Adds native WP\/WooCommerce login and registration capture. Registration is ON by default; login is OFF by default (turn it on only if your login form has a consent checkbox). Optional required consent checkbox for the WP and WC register forms. "Remember me" excluded by design.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.jpg":{"filename":"icon-128x128.jpg","revision":3535064,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.jpg":{"filename":"icon-256x256.jpg","revision":3535064,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500-es.jpg":{"filename":"banner-1544x500-es.jpg","revision":3535064,"resolution":"1544x500","location":"assets","locale":"es","width":1544,"height":500},"banner-1544x500.jpg":{"filename":"banner-1544x500.jpg","revision":3535064,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250-es.jpg":{"filename":"banner-772x250-es.jpg","revision":3535064,"resolution":"772x250","location":"assets","locale":"es","width":772,"height":250},"banner-772x250.jpg":{"filename":"banner-772x250.jpg","revision":3535064,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{"blueprint.json":{"filename":"blueprint.json","revision":3552725,"resolution":false,"location":"assets","locale":"","contents":"{\"$schema\":\"https:\\\/\\\/playground.wordpress.net\\\/blueprint-schema.json\",\"preferredVersions\":{\"php\":\"latest\",\"wp\":\"latest\"},\"phpExtensionBundles\":[\"kitchen-sink\"],\"features\":{\"networking\":true},\"steps\":[{\"step\":\"login\",\"username\":\"admin\",\"password\":\"password\"},{\"step\":\"installPlugin\",\"pluginData\":{\"resource\":\"wordpress.org\\\/plugins\",\"slug\":\"woocommerce\"},\"options\":{\"activate\":false}},{\"step\":\"installPlugin\",\"pluginData\":{\"resource\":\"wordpress.org\\\/plugins\",\"slug\":\"terms-conditions-consent-log\"},\"options\":{\"activate\":true}}],\"landingPage\":\"\\\/wp-admin\\\/plugins.php\"}"}},"all_blocks":{"tccl\/consent-box":{"$schema":"https:\/\/schemas.wp.org\/trunk\/block.json","apiVersion":3,"name":"tccl\/consent-box","title":"Consent box","category":"widgets","icon":"yes-alt","description":"A self-contained consent checkbox that records each acceptance in the consent log.","textdomain":"terms-conditions-consent-log","keywords":["consent","gdpr","privacy","checkbox"],"supports":{"html":false,"reusable":true,"align":["wide"]},"attributes":{"text":{"type":"string","default":""},"consentType":{"type":"string","default":"consent_box"},"consentVersion":{"type":"string","default":""},"submitLabel":{"type":"string","default":""},"successMessage":{"type":"string","default":""},"requireEmail":{"type":"string","default":"auto","enum":["auto","yes","no"]}},"editorScript":"tccl-consent-box-editor","editorStyle":"tccl-consent-box-editor-style"}},"tagged_versions":["1.0.0","1.1.0","1.2.0","1.3.0","1.4.0"],"block_files":[],"assets_screenshots":{"screenshot-1-es.jpg":{"filename":"screenshot-1-es.jpg","revision":3535054,"resolution":"1","location":"assets","locale":"es","width":1920,"height":1080},"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":3534907,"resolution":"1","location":"assets","locale":"","width":1920,"height":1080},"screenshot-2-es.jpg":{"filename":"screenshot-2-es.jpg","revision":3535054,"resolution":"2","location":"assets","locale":"es","width":1920,"height":2190},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":3534907,"resolution":"2","location":"assets","locale":"","width":1920,"height":2127},"screenshot-3-es.jpg":{"filename":"screenshot-3-es.jpg","revision":3535054,"resolution":"3","location":"assets","locale":"es","width":1920,"height":1080},"screenshot-3.jpg":{"filename":"screenshot-3.jpg","revision":3534907,"resolution":"3","location":"assets","locale":"","width":1920,"height":1080},"screenshot-4-es.jpg":{"filename":"screenshot-4-es.jpg","revision":3535054,"resolution":"4","location":"assets","locale":"es","width":1920,"height":1080},"screenshot-4.jpg":{"filename":"screenshot-4.jpg","revision":3534907,"resolution":"4","location":"assets","locale":"","width":1920,"height":1080},"screenshot-5-es.jpg":{"filename":"screenshot-5-es.jpg","revision":3535054,"resolution":"5","location":"assets","locale":"es","width":1920,"height":1253},"screenshot-5.jpg":{"filename":"screenshot-5.jpg","revision":3534907,"resolution":"5","location":"assets","locale":"","width":1920,"height":1585},"screenshot-6.jpg":{"filename":"screenshot-6.jpg","revision":3534907,"resolution":"6","location":"assets","locale":"","width":1920,"height":1084}},"screenshots":{"1":"Records list with live filters, integrity column and CSV export.","2":"Settings tab with editable texts, version control, retention, email options and uninstall control.","3":"Order metabox with consent summary, integrity badge and printable-certificate button.","4":"Consent column on the orders list.","5":"Printable A4 certificate ready to be saved as PDF from the browser.","6":"Exported CSV file with filtered records (metadata header + nice column names)."}},"plugin_section":[],"plugin_tags":[20011,1152,131785,286,130711],"plugin_category":[42,45,54],"plugin_contributors":[245779,133550],"plugin_business_model":[],"class_list":["post-314214","plugin","type-plugin","status-publish","hentry","plugin_tags-consent","plugin_tags-contact-form-7","plugin_tags-gdpr","plugin_tags-woocommerce","plugin_tags-wpforms","plugin_category-contact-forms","plugin_category-ecommerce","plugin_category-security-and-spam-protection","plugin_contributors-ayudawp","plugin_contributors-fernandot","plugin_committers-ayudawp","plugin_committers-fernandot","plugin_support_reps-ayudawp"],"banners":{"banner":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/banner-772x250.jpg?rev=3535064","banner_2x":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/banner-1544x500.jpg?rev=3535064","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/icon-128x128.jpg?rev=3535064","icon_2x":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/icon-256x256.jpg?rev=3535064","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-1.jpg?rev=3534907","caption":"Records list with live filters, integrity column and CSV export."},{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-2.jpg?rev=3534907","caption":"Settings tab with editable texts, version control, retention, email options and uninstall control."},{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-3.jpg?rev=3534907","caption":"Order metabox with consent summary, integrity badge and printable-certificate button."},{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-4.jpg?rev=3534907","caption":"Consent column on the orders list."},{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-5.jpg?rev=3534907","caption":"Printable A4 certificate ready to be saved as PDF from the browser."},{"src":"https:\/\/ps.w.org\/terms-conditions-consent-log\/assets\/screenshot-6.jpg?rev=3534907","caption":"Exported CSV file with filtered records (metadata header + nice column names)."}],"raw_content":"\n
Article 7.1 of the GDPR demands more than a boolean: the defensible consent record needs the timestamp, the IP, the user agent, the document version in force at that moment and the exact text the user was shown.<\/p>\n\n
Terms & Conditions Consent Log fills that gap for any acceptance checkbox on your site, with or without WooCommerce. Every accepted consent \u2014 at the WooCommerce checkout, in a Contact Form 7 form, in a WPForms form, in the WordPress comments form, on the WordPress \/ WooCommerce login or registration form, or in a stand-alone shortcode\/block \u2014 writes a row to a dedicated indexed table, sealed with a SHA-256 hash of the accepted text so any later change is detectable. From a clean admin screen you can filter, search, export to CSV, integrate with the native WordPress Privacy Tools, and open a one-page printable A4 certificate per record (your browser saves it as PDF in one click).<\/p>\n\n
The admin menu lives under Users \u2192 Consent log on every install, with or without WooCommerce. The WooCommerce-specific bits (checkout capture, order metabox, \"Consent\" column on the orders list, optional consent line in the order emails) load only when WooCommerce is active; everything else (Records, Settings, CSV export, PDF certificate, Privacy Tools integration) works the same way on any WordPress site.<\/p>\n\n
cf7_form_{ID}<\/code>, one type per form. No snippets required. On by default; turn off in Settings if it does not apply.<\/li>\n- WPForms<\/strong> (auto): detects GDPR Agreement fields automatically and the first email field of the form. Stored as
wpforms_form_{ID}<\/code>, one type per form. Works with WPForms Lite and Pro. No snippets required. On by default; turn off in Settings if it does not apply.<\/li>\n- WordPress comments<\/strong> (auto): logs the native
wp-comment-cookies-consent<\/code> checkbox (introduced in WP 4.9.6) when the visitor opts in. Stored as comment_consent<\/code>. On by default; turn off in Settings if your site uses Disqus, Jetpack or another third-party comments system.<\/li>\n- WordPress login and registration<\/strong> (auto): captures successful logins and registrations through wp-login.php when a consent checkbox is ticked on the form. Stored as
wp_login<\/code> and wp_register<\/code>. Registration is on by default; login is off by default (a normal login form has no consent checkbox, so login only matters for re-consent flows). The \"Remember me\" checkbox is excluded by design (ePrivacy \/ cookie preference, not GDPR consent).<\/li>\n- WooCommerce login and registration<\/strong> (auto when WC is active): same idea for the My Account page. Stored as
wc_login<\/code> and wc_register<\/code>. Registration is on by default; login is off by default, like the WordPress rows above. An opt-in toggle can inject the consent checkbox into the WC register form, since WooCommerce does not ship one natively.<\/li>\n[tccl_consent_box]<\/code> shortcode and Gutenberg block<\/strong>: drop a self-contained consent checkbox in any page, post or widget area as a stand-alone block. Submission posts to a REST endpoint and writes a record. Always available.<\/li>\n<\/ul>\n\nFor anything else (Gravity Forms, Fluent Forms, Elementor Forms, Forminator, custom flows), call tccl_save_consent()<\/code> from the appropriate hook.<\/p>\n\nWhy a dedicated table<\/h4>\n\n
Storing thousands of consent records in wp_postmeta<\/code> is wasteful and slow. The plugin uses its own indexed table and exposes a public function (tccl_save_consent<\/code>) that you can call from anywhere to log additional consents in the same place.<\/p>\n\nMain features<\/h4>\n\n\n- Records timestamp UTC, IP, user agent, document version, source URL and full consent text per acceptance.<\/li>\n
- Custom database table with the right indexes (no
wp_postmeta<\/code> bloat).<\/li>\n- Tamper-evident<\/strong>: each record is sealed with a SHA-256 hash. Any later change to the stored text is detected and reported as TAMPERED in the records list.<\/li>\n
- Printable A4 certificate<\/strong> per record, with a built-in \"Print \/ Save as PDF\" button \u2014 the browser exports the certificate to PDF natively, no external library bundled.<\/li>\n
- Native Privacy Tools integration<\/strong>:
Tools > Export Personal Data<\/code> and Tools > Erase Personal Data<\/code> both include consent records (erasure anonymises rather than deletes \u2014 the record itself is the lawful basis to keep it).<\/li>\n- WooCommerce checkout texts are optional<\/strong> \u2014 leave them empty and the WooCommerce native text is shown to the customer and stored verbatim.<\/li>\n
- Automatic version bump when the text changes (suggests
MAJOR.MINOR-YYYY-MM-DD<\/code>).<\/li>\n- Optional opt-out of IP and\/or user agent tracking.<\/li>\n
- Configurable retention with a one-click anonymise button (records kept; PII scrubbed).<\/li>\n
- Live partial-match filters (email, order, date range, type, full-text search inside the accepted text) + filtered CSV export with UTF-8 BOM (opens cleanly in Excel).<\/li>\n
- (When WooCommerce is active) Order metabox with the consent summary, integrity badge and outdated-version indicator. \"Consent\" column on the orders list (legacy and HPOS) with a quick visual status. Optional consent line in the New order email (admin) and the order confirmation email (customer) \u2014 both off by default.<\/li>\n
- Optional
delete_data_on_uninstall<\/code> setting (off by default) \u2014 uninstalling does not destroy consent evidence unless you explicitly opt in.<\/li>\n- HPOS (custom order tables) compatible.<\/li>\n
- Public
tccl_save_consent()<\/code> function to log consents from anywhere.<\/li>\n<\/ul>\n\nTranslation ready<\/h4>\n\n
All strings use the terms-conditions-consent-log<\/code> text domain. Translations are managed through translate.wordpress.org.<\/p>\n\nSupport<\/h3>\n\n
Need help or have suggestions?<\/p>\n\n
\n- Official website<\/a><\/li>\n
- WordPress support forum<\/a><\/li>\n
- YouTube channel<\/a><\/li>\n
- Documentation and tutorials<\/a><\/li>\n<\/ul>\n\n
Love the plugin? Please leave us a 5-star review and help spread the word!<\/p>\n\n
About AyudaWP.com<\/h3>\n\n
We are specialists in WordPress security, SEO, AI and performance optimization plugins. We create tools that solve real problems for WordPress site owners while maintaining the highest coding standards and accessibility requirements.<\/p>\n\n\n
\n- Upload the plugin folder to
\/wp-content\/plugins\/terms-conditions-consent-log\/<\/code> or install through Plugins > Add New.<\/li>\n- Activate the plugin.<\/li>\n
- Open the plugin admin page: Users > Consent log.<\/li>\n
- In the Settings tab, the integrations (WordPress comments, Contact Form 7, WPForms, WP\/WooCommerce registration) are on by default to support GDPR Article 7.1 (proof of consent) \u2014 turn off any that do not apply to your site. Login capture is off by default and only needs turning on if your login form carries a consent checkbox (for example a re-consent prompt). You can also paste
[tccl_consent_box]<\/code> in any page or post.<\/li>\n- (Optional, WooCommerce only) Override the checkbox text or add a pre-checkout informational paragraph. Leave them empty to keep the WooCommerce native text.<\/li>\n
- Every accepted consent from any of the enabled sources will be logged automatically from now on.<\/li>\n<\/ol>\n\n\n
\nCan I use the plugin without WooCommerce?<\/h3><\/dt>\nYes. Activate it on any WordPress site and the Records, Settings, CSV export, PDF certificate and Privacy Tools integration all work the same way. The WooCommerce-specific bits (checkout capture, order metabox, order list column, order email line) only load when WooCommerce is active.<\/p><\/dd>\n
How do I capture consents from Contact Form 7?<\/h3><\/dt>\nOpen Consent log > Settings > Integrations and tick \"Log every CF7 form submission that ticks an [acceptance] field\". Then make sure your CF7 forms include an [acceptance] field, e.g.:<\/p>\n\n
[acceptance privacy] I have read and agree to the privacy policy. [\/acceptance]\n<\/code><\/pre>\n\nThe plugin uses the form ID as part of the consent_type (cf7_form_{ID}), so each form is filterable separately. The first email field of the form is used as the subject email. No snippets, no functions.php edits.<\/p><\/dd>\n
How do I capture consents from WPForms?<\/h3><\/dt>\nOpen Consent log > Settings > Integrations and tick \"Log every WPForms submission that ticks a GDPR Agreement field\". Then add a GDPR Agreement field to your form from the WPForms builder (Fancy Fields \u2192 GDPR Agreement) and edit its label to the exact wording you want recorded (e.g. \"I have read and agree to the privacy policy.\").<\/p>\n\n
The plugin uses the form ID as part of the consent_type (wpforms_form_{ID}), so each form is filterable separately. The first email field of the form is used as the subject email, and the GDPR Agreement field label is what gets stored as the accepted text. Works with WPForms Lite and Pro. No snippets, no functions.php edits.<\/p><\/dd>\n
How does the [tccl_consent_box] shortcode work?<\/h3><\/dt>\nIt renders a self-contained consent checkbox + submit button, with optional email field for visitors who are not logged in. Submission posts to a REST endpoint that records the consent through tccl_save_consent(). Drop it in any page, post or widget area as a stand-alone block, e.g.:<\/p>\n\n
[tccl_consent_box text=\"I have read and agree to the privacy policy.\" consent_type=\"newsletter_signup\"]\n<\/code><\/pre>\n\nThe same functionality is also available as a Gutenberg block called \"Consent box\".<\/p>\n\n
Important: the shortcode renders its own <form><\/code> with a submit button, so it should NOT be nested inside another form builder's form (Contact Form 7, WPForms, Gravity Forms, Fluent Forms, Elementor Forms, etc.). If you embed it inside another form you will end up with two submit buttons and conflicting submit flows. For form builders, use the dedicated integration (Contact Form 7 and WPForms are built in; for the rest, hook tccl_save_consent() from the relevant submission action \u2014 see the Gravity Forms \/ Fluent Forms FAQ below).<\/p>\n\nAlso: do NOT use this shortcode as a substitute for the cookie checkbox of a cookie\/banner plugin (Complianz, CookieYes, Real Cookie Banner, etc.). The legal context is different \u2014 cookie banners cover ePrivacy\/cookies, this consent log covers GDPR art. 7.1 specific consents to specific personal-data processing. Mixing them yields ambiguous evidence.<\/p><\/dd>\n
How are WordPress and WooCommerce login \/ registration consents logged?<\/h3><\/dt>\nThe plugin hooks into the standard wp_login<\/code> event (which covers both wp-login.php and the WooCommerce My Account login) and into the public registration events (register_new_user<\/code> for the WP form and woocommerce_created_customer<\/code> for the WC form). For each event, it inspects the submission $_POST<\/code> for a ticked consent checkbox and, if one is present, writes a record with consent_type<\/code> set to wp_login<\/code>, wp_register<\/code>, wc_login<\/code> or wc_register<\/code> accordingly.<\/p>\n\nA few specifics worth knowing:<\/p>\n\n
\n- \"Remember me\" is excluded by design.<\/strong> It is an ePrivacy preference about extending the session cookie, not a GDPR Article 7.1 consent. Logging it would contaminate the audit trail with non-consent events. The exclusion is hard-coded.<\/li>\n
- No checkbox in the form, no record.<\/strong> The plugin does not log \"raw logins\" \u2014 it only writes a row when there is something resembling an explicit consent checkbox to record. A login or registration without a consent field never produces a record.<\/li>\n
- The detector is heuristic.<\/strong> Field names containing
consent<\/code>, gdpr<\/code>, privacy<\/code>, terms<\/code>, acceptance<\/code>, agreement<\/code>, accept<\/code>, rgpd<\/code>, politica<\/code>, privacidad<\/code> or terminos<\/code> (case-insensitive) are treated as the consent checkbox. If your GDPR \/ privacy plugin uses a different name, list it in Settings \u2192 Integrations \u2192 \"Custom consent field names\" (comma-separated, exact match).<\/li>\n- The injected checkbox option fills the WooCommerce gap.<\/strong> WooCommerce does not include a consent checkbox in its register form out of the box \u2014 only a privacy-policy paragraph. If your site does not run a separate GDPR plugin, enable \"Add a required consent checkbox to the WooCommerce registration form\" in Settings; the plugin will render the checkbox above the submit button and reject the registration if it is left unticked. The same option exists for the WP register form.<\/li>\n
- Social logins are not captured.<\/strong> Plugins like Nextend Social Login bypass the WP login form entirely (OAuth callback), so there is no submission
$_POST<\/code> for the detector to inspect. Use the public tccl_save_consent()<\/code> function from the social plugin's own \"after login\" hook if you need that coverage.<\/li>\n- The stored
consent_text<\/code> comes from Settings.<\/strong> Paste in \"Consent text for login \/ registration\" the exact wording that the visitor sees on the form (whether it comes from your GDPR plugin or from the injected checkbox), so the record reflects what was actually shown. HTML is allowed in that field, so you can include a link to your privacy policy.<\/li>\n<\/ul><\/dd>\nAre WordPress comment opt-ins logged automatically?<\/h3><\/dt>\nYes, by default. Only comments where the visitor ticks the native \"Save my name, email, and website...\" checkbox are recorded. You can opt out in Consent log > Settings > Integrations if your site uses Disqus, Jetpack Comments or any other third-party comments system where the native checkbox is not rendered.<\/p><\/dd>\n
Does it work with the new WooCommerce Block Checkout?<\/h3><\/dt>\nNot yet. The classic checkout is fully supported. Block Checkout support is on the roadmap.<\/p><\/dd>\n
Where is the data stored?<\/h3><\/dt>\nIn a custom indexed table called wp_tccl_consents<\/code> (with your site prefix). When WooCommerce is active, each order also gets three meta entries (_tccl_terms_accepted<\/code>, _tccl_terms_version<\/code>, _tccl_recorded_at<\/code>) so the order edit screen can show the summary without querying the table.<\/p><\/dd>\nHow do I bump the document version when I change my terms?<\/h3><\/dt>\nEdit the version field in Consent log > Settings, or simply check \"Bump version on save\". The plugin can also bump it automatically if it detects the checkbox text has changed but the version field has not.<\/p>\n\n
Three things to keep in mind:<\/p>\n\n
\n- The version string in Settings must match the version label of your terms document character by character (e.g.
1.1-2026-05-17<\/code>). It is a free-text identifier and the plugin just compares strings, so a trailing space or a different separator will be treated as a different version.<\/li>\n- Once you bump the version, every record stored under the previous version is automatically flagged as \"Outdated\" in the records list. This is on purpose \u2014 it is the GDPR audit trail showing which exact wording each subject accepted at that moment. \"Outdated\" is a feature, not a bug.<\/li>\n
- Do NOT delete or \"clean up\" Outdated records. They are the legal proof of consent for the version that was in force when the subject accepted it. If the user retires the terms and a regulator later asks for evidence, those rows are what you show them.<\/li>\n<\/ol><\/dd>\n
How do I delete or anonymise data for a specific customer?<\/h3><\/dt>\nUse the WordPress native Tools > Erase Personal Data screen. The plugin registers an eraser that anonymises records linked to the requested email (it does not delete them, since the record itself is the lawful basis to keep the proof of consent). You can also anonymise filtered records from the Records tab.<\/p><\/dd>\n
How do I export a customer's consent history?<\/h3><\/dt>\nUse Tools > Export Personal Data. The plugin registers an exporter that returns every consent record linked to the requested email.<\/p><\/dd>\n
Will an uninstall destroy my data?<\/h3><\/dt>\nOnly if you explicitly opt in. The setting \"Delete all data on uninstall\" is off by default. Even if you uninstall accidentally, your consent evidence will survive.<\/p>\n\n
If you need to clean up a handful of test rows you generated while configuring the plugin (and you do not yet have the upcoming bulk-delete UI), you can remove them with a direct SQL statement against the consent table, e.g.:<\/p>\n\n
DELETE FROM wp_tccl_consents WHERE id IN (1, 2, 3);\n<\/code><\/pre>\n\nReplace wp_<\/code> with your site's actual table prefix. This is an escape hatch for legitimate clean-up after a misconfigured form; it is not a recommended day-to-day flow \u2014 to handle real subject requests, use Tools > Erase Personal Data (anonymises) instead.<\/p><\/dd>\nHow do I capture consents from Gravity Forms, Fluent Forms or any other source?<\/h3><\/dt>\nCall the public tccl_save_consent()<\/code> function from the relevant hook. Always read the document version from the plugin setting (tccl_get_setting( 'consent_version', '1.0' )<\/code>) so all records line up with the current version in Settings \u2014 if you hardcode a date here that differs from the one in Settings, every record will be flagged as \"Outdated\" forever.<\/p>\n\nExample for Gravity Forms:<\/p>\n\n
add_action( 'gform_after_submission', function ( $entry, $form ) {\n if ( ! empty( $entry['1.1'] ) ) { \/\/ ID of your consent checkbox in the entry.\n tccl_save_consent( array(\n 'email' => sanitize_email( $entry['2'] ?? '' ),\n 'consent_type' => 'gravity_form_' . absint( $form['id'] ),\n 'consent_version' => tccl_get_setting( 'consent_version', '1.0' ),\n 'consent_text' => 'I have read and agree to the privacy policy.',\n 'consent_value' => 1,\n ) );\n }\n}, 10, 2 );\n<\/code><\/pre>\n\nSame idea for fluentform\/submission_inserted<\/code>, user_register<\/code>, forminator_custom_form_after_submission<\/code>, elementor_pro\/forms\/new_record<\/code>, etc. \u2014 adapt the callback signature to each plugin's documented arguments. WPForms and Contact Form 7 are captured automatically when their integration toggle is enabled in Settings \u2192 Integrations; no snippet is needed for those two.<\/p><\/dd>\nDoes the IP detection work behind Cloudflare or other reverse proxies?<\/h3><\/dt>\nThe plugin reads REMOTE_ADDR<\/code> only and does not trust forwarded headers, which can be spoofed without a verified proxy. If your hosting puts the proxy IP in REMOTE_ADDR<\/code> instead of the real client IP, all entries will record the proxy IP. Most WordPress-friendly hostings pass the real IP correctly.<\/p><\/dd>\nWhat does \"Tamper-evident\" mean here?<\/h3><\/dt>\nWhen a consent is written, the plugin computes a SHA-256 hash of the exact accepted text and stores it alongside the record. On every read, the stored hash is compared against a freshly computed one \u2014 any difference is reported as TAMPERED in the records list, the order metabox and the certificate view. This is a cryptographic integrity check, not an electronic signature.<\/p><\/dd>\n
Is the certificate a real PDF?<\/h3><\/dt>\nThe plugin renders a one-page A4 view with print-optimised CSS and a \"Print \/ Save as PDF\" button. Modern browsers (Chrome, Safari, Firefox, Edge) export that view to a real PDF natively \u2014 same fidelity as a server-side library would produce, with the added benefit that it respects your site's language and fonts. No external library bundled, so the plugin stays small.<\/p>\n\n
To be clear: the plugin does NOT store any PDFs on disk and does NOT create an uploads folder of its own. The certificate is generated on demand as HTML each time you open it, and only becomes a PDF if you (or the customer) clicks \"Print \/ Save as PDF\" in the browser. There is nothing to clean up on the server. If the site has a Site Icon defined in Settings > General (the same option block themes and classic themes share), it is shown in the certificate header next to the site name \u2014 including on certificates of consents recorded before this version, since the icon is added at render time, not at storage time.<\/p><\/dd>\n\n<\/dl>\n\n\n
1.4.0<\/h4>\n\n\n- New: native WordPress login integration. Captures successful logins through wp-login.php as
consent_type = wp_login<\/code> whenever the submission carries a ticked consent checkbox. The \"Remember me\" checkbox is excluded by design \u2014 it is an ePrivacy \/ persistent-cookie preference, not a GDPR Article 7.1 consent. Opt-in toggle in Settings \u2192 Integrations, off by default in fresh installs (a normal login form has no consent checkbox, so logging every login would only add noise).<\/li>\n- New: native WordPress registration integration. Captures registrations through wp-login.php?action=register as
consent_type = wp_register<\/code> whenever the registration form carries a ticked consent checkbox. Opt-in toggle, on by default in fresh installs.<\/li>\n- New: native WooCommerce login integration. Captures the My Account login as
consent_type = wc_login<\/code>. Routed by inspecting the submission for WC-specific markers and the HTTP referer, so it is reliably distinguished from the WP-admin login that shares the same underlying hook.<\/li>\n- New: native WooCommerce registration integration. Captures customer creations through the My Account register form as
consent_type = wc_register<\/code>, with email + source URL.<\/li>\n- New: optional \"Inject a required consent checkbox\" toggle for both the WP and the WC registration forms. WooCommerce does not ship a consent checkbox out of the box (only a privacy-policy paragraph), so this option fills that gap for sites without a separate GDPR plugin. The injected checkbox blocks the registration on the server side if it is left unticked.<\/li>\n
- New: configurable \"Consent text for login \/ registration\" (used as the stored
consent_text<\/code> on every login\/registration record, and also as the label of the injected checkbox).<\/li>\n- New: configurable \"Custom consent field names\" \u2014 a comma-separated list that overrides the built-in name heuristic for sites whose GDPR plugin uses unusual field names.<\/li>\n
- New: heuristic detector for consent checkboxes. Names containing
consent<\/code>, gdpr<\/code>, privacy<\/code>, terms<\/code>, acceptance<\/code>, agreement<\/code>, accept<\/code>, rgpd<\/code>, politica<\/code>, privacidad<\/code> or terminos<\/code> are treated as the consent checkbox (case-insensitive). rememberme<\/code> and standard nonce \/ referer keys are always excluded.<\/li>\n<\/ul>\n\n