreshCcw, Pencil, Trash2, Save, Copy, Check, Loader,
   Plus, Zap, CircleAlert, Rocket)
 * **Stored UTMs Spacing Fix**: Fixed `space-y` (Tailwind-only utility) not working
   in plain CSS — replaced with flexbox gap for proper spacing between stored UTM
   items and URL rows

#### NEW FILES

 * `includes/core/class-inpipe-utm-options-manager.php` — UTM dropdown options CRUD
   with WordPress object caching

#### TECHNICAL

 * Bumped `INPIPE_DB_VERSION` from `1.0.0` to `1.1.0` to trigger database upgrade
   for users updating from v1.1.0 — ensures `inpipe_utm_options` table is created
   via `dbDelta`
 * Added `inpipe_utm_options` table: `id`, `field_name`, `option_value`, `is_default`,`
   created_at`, `updated_at` with unique index on `(field_name, option_value)`
 * Added `inpipe_seed_utm_options()` function in `install.php` with INSERT IGNORE
   for idempotent re-activation
 * Added 3 new REST API endpoints: `inpipe-utm-options-fetch`, `inpipe-utm-options-
   save`, `inpipe-utm-options-delete`
 * Added `handle_utm_options_fetch()`, `handle_utm_options_save()`, `handle_utm_options_delete()`
   to `InPipe_API_Endpoints_Free`
 * Added `UTM_OPTIONS_FETCH`, `UTM_OPTIONS_SAVE`, `UTM_OPTIONS_DELETE` to frontend`
   API_ENDPOINTS`
 * Removed Gorilla tracking script from free build in `vite.config.js` (premium-
   only)
 * Table added to `inpipe_cleanup_tables()` for proper uninstall cleanup
 * Added `editSnapshot`, `editingCodedValue`, `isLoadingEdit`, `highlightedUtmId`,`
   utmParamsCard` reactive refs to UTM Coder component

#### 1.1.0 – 2026-01-29

**Gorilla Food REST API Endpoint, Cache-Busting & Hourly Usage Sync**

#### NEW FEATURES

 * **Hourly Usage Data Sync**: `inpipe_sync_subscription_data` now fetches fresh
   usage data from Subscriber App API
    - Automatically updates `inpipe_usage_data` option with events_used_this_month,
      allowance, etc.
    - Updates `inpipe_last_webhook` timestamp so “Synced at” reflects actual sync
      time
    - No longer relies solely on Stripe webhook push – now actively pulls data hourly
 * **Gorilla Food REST API Endpoint**: Added `/wp-json/inpipe/v1/gorilla-food` endpoint
   for Safari ITP bypass on cached pages
    - Called by JavaScript when no `gorilla_food` cookie exists
    - Sets server-side cookie via PHP (bypasses Safari 7-day ITP limitation)
    - REST API endpoints bypass FastCGI page cache, ensuring PHP always executes
    - Returns `gorilla_food` visitor ID and `is_new_user` boolean

#### IMPROVEMENTS

 * **Gorilla Food Cookie Optimization**: Cookie now only set for new users
    - Prevents polluting page cache with Set-Cookie headers
    - Returning users already have the cookie – no need to re-set
    - Improves cache efficiency on high-traffic sites
 * **Cache-Busting Page Reload**: Improved page refresh after premium installation
    - Replaced `window.location.reload()` with cache-busting URL approach
    - Adds `_inpipe_refresh` timestamp parameter to force fresh HTML
    - Ensures premium CSS/JS loads correctly without manual hard refresh
    - Applied to both successful installation and timeout recovery flows
 * **Renamed Frontend Tracking Script**: Renamed tracking script to “Gorilla” for
   consistency
    - Script handle changed from `inpipe-tracking` to `inpipe-gorilla`
    - Script file renamed from `tracking.js` to `gorilla.js`
    - Backwards-compatible: `window.initInPipeTracker` aliased to `window.initGorilla`

