Changeset 3414697

Timestamp:

12/08/2025 08:27:27 PM (5 weeks ago)

Author:

optiuser

Message:

• Feature: User Intent Rules - Advanced system for analyzing and categorizing user behavior patterns
• Enhancement: Analytics Dashboard time filter now defaults to 30 Days for better data overview
• Fix: Improved favicon handling for referrer websites with proper fallback support

Location:

opti-behavior

Files:

• assets/icon-128x128.png (modified) (previous)
• assets/icon-256x256.gif (deleted)
• assets/icon-256x256.png (modified) (previous)
• tags/1.0.8 (added)
• tags/1.0.8/Opti-Behavior.php (added)
• tags/1.0.8/THIRD-PARTY-LICENSES.md (added)
• tags/1.0.8/admin (added)
• tags/1.0.8/admin/class-opti-behavior-heatmap-admin-settings.php (added)
• tags/1.0.8/admin/class-opti-behavior-heatmap-ajax-handler.php (added)
• tags/1.0.8/admin/class-opti-behavior-heatmap-dashboard.php (added)
• tags/1.0.8/admin/class-opti-behavior-heatmap-list.php (added)
• tags/1.0.8/admin/class-opti-behavior-heatmap-post-metabox.php (added)
• tags/1.0.8/admin/recordings-upgrade-page.php (added)
• tags/1.0.8/assets (added)
• tags/1.0.8/assets/css (added)
• tags/1.0.8/assets/css/admin-menu.css (added)
• tags/1.0.8/assets/css/admin-notices.css (added)
• tags/1.0.8/assets/css/admin-utilities.css (added)
• tags/1.0.8/assets/css/ai-insights-page.css (added)
• tags/1.0.8/assets/css/countries-widget-scroll.css (added)
• tags/1.0.8/assets/css/dashboard.css (added)
• tags/1.0.8/assets/css/dashboard_styles.css (added)
• tags/1.0.8/assets/css/heatmaps.css (added)
• tags/1.0.8/assets/css/leaflet.min.css (added)
• tags/1.0.8/assets/css/metabox.css (added)
• tags/1.0.8/assets/css/recordings-upgrade.css (added)
• tags/1.0.8/assets/css/sessions.css (added)
• tags/1.0.8/assets/css/settings-modal.css (added)
• tags/1.0.8/assets/css/settings.css (added)
• tags/1.0.8/assets/css/style.css (added)
• tags/1.0.8/assets/images (added)
• tags/1.0.8/assets/images/OB.ico (added)
• tags/1.0.8/assets/images/leaflet (added)
• tags/1.0.8/assets/images/leaflet/layers-2x.png (added)
• tags/1.0.8/assets/images/leaflet/layers.png (added)
• tags/1.0.8/assets/images/leaflet/marker-icon-2x.png (added)
• tags/1.0.8/assets/images/leaflet/marker-icon.png (added)
• tags/1.0.8/assets/images/leaflet/marker-shadow.png (added)
• tags/1.0.8/assets/js (added)
• tags/1.0.8/assets/js/admin-utilities.js (added)
• tags/1.0.8/assets/js/chart.umd.min.js (added)
• tags/1.0.8/assets/js/dashboard-cleaned.js (added)
• tags/1.0.8/assets/js/dashboard-converted.js (added)
• tags/1.0.8/assets/js/dashboard-final.js (added)
• tags/1.0.8/assets/js/dashboard.js (added)
• tags/1.0.8/assets/js/frontend-mobile-simulator.js (added)
• tags/1.0.8/assets/js/frontend-page-title.js (added)
• tags/1.0.8/assets/js/heatmap.min.js (added)
• tags/1.0.8/assets/js/heatmap.min.js.LICENSE.txt (added)
• tags/1.0.8/assets/js/heatmaps.js (added)
• tags/1.0.8/assets/js/leaflet-config.js (added)
• tags/1.0.8/assets/js/leaflet.min.js (added)
• tags/1.0.8/assets/js/lucide.min.js (added)
• tags/1.0.8/assets/js/metabox-analytics.js (added)
• tags/1.0.8/assets/js/mobile-simulator.js (added)
• tags/1.0.8/assets/js/notice-cleanup.js (added)
• tags/1.0.8/assets/js/opti-behavior-debug.js (added)
• tags/1.0.8/assets/js/opti-behavior-heatmap-simple-fixed.js (added)
• tags/1.0.8/assets/js/opti-behavior-heatmap-simple.js (added)
• tags/1.0.8/assets/js/opti-behavior-heatmap.min.js (added)
• tags/1.0.8/assets/js/settings.js (added)
• tags/1.0.8/assets/js/support-form.js (added)
• tags/1.0.8/includes (added)
• tags/1.0.8/includes/class-autoloader.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-analytics.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-bot-tracker.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-core.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-data-protection.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-database.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-debug-manager.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-file-storage.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-options.php (added)
• tags/1.0.8/includes/class-opti-behavior-heatmap-session.php (added)
• tags/1.0.8/includes/class-opti-behavior-license-manager.php (added)
• tags/1.0.8/includes/class-opti-behavior-performance-optimizer.php (added)
• tags/1.0.8/includes/trait-opti-behavior-ai-insights-views.php (added)
• tags/1.0.8/includes/trait-opti-behavior-ajax-handlers.php (added)
• tags/1.0.8/includes/trait-opti-behavior-assets.php (added)
• tags/1.0.8/includes/trait-opti-behavior-dashboard-views.php (added)
• tags/1.0.8/includes/trait-opti-behavior-data-helpers.php (added)
• tags/1.0.8/includes/trait-opti-behavior-exports.php (added)
• tags/1.0.8/includes/trait-opti-behavior-heatmaps-views.php (added)
• tags/1.0.8/includes/trait-opti-behavior-maintenance.php (added)
• tags/1.0.8/includes/trait-opti-behavior-sessions-views.php (added)
• tags/1.0.8/includes/trait-opti-behavior-settings-views.php (added)
• tags/1.0.8/languages (added)
• tags/1.0.8/languages/opti-behavior-fr_FR.mo (added)
• tags/1.0.8/languages/opti-behavior-fr_FR.po (added)
• tags/1.0.8/languages/opti-behavior.pot (added)
• tags/1.0.8/public (added)
• tags/1.0.8/public/class-opti-behavior-heatmap-frontend.php (added)
• tags/1.0.8/readme.txt (added)
• tags/1.0.8/views (added)
• tags/1.0.8/views/dashboard-views.php (added)
• tags/1.0.8/views/heatmaps-views.php (added)
• tags/1.0.8/views/sessions-views.php (added)
• trunk/Opti-Behavior.php (modified) (3 diffs)
• trunk/admin/class-opti-behavior-heatmap-ajax-handler.php (modified) (11 diffs)
• trunk/admin/class-opti-behavior-heatmap-dashboard.php (modified) (8 diffs)
• trunk/assets/css/dashboard.css (modified) (1 diff)
• trunk/assets/css/dashboard_styles.css (modified) (1 diff)
• trunk/assets/css/style.css (modified) (1 diff)
• trunk/assets/js/dashboard-cleaned.js (modified) (2 diffs)
• trunk/assets/js/dashboard-converted.js (modified) (2 diffs)
• trunk/assets/js/dashboard-final.js (modified) (2 diffs)
• trunk/assets/js/dashboard.js (modified) (21 diffs)
• trunk/assets/js/opti-behavior-heatmap-simple.js (modified) (4 diffs)
• trunk/includes/class-opti-behavior-heatmap-file-storage.php (modified) (1 diff)
• trunk/includes/class-opti-behavior-license-manager.php (modified) (14 diffs)
• trunk/includes/trait-opti-behavior-ajax-handlers.php (modified) (4 diffs)
• trunk/includes/trait-opti-behavior-dashboard-views.php (modified) (15 diffs)
• trunk/includes/trait-opti-behavior-data-helpers.php (modified) (3 diffs)
• trunk/includes/trait-opti-behavior-sessions-views.php (modified) (1 diff)
• trunk/includes/trait-opti-behavior-settings-views.php (modified) (12 diffs)
• trunk/includes/trait-opti-behavior-settings-views.php.backup (deleted)
• trunk/readme.txt (modified) (4 diffs)
• trunk/views/dashboard-views.php (modified) (8 diffs)
• trunk/views/sessions-views.php (modified) (1 diff)

opti-behavior/trunk/Opti-Behavior.php

@@ -4 +4 @@
  * Plugin URI:  https://optiuser.com/
  * Description: Transform your WordPress site with powerful analytics! Track user behavior with beautiful heatmaps and real-time insights. Boost conversions and optimize user experience with data-driven decisions.
- * Version:     1.0.7
+ * Version:     1.0.8
  * Author:      OptiUser
  * Author URI:  https://optiuser.com/
@@ -80 +80 @@
 
 // Define plugin constants.
-define( 'OPTI_BEHAVIOR_HEATMAP_VERSION', '1.0.7' );
+define( 'OPTI_BEHAVIOR_HEATMAP_VERSION', '1.0.8' );
 define( 'OPTI_BEHAVIOR_HEATMAP_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
 define( 'OPTI_BEHAVIOR_HEATMAP_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
@@ -87 +87 @@
 define( 'OPTI_BEHAVIOR_HEATMAP_PUBLIC_DIR', OPTI_BEHAVIOR_HEATMAP_PLUGIN_DIR . 'public/' );
 define( 'OPTI_BEHAVIOR_HEATMAP_ASSETS_URL', OPTI_BEHAVIOR_HEATMAP_PLUGIN_URL . 'assets/' );
+
+/**
+ * API Environment Configuration
+ * Set the environment for API connections:
+ * - 'local'  => Uses http://localhost/API/ for local development
+ * - 'live'   => Uses https://api.optiuser.com/ for production (default)
+ *
+ * Change this value to switch between local and live API servers.
+ */
+if ( ! defined( 'OPTI_BEHAVIOR_ENVIRONMENT' ) ) {
+    define( 'OPTI_BEHAVIOR_ENVIRONMENT', 'live' ); // Options: 'local' or 'live'
+}
 
 if ( ! function_exists( 'opti_behavior_heatmap_uninstall' ) ) {

opti-behavior/trunk/admin/class-opti-behavior-heatmap-ajax-handler.php

@@ -88 +88 @@
         // Support form email handler
         add_action( 'wp_ajax_opti_behavior_send_support_email', array( $this, 'ajax_send_support_email' ) );
+
+        // Country data cleanup handler
+        add_action( 'wp_ajax_opti_behavior_reset_country_data', array( $this, 'ajax_reset_country_data' ) );
     }
 
@@ -105 +108 @@
             $debug_manager->log( 'AJAX request failed: invalid nonce', 'warning', 'ajax' );
             wp_send_json_error( __( 'Invalid nonce', 'opti-behavior' ) );
+        }
+
+        // Don't track admin users (unless in test mode)
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- GET/COOKIE check for test mode (permission check follows)
+        $is_test_mode = isset( $_GET['opti_behavior_test_tracking'] ) || isset( $_COOKIE['opti_behavior_test_tracking'] ) || isset( $_GET['opti_behavior_test_recording'] ) || isset( $_COOKIE['opti_behavior_test_recording'] );
+        // phpcs:enable WordPress.Security.NonceVerification.Recommended
+        if ( current_user_can( 'manage_options' ) && ! $is_test_mode ) {
+            $debug_manager->log( 'Session record skipped: Admin user (not in test mode)', 'info', 'ajax' );
+            wp_send_json_success( array( 'message' => 'Admin tracking disabled' ) );
+            return;
         }
 
@@ -816 +829 @@
             $debug_manager->log( 'Session record failed: Invalid nonce', 'warning', 'ajax' );
             wp_send_json_error( __( 'Invalid nonce', 'opti-behavior' ) );
+        }
+
+        // Don't track admin users (unless in test mode)
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- GET/COOKIE check for test mode (permission check follows)
+        $is_test_mode = isset( $_GET['opti_behavior_test_tracking'] ) || isset( $_COOKIE['opti_behavior_test_tracking'] ) || isset( $_GET['opti_behavior_test_recording'] ) || isset( $_COOKIE['opti_behavior_test_recording'] );
+        // phpcs:enable WordPress.Security.NonceVerification.Recommended
+        if ( current_user_can( 'manage_options' ) && ! $is_test_mode ) {
+            $debug_manager->log( 'Session record skipped: Admin user (not in test mode)', 'info', 'ajax' );
+            wp_send_json_success( array( 'message' => 'Admin tracking disabled' ) );
+            return;
         }
 
@@ -1205 +1228 @@
         }
 
-        // For local/private IPs, use browser language as fallback
+        // For local/private IPs, return unknown (don't use browser language as it's unreliable)
         if ( $this->is_private_ip( $ip ) ) {
-            return $this->get_country_from_browser_language();
+            return array(
+                'country'      => null,
+                'country_name' => null,
+                'region'       => null,
+                'city'         => null,
+                'timezone'     => '',
+                'source'       => 'local',
+            );
         }
 