#### TECHNICAL

 * Added `handle_gorilla_food()` method to `InPipe_API_Endpoints_Free` class
 * Registered new public REST route `/inpipe/v1/gorilla-food` with `__return_true`
   permission
 * Updated `set_cookie()` in `InPipe_Gorilla_Food_Manager` to skip returning users
 * Simplified cookie path to `/` for broader compatibility
 * Changed error logging to use `inpipe_debug_log()` helper
 * Removed redundant `log_error()` private method from Gorilla Food Manager
 * Updated `inPipeSubscriptionComponent.vue` reload logic with URL cache-busting
 * Renamed `wp_enqueue_script` handle from `inpipe-tracking` to `inpipe-gorilla`
 * Updated `wp_localize_script` to use new `inpipe-gorilla` handle

#### 1.0.9 – 2026-01-20

**Server-Side Cookie for Safari ITP Bypass (gorilla_food)**

#### FIXES

 * Fixed duplicate error message display on subscription activation page
    - Removed redundant error display from `inPipeBaseInput` `:error` prop
    - Error now only shows once in the styled red-bordered box

#### NEW FEATURES

 * **Gorilla Food Cookie System**: Implemented server-side cookie system to bypass
   Safari ITP 7-day JavaScript cookie limitation
    - Server-side PHP `setcookie()` creates HTTP cookie that Safari treats as first-
      party
    - 400-day cookie expiration (maximum browser-allowed duration)
    - Unique 35-character visitor ID format: `XXXXXXXX-XXXXXXXX-XXXXXXXX-XXXXXXXX`
    - Uses 58-character set excluding confusing characters (O, o, l, 0)
 * **Visitor Identification**: New `gorilla_food` cookie provides persistent visitor
   identification
    - Survives Safari ITP cookie restrictions that limit JavaScript cookies to 7
      days
    - Cookie refreshed on every page load to maintain freshness
    - Bot detection to skip cookie setting for crawlers
 * **dataLayer Integration**: Gorilla food value automatically pushed to dataLayer
    - `gorilla_food` – The unique visitor identifier
    - `is_new_user` – Boolean indicating if this is a new visitor (cookie just created)
    - Available at priority 1 in `wp_head` for all tracking scripts

#### NEW FILES

 * `includes/core/cookie/index.php` – Directory protection
 * `includes/core/cookie/inpipe-gorilla-food-functions.php` – Core generation functions
   and constants
 * `includes/core/cookie/class-inpipe-gorilla-food-manager.php` – Cookie management
   class
 * `includes/core/cookie/class-inpipe-gorilla-food-integration.php` – WordPress 
   hooks and dataLayer output

#### TECHNICAL

 * Added `INPIPE_COOKIE_NAME` constant (`gorilla_food`)
 * Added `INPIPE_COOKIE_EXPIRY` constant (400 days)
 * Added `INPIPE_COOKIE_ID_LENGTH` constant (35 characters)
 * Added `inpipe_generate_gorilla_food()` function
 * Added `inpipe_generate_random_string()` function
 * Added `inpipe_validate_gorilla_food()` function
 * Added `InPipe_Gorilla_Food_Manager` class
 * Added `InPipe_Gorilla_Food_Integration` class with static access methods
 * Bootstrap runs at `plugins_loaded` priority 5
 * Cookie set at `init` priority 1 (before headers sent)
 * dataLayer output at `wp_head` priority 1

#### PREMIUM INTEGRATION

 * Premium plugin’s tracking.js now reads `gorilla_food` from dataLayer
 * All events include `gorilla_food` and `is_new_user` fields
 * PHP-collected events also include gorilla_food via `InPipe_Gorilla_Food_Integration::
   get_gorilla_food()`
 * Added `inpipe_premium_build_event()` helper function for building events with
   gorilla_food

#### 1.0.8 – 2026-01-15

**Redis Stale Cache Recovery**

#### NEW FEATURES

 * Added `refresh_settings()` method to Settings Manager for Redis stale cache recovery
    - Force-reloads settings from database bypassing object cache
    - Used by Connections Manager when `client_id` appears empty due to stale Redis
      cache
    - Used by Usage Webhook Sender when `subscription_key`/`subscription_status`
      appear empty
    - Prevents “Valid client ID not found” error on Redis-enabled servers (e.g.,
      Cloudways)
    - Ensures usage webhooks are scheduled and sent correctly even with stale cache

#### 1.0.7 – 2026-01-13

**Auto-Disable Event Tracking for Expired Subscriptions**

#### NEW FEATURES

 * **Automatic Event Tracking Disable**: Event tracking is now automatically disabled
   when subscription is not active
    - Catches cases where subscription expired while site was offline
    - Runs on plugin initialization and when subscription status changes
    - Only `active` and `trialing` subscriptions can have event tracking enabled

#### IMPROVEMENTS

 * **Subscription Data Always Available**: Subscription data is now always included
   in admin settings, not just for active premium users
    - Enables proper display of expired/cancelled subscription status in UI
    - Allows users to see their subscription status even after it expires

#### UI ENHANCEMENTS

 * **Toggle Component Disabled State**: Added disabled prop support to base toggle
   component
    - Visual feedback with reduced opacity and grayscale filter
    - Prevents interaction when disabled
    - Proper ARIA accessibility attributes

#### BUG FIXES

 * **Fixed Auto-Refresh After Premium Upgrade**: Page now correctly auto-refreshes
   after successful premium installation
    - Backend was missing `safe_to_refresh` and `require_refresh` flags in API response
    - Frontend condition was always false, preventing the reload from triggering

#### CODE CLEANUP

 * Removed dead code from Settings Manager:
    - Removed unused `$is_premium` property
    - Removed unused `validate_license()` method (~75 lines)
    - Premium status now fully handled by `InPipe_Status_Manager`

#### TECHNICAL

 * Added `maybe_disable_event_tracking()` method to `InPipe_Status_Manager`
 * Updated `on_subscription_changed()` to auto-disable tracking when subscription
   becomes inactive
 * Modified `get_vue_admin_settings()` to always include subscription data
 * Enhanced `inPipeBaseToggle.vue` with disabled state styling and handling
 * Fixed `handle_premium_install()` response to include refresh flags
 * Updated `class-inpipe-settings-manager.php` – Removed stale-cache check, dead
   code cleanup

#### 1.0.6 – 2026-01-08

**Redis Object Cache Compatibility Fix**

#### BUG FIXES

 * **Fixed WordPress Hooks Not Registering on Redis Cache Hit**: Hooks were incorrectly
   placed inside cache check blocks, causing them to not register when object cache
   returned a hit
    - WordPress hooks are request-specific and must be registered on every request
    - Cache was preventing `add_action()` and `add_filter()` calls from executing
      on cached requests
    - Fixes cron jobs not firing, REST API endpoints not registering, and event 
      tracking not working on Redis/Memcached hosting

#### AFFECTED FILES

 * `class-inpipe-utm-decoder.php` – Fixed `init_hooks()` method
 * `class-inpipe-premium-event-collector.php` – Fixed `register_wordpress_hooks()`,`
   register_pattern_based_hooks()`, and `initialize_form_protection()` methods

#### TECHNICAL

 * Moved all `add_action()` and `add_filter()` calls outside of cache check if-blocks
 * Cache is now only used for debug logging purposes (first-init detection)
 * WordPress automatically deduplicates identical hook registrations, making this
   pattern safe
 * Compatible with all object cache backends: Redis, Memcached, APCu, and default(
   no cache)

#### 1.0.5 – 2026-01-06

**Trial Subscription Support & REST API Fix**

#### NEW FEATURES

 * **Trial Subscription Status Support**: Added full support for `trialing` subscription
   status from Stripe
    - Trial users now properly recognized as premium users with access to all features
    - Premium UI components display correctly during trial period
    - Event tracking enabled for trial subscriptions

#### UI ENHANCEMENTS

 * **Trial Status Display**: Added “Trial Active” status display in subscription
   management
    - New blue badge styling for trial status (`.badge-trialing`)
    - Status indicator shows “Trial Active” instead of “Unknown”
    - Consistent visual styling across all subscription status displays

#### BUG FIXES

 * **Fixed REST API 404 Errors on Cached Servers**: Removed incorrect route caching
   that caused 404 errors on servers with persistent object cache (Redis/Memcached)
    - Routes must be registered on every `rest_api_init` call; caching was preventing
      registration
    - Fixes `/wp-json/inpipe/v1/*` endpoints returning 404 on cached hosting environments
 * **Fixed Premium Detection for Trials**: Trial subscriptions now correctly detected
   as valid premium subscriptions
    - Updated `isValid()` method to accept `trialing` status
    - Updated `inpipe_has_premium_subscription()` SQL query to include `trialing`
    - Fixed `is_active` checks in API endpoints to recognize trial subscriptions
 * **Fixed Subscription Warning Banner**: Trial users no longer see incorrect subscription
   warning messages
 * **Fixed Event Tracking for Trials**: Event tracking now properly schedules for
   trial subscriptions

#### TECHNICAL

 * Updated `class-inpipe-status-manager.php` with trialing status support
 * Updated `class-inpipe-api-endpoints-free.php` with trialing status checks and
   removed route caching
 * Added `@since 1.0.5` documentation tags to all modified methods

#### 1.0.4 – 2025-12-16

**Subscription Type Fix & Webhook Improvements**

#### BUG FIXES

 * **Fixed Subscription Type Mapping**: Subscription type now correctly reads from
   API response
    - Changed from `metadata_plan_name` to `plan_name` field to match actual API
      response
    - Fixes issue where `subscription_type` was defaulting to “free” after premium
      upgrade
    - Supported plan types: Trial, Entry, Premium, Professional, Enterprise

#### IMPROVEMENTS

 * **Simplified Webhook Handler**: Refactored `handle_subscription_webhook()` to
   use action hook pattern
    - Now delegates webhook processing to Premium plugin via `inpipe_process_webhook`
      action hook
    - Cleaner separation between Free and Premium plugin responsibilities
    - Premium plugin hooks in with: `add_action('inpipe_process_webhook', [$this,'
      process_webhook'], 10, 3)`

#### 1.0.3 – 2025-12-01

**CRITICAL Uninstall Fix + Security Improvements + UI Fixes**

#### BUG FIXES

 * **Fixed Subscription Code Whitespace**: Subscription codes with leading/trailing
   spaces now validate correctly
    - Added trim() to subscription code input before validation and API submission
    - Prevents “Invalid subscription code format” error when users paste codes with
      extra whitespace

#### UI ENHANCEMENTS

 * **Mobile Responsive Buttons**: Fixed upgrade buttons in Settings component for
   mobile view
    - Buttons now stack vertically and take full width on screens 768px and below

#### CRITICAL BUG FIX

 * **Fixed Uninstall Table Removal**: Resolved critical bug where plugin tables 
   without wp_ prefix were not being removed during uninstallation
    - **The Issue**: Tables like `inpipe_premium_test` (without wp_ prefix) were
      not being deleted
    - **Root Cause**: Code was incorrectly stripping and re-adding the WordPress
      prefix to ALL table names
    - **The Fix**: Now uses full table names directly from database without prefix
      manipulation
    - **Impact**: All inpipe tables are now properly removed, regardless of prefix
      pattern
    - **Tested**: Verified working with wp_inpipe_*, inpipe_*, and _inpipe_ patterns
      in Docker WordPress environment

#### SECURITY ENHANCEMENTS

 * **Added SQL Injection Protection**: Implemented multi-layer security for table
   DROP operations
    - Layer 1: Regex validation (alphanumeric + underscore only)
    - Layer 2: Must contain ‘inpipe’ string
    - Layer 3: esc_sql() sanitization before query
    - Layer 4: Tables only from trusted SHOW TABLES source
    - Layer 5: Verification with prepared statements
    - **Result**: All 12 security validation tests passed

#### TABLES NOW PROPERLY REMOVED

 * wp_inpipe_* (standard FREE tables)
 * wp_inpipe_premium_* (PREMIUM with wp_ prefix)
 * inpipe_premium_* (PREMIUM without wp_ prefix) – **NOW FIXED!**
 * inpipe (backup/custom tables)
 * All variations (mixed case, numbers, various prefixes)

#### DOCUMENTATION

 * **Updated File Headers**: Added @since 1.0.3 documentation to uninstall.php
 * **Added Test Results**: Comprehensive Docker test results documented
 * **Added Security Summary**: Full security validation documentation

#### 1.0.3 (Previous) – 2025-11-27

**UI Improvements, Component Enhancements & Subscription API Fix**

#### BUG FIXES

 * **Fixed Subscription Data Mapping**: Corrected API response field mapping in 
   subscription verification process
    - `subscription_type` now correctly reads from `metadata_plan_name` (e.g., “
      Trial”, “Pro”, “Business”)
    - `plan_type` now correctly reads from `plan` field (e.g., “Monthly”, “Yearly”)

#### UI ENHANCEMENTS

 * **Enhanced Loading Spinner**: Added professional loading spinner with smooth 
   animation for Vue admin app loading state
 * **Improved Loading Container**: Better styled loading container with centered
   layout and visual feedback
 * **Button Disabled States**: Added proper disabled button styling with visual 
   feedback for better UX

#### COMPONENT UPDATES

 * **Base Button Component**: Added loading spinner animation and disabled state
   styling
 * **Vue Admin Controller**: Enhanced render_admin_app with inline CSS for loading
   states
 * **Settings Component**: UI cleanups and improved layout
 * **Subscription Component**: Streamlined interface and better visual hierarchy
 * **Translation Updates**: Enhanced Vue translations for better internationalization

#### TECHNICAL

 * Merged upstream changes with local improvements
 * Resolved merge conflicts in Vue admin and button components
 * Updated doc blocks with @since 1.0.3 tags

#### 1.0.2 – 2025-11-20

**Bug Fixes, Uninstall Improvements & UI Updates**

#### BUG FIXES

 * **Fixed Premium Upgrade File Issue**: Resolved file handling error during premium
   package installation and upgrade process
 * **Fixed Incomplete Uninstall After Failed Premium Upgrade**: Plugin now properly
   removes ALL database tables with `inpipe_` prefix during uninstall, preventing
   orphaned premium tables from breaking WordPress admin after failed upgrades
 * **Fixed Auto-Refresh After Premium Upgrade**: Replaced deprecated `window.location.
   reload(true)` with cache-busting URL approach to ensure premium features display
   immediately after upgrade without requiring manual hard refresh

#### UI & MESSAGING UPDATES

 * **Updated Upgrade Messaging**: Changed all “Upgrade to Premium” messaging to 
   promote “Premium Transmute Engine™ service for WordPress”
 * **Enhanced Service Description**: Added detailed messaging about seamlessly sending
   event data to multiple endpoints (GA4, Google Ads, Facebook Ads, Klaviyo, Big
   Query) processed server-side
 * **Updated Call-to-Action Buttons**: Changed upgrade CTAs to “Learn More” and “
   Free Trial” buttons with new URLs pointing to Transmute Engine pages
 * **Improved Link Structure**: Made “Get a free trial today” a clickable link in
   settings component
 * **Terminology Updates**: Changed all references from “endPIPEs” to “outPIPEs”
   throughout the interface
 * **Removed Premium Feature Cards**: Streamlined subscription component by removing
   individual feature cards in favor of focused upgrade messaging
 * **Updated Support URLs**: Changed documentation and support links to point to
   support.seresa.io and Seresa YouTube channel
 * **Consistent Header Sizing**: Standardized header sizes across Settings and Subscription
   components for better visual hierarchy
 * **Optimized Button Layout**: Compressed upgrade buttons to left-aligned layout
   for better visual flow
 * **Refined Description Styling**: Adjusted upgrade description text sizing for
   better readability

#### IMPROVEMENTS

 * **Simplified Uninstall Logic**: Removed complex conditional cleanup logic – uninstall
   now unconditionally removes ALL tables starting with `inpipe_` prefix regardless
   of detection state
 * **Enhanced Cleanup Reliability**: Uninstall process no longer relies on premium
   detection; uses pure prefix-based table discovery to ensure complete cleanup 
   in all scenarios
 * **Improved WordPress Core Options Cleanup**: Automatically removes inPIPE references
   from WordPress core options (`uninstall_plugins`, `recently_activated`, `cron`,`
   _site_transient_update_plugins`) during uninstallation
 * **Modern Browser Compatibility**: Updated page reload mechanism to work reliably
   across all modern browsers by using timestamp-based cache-busting instead of 
   deprecated reload methods
 * **Enhanced Premium Integration**: Improved premium loader functionality and status
   manager for better premium feature detection and handling
 * **Improved Vue Admin Interface**: Enhanced Vue admin component with improved 
   caching, settings management, and connection handling
 * **Enhanced Form Components**: Significantly improved base input component with
   200+ lines of new functionality for better user input handling and validation
 * **Updated Translation System**: Refined Vue translations for better internationalization
   support with new Transmute Engine™ messaging
 * **API Endpoint Refinements**: Improved API endpoint handling and initialization
   for more reliable premium integration
 * **Button Component Enhancement**: Added new functionality to base button component
   for improved user interactions
 * **Settings Component Updates**: Enhanced settings component with improved configuration
   handling and upgrade messaging

#### TECHNICAL ENHANCEMENTS

 * Updated 10 core files including API endpoints, status manager, Vue admin controller,
   and Vue components
 * Added 374 new lines of functionality with 71 lines of optimization
 * Improved premium loader class implementation
 * Enhanced API initialization logic

#### 1.0.1 – 2025-07-17

**Major Enhancement: Unified Premium Detection System**

#### NEW FEATURES

 * **Status Manager Integration**: Implemented centralized premium detection system
   for consistent plugin behavior
 * **Enhanced Uninstall Safety**: Added intelligent premium detection during uninstallation
   with robust fallback mechanisms
 * **Improved API Reliability**: Unified premium detection across all API endpoints
   and initialization

#### IMPROVEMENTS

 * **Premium Detection Consolidation**: Replaced 13+ scattered premium detection
   points with single unified system
    - API Endpoints Free: 5 detection points  1 unified Status Manager call (80%
      complexity reduction)
    - API Initialization: 3 detection points  unified premium detection
    - Smart Uninstaller: Enhanced with Status Manager integration plus 4 robust 
      fallback methods
 * **Enhanced Error Handling**: Added comprehensive safety checks and graceful degradation
   across all components
 * **Debug Logging**: Improved debugging capabilities with detailed Status Manager
   integration logging
 * **Code Maintainability**: Centralized premium logic reduces maintenance overhead
   and improves consistency

#### TECHNICAL ENHANCEMENTS

 * **API Endpoints**: Updated `handle_subscription_webhook()`, `handle_premium_integration()`,`
   handle_premium_install()`, and `handle_premium_install_status()` methods with
   unified premium detection
 * **Backup System**: Enhanced backup creation and restoration with Status Manager
   integration
 * **Uninstall Process**: Added `is_uninstall_context_safe()` method for secure 
   Status Manager usage during plugin removal
 * **WordPress Standards**: Maintained full compliance with WordPress coding standards
   and best practices

#### SECURITY & RELIABILITY

 * **Uninstall Context Safety**: Added pre-flight checks before Status Manager usage
   during uninstallation
 * **Database Validation**: Enhanced database connection verification and WordPress
   function availability checks
 * **Graceful Degradation**: Improved fallback mechanisms when Status Manager unavailable
 * **Exception Handling**: Comprehensive error handling prevents fatal errors during
   premium detection

#### COMPATIBILITY

 * **Backward Compatibility**: All existing functionality preserved with zero breaking
   changes
 * **WordPress Core**: Fully compatible with WordPress 5.0+ requirements
 * **PHP Compatibility**: Maintains PHP 7.4+ compatibility with improved error handling
 * **Performance**: Enhanced premium detection with minimal performance overhead

#### DEVELOPER NOTES

 * **Class Documentation**: Updated DocBlocks with @since 1.0.1 tags for all modified
   methods
 * **API Preservation**: 100% API functionality maintained – all endpoints continue
   to work identically
 * **Hook Integration**: All WordPress action and filter hooks preserved without
   modifications
 * **Debug Support**: Enhanced debugging capabilities for troubleshooting premium
   detection issues

#### FILES UPDATED

 * `uninstall.php` – Stripped constructor and 4 internal methods: smart uninstaller
   setup and safety validation
 * `inpipe-by-seresa.php` – Removed 15 init, activation, component loading, and 
   logging functions
 * `includes/core/class-inpipe-vue-admin.php` – Stripped Vue admin controller constructor
   and 4 methods for cached settings and connections
 * `includes/core/class-inpipe-status-manager.php` – Removed 21 premium detection,
   validation, and mode management methods
 * `includes/core/class-inpipe-settings-manager.php` – Stripped constructor and `
   load_settings` logic
 * `includes/core/class-inpipe-feature-manager.php` – Stripped `InPipe_Feature_Manager`
   core feature loader
 * `includes/free/premium-upgrade/class-inpipe-simple-subscription-verifier.php`–
   Removed `verify_with_server`
 * `includes/free/premium-upgrade/class-inpipe-premium-integrator.php` – Removed`
   integrate_package` and `rollback_integration`
 * `includes/free/premium-upgrade/class-inpipe-package-installer.php` – Stripped
   6 installer and package handling methods
 * `includes/free/premium-upgrade/class-inpipe-backup-manager.php` – Stripped constructor
   and `ensure_wp_constants`
 * `includes/core/api/inpipe-api-init.php` – Stripped `inpipe_init_api_endpoints`
 * `includes/core/api/class-inpipe-api-endpoints-free.php` – Stripped 8 methods 
   covering public UTM validation, premium integration, webhook handling, backup,
   and install status

#### UPGRADE NOTES

 * **Automatic Enhancement**: Existing installations automatically benefit from 
   improved premium detection
 * **No Configuration Required**: Changes are transparent to end users
 * **Plugin Stability**: Enhanced reliability for both free and premium installations
 * **Debugging Improvements**: Better error reporting and diagnostic capabilities

#### 1.0.0 – 2025-07-07

 * Initial release.

## Meta

 *  Version **1.1.1**
 *  Last updated **3 months ago**
 *  Active installations **Fewer than 10**
 *  WordPress version ** 6.4 or higher **
 *  Tested up to **6.9.4**
 *  PHP version ** 8.3 or higher **
 * Tags
 * [datalayer](https://wordpress.org/plugins/tags/datalayer/)[Server Side Tracking](https://wordpress.org/plugins/tags/server-side-tracking/)
   [utm tracking](https://wordpress.org/plugins/tags/utm-tracking/)
 *  [Advanced View](https://wordpress.org/plugins/inpipe-by-seresa/advanced/)

## Ratings

 5 out of 5 stars.

 *  [  1 5-star review     ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/inpipe-by-seresa/reviews/)

## Contributors

 *   [ Seresa ](https://profiles.wordpress.org/seresa8/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/inpipe-by-seresa/)