@@ -1231 +1261 @@
 
         if ( is_wp_error( $response ) ) {
-            // API request failed, try browser language fallback
-            $browser_geo = $this->get_country_from_browser_language();
-            if ( ! empty( $browser_geo['country'] ) && $browser_geo['country'] !== 'UN' ) {
-                $result = array(
-                    'country'      => $browser_geo['country'],
-                    'country_name' => $browser_geo['country_name'],
-                    'region'       => 'Unknown',
-                    'city'         => 'Unknown',
-                    'timezone'     => '',
-                    'source'       => 'browser_language_fallback',
-                );
-                // Cache for shorter time on fallback (15 minutes)
-                set_transient( $cache_key, $result, 15 * MINUTE_IN_SECONDS );
-                return $result;
-            }
-
-            // Last resort: return unknown
+            // API request failed, return null to avoid storing incorrect data
             $result = array(
-                'country'      => 'UN',
-                'country_name' => 'Unknown',
-                'region'       => 'Unknown',
-                'city'         => 'Unknown',
+                'country'      => null,
+                'country_name' => null,
+                'region'       => null,
+                'city'         => null,
                 'timezone'     => '',
                 'source'       => 'error',
             );
-            // Cache for shorter time on error (5 minutes)
+            // Cache for shorter time on error (5 minutes) to allow retry
             set_transient( $cache_key, $result, 5 * MINUTE_IN_SECONDS );
             return $result;
@@ -1267 +1281 @@
         if ( isset( $data['status'] ) && $data['status'] === 'success' ) {
             $result = array(
-                'country'      => isset( $data['countryCode'] ) ? strtoupper( sanitize_text_field( $data['countryCode'] ) ) : 'UN',
-                'country_name' => isset( $data['country'] ) ? sanitize_text_field( $data['country'] ) : 'Unknown',
-                'region'       => isset( $data['regionName'] ) ? sanitize_text_field( $data['regionName'] ) : 'Unknown',
-                'city'         => isset( $data['city'] ) ? sanitize_text_field( $data['city'] ) : 'Unknown',
+                'country'      => isset( $data['countryCode'] ) ? strtoupper( sanitize_text_field( $data['countryCode'] ) ) : null,
+                'country_name' => isset( $data['country'] ) ? sanitize_text_field( $data['country'] ) : null,
+                'region'       => isset( $data['regionName'] ) ? sanitize_text_field( $data['regionName'] ) : null,
+                'city'         => isset( $data['city'] ) ? sanitize_text_field( $data['city'] ) : null,
                 'timezone'     => isset( $data['timezone'] ) ? sanitize_text_field( $data['timezone'] ) : '',
                 'source'       => 'ip-api',
@@ -1279 +1293 @@
         }
 
-        // API returned error or invalid data, try browser language fallback
-        $browser_geo = $this->get_country_from_browser_language();
-        if ( ! empty( $browser_geo['country'] ) && $browser_geo['country'] !== 'UN' ) {
-            $result = array(
-                'country'      => $browser_geo['country'],
-                'country_name' => $browser_geo['country_name'],
-                'region'       => 'Unknown',
-                'city'         => 'Unknown',
-                'timezone'     => '',
-                'source'       => 'browser_language_fallback',
-            );
-            // Cache for shorter time on fallback (15 minutes)
-            set_transient( $cache_key, $result, 15 * MINUTE_IN_SECONDS );
-            return $result;
-        }
-
-        // Last resort: return unknown
+        // API returned error or invalid data, return null to avoid storing incorrect data
         $result = array(
-            'country'      => 'UN',
-            'country_name' => 'Unknown',
-            'region'       => 'Unknown',
-            'city'         => 'Unknown',
+            'country'      => null,
+            'country_name' => null,
+            'region'       => null,
+            'city'         => null,
             'timezone'     => '',
             'source'       => 'failed',
         );
-        // Cache for shorter time on failure (5 minutes)
+        // Cache for shorter time on failure (5 minutes) to allow retry
         set_transient( $cache_key, $result, 5 * MINUTE_IN_SECONDS );
         return $result;
@@ -1623 +1621 @@
                 $city = ! empty( $geo_data['city'] ) ? $geo_data['city'] : null;
                 $timezone = ! empty( $geo_data['timezone'] ) ? $geo_data['timezone'] : $timezone;
-            } elseif ( $geo_data['source'] === 'local' ) {
-                // For local/private IPs, try to detect from browser Accept-Language header
-                $detected = $this->detect_country_from_browser();
-                if ( ! empty( $detected['country'] ) && $detected['country'] !== 'UN' ) {
-                    $country = $detected['country'];
-                    $country_name = $detected['country_name'];
-                    $region = $detected['region'];
-                    $city = $detected['city'];
-                }
             }
+            // Note: For local/private IPs, we no longer attempt browser language detection as it's unreliable
         }
 
@@ -2412 +2402 @@
         }
 
+        // Don't track admin users (unless in test mode)
+        // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- GET/COOKIE check for test mode (permission check follows)
+        $is_test_mode = isset( $_GET['opti_behavior_test_tracking'] ) || isset( $_COOKIE['opti_behavior_test_tracking'] ) || isset( $_GET['opti_behavior_test_recording'] ) || isset( $_COOKIE['opti_behavior_test_recording'] );
+        // phpcs:enable WordPress.Security.NonceVerification.Recommended
+        if ( current_user_can( 'manage_options' ) && ! $is_test_mode ) {
+            $debug_manager->log( 'Session record skipped: Admin user (not in test mode)', 'info', 'ajax' );
+            wp_send_json_success( array( 'message' => 'Admin tracking disabled' ) );
+            return;
+        }
+
         global $wpdb;
 
@@ -2420 +2420 @@
         $duration   = isset( $_POST['duration'] ) ? intval( $_POST['duration'] ) : 0;
         $scroll_depth = isset( $_POST['scroll_depth'] ) ? intval( $_POST['scroll_depth'] ) : 0;
+
+        // VALIDATION: Cap session duration at 1 hour (3600 seconds) to prevent inflated averages
+        // This protects against sessions left open for hours/days in background tabs
+        $max_duration = 3600; // 1 hour in seconds
+        if ( $duration > $max_duration ) {
+            $debug_manager->log( "Duration capped from {$duration}s to {$max_duration}s for session: {$session_id}", 'warning', 'ajax' );
+            $duration = $max_duration;
+        }
 
         if ( empty( $session_id ) || empty( $visitor_id ) ) {
@@ -2489 +2497 @@
     }
 
+    /**
+     * AJAX handler to reset country data for all visitors.
+     *
+     * This clears country data that was incorrectly detected from browser language settings.
+     * After running this, visitors will have their country re-detected on their next visit.
+     *
+     * @since 1.0.7
+     */
+    public function ajax_reset_country_data() {
+        // Security checks
+        check_ajax_referer( 'opti_behavior_dashboard_nonce', 'nonce' );
+
+        if ( ! current_user_can( 'manage_options' ) ) {
+            wp_send_json_error( array(
+                'message' => __( 'You do not have permission to perform this action.', 'opti-behavior' ),
+            ) );
+        }
+
+        global $wpdb;
+        $visitors_table = esc_sql( $wpdb->prefix . 'optibehavior_visitors' );
+
+        // Reset country data to NULL for all visitors
+        // This allows the system to re-detect countries on next visit
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.InterpolatedNotPrepared, PluginCheck.Security.DirectDB.UnescapedDBParameter -- Table name from $wpdb->prefix with hardcoded suffix, properly escaped with esc_sql()
+        $result = $wpdb->query(
+            "UPDATE {$visitors_table} SET country = NULL, country_name = NULL WHERE country IS NOT NULL"
+        );
+
+        if ( $result === false ) {
+            wp_send_json_error( array(
+                'message' => __( 'Failed to reset country data. Please try again.', 'opti-behavior' ),
+            ) );
+        }
+
+        // Clear the geo-location cache
+        $wpdb->query(
+            $wpdb->prepare(
+                "DELETE FROM {$wpdb->prefix}options WHERE option_name LIKE %s OR option_name LIKE %s",
+                $wpdb->esc_like( '_transient_opti_geo_' ) . '%',
+                $wpdb->esc_like( '_transient_timeout_opti_geo_' ) . '%'
+            )
+        );
+
+        // Clear the top users cache
+        $wpdb->query(
+            $wpdb->prepare(
+                "DELETE FROM {$wpdb->prefix}options WHERE option_name LIKE %s OR option_name LIKE %s",
+                $wpdb->esc_like( '_transient_optibehavior_top_users_' ) . '%',
+                $wpdb->esc_like( '_transient_timeout_optibehavior_top_users_' ) . '%'
+            )
+        );
+
+        $affected_rows = $result !== false ? $result : 0;
+
+        wp_send_json_success( array(
+            'message' => sprintf(
+                /* translators: %d: number of visitor records updated */
+                __( 'Successfully reset country data for %d visitors. Countries will be re-detected on their next visit.', 'opti-behavior' ),
+                $affected_rows
+            ),
+            'affected_rows' => $affected_rows,
+        ) );
+    }
+
 }

opti-behavior/trunk/admin/class-opti-behavior-heatmap-dashboard.php

@@ -321 +321 @@
         // Determine initial filter from querystring
         // phpcs:disable WordPress.Security.NonceVerification.Recommended -- GET parameters for filtering dashboard view (read-only operation)
-        $period = isset($_GET['period']) ? sanitize_text_field( wp_unslash( $_GET['period'] ) ) : 'last7days';
+        $period = isset($_GET['period']) ? sanitize_text_field( wp_unslash( $_GET['period'] ) ) : 'last30days';
         $start_q = isset($_GET['start_date']) ? sanitize_text_field( wp_unslash( $_GET['start_date'] ) ) : null;
         $end_q   = isset($_GET['end_date']) ? sanitize_text_field( wp_unslash( $_GET['end_date'] ) ) : null;
@@ -478 +478 @@
                             <div class="visitor-item grid">
                                 <span class="visitor-datetime"><?php echo esc_html($visitor['visited_at'] ?? ''); ?><?php if(!empty($visitor['time_ago'])): ?> - <span class="ago"><?php echo esc_html($visitor['time_ago']); ?></span><?php endif; ?></span>
-                                <span class="visitor-flag-country"><span class="visitor-flag"><?php echo esc_html($visitor['flag']); ?></span> <span class="visitor-location"><?php echo esc_html($visitor['country']); ?></span></span>
+                                <span class="visitor-flag-country"><span class="visitor-flag"><?php echo $visitor['flag']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></span> <span class="visitor-location"><?php echo esc_html($visitor['country']); ?></span></span>
                                 <span class="visitor-pageblock"><span class="visitor-title"><?php echo esc_html($visitor['page_title'] ?? ''); ?></span><a class="visitor-url" href="<?php echo esc_url($visitor['current_url'] ?? ''); ?>" target="_blank" rel="noopener"><?php echo esc_html($visitor['current_url'] ?? ''); ?></a></span>
                                 <span class="visitor-ip-col"><span class="visitor-ip-pill"><?php $ip_raw = isset($visitor['ip']) ? (string)$visitor['ip'] : ''; $ip_raw = trim($ip_raw); if ($ip_raw === '') { echo '-'; } else if (strpos($ip_raw, ':') !== false) { $start = substr($ip_raw, 0, 7); $end = substr($ip_raw, -7); echo esc_html($start . '…' . $end); } else { echo esc_html($ip_raw); } ?></span></span>
@@ -662 +662 @@
                                 </div>
                                 <div class="visitor-flag">
-                                    <span class="flag-icon"><?php echo esc_html($session['flag']); ?></span>
+                                    <span class="flag-icon"><?php echo $session['flag']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></span>
                                 </div>
                             </div>
@@ -800 +800 @@
             $order   = isset($args['order']) ? $args['order'] : 'desc';
             $page    = isset($args['page']) ? $args['page'] : 1;
-            $period  = isset($args['period']) ? $args['period'] : 'last7days';
+            $period  = isset($args['period']) ? $args['period'] : 'last30days';
             $start   = isset($args['start']) ? $args['start'] : '';
             $end     = isset($args['end']) ? $args['end'] : '';
@@ -1316 +1316 @@
             ORDER BY last_event_time DESC";
 
-            // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Static query with no user input
+            // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Static query with no user input, no dynamic parameters
             $results = $wpdb->get_results( $query );
         }
@@ -3084 +3084 @@
 
     /**
+     * Extract main domain from a hostname (removes subdomains)
+     * Examples: api.pfbaza.website -> pfbaza.website, www.example.com -> example.com
+     *
+     * @param string $hostname The hostname to extract from.
+     * @return string The main domain.
+     */
+    private function extract_main_domain( $hostname ) {
+        if ( empty( $hostname ) ) {
+            return '';
+        }
+
+        // Remove 'www.' prefix if present
+        $hostname = preg_replace( '/^www\./i', '', $hostname );
+
+        // Split by dots
+        $parts = explode( '.', $hostname );
+        $count = count( $parts );
+
+        // If only 2 parts (e.g., example.com), return as-is
+        if ( $count <= 2 ) {
+            return $hostname;
+        }
+
+        // Known two-part TLDs (e.g., .co.uk, .com.au)
+        $two_part_tlds = array( 'co.uk', 'com.au', 'co.za', 'co.nz', 'com.br', 'co.in', 'co.jp' );
+        $last_two = $parts[ $count - 2 ] . '.' . $parts[ $count - 1 ];
+
+        if ( in_array( $last_two, $two_part_tlds, true ) ) {
+            // Return domain.co.uk format (3 parts)
+            if ( $count >= 3 ) {
+                return $parts[ $count - 3 ] . '.' . $parts[ $count - 2 ] . '.' . $parts[ $count - 1 ];
+            }
+            return $hostname;
+        }
+
+        // Standard TLD: return last 2 parts (domain.tld)
+        return $parts[ $count - 2 ] . '.' . $parts[ $count - 1 ];
+    }
+
+    /**
      * Get top referrers data
      *
@@ -3176 +3216 @@
         $out = array();
         foreach ( array_slice(array_keys($agg), 0, 10) as $k ) {
-            $out[] = array( 'referrer' => $k, 'count' => intval($agg[$k]) );
+            // Extract domain for favicon
+            $domain = '';
+            $favicon_url = '';
+
+            // Try to extract domain from referrer label
+            if ( $k !== 'Direct / None' && $k !== 'Paid Ads' && $k !== 'Paid Search' && $k !== 'Email' && $k !== 'Social' ) {
+                // Check if it's a known service (e.g., "Google", "Facebook")
+                $known_domains = array(
+                    'Google' => 'google.com',
+                    'Bing' => 'bing.com',
+                    'DuckDuckGo' => 'duckduckgo.com',
+                    'Yahoo' => 'yahoo.com',
+                    'Yandex' => 'yandex.com',
+                    'Baidu' => 'baidu.com',
+                    'Naver' => 'naver.com',
+                    'Ecosia' => 'ecosia.org',
+                    'Startpage' => 'startpage.com',
+                    'Qwant' => 'qwant.com',
+                    'Facebook' => 'facebook.com',
+                    'Instagram' => 'instagram.com',
+                    'Twitter/X' => 'twitter.com',
+                    'LinkedIn' => 'linkedin.com',
+                    'Pinterest' => 'pinterest.com',
+                    'Reddit' => 'reddit.com',
+                    'TikTok' => 'tiktok.com',
+                    'Snapchat' => 'snapchat.com',
+                    'YouTube' => 'youtube.com',
+                    'Google Ads' => 'google.com',
+                    'Microsoft Ads' => 'bing.com',
+                    'Facebook Ads' => 'facebook.com',
+                    'Twitter Ads' => 'twitter.com',
+                    'TikTok Ads' => 'tiktok.com',
+                );
+
+                if ( isset( $known_domains[ $k ] ) ) {
+                    $domain = $known_domains[ $k ];
+                } else {
+                    // It's a domain or subdomain (e.g., "api.pfbaza.website")
+                    // Extract main domain for favicon (api.pfbaza.website -> pfbaza.website)
+                    $domain = $this->extract_main_domain( $k );
+                }
+
+                // Build favicon URL using the main domain
+                if ( $domain ) {
+                    $favicon_url = 'https://' . $domain . '/favicon.ico';
+                }
+            }
+
+            $out[] = array(
+                'referrer' => $k,
+                'count' => intval($agg[$k]),
+                'domain' => $domain,
+                'favicon_url' => $favicon_url
+            );
         }
         return $out;
@@ -3487 +3580 @@
     private function get_overview_analytics( $date_range ) {
         return array(
-            'summary' => $this->get_dashboard_data( 'last7days' ),
+            'summary' => $this->get_dashboard_data( 'last30days' ),
             'trends' => array(),
         );

opti-behavior/trunk/assets/css/dashboard.css

@@ -317 +317 @@
     height: 1rem;
     border-radius: 2px;
+}
+
+.visitor-flag-icon {
+    width: 1rem;
+    height: 0.75rem;
+    object-fit: cover;
+    border-radius: 2px;
+    margin-right: 0.5rem;
+    display: inline-block;
+    vertical-align: middle;
 }
 

opti-behavior/trunk/assets/css/dashboard_styles.css

@@ -198 +198 @@
 .stat-change.neutral {
     color: #6c757d;
+}
+
+/* Stat History Mini Chart */
+.stat-history {
+    margin-top: 12px;
+    padding-top: 12px;
+    border-top: 1px solid #e5e7eb;
+}
+
+.stat-history canvas {
+    max-height: 50px !important;
+    width: 100% !important;
+    display: block;
 }
 

opti-behavior/trunk/assets/css/style.css

@@ -44 +44 @@
 
 .optibehavior-heatmap-container .count-bar {
-    font-size: 12px;
+    font-size: 18px;
     position: absolute;
-    right: 0;
-    min-width: 48px;
+    left: 0;
+    min-width: 60px;
     height: 40px;
     text-align: center;
     line-height: 40px;
-    background: #ef96;
+    background: #4a90e2;
+    color: #ffffff;
+    font-weight: 700;
+    border-radius: 6px;
+    box-shadow: 0 2px 6px rgba(0, 0, 0, 0.15);
 }
 

opti-behavior/trunk/assets/js/dashboard-cleaned.js

@@ -1513 +1513 @@
                 fd.append('end_date', eEl && eEl.value ? eEl.value : '');
             }
-            function cc2flag(cc){ try{ var s=(cc||'').toString().trim().toUpperCase(); if(/^[A-Z]{2}$/.test(s)){ var base=127397; return String.fromCodePoint(s.charCodeAt(0)+base, s.charCodeAt(1)+base); } }catch(e){} return '🌐'; }
+            // Function to get flag image HTML for a country code
+            function getFlagHTML(cc, countryName) {
+                try {
+                    var code = (cc||'').toString().trim().toUpperCase();
+                    if(/^[A-Z]{2}$/.test(code)) {
+                        // Use flagcdn.com for high-quality flag images
+                        return '<img src="https://flagcdn.com/w20/' + code.toLowerCase() + '.png" ' +
+                            'srcset="https://flagcdn.com/w40/' + code.toLowerCase() + '.png 2x" ' +
+                            'alt="' + (countryName || code) + '" ' +
+                            'class="tu-flag-img" ' +
+                            'style="width:20px;height:15px;margin-right:6px;vertical-align:middle;border-radius:2px;box-shadow:0 1px 2px rgba(0,0,0,0.1);" />';
+                    }
+                } catch(e) {}
+                // Fallback to globe emoji for unknown countries
+                return '<span style="margin-right:6px;">🌐</span>';
+            }
 
             fetch('" . esc_url(admin_url('admin-ajax.php')) . "', {method:'POST', credentials:'same-origin', body: fd})
@@ -1545 +1560 @@
                         '<td class=\"tu-num\"><span class=\"tu-badge\">'+ (it.sessions||0) +'</span></td>'+
                         '<td class=\"tu-num\">'+ (it.pages_per_session||0).toFixed(2) +'</td>'+
-                        '<td><span class=\"tu-flag\">'+ cc2flag(it.country_code) +'</span><span class=\"tu-country-name\">'+ esc(it.country_name||'') +'</span></td>'+
+                        '<td>'+ getFlagHTML(it.country_code, it.country_name) +'<span class=\"tu-country-name\">'+ esc(it.country_name||'') +'</span></td>'+
                         '<td class=\"tu-last\">'+ esc(it.last_seen_human||'') +'</td>'+
                     '</tr>';

opti-behavior/trunk/assets/js/dashboard-converted.js

@@ -1514 +1514 @@
                 fd.append('end_date', eEl && eEl.value ? eEl.value : '');
             }
-            function cc2flag(cc){ try{ var s=(cc||'').toString().trim().toUpperCase(); if(/^[A-Z]{2}$/.test(s)){ var base=127397; return String.fromCodePoint(s.charCodeAt(0)+base, s.charCodeAt(1)+base); } }catch(e){} return '🌐'; }
+            // Function to get flag image HTML for a country code
+            function getFlagHTML(cc, countryName) {
+                try {
+                    var code = (cc||'').toString().trim().toUpperCase();
+                    if(/^[A-Z]{2}$/.test(code)) {
+                        // Use flagcdn.com for high-quality flag images
+                        return '<img src="https://flagcdn.com/w20/' + code.toLowerCase() + '.png" ' +
+                            'srcset="https://flagcdn.com/w40/' + code.toLowerCase() + '.png 2x" ' +
+                            'alt="' + (countryName || code) + '" ' +
+                            'class="tu-flag-img" ' +
+                            'style="width:20px;height:15px;margin-right:6px;vertical-align:middle;border-radius:2px;box-shadow:0 1px 2px rgba(0,0,0,0.1);" />';
+                    }
+                } catch(e) {}
+                // Fallback to globe emoji for unknown countries
+                return '<span style="margin-right:6px;">🌐</span>';
+            }
 
             fetch('ajaxUrl', {method:'POST', credentials:'same-origin', body: fd})
@@ -1546 +1561 @@
                         '<td class="tu-num"><span class="tu-badge">'+ (it.sessions||0) +'</span></td>'+
                         '<td class="tu-num">'+ (it.pages_per_session||0).toFixed(2) +'</td>'+
-                        '<td><span class="tu-flag">'+ cc2flag(it.country_code) +'</span><span class="tu-country-name">'+ esc(it.country_name||'') +'</span></td>'+
+                        '<td>'+ getFlagHTML(it.country_code, it.country_name) +'<span class="tu-country-name">'+ esc(it.country_name||'') +'</span></td>'+
                         '<td class="tu-last">'+ esc(it.last_seen_human||'') +'</td>'+
                     '</tr>';

opti-behavior/trunk/assets/js/dashboard-final.js

@@ -1511 +1511 @@
                 fd.append('end_date', eEl && eEl.value ? eEl.value : '');
             }
-            function cc2flag(cc){ try{ var s=(cc||'').toString().trim().toUpperCase(); if(/^[A-Z]{2}$/.test(s)){ var base=127397; return String.fromCodePoint(s.charCodeAt(0)+base, s.charCodeAt(1)+base); } }catch(e){} return '🌐'; }
+            // Function to get flag image HTML for a country code
+            function getFlagHTML(cc, countryName) {
+                try {
+                    var code = (cc||'').toString().trim().toUpperCase();
+                    if(/^[A-Z]{2}$/.test(code)) {
+                        // Use flagcdn.com for high-quality flag images
+                        return '<img src="https://flagcdn.com/w20/' + code.toLowerCase() + '.png" ' +
+                            'srcset="https://flagcdn.com/w40/' + code.toLowerCase() + '.png 2x" ' +
+                            'alt="' + (countryName || code) + '" ' +
+                            'class="tu-flag-img" ' +
+                            'style="width:20px;height:15px;margin-right:6px;vertical-align:middle;border-radius:2px;box-shadow:0 1px 2px rgba(0,0,0,0.1);" />';
+                    }
+                } catch(e) {}
+                // Fallback to globe emoji for unknown countries
+                return '<span style="margin-right:6px;">🌐</span>';
+            }
 
             fetch('" . esc_url(admin_url('admin-ajax.php')) . "', {method:'POST', credentials:'same-origin', body: fd})
@@ -1543 +1558 @@
                         '<td class=\"tu-num\"><span class=\"tu-badge\">'+ (it.sessions||0) +'</span></td>'+
                         '<td class=\"tu-num\">'+ (it.pages_per_session||0).toFixed(2) +'</td>'+
-                        '<td><span class=\"tu-flag\">'+ cc2flag(it.country_code) +'</span><span class=\"tu-country-name\">'+ esc(it.country_name||'') +'</span></td>'+
+                        '<td>'+ getFlagHTML(it.country_code, it.country_name) +'<span class=\"tu-country-name\">'+ esc(it.country_name||'') +'</span></td>'+
                         '<td class=\"tu-last\">'+ esc(it.last_seen_human||'') +'</td>'+
                     '</tr>';

opti-behavior/trunk/assets/js/dashboard.js

@@ -50 +50 @@
                 const startEl = document.getElementById('start-date');
                 const endEl = document.getElementById('end-date');
-                const period = periodEl ? (periodEl.value || 'last7days') : 'last7days';
+                const period = periodEl ? (periodEl.value || 'last30days') : 'last30days';
                 const startDate = startEl ? startEl.value : '';
                 const endDate = endEl ? endEl.value : '';
@@ -667 +667 @@
                   var rl = charts.referrers.map(function(i){return i.referrer||'Direct / None'});
                   var rd = charts.referrers.map(function(i){return i.count||0});
+
+                  // Store favicon URLs for later use
+                  window.referrersFaviconData = charts.referrers.map(function(i) {
+                    return {
+                      referrer: i.referrer || 'Direct / None',
+                      domain: i.domain || '',
+                      favicon_url: i.favicon_url || ''
+                    };
+                  });
+
                   new Chart(rEl, {
                     type: 'bar',
@@ -676 +686 @@
                       maintainAspectRatio: false,
                       layout: { padding: { top: 8, right: 64, bottom: 8, left: 12 } },
-                      plugins: { legend: { display: false } },
+                      plugins: {
+                        legend: { display: false },
+                        tooltip: {
+                          callbacks: {
+                            label: function(context) {
+                              return context.dataset.label + ': ' + context.parsed.x;
+                            }
+                          }
+                        }
+                      },
                       elements: { bar: { borderRadius: 6, borderSkipped: false } },
                       scales: {
@@ -685 +704 @@
                         y: {
 
-                          ticks: { color: '#6b7280', font: { size: 12 } },
+                          ticks: {
+                            color: '#6b7280',
+                            font: { size: 12 },
+                            padding: 8,
+                            callback: function(value, index, ticks) {
+                              // Return label with extra padding for favicon
+                              return '     ' + this.getLabelForValue(value);
+                            }
+                          },
                           grid: { display: false }
                         }
@@ -691 +718 @@
                     }
                   });
+
+                  // Add favicons to the chart after rendering
+                  setTimeout(function() {
+                    var canvas = rEl;
+                    var chartContainer = canvas.parentElement;
+
+                    // Remove any existing favicon overlay
+                    var existingOverlay = chartContainer.querySelector('.referrer-favicon-overlay');
+                    if (existingOverlay) existingOverlay.parentNode.removeChild(existingOverlay);
+
+                    // Create overlay container
+                    var overlay = document.createElement('div');
+                    overlay.className = 'referrer-favicon-overlay';
+                    overlay.style.cssText = 'position: absolute; top: 0; left: 0; pointer-events: none;';
+
+                    // Get chart instance to calculate positions
+                    var chart = Chart.getChart(rEl);
+                    if (chart && window.referrersFaviconData) {
+                      var scale = chart.scales.y;
+                      var faviconData = window.referrersFaviconData;
+
+                      faviconData.forEach(function(item, index) {
+                        if (item.favicon_url) {
+                          var y = scale.getPixelForValue(index);
+
+                          // Create favicon image with fallback
+                          var img = document.createElement('img');
+                          img.src = item.favicon_url;
+                          img.style.cssText = 'position: absolute; left: 12px; top: ' + (y - 8) + 'px; width: 16px; height: 16px; border-radius: 2px;';
+                          img.onerror = function() {
+                            // Fallback to default icon
+                            this.src = 'data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZpZXdCb3g9IjAgMCAxNiAxNiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICA8cmVjdCB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHJ4PSIyIiBmaWxsPSIjRTVFN0VCIi8+CiAgPHBhdGggZD0iTTggM0M1LjIzODU4IDMgMyA1LjIzODU4IDMgOEMzIDEwLjc2MTQgNS4yMzg1OCAxMyA4IDEzQzEwLjc2MTQgMTMgMTMgMTAuNzYxNCAxMyA4QzEzIDUuMjM4NTggMTAuNzYxNCAzIDggM1pNOCA0LjVDOC41NTIyOCA0LjUgOSA0Ljk0NzcyIDkgNS41QzkgNi4wNTIyOCA4LjU1MjI4IDYuNSA4IDYuNUM3LjQ0NzcyIDYuNSA3IDYuMDUyMjggNyA1LjVDNyA0Ljk0NzcyIDcuNDQ3NzIgNC41IDggNC41Wk05LjUgMTAuNUg2LjVWOUg3LjVWOEg4LjVWMTBIOC41VjkuNUg5LjVWMTAuNVoiIGZpbGw9IiM5Q0EzQUYiLz4KPC9zdmc+';
+                          };
+
+                          overlay.appendChild(img);
+                        }
+                      });
+
+                      chartContainer.style.position = 'relative';
+                      chartContainer.appendChild(overlay);
+                    }
+                  }, 100);
                 }
 
@@ -926 +995 @@
             if (!hasAnyData){
               var ajaxUrl = (window.opti_behaviorData && (window.opti_behaviorData.ajaxUrl||window.opti_behaviorData.ajaxurl)) || (window.ajaxurl) || '/wp-admin/admin-ajax.php';
-              var per = document.getElementById('dashboard-period') ? (document.getElementById('dashboard-period').value||'last7days') : 'last7days';
+              var per = document.getElementById('dashboard-period') ? (document.getElementById('dashboard-period').value||'last30days') : 'last30days';
               var s = document.getElementById('start-date') ? (document.getElementById('start-date').value||'') : '';
               var e = document.getElementById('end-date') ? (document.getElementById('end-date').value||'') : '';
@@ -1395 +1464 @@
                 const labels = items.map(i=>i.referrer||'Direct / None');
                 const data = items.map(i=>i.count||0);
+
+                // Store favicon URLs for later use
+                window.referrersFaviconData = items.map(i => ({
+                  referrer: i.referrer || 'Direct / None',
+                  domain: i.domain || '',
+                  favicon_url: i.favicon_url || ''
+                }));
+
                 // Destroy existing chart if it exists
                 const existingReferrersChart = Chart.getChart(rEl);
                 if (existingReferrersChart) existingReferrersChart.destroy();
+
                 new Chart(rEl, {
       plugins: (window.optibehaviorValueLabelsPlugin ? [window.optibehaviorValueLabelsPlugin] : []),
@@ -1407 +1485 @@
                     maintainAspectRatio: false,
                     layout: { padding: { top: 8, right: 64, bottom: 8, left: 12 } },
-                    plugins: { legend: { display: false } },
+                    plugins: {
+                      legend: { display: false },
+                      tooltip: {
+                        callbacks: {
+                          label: function(context) {
+                            return context.dataset.label + ': ' + context.parsed.x;
+                          }
+                        }
+                      }
+                    },
                     elements: { bar: { borderRadius: 6, borderSkipped: false } },
                     scales: {
@@ -1415 +1502 @@
                       },
                       y: {
-
-                        ticks: { color: '#6b7280', font: { size: 12 } },
+                        ticks: {
+                          color: '#6b7280',
+                          font: { size: 12 },
+                          padding: 8,
+                          callback: function(value, index, ticks) {
+                            // Return label with extra padding for favicon
+                            return '     ' + this.getLabelForValue(value);
+                          }
+                        },
                         grid: { display: false }
                       }
@@ -1422 +1516 @@
                   }
                 });
+
+                // Add favicons to the chart after rendering
+                setTimeout(() => {
+                  const canvas = rEl;
+                  const chartContainer = canvas.parentElement;
+
+                  // Remove any existing favicon overlay
+                  const existingOverlay = chartContainer.querySelector('.referrer-favicon-overlay');
+                  if (existingOverlay) existingOverlay.remove();
+
+                  // Create overlay container
+                  const overlay = document.createElement('div');
+                  overlay.className = 'referrer-favicon-overlay';
+                  overlay.style.cssText = 'position: absolute; top: 0; left: 0; pointer-events: none;';
+
+                  // Get chart instance to calculate positions
+                  const chart = Chart.getChart(rEl);
+                  if (chart && window.referrersFaviconData) {
+                    const scale = chart.scales.y;
+                    const faviconData = window.referrersFaviconData;
+
+                    faviconData.forEach((item, index) => {
+                      if (item.favicon_url) {
+                        const y = scale.getPixelForValue(index);
+
+                        // Create favicon image with fallback
+                        const img = document.createElement('img');
+                        img.src = item.favicon_url;
+                        img.style.cssText = `position: absolute; left: 12px; top: ${y - 8}px; width: 16px; height: 16px; border-radius: 2px;`;
+                        img.onerror = function() {
+                          // Fallback to default icon
+                          this.src = 'data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZpZXdCb3g9IjAgMCAxNiAxNiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICA8cmVjdCB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHJ4PSIyIiBmaWxsPSIjRTVFN0VCIi8+CiAgPHBhdGggZD0iTTggM0M1LjIzODU4IDMgMyA1LjIzODU4IDMgOEMzIDEwLjc2MTQgNS4yMzg1OCAxMyA4IDEzQzEwLjc2MTQgMTMgMTMgMTAuNzYxNCAxMyA4QzEzIDUuMjM4NTggMTAuNzYxNCAzIDggM1pNOCA0LjVDOC41NTIyOCA0LjUgOSA0Ljk0NzcyIDkgNS41QzkgNi4wNTIyOCA4LjU1MjI4IDYuNSA4IDYuNUM3LjQ0NzcyIDYuNSA3IDYuMDUyMjggNyA1LjVDNyA0Ljk0NzcyIDcuNDQ3NzIgNC41IDggNC41Wk05LjUgMTAuNUg2LjVWOUg3LjVWOEg4LjVWMTBIOC41VjkuNUg5LjVWMTAuNVoiIGZpbGw9IiM5Q0EzQUYiLz4KPC9zdmc+';
+                        };
+
+                        overlay.appendChild(img);
+                      }
+                    });
+
+                    chartContainer.style.position = 'relative';
+                    chartContainer.appendChild(overlay);
+                  }
+                }, 100);
               }
 
@@ -2072 +2208 @@
                 if (optibehaviorRefreshing) return;
                 optibehaviorRefreshing = true;
-                const period = document.getElementById('dashboard-period')?.value || 'last7days';
+                const period = document.getElementById('dashboard-period')?.value || 'last30days';
                 fetch(ajaxurl, {
                     method: 'POST',
@@ -3167 +3303 @@
                         const rows = tbody.querySelectorAll('tr');
                         rows.forEach(function(row) {
-                            const labelNode = row.querySelector('.referrer-name');
-                            if (!labelNode) {
-                                return;
-                            }
-
-                            const label = labelNode.textContent || '';
-                            const faviconUrl = getFaviconUrlFromReferrer(label);
-                            if (!faviconUrl) {
+                            // Get favicon URL from data attribute (provided by PHP)
+                            const faviconUrl = row.getAttribute('data-favicon-url');
+                            const domain = row.getAttribute('data-domain');
+
+                            if (!faviconUrl || !domain) {
+                                // No favicon URL provided by PHP, skip this row
                                 return;
                             }
@@ -3183 +3317 @@
                             }
 
+                            // Save the original SVG for fallback
+                            const originalSVG = iconContainer.innerHTML;
+
+                            // Create img element and add to DOM immediately
                             const img = document.createElement('img');
                             img.className = 'ob-referrer-favicon';
-                            img.src = faviconUrl;
                             img.alt = '';
                             img.loading = 'lazy';
+                            img.style.cssText = 'width: 20px; height: 20px; border-radius: 3px; object-fit: contain;';
+
+                            // Fallback chain with multiple sources
+                            let fallbackIndex = 0;
+                            const fallbackUrls = [
+                                'https://www.google.com/s2/favicons?sz=32&domain=' + domain, // Google favicon service (most reliable)
+                                faviconUrl, // Primary: domain.com/favicon.ico
+                                'https://icons.duckduckgo.com/ip3/' + domain + '.ico' // DuckDuckGo favicon service
+                            ];
+
+                            function tryNextFallback() {
+                                if (fallbackIndex < fallbackUrls.length) {
+                                    img.src = fallbackUrls[fallbackIndex];
+                                    fallbackIndex++;
+                                } else {
+                                    // All fallbacks failed, restore the SVG icon
+                                    iconContainer.innerHTML = originalSVG;
+                                }
+                            }
+
                             img.addEventListener('error', function() {
-                                img.style.display = 'none';
+                                // Try next fallback on error
+                                tryNextFallback();
                             });
 
-                            // Replace existing SVG-only icon content so layout stays consistent
-                            iconContainer.innerHTML = '';
+                            img.addEventListener('load', function() {
+                                // Successfully loaded, check if it's a valid image
+                                // Some services return 1x1 transparent pixel for missing favicons
+                                if (img.naturalWidth > 1 && img.naturalHeight > 1) {
+                                    // Valid favicon loaded - image is already in DOM, just hide SVG
+                                    const svg = iconContainer.querySelector('svg');
+                                    if (svg) {
+                                        svg.style.display = 'none';
+                                    }
+                                } else {
+                                    // Invalid image, try next fallback
+                                    tryNextFallback();
+                                }
+                            });
+
+                            // Add image to DOM immediately, then start loading
                             iconContainer.appendChild(img);
+                            img.src = fallbackUrls[0];
                         });
                     }
@@ -3205 +3378 @@
                     const percentage = totalCount > 0 ? Math.round((count / totalCount) * 100) : 0;
                     const referrerIconSVG = getReferrerIconSVG(referrer);
+                    const faviconUrl = item.favicon_url || '';
+                    const domain = item.domain || '';
 
                     // Calculate trend (for now, show as new since we don't have previous data)
@@ -3234 +3409 @@
 
                     const row = document.createElement('tr');
+                    // Store favicon data as data attributes
+                    if (faviconUrl) {
+                        row.setAttribute('data-favicon-url', faviconUrl);
+                    }
+                    if (domain) {
+                        row.setAttribute('data-domain', domain);
+                    }
                     row.innerHTML = `
                         <td class="referrer-name-cell">
@@ -3307 +3489 @@
             let html = '';
             visitors.forEach(visitor => {
+                // Get country code for flag icon
+                const countryCode = (visitor.country_code || '').toLowerCase();
+                const flagUrl = countryCode && countryCode.length === 2 ? `https://flagcdn.com/w40/${countryCode}.png` : '';
+                const flagHtml = flagUrl ? `<img src="${flagUrl}" alt="${visitor.country}" class="visitor-flag-icon" />` : '<span class="visitor-flag">${visitor.flag}</span>';
+
                 html += `
                     <div class="visitor-item grid">
                         <span class="visitor-datetime">${(visitor.visited_at || '') + (visitor.time_ago ? ' - <span class="ago">' + visitor.time_ago + '</span>' : '')}</span>
-                        <span class="visitor-flag-country"><span class="visitor-flag">${visitor.flag}</span> <span class="visitor-location">${visitor.country}</span></span>
+                        <span class="visitor-flag-country">${flagHtml} <span class="visitor-location">${visitor.country}</span></span>
                         <span class="visitor-pageblock"><span class="visitor-title">${visitor.page_title || ''}</span><a class="visitor-url" href="${visitor.current_url || '#'}" target="_blank" rel="noopener">${visitor.current_url || ''}</a></span>
                         <span class="visitor-ip-col"><span class="visitor-ip-pill">${shortIP(visitor.ip)}<\/span></span>
@@ -3505 +3692 @@
                 fd.append('end_date', eEl && eEl.value ? eEl.value : '');
             }
-            function cc2flag(cc){ try{ var s=(cc||'').toString().trim().toUpperCase(); if(/^[A-Z]{2}$/.test(s)){ var base=127397; return String.fromCodePoint(s.charCodeAt(0)+base, s.charCodeAt(1)+base); } }catch(e){} return '🌐'; }
+            // Function to get flag image HTML for a country code
+            function getFlagHTML(cc, countryName) {
+                try {
+                    var code = (cc||'').toString().trim().toUpperCase();
+                    if(/^[A-Z]{2}$/.test(code)) {
+                        // Use flagcdn.com for high-quality flag images
+                        return '<img src="https://flagcdn.com/w20/' + code.toLowerCase() + '.png" ' +
+                            'srcset="https://flagcdn.com/w40/' + code.toLowerCase() + '.png 2x" ' +
+                            'alt="' + (countryName || code) + '" ' +
+                            'class="tu-flag-img" ' +
+                            'style="width:20px;height:15px;margin-right:6px;vertical-align:middle;border-radius:2px;box-shadow:0 1px 2px rgba(0,0,0,0.1);" />';
+                    }
+                } catch(e) {}
+                // Fallback to globe emoji for unknown countries
+                return '<span style="margin-right:6px;">🌐</span>';
+            }
 
             fetch('' + opti_behaviorDashboard.ajaxUrl + '', {method:'POST', credentials:'same-origin', body: fd})
@@ -3562 +3764 @@
                         '<td class="tu-num"><span class="tu-badge">'+ (it.sessions||0) +'</span></td>'+
                         '<td class="tu-num">'+ (it.pages_per_session||0).toFixed(2) +'</td>'+
-                        '<td><span class="tu-flag">'+ cc2flag(it.country_code) +'</span><span class="tu-country-name">'+ esc(it.country_name||'') +'</span></td>'+
+                        '<td>'+ getFlagHTML(it.country_code, it.country_name) +'<span class="tu-country-name">'+ esc(it.country_name||'') +'</span></td>'+
                         '<td class="tu-last">'+ esc(it.last_seen_human||'') +'</td>'+
                     '</tr>';
@@ -3619 +3821 @@
             var startEl = document.getElementById('start-date');
             var endEl = document.getElementById('end-date');
-            var period = periodEl ? (periodEl.value || 'last7days') : 'last7days';
+            var period = periodEl ? (periodEl.value || 'last30days') : 'last30days';
 
             var ajaxUrl = (window.opti_behaviorData && window.opti_behaviorData.ajaxUrl) || (window.ajaxurl) || '/wp-admin/admin-ajax.php';
@@ -4124 +4326 @@
     }
 
+    /**
+     * Initialize mini bar charts for stat cards history
+     */
+    function initStatHistoryCharts() {
+        // Check if Chart.js is loaded
+        if (typeof Chart === 'undefined') {
+            console.warn('Chart.js not loaded, skipping stat history charts');
+            return;
+        }
+
+        // Get daily history data from window object
+        const data = window.opti_behaviorData;
+        if (!data || !data.dashboard || !data.dashboard.daily_history) {
+            console.warn('Daily history data not available');
+            return;
+        }
+
+        const dailyHistory = data.dashboard.daily_history;
+        const dates = dailyHistory.dates || [];
+
+        // Format dates for display (e.g., "Dec 1", "Dec 2")
+        const labels = dates.map(dateStr => {
+            const date = new Date(dateStr);
+            return date.toLocaleDateString('en-US', { month: 'short', day: 'numeric' });
+        });
+
+        // Define color scheme for each metric
+        const colors = {
+            visitors: '#3b82f6',         // Blue
+            sessions: '#8b5cf6',         // Purple
+            pageviews: '#f59e0b',        // Orange
+            avg_session_time: '#14b8a6', // Teal
+            avg_scroll_depth: '#6366f1', // Indigo
+            bounce_rate: '#ef4444'       // Red
+        };
+
+        // Chart configuration template
+        const getChartConfig = (metricKey, label, data, color) => ({
+            type: 'bar',
+            data: {
+                labels: labels,
+                datasets: [{
+                    label: label,
+                    data: data,
+                    backgroundColor: color,
+                    borderColor: color,
+                    borderWidth: 0,
+                    borderRadius: 2,
+                    barPercentage: 0.8,
+                    categoryPercentage: 0.9
+                }]
+            },
+            options: {
+                responsive: true,
+                maintainAspectRatio: false,
+                plugins: {
+                    legend: { display: false },
+                    tooltip: {
+                        enabled: true,
+                        backgroundColor: 'rgba(0, 0, 0, 0.8)',
+                        padding: 8,
+                        displayColors: false,
+                        callbacks: {
+                            title: (tooltipItems) => tooltipItems[0].label,
+                            label: (context) => {
+                                let value = context.parsed.y;
+                                // Format based on metric type
+                                if (metricKey === 'avg_session_time') {
+                                    const minutes = Math.floor(value / 60);
+                                    const seconds = value % 60;
+                                    return `${minutes}:${seconds.toString().padStart(2, '0')}`;
+                                } else if (metricKey === 'avg_scroll_depth' || metricKey === 'bounce_rate') {
+                                    return `${value}%`;
+                                }
+                                return value.toString();
+                            }
+                        }
+                    }
+                },
+                scales: {
+                    x: {
+                        display: false,
+                        grid: { display: false }
+                    },
+                    y: {
+                        display: false,
+                        grid: { display: false },
+                        beginAtZero: true
+                    }
+                },
+                animation: {
+                    duration: 500,
+                    easing: 'easeInOutQuart'
+                }
+            }
+        });
+
+        // Initialize each chart
+        const metrics = [
+            { key: 'visitors', label: 'Visitors', canvasId: 'history-visitors' },
+            { key: 'sessions', label: 'Sessions', canvasId: 'history-sessions' },
+            { key: 'pageviews', label: 'Page Views', canvasId: 'history-pageviews' },
+            { key: 'avg_session_time', label: 'Avg. Session Time', canvasId: 'history-avg-session-time' },
+            { key: 'avg_scroll_depth', label: 'Avg. Scroll Depth', canvasId: 'history-avg-scroll-depth' },
+            { key: 'bounce_rate', label: 'Bounce Rate', canvasId: 'history-bounce-rate' }
+        ];
+
+        metrics.forEach(metric => {
+            const canvas = document.getElementById(metric.canvasId);
+            if (!canvas) {
+                console.warn(`Canvas not found: ${metric.canvasId}`);
+                return;
+            }
+
+            const ctx = canvas.getContext('2d');
+            const chartData = dailyHistory[metric.key] || [];
+            const color = colors[metric.key];
+
+            // Create the chart
+            new Chart(ctx, getChartConfig(metric.key, metric.label, chartData, color));
+        });
+    }
+
+    // Initialize stat history charts when DOM is ready
+    if (document.readyState === 'loading') {
+        document.addEventListener('DOMContentLoaded', initStatHistoryCharts);
+    } else {
+        initStatHistoryCharts();
+    }
+
     // Expose widget rendering functions to window for async loader callbacks
     window.updateSessionsChart = updateSessionsChart;
@@ -4136 +4468 @@
     window.initBotTrafficWidget = initBotTrafficWidget;
     window.initScreenResolutionChart = initScreenResolutionChart;
+    window.initStatHistoryCharts = initStatHistoryCharts;
 })();

opti-behavior/trunk/assets/js/opti-behavior-heatmap-simple.js

@@ -77 +77 @@
         this.sessionId = null;
         this.visitorId = null;
+        // Track last activity time for inactivity timeout (30 minutes like Pro version)
+        this.lastActivityTime = Date.now();
+        this.inactivityTimeout = 30 * 60 * 1000; // 30 minutes in milliseconds
+        this.maxSessionDuration = 60 * 60 * 1000; // Cap session at 1 hour max
     }
     
@@ -123 +127 @@
     HeatmapTracker.prototype.handleClick = function(event) {
         console.log('[Heatmap] Click detected!', event);
+
+        // Update activity timestamp
+        this.lastActivityTime = Date.now();
 
         // Get click coordinates
@@ -288 +295 @@
 
     HeatmapTracker.prototype.handleScroll = function() {
+        // Update activity timestamp on scroll
+        this.lastActivityTime = Date.now();
         this.updateScrollDepth();
     };
@@ -336 +345 @@
 
     HeatmapTracker.prototype.sendHeartbeat = function() {
-        const sessionDuration = Math.round((Date.now() - this.sessionStartTime) / 1000);
+        const now = Date.now();
+        const timeSinceLastActivity = now - this.lastActivityTime;
+        const totalSessionTime = now - this.sessionStartTime;
+
+        // Stop heartbeat if user has been inactive for 30 minutes
+        if (timeSinceLastActivity > this.inactivityTimeout) {
+            console.log('[Heatmap] Session inactive for 30+ minutes, stopping heartbeat');
+            clearInterval(this.heartbeatTimer);
+            this.heartbeatTimer = null;
+            return;
+        }
+
+        // Stop heartbeat if session exceeds 1 hour (prevents inflated durations)
+        if (totalSessionTime > this.maxSessionDuration) {
+            console.log('[Heatmap] Session exceeded 1 hour max, stopping heartbeat');
+            clearInterval(this.heartbeatTimer);
+            this.heartbeatTimer = null;
+            return;
+        }
+
+        const sessionDuration = Math.round(totalSessionTime / 1000);
 
         // Use stored IDs instead of reading cookies

opti-behavior/trunk/includes/class-opti-behavior-heatmap-file-storage.php

@@ -673 +673 @@
 
         return $total_count;
+    }
+
+    /**
+     * List all recordings from file storage with pagination and filtering
+     *
+     * @param int    $limit Number of recordings to return (0 = no limit).
+     * @param int    $offset Offset for pagination.
+     * @param string $start_date Optional start date filter (Y-m-d format).
+     * @param string $end_date Optional end date filter (Y-m-d format).
+     * @param string $sort_order Sort order ('asc' or 'desc').
+     * @return array Array with 'recordings' and 'total' count.
+     */
+    public function list_recordings( $limit = 0, $offset = 0, $start_date = null, $end_date = null, $sort_order = 'desc', $sort_by = 'date' ) {
+        $this->log( '[Opti-FREE] list_recordings START - sort_by=' . $sort_by . ', sort_order=' . $sort_order . ', limit=' . $limit, 'debug' );
+        $recordings_dir = $this->base_dir . 'recordings/';
+
+        if ( ! file_exists( $recordings_dir ) ) {
+            return array(
+                'recordings' => array(),
+                'total' => 0,
+            );
+        }
+
+        $all_recordings = array();
+
+        // Determine date range to scan
+        if ( $start_date && $end_date ) {
+            $start_timestamp = strtotime( $start_date );
+            $end_timestamp = strtotime( $end_date . ' 23:59:59' );
+        } else {
+            // Scan all files if no date range specified
+            $start_timestamp = 0;
+            $end_timestamp = PHP_INT_MAX;
+        }
+
+        // Recursively scan recordings directory
+        $iterator = new RecursiveIteratorIterator(
+            new RecursiveDirectoryIterator( $recordings_dir, RecursiveDirectoryIterator::SKIP_DOTS )
+        );
+
+        foreach ( $iterator as $file ) {
+            if ( ! $file->isFile() || $file->getFilename() === 'index.php' || $file->getFilename() === '.htaccess' ) {
+                continue;
+            }
+
+            // Parse filename: session_[id]_[timestamp].json.gz
+            $filename = $file->getFilename();
+            if ( ! preg_match( '/^session_(.+)_(\d+)\.json(\.gz)?$/', $filename, $matches ) ) {
+                continue;
+            }
+
+            $session_id = $matches[1];
+            $file_timestamp = intval( $matches[2] );
+
+            // Check if file is within date range
+            if ( $file_timestamp < $start_timestamp || $file_timestamp > $end_timestamp ) {
+                continue;
+            }
+
+            // Get file path relative to base dir
+            $relative_path = str_replace( $this->base_dir, '', $file->getPathname() );
+            $relative_path = str_replace( '\\', '/', $relative_path ); // Normalize path separators
+
+            // Read file metadata (we'll load full data only when viewing specific recording)
+            $all_recordings[] = array(
+                'session_id' => $session_id,
+                'file_path' => $relative_path,
+                'file_size' => $file->getSize(),
+                'start_time' => gmdate( 'Y-m-d H:i:s', $file_timestamp ),
+                'timestamp' => $file_timestamp,
+            );
+        }
+
+        // Sort by timestamp
+        usort( $all_recordings, function( $a, $b ) use ( $sort_order ) {
+            if ( $sort_order === 'asc' ) {
+                return $a['timestamp'] - $b['timestamp'];
+            } else {
+                return $b['timestamp'] - $a['timestamp'];
+            }
+        });
+
+        $total = count( $all_recordings );
+
+        // Apply pagination
+        if ( $limit > 0 ) {
+            $all_recordings = array_slice( $all_recordings, $offset, $limit );
+        }
+
+        // If sorting by duration, read duration from files AFTER pagination (only for displayed items)
+        if ( $sort_by === 'duration' ) {
+            $this->log( '[Opti-FREE] DURATION SORTING ACTIVE - Reading durations...', 'debug' );
+            foreach ( $all_recordings as &$recording ) {
+                try {
+                    $file_data = $this->read_recording( $recording['file_path'] );
+                    if ( $file_data && isset( $file_data['duration'] ) ) {
+                        $recording['duration'] = intval( $file_data['duration'] );
+                        $this->log( '[Opti-FREE] Session ' . $recording['session_id'] . ' duration: ' . $recording['duration'] . 's', 'debug' );
+                    }
+                } catch ( Exception $e ) {
+                    $this->log( '[Opti-FREE] Error reading duration: ' . $recording['file_path'], 'error' );
+                }
+            }
+            unset( $recording ); // Break reference
+
+            $this->log( '[Opti-FREE] Sorting by duration (' . $sort_order . ')...', 'debug' );
+            // Now sort by duration
+            usort( $all_recordings, function( $a, $b ) use ( $sort_order ) {
+                if ( $sort_order === 'asc' ) {
+                    return $a['duration'] - $b['duration'];
+                } else {
+                    return $b['duration'] - $a['duration'];
+                }
+            });
+
+            // Log final order after sorting
+            $this->log( '[Opti-FREE] After duration sort - Final order:', 'debug' );
+            foreach ( $all_recordings as $rec ) {
+                $this->log( '[Opti-FREE]   => ' . $rec['session_id'] . ': ' . $rec['duration'] . 's', 'debug' );
+            }
+        }
+
+        return array(
+            'recordings' => $all_recordings,
+            'total' => $total,
+        );
     }
 

opti-behavior/trunk/includes/class-opti-behavior-license-manager.php

@@ -16 +16 @@
     /**
      * API base URL
-     */
-    const API_URL = 'https://api.optiuser.com/';
+     *
+     * Environment is controlled by OPTI_BEHAVIOR_ENVIRONMENT constant in Opti-Behavior.php:
+     * - 'local' => http://localhost/api/
+     * - 'live'  => https://api.optiuser.com/ (default)
+     *
+     * Can also be overridden in wp-config.php using:
+     * define( 'OPTI_BEHAVIOR_API_URL', 'https://custom-api.com/' );
+     */
+    private static function get_api_url() {
+        // Check if API URL is manually defined in wp-config.php (highest priority)
+        if ( defined( 'OPTI_BEHAVIOR_API_URL' ) && ! empty( OPTI_BEHAVIOR_API_URL ) ) {
+            return trailingslashit( OPTI_BEHAVIOR_API_URL );
+        }
+
+        // Use environment-based URL
+        if ( defined( 'OPTI_BEHAVIOR_ENVIRONMENT' ) && OPTI_BEHAVIOR_ENVIRONMENT === 'local' ) {
+            return 'http://localhost/api/';
+        }
+
+        // Default to production API
+        return 'https://api.optiuser.com/';
+    }
     
     /**
@@ -85 +105 @@
      */
     public function auto_register() {
+        $this->debug_manager->log( '=== Starting Auto-Registration ===' , 'info', 'license' );
+        $this->debug_manager->log( 'API URL: ' . self::get_api_url(), 'info', 'license' );
+
         // Generate client keypair
+        $this->debug_manager->log( 'Generating client keypair...', 'debug', 'license' );
         $keypair = $this->generate_client_keypair();
 
@@ -92 +116 @@
             return false;
         }
-        
+
+        $this->debug_manager->log( 'Client keypair generated successfully', 'debug', 'license' );
+
         // Get domain name
         $domain = $this->get_domain();
-        
+        $this->debug_manager->log( 'Domain: ' . $domain, 'info', 'license' );
+
+        // Get site information
+        $admin_email = get_option( 'admin_email' );
+        $site_url = get_site_url();
+        $site_name = get_bloginfo( 'name' );
+
+        $this->debug_manager->log( 'Site URL: ' . $site_url, 'info', 'license' );
+        $this->debug_manager->log( 'Site Name: ' . $site_name, 'info', 'license' );
+        $this->debug_manager->log( 'Admin Email: ' . $admin_email, 'info', 'license' );
+
         // Register with API
+        $this->debug_manager->log( 'Calling API /register endpoint...', 'info', 'license' );
         $response = $this->call_api( 'register', array(
             'domain' => $domain,
             'client_public_key' => $keypair['public_key'],
+            'email' => $admin_email,
+            'site_url' => $site_url,
+            'site_name' => $site_name,
         ), 'POST' );
 
         if ( ! $response || ! isset( $response['success'] ) || ! $response['success'] ) {
-            $this->debug_manager->log( 'Registration failed: ' . wp_json_encode( $response ), 'error', 'license' );
-            return false;
-        }
-        
+            $error_details = $response ? wp_json_encode( $response ) : 'NULL response';
+            $this->debug_manager->log( 'Registration failed: ' . $error_details, 'error', 'license' );
+            $this->debug_manager->log( '=== Auto-Registration FAILED ===' , 'error', 'license' );
+            return false;
+        }
+
+        $this->debug_manager->log( 'Registration successful! Storing installation data...', 'info', 'license' );
+        $this->debug_manager->log( 'Installation ID: ' . $response['data']['installation_id'], 'info', 'license' );
+
         // Store installation data
         update_option( self::OPTION_INSTALLATION_ID, $response['data']['installation_id'] );
@@ -114 +159 @@
         update_option( self::OPTION_REGISTRATION_DATE, current_time( 'mysql' ) );
 
+        $this->debug_manager->log( 'Installation options saved to WordPress database', 'debug', 'license' );
+
         // Store master_secret for API authentication (encrypted)
         if ( isset( $response['data']['master_secret'] ) ) {
@@ -119 +166 @@
             update_option( 'opti_behavior_master_secret', $response['data']['master_secret'] );
             $this->debug_manager->log( 'Master secret stored for API authentication', 'info', 'license' );
+        } else {
+            $this->debug_manager->log( 'WARNING: No master_secret in API response!', 'warning', 'license' );
         }
 
@@ -128 +177 @@
         }
 
+        $this->debug_manager->log( '=== Auto-Registration COMPLETED SUCCESSFULLY ===' , 'info', 'license' );
         return true;
     }
@@ -225 +275 @@
      */
     public function call_api( $endpoint, $data = array(), $method = 'GET' ) {
-        $url = self::API_URL . $endpoint;
+        $this->debug_manager->log( '--- API Call Start ---', 'debug', 'license' );
+        $this->debug_manager->log( 'Endpoint: ' . $endpoint, 'info', 'license' );
+        $this->debug_manager->log( 'Method: ' . $method, 'info', 'license' );
+
+        $url = self::get_api_url() . $endpoint;
+        $this->debug_manager->log( 'Full URL: ' . $url, 'info', 'license' );
+
         $installation_id = $this->get_installation_id();
+        $this->debug_manager->log( 'Installation ID: ' . ( $installation_id ? $installation_id : 'EMPTY' ), 'info', 'license' );
+
         $timestamp = time();
 
@@ -238 +296 @@
         }
 
+        $this->debug_manager->log( 'Request Data: ' . $data_to_sign, 'debug', 'license' );
+
         // Generate HMAC signature (only if registered)
         $signature = '';
         if ( ! empty( $installation_id ) && $endpoint !== 'register' ) {
             $signature = $this->generate_api_signature( $data_to_sign, $timestamp );
+            $this->debug_manager->log( 'HMAC Signature generated: ' . substr( $signature, 0, 20 ) . '...', 'debug', 'license' );
+        } else {
+            $this->debug_manager->log( 'No signature required (registration or no installation ID)', 'debug', 'license' );
         }
 
@@ -259 +322 @@
         } elseif ( $method === 'GET' && ! empty( $data ) ) {
             $url = add_query_arg( $data, $url );
-        }
-
+            $this->debug_manager->log( 'URL with query params: ' . $url, 'debug', 'license' );
+        }
+
+        $this->debug_manager->log( 'Sending wp_remote_request...', 'debug', 'license' );
         $response = wp_remote_request( $url, $args );
 
         if ( is_wp_error( $response ) ) {
-            $this->debug_manager->log( 'API call failed: ' . $response->get_error_message(), 'error', 'license' );
-            return false;
-        }
+            $error_message = $response->get_error_message();
+            $this->debug_manager->log( 'wp_remote_request ERROR: ' . $error_message, 'error', 'license' );
+            $this->debug_manager->log( '--- API Call FAILED (WP_Error) ---', 'error', 'license' );
+            return false;
+        }
+
+        $http_code = wp_remote_retrieve_response_code( $response );
+        $this->debug_manager->log( 'HTTP Response Code: ' . $http_code, 'info', 'license' );
 
         $body = wp_remote_retrieve_body( $response );
+        $this->debug_manager->log( 'Response Body (first 500 chars): ' . substr( $body, 0, 500 ), 'debug', 'license' );
+
         $decoded = json_decode( $body, true );
+
+        if ( json_last_error() !== JSON_ERROR_NONE ) {
+            $this->debug_manager->log( 'JSON decode error: ' . json_last_error_msg(), 'error', 'license' );
+            $this->debug_manager->log( '--- API Call FAILED (Invalid JSON) ---', 'error', 'license' );
+            return false;
+        }
+
+        $this->debug_manager->log( 'API Response: ' . wp_json_encode( $decoded ), 'debug', 'license' );
+        $this->debug_manager->log( '--- API Call End ---', 'debug', 'license' );
 
         return $decoded;
@@ -304 +385 @@
     
     /**
-     * Get quota information
+     * Get quota information from API with encrypted caching
+     *
+     * SECURITY: Uses encrypted cache with HMAC integrity verification
+     * Cache is invalidated if tampered or every 5 minutes to stay fresh
      */
     public function get_quota() {
+        $this->debug_manager->log( '--- get_quota() called ---', 'debug', 'license' );
+
         $installation_id = $this->get_installation_id();
 
         if ( empty( $installation_id ) ) {
-            return false;
-        }
-
+            $this->debug_manager->log( 'get_quota failed: No installation ID found (not registered)', 'error', 'license' );
+            return false;
+        }
+
+        $this->debug_manager->log( 'Installation ID found: ' . $installation_id, 'debug', 'license' );
+
+        // Try to get from encrypted cache first
+        $cached_quota = $this->get_cached_quota( $installation_id );
+        if ( $cached_quota !== false ) {
+            $this->debug_manager->log( 'Using cached quota data', 'debug', 'license' );
+            return $cached_quota;
+        }
+
+        $this->debug_manager->log( 'No cached quota, fetching from API...', 'debug', 'license' );
+
+        // Fetch fresh data from API
         $response = $this->call_api( 'quota', array(
             'installation_id' => $installation_id,
@@ -318 +417 @@
 
         if ( ! $response || ! isset( $response['success'] ) || ! $response['success'] ) {
-            return false;
-        }
+            $error_details = $response ? wp_json_encode( $response ) : 'NULL response';
+            $this->debug_manager->log( 'Failed to fetch quota from API: ' . $error_details, 'error', 'license' );
+            return false;
+        }
+
+        $this->debug_manager->log( 'Quota API response successful', 'debug', 'license' );
 
         // Return just the current_month data
         if ( isset( $response['data']['current_month'] ) ) {
-            return $response['data']['current_month'];
-        }
-
+            $quota_data = $response['data']['current_month'];
+
+            // Cache the quota data securely
+            $this->cache_quota( $installation_id, $quota_data );
+
+            $this->debug_manager->log( 'Quota data cached and returned', 'debug', 'license' );
+            return $quota_data;
+        }
+
+        $this->debug_manager->log( 'Quota API response missing current_month data', 'error', 'license' );
         return false;
+    }
+
+    /**
+     * Get cached quota with integrity verification
+     *
+     * @param string $installation_id Installation ID
+     * @return array|false Quota data or false if cache invalid/expired
+     */
+    private function get_cached_quota( $installation_id ) {
+        $cache_option = 'opti_behavior_quota_cache_' . substr( md5( $installation_id ), 0, 16 );
+        $cached = get_transient( $cache_option );
+
+        if ( ! $cached || ! is_array( $cached ) ) {
+            return false;
+        }
+
+        // Verify cache has required fields
+        if ( ! isset( $cached['data'], $cached['hash'], $cached['timestamp'] ) ) {
+            $this->debug_manager->log( 'Cache missing required fields', 'warning', 'license' );
+            delete_transient( $cache_option );
+            return false;
+        }
+
+        // Verify integrity hash (prevents tampering)
+        $expected_hash = $this->calculate_quota_hash( $cached['data'], $cached['timestamp'], $installation_id );
+        if ( ! hash_equals( $expected_hash, $cached['hash'] ) ) {
+            $this->debug_manager->log( 'Cache integrity check failed - possible tampering detected', 'error', 'license' );
+            delete_transient( $cache_option );
+            return false;
+        }
+
+        return $cached['data'];
+    }
+
+    /**
+     * Cache quota data with integrity protection
+     *
+     * @param string $installation_id Installation ID
+     * @param array $quota_data Quota data to cache
+     */
+    private function cache_quota( $installation_id, $quota_data ) {
+        $cache_option = 'opti_behavior_quota_cache_' . substr( md5( $installation_id ), 0, 16 );
+        $timestamp = time();
+
+        $cache_data = array(
+            'data' => $quota_data,
+            'timestamp' => $timestamp,
+            'hash' => $this->calculate_quota_hash( $quota_data, $timestamp, $installation_id ),
+        );
+
+        // Cache for 1 minute - allows admin changes to be visible quickly
+        // Admin can change quota limits in API, so we need short cache
+        set_transient( $cache_option, $cache_data, 60 );
+    }
+
+    /**
+     * Calculate integrity hash for quota cache
+     *
+     * @param array $data Quota data
+     * @param int $timestamp Cache timestamp
+     * @param string $installation_id Installation ID
+     * @return string HMAC hash
+     */
+    private function calculate_quota_hash( $data, $timestamp, $installation_id ) {
+        // Use site-specific secrets to prevent cross-site tampering
+        $secret = defined( 'AUTH_KEY' ) ? AUTH_KEY : 'opti-behavior-secret';
+        $salt = defined( 'NONCE_SALT' ) ? NONCE_SALT : get_option( 'siteurl' );
+
+        $message = wp_json_encode( $data ) . $timestamp . $installation_id . $salt;
+        return hash_hmac( 'sha256', $message, $secret );
     }
 
@@ -341 +521 @@
      * Check if user can record a new session
      *
-     * @return bool True if user can record, false if quota exceeded
+     * SECURITY: FAIL CLOSED - if we can't verify quota, deny recording
+     * This prevents bypass attempts when API is unreachable
+     *
+     * @return bool True if user can record, false if quota exceeded or cannot verify
      */
     public function can_record_session() {
         $quota = $this->get_quota();
 
+        // SECURITY: Fail closed - deny if we can't get quota info
         if ( ! $quota ) {
-            // If we can't get quota info, allow recording (fail open)
-            return true;
+            $this->debug_manager->log( 'Cannot verify quota - denying recording for security', 'warning', 'license' );
+            return false;
         }
 
@@ -356 +540 @@
         }
 
+        $this->debug_manager->log( 'Quota exceeded or invalid', 'info', 'license' );
         return false;
     }
@@ -388 +573 @@
         }
 
+        // SECURITY: Clear quota cache to force fresh fetch on next check
+        $this->clear_quota_cache( $installation_id );
+
         $this->debug_manager->log( 'Quota incremented successfully. Session: ' . $session_id, 'info', 'license' );
         return true;
     }
+
+    /**
+     * Clear quota cache
+     *
+     * @param string $installation_id Installation ID
+     */
+    private function clear_quota_cache( $installation_id ) {
+        $cache_option = 'opti_behavior_quota_cache_' . substr( md5( $installation_id ), 0, 16 );
+        delete_transient( $cache_option );
+        $this->debug_manager->log( 'Quota cache cleared', 'debug', 'license' );
+    }
 }
 

opti-behavior/trunk/includes/trait-opti-behavior-ajax-handlers.php

@@ -35 +35 @@
             $page    = isset($_POST['paged']) ? max(1, intval( wp_unslash( $_POST['paged'] ) )) : 1;
             $per_page = isset($_POST['per_page']) ? max(1, intval( wp_unslash( $_POST['per_page'] ) )) : 5;
-            $period  = isset($_POST['period']) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last7days';
+            $period  = isset($_POST['period']) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last30days';
             $start   = isset($_POST['start_date']) ? sanitize_text_field( wp_unslash( $_POST['start_date'] ) ) : '';
             $end     = isset($_POST['end_date']) ? sanitize_text_field( wp_unslash( $_POST['end_date'] ) ) : '';
@@ -93 +93 @@
             }
 
-            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last7days';
+            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last30days';
             $start = isset($_POST['start_date']) ? sanitize_text_field( wp_unslash( $_POST['start_date'] ) ) : null;
             $end   = isset($_POST['end_date']) ? sanitize_text_field( wp_unslash( $_POST['end_date'] ) ) : null;
@@ -210 +210 @@
 
             $type = isset( $_POST['type'] ) ? sanitize_text_field( wp_unslash( $_POST['type'] ) ) : 'overview';
-            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last7days';
+            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last30days';
 
             $data = $this->get_analytics_data( $type, $period );
@@ -679 +679 @@
 
             // Get and sanitize parameters
-            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last7days';
+            $period = isset( $_POST['period'] ) ? sanitize_text_field( wp_unslash( $_POST['period'] ) ) : 'last30days';
             $start_date = isset( $_POST['start_date'] ) ? sanitize_text_field( wp_unslash( $_POST['start_date'] ) ) : null;
             $end_date = isset( $_POST['end_date'] ) ? sanitize_text_field( wp_unslash( $_POST['end_date'] ) ) : null;

opti-behavior/trunk/includes/trait-opti-behavior-dashboard-views.php

@@ -31 +31 @@
          * @param string $period Period.
          */
-        private function render_dashboard_header( $date_range = null, $period = 'last7days' ) {
+        private function render_dashboard_header( $date_range = null, $period = 'last30days' ) {
             $start_val = $date_range && isset($date_range['start']) ? substr($date_range['start'],0,10) : '';
             $end_val = $date_range && isset($date_range['end']) ? substr($date_range['end'],0,10) : '';
@@ -81 +81 @@
                         <div class="stat-label"><?php esc_html_e( 'Visitors', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['visitors'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['visitors'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-visitors" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -90 +93 @@
                         <div class="stat-label"><?php esc_html_e( 'Sessions', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['sessions'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['sessions'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-sessions" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -99 +105 @@
                         <div class="stat-label"><?php esc_html_e( 'Page Views', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['pageviews'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['pageviews'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-pageviews" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -108 +117 @@
                         <div class="stat-label"><?php esc_html_e( 'Avg. Session Time', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['avg_session_time'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['avg_session_time'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-avg-session-time" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -117 +129 @@
                         <div class="stat-label"><?php esc_html_e( 'Avg. Scroll Depth', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['avg_scroll_depth'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['avg_scroll_depth'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-avg-scroll-depth" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -126 +141 @@
                         <div class="stat-label"><?php esc_html_e( 'Bounce Rate', 'opti-behavior' ); ?></div>
                         <div class="stat-change <?php echo esc_attr($cls($changes['bounce_rate'] ?? 0)); ?>"><?php echo esc_html($fmt($changes['bounce_rate'] ?? 0)); ?></div>
+                        <div class="stat-history">
+                            <canvas id="history-bounce-rate" width="280" height="50"></canvas>
+                        </div>
                     </div>
                 </div>
@@ -178 +196 @@
                                 <div class="visitor-item grid">
                                     <span class="visitor-datetime"><?php echo esc_html($visitor['visited_at'] ?? ''); ?><?php if(!empty($visitor['time_ago'])): ?> - <span class="ago"><?php echo esc_html($visitor['time_ago']); ?></span><?php endif; ?></span>
-                                    <span class="visitor-flag-country"><span class="visitor-flag"><?php echo esc_html($visitor['flag']); ?></span> <span class="visitor-location"><?php echo esc_html($visitor['country']); ?></span></span>
+                                    <span class="visitor-flag-country"><span class="visitor-flag"><?php echo $visitor['flag']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- Flag emoji is safe, generated from validated ISO country code ?></span> <span class="visitor-location"><?php echo esc_html($visitor['country']); ?></span></span>
                                     <span class="visitor-pageblock"><span class="visitor-title"><?php echo esc_html($visitor['page_title'] ?? ''); ?></span><a class="visitor-url" href="<?php echo esc_url($visitor['current_url'] ?? ''); ?>" target="_blank" rel="noopener"><?php echo esc_html($visitor['current_url'] ?? ''); ?></a></span>
                                     <span class="visitor-ip-col"><span class="visitor-ip-pill"><?php $ip_raw = isset($visitor['ip']) ? (string)$visitor['ip'] : ''; $ip_raw = trim($ip_raw); if ($ip_raw === '') { echo '-'; } else if (strpos($ip_raw, ':') !== false) { $start = substr($ip_raw, 0, 7); $end = substr($ip_raw, -7); echo esc_html($start . '…' . $end); } else { echo esc_html($ip_raw); } ?></span></span>
@@ -592 +610 @@
             }
 
+            // Get user-defined intent rules from settings
+            $intent_rules = get_option( 'opti_behavior_intent_rules', array(
+                'low_intent' => array(
+                    'time_spent' => 10,
+                    'clicks' => 1,
+                    'scroll_depth' => 25,
+                ),
+                'medium_intent' => array(
+                    'time_spent' => 30,
+                    'clicks' => 3,
+                    'scroll_depth' => 50,
+                ),
+                'high_intent' => array(
+                    'time_spent' => 60,
+                    'clicks' => 5,
+                    'scroll_depth' => 75,
+                ),
+            ) );
+
+            $low_rules = $intent_rules['low_intent'];
+            $medium_rules = $intent_rules['medium_intent'];
+            $high_rules = $intent_rules['high_intent'];
+
             // Calculate previous period
             $duration = max(1, strtotime($end_date) - strtotime($start_date) + 1);
@@ -597 +638 @@
             $prev_start = gmdate('Y-m-d H:i:s', strtotime($start_date) - $duration);
 
-            // Get current period session data
+            // Get current period session data with scroll depth
             $sql = $wpdb->prepare(
                 "SELECT
@@ -604 +645 @@
                     COUNT(e.id) as interaction_count,
                     COUNT(CASE WHEN e.event IN (16, 17) THEN 1 END) as click_count,
-                    COUNT(CASE WHEN e.event IN (32, 33) THEN 1 END) as scroll_count
+                    MAX(pv.scroll_depth) as max_scroll_depth
                 FROM {$wpdb->prefix}optibehavior_sessions s
                 LEFT JOIN {$wpdb->prefix}optibehavior_events e ON s.id = e.session_id
+                LEFT JOIN {$wpdb->prefix}optibehavior_pageviews pv ON s.id = pv.session_id
                 WHERE s.start_time >= %s AND s.start_time <= %s
                 GROUP BY s.id",
@@ -623 +665 @@
                     COUNT(e.id) as interaction_count,
                     COUNT(CASE WHEN e.event IN (16, 17) THEN 1 END) as click_count,
-                    COUNT(CASE WHEN e.event IN (32, 33) THEN 1 END) as scroll_count
+                    MAX(pv.scroll_depth) as max_scroll_depth
                 FROM {$wpdb->prefix}optibehavior_sessions s
                 LEFT JOIN {$wpdb->prefix}optibehavior_events e ON s.id = e.session_id
+                LEFT JOIN {$wpdb->prefix}optibehavior_pageviews pv ON s.id = pv.session_id
                 WHERE s.start_time >= %s AND s.start_time <= %s
                 GROUP BY s.id",
@@ -635 +678 @@
             $prev_sessions = $wpdb->get_results($prev_sql);
 
-            // Current period classification
+            // Current period classification using user-defined rules
             $low_intent = 0;
             $medium_intent = 0;
@@ -643 +686 @@
             foreach ($sessions as $session) {
                 $duration = (int) $session->duration;
-                $interactions = (int) $session->interaction_count;
                 $clicks = (int) $session->click_count;
-                $scrolls = (int) $session->scroll_count;
-
-                // Classify based on Microsoft Clarity criteria
-                if ($duration < 5 || ($duration >= 5 && $interactions == 0)) {
-                    $low_intent++;
-                } elseif ($duration >= 5 && ($clicks > 0 || $scrolls > 0) && $interactions < 5) {
-                    $medium_intent++;
-                } else {
+                $scroll_depth = (int) ($session->max_scroll_depth ?? 0);
+
+                // Classify based on user-defined rules using scoring system
+                // Count how many high intent criteria are met (need at least 2 out of 3)
+                $high_score = 0;
+                if ($duration >= $high_rules['time_spent']) $high_score++;
+                if ($clicks >= $high_rules['clicks']) $high_score++;
+                if ($scroll_depth >= $high_rules['scroll_depth']) $high_score++;
+
+                // High intent: At least 2 out of 3 criteria meet high thresholds
+                if ($high_score >= 2) {
                     $high_intent++;
+                }
+                else {
+                    // Count how many medium intent criteria are met (need at least 2 out of 3)
+                    $medium_score = 0;
+                    if ($duration >= $medium_rules['time_spent']) $medium_score++;
+                    if ($clicks >= $medium_rules['clicks']) $medium_score++;
+                    if ($scroll_depth >= $medium_rules['scroll_depth']) $medium_score++;
+
+                    // Medium intent: At least 2 out of 3 criteria meet medium thresholds
+                    if ($medium_score >= 2) {
+                        $medium_intent++;
+                    }
+                    // Low intent: Does not meet at least 2 medium thresholds
+                    else {
+                        $low_intent++;
+                    }
                 }
             }
@@ -664 +725 @@
             foreach ($prev_sessions as $session) {
                 $duration = (int) $session->duration;
-                $interactions = (int) $session->interaction_count;
                 $clicks = (int) $session->click_count;
-                $scrolls = (int) $session->scroll_count;
-
-                if ($duration < 5 || ($duration >= 5 && $interactions == 0)) {
-                    $prev_low_intent++;
-                } elseif ($duration >= 5 && ($clicks > 0 || $scrolls > 0) && $interactions < 5) {
-                    $prev_medium_intent++;
-                } else {
+                $scroll_depth = (int) ($session->max_scroll_depth ?? 0);
+
+                // Use same classification logic for previous period
+                // Count how many high intent criteria are met (need at least 2 out of 3)
+                $high_score = 0;
+                if ($duration >= $high_rules['time_spent']) $high_score++;
+                if ($clicks >= $high_rules['clicks']) $high_score++;
+                if ($scroll_depth >= $high_rules['scroll_depth']) $high_score++;
+
+                // High intent: At least 2 out of 3 criteria meet high thresholds
+                if ($high_score >= 2) {
                     $prev_high_intent++;
+                }
+                else {
+                    // Count how many medium intent criteria are met (need at least 2 out of 3)
+                    $medium_score = 0;
+                    if ($duration >= $medium_rules['time_spent']) $medium_score++;
+                    if ($clicks >= $medium_rules['clicks']) $medium_score++;
+                    if ($scroll_depth >= $medium_rules['scroll_depth']) $medium_score++;
+
+                    // Medium intent: At least 2 out of 3 criteria meet medium thresholds
+                    if ($medium_score >= 2) {
+                        $prev_medium_intent++;
+                    }
+                    // Low intent: Does not meet at least 2 medium thresholds
+                    else {
+                        $prev_low_intent++;
+                    }
                 }
             }

opti-behavior/trunk/includes/trait-opti-behavior-data-helpers.php

@@ -220 +220 @@
             $new_registered_users = method_exists( $this, 'get_new_registered_users_data_impl' ) ? $this->get_new_registered_users_data_impl( $start_date, $end_date ) : array();
 
+            // Get daily history data for stats cards
+            $daily_history = $this->get_daily_stats_history( $start_date, $end_date );
+
             return array(
                 'stats'      => $stats,
@@ -225 +228 @@
                 'date_range' => $date_range,
                 'changes'    => $changes,
+                'daily_history' => $daily_history,
                 // Empty arrays/structures for widgets - will be loaded async
                 'charts'                 => array(
@@ -1560 +1564 @@
         return $result;
     }
+
+    /**
+     * Get daily breakdown stats for history bar charts
+     *
+     * @param string $start_date Start date (Y-m-d H:i:s).
+     * @param string $end_date End date (Y-m-d H:i:s).
+     * @return array Daily stats breakdown for all metrics.
+     */
+    private function get_daily_stats_history( $start_date, $end_date ) {
+        global $wpdb;
+
+        // Initialize result arrays
+        $daily_data = array(
+            'visitors'         => array(),
+            'sessions'         => array(),
+            'pageviews'        => array(),
+            'avg_session_time' => array(),
+            'avg_scroll_depth' => array(),
+            'bounce_rate'      => array(),
+            'dates'            => array(),
+        );
+
+        // Get all dates in the range
+        $start_dt = new DateTime( $start_date );
+        $end_dt   = new DateTime( $end_date );
+        $interval = DateInterval::createFromDateString( '1 day' );
+        $period   = new DatePeriod( $start_dt, $interval, $end_dt->modify( '+1 day' ) );
+
+        // Initialize all dates with zero values
+        foreach ( $period as $dt ) {
+            $date_key = $dt->format( 'Y-m-d' );
+            $daily_data['dates'][]            = $date_key;
+            $daily_data['visitors'][ $date_key ]         = 0;
+            $daily_data['sessions'][ $date_key ]         = 0;
+            $daily_data['pageviews'][ $date_key ]        = 0;
+            $daily_data['avg_session_time'][ $date_key ] = 0;
+            $daily_data['avg_scroll_depth'][ $date_key ] = 0;
+            $daily_data['bounce_rate'][ $date_key ]      = 0;
+        }
+
+        // Get daily visitors count
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $visitors_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(s.start_time) as date,
+                    COUNT(DISTINCT s.visitor_id) as count
+                FROM {$wpdb->prefix}optibehavior_sessions s
+                WHERE s.start_time BETWEEN %s AND %s
+                GROUP BY DATE(s.start_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $visitors_data as $row ) {
+            $daily_data['visitors'][ $row['date'] ] = intval( $row['count'] );
+        }
+
+        // Get daily sessions count
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $sessions_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(start_time) as date,
+                    COUNT(*) as count
+                FROM {$wpdb->prefix}optibehavior_sessions
+                WHERE start_time BETWEEN %s AND %s
+                GROUP BY DATE(start_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $sessions_data as $row ) {
+            $daily_data['sessions'][ $row['date'] ] = intval( $row['count'] );
+        }
+
+        // Get daily pageviews count
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $pageviews_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(view_time) as date,
+                    COUNT(*) as count
+                FROM {$wpdb->prefix}optibehavior_pageviews
+                WHERE view_time BETWEEN %s AND %s
+                GROUP BY DATE(view_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $pageviews_data as $row ) {
+            $daily_data['pageviews'][ $row['date'] ] = intval( $row['count'] );
+        }
+
+        // Get daily average session time
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $session_time_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(start_time) as date,
+                    AVG(duration) as avg_time
+                FROM {$wpdb->prefix}optibehavior_sessions
+                WHERE start_time BETWEEN %s AND %s
+                GROUP BY DATE(start_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $session_time_data as $row ) {
+            $daily_data['avg_session_time'][ $row['date'] ] = round( floatval( $row['avg_time'] ) );
+        }
+
+        // Get daily average scroll depth
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $scroll_depth_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(pv.view_time) as date,
+                    AVG(pv.scroll_depth) as avg_depth
+                FROM {$wpdb->prefix}optibehavior_pageviews pv
+                WHERE pv.view_time BETWEEN %s AND %s
+                AND pv.scroll_depth > 0
+                GROUP BY DATE(pv.view_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $scroll_depth_data as $row ) {
+            $daily_data['avg_scroll_depth'][ $row['date'] ] = round( floatval( $row['avg_depth'] ), 1 );
+        }
+
+        // Get daily bounce rate
+        // phpcs:ignore WordPress.DB.DirectDatabaseQuery
+        $bounce_rate_data = $wpdb->get_results(
+            $wpdb->prepare(
+                "SELECT
+                    DATE(start_time) as date,
+                    SUM(CASE WHEN is_bounce = 1 THEN 1 ELSE 0 END) as bounces,
+                    COUNT(*) as total
+                FROM {$wpdb->prefix}optibehavior_sessions
+                WHERE start_time BETWEEN %s AND %s
+                GROUP BY DATE(start_time)
+                ORDER BY date ASC",
+                $start_date,
+                $end_date
+            ),
+            ARRAY_A
+        );
+
+        foreach ( $bounce_rate_data as $row ) {
+            $total   = intval( $row['total'] );
+            $bounces = intval( $row['bounces'] );
+            $daily_data['bounce_rate'][ $row['date'] ] = $total > 0 ? round( ( $bounces / $total ) * 100, 1 ) : 0;
+        }
+
+        // Convert associative arrays to indexed arrays for easier JS consumption
+        $result = array(
+            'dates'            => $daily_data['dates'],
+            'visitors'         => array_values( $daily_data['visitors'] ),
+            'sessions'         => array_values( $daily_data['sessions'] ),
+            'pageviews'        => array_values( $daily_data['pageviews'] ),
+            'avg_session_time' => array_values( $daily_data['avg_session_time'] ),
+            'avg_scroll_depth' => array_values( $daily_data['avg_scroll_depth'] ),
+            'bounce_rate'      => array_values( $daily_data['bounce_rate'] ),
+        );
+
+        return $result;
+    }
     }
 }

opti-behavior/trunk/includes/trait-opti-behavior-sessions-views.php

@@ -176 +176 @@
                                     </div>
                                     <div class="visitor-flag">
-                                        <span class="flag-icon"><?php echo esc_html( $session['flag'] ); ?></span>
+                                        <span class="flag-icon"><?php echo $session['flag']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></span>
                                     </div>
                                 </div>

opti-behavior/trunk/includes/trait-opti-behavior-settings-views.php

@@ -1706 +1706 @@
                 'low_intent' => array(
                     'time_spent' => isset( $intent_data['low_intent']['time_spent'] ) ? absint( $intent_data['low_intent']['time_spent'] ) : 10,
-                    'clicks' => isset( $intent_data['low_intent']['clicks'] ) ? absint( $intent_data['low_intent']['clicks'] ) : 1,
-                    'scroll_depth' => isset( $intent_data['low_intent']['scroll_depth'] ) ? absint( $intent_data['low_intent']['scroll_depth'] ) : 25,
+                    'clicks' => isset( $intent_data['low_intent']['clicks'] ) ? absint( $intent_data['low_intent']['clicks'] ) : 0,
+                    'scroll_depth' => isset( $intent_data['low_intent']['scroll_depth'] ) ? absint( $intent_data['low_intent']['scroll_depth'] ) : 0,
                 ),
                 'medium_intent' => array(
                     'time_spent' => isset( $intent_data['medium_intent']['time_spent'] ) ? absint( $intent_data['medium_intent']['time_spent'] ) : 30,
-                    'clicks' => isset( $intent_data['medium_intent']['clicks'] ) ? absint( $intent_data['medium_intent']['clicks'] ) : 3,
-                    'scroll_depth' => isset( $intent_data['medium_intent']['scroll_depth'] ) ? absint( $intent_data['medium_intent']['scroll_depth'] ) : 50,
+                    'clicks' => isset( $intent_data['medium_intent']['clicks'] ) ? absint( $intent_data['medium_intent']['clicks'] ) : 1,
+                    'scroll_depth' => isset( $intent_data['medium_intent']['scroll_depth'] ) ? absint( $intent_data['medium_intent']['scroll_depth'] ) : 15,
                 ),
                 'high_intent' => array(
-                    'time_spent' => isset( $intent_data['high_intent']['time_spent'] ) ? absint( $intent_data['high_intent']['time_spent'] ) : 60,
-                    'clicks' => isset( $intent_data['high_intent']['clicks'] ) ? absint( $intent_data['high_intent']['clicks'] ) : 5,
-                    'scroll_depth' => isset( $intent_data['high_intent']['scroll_depth'] ) ? absint( $intent_data['high_intent']['scroll_depth'] ) : 75,
+                    'time_spent' => isset( $intent_data['high_intent']['time_spent'] ) ? absint( $intent_data['high_intent']['time_spent'] ) : 45,
+                    'clicks' => isset( $intent_data['high_intent']['clicks'] ) ? absint( $intent_data['high_intent']['clicks'] ) : 2,
+                    'scroll_depth' => isset( $intent_data['high_intent']['scroll_depth'] ) ? absint( $intent_data['high_intent']['scroll_depth'] ) : 50,
                 ),
             );
@@ -1898 +1898 @@
                 'low_intent' => array(
                     'time_spent' => 10,
-                    'clicks' => 1,
-                    'scroll_depth' => 25,
+                    'clicks' => 0,
+                    'scroll_depth' => 0,
                 ),
                 'medium_intent' => array(
                     'time_spent' => 30,
-                    'clicks' => 3,
-                    'scroll_depth' => 50,
+                    'clicks' => 1,
+                    'scroll_depth' => 15,
                 ),
                 'high_intent' => array(
-                    'time_spent' => 60,
-                    'clicks' => 5,
-                    'scroll_depth' => 75,
+                    'time_spent' => 45,
+                    'clicks' => 2,
+                    'scroll_depth' => 50,
                 ),
             ) );
@@ -1920 +1920 @@
                 <?php wp_nonce_field( 'opti_behavior_intent_rules_submit', 'opti_behavior_intent_nonce' ); ?>
 
-                <p class="category-description"><?php esc_html_e( 'Define rules for classifying user intent levels based on engagement metrics.', 'opti-behavior' ); ?></p>
+                <p class="category-description"><?php esc_html_e( 'Define rules for classifying user intent levels based on engagement metrics. A visitor is classified as high/medium intent if they meet at least 2 out of 3 criteria below.', 'opti-behavior' ); ?></p>
 
                 <!-- Low Intent Rules -->
@@ -1935 +1935 @@
                                        value="<?php echo esc_attr( isset( $low_intent['time_spent'] ) ? $low_intent['time_spent'] : 10 ); ?>"
                                        min="0" max="3600" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Maximum time spent on page for low intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for time spent consideration. Values below this are counted toward low intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -1942 +1942 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[low_intent][clicks]"
-                                       value="<?php echo esc_attr( isset( $low_intent['clicks'] ) ? $low_intent['clicks'] : 1 ); ?>"
+                                       value="<?php echo esc_attr( isset( $low_intent['clicks'] ) ? $low_intent['clicks'] : 0 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Maximum number of clicks for low intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for clicks consideration. Values below this are counted toward low intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -1951 +1951 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[low_intent][scroll_depth]"
-                                       value="<?php echo esc_attr( isset( $low_intent['scroll_depth'] ) ? $low_intent['scroll_depth'] : 25 ); ?>"
+                                       value="<?php echo esc_attr( isset( $low_intent['scroll_depth'] ) ? $low_intent['scroll_depth'] : 0 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Maximum scroll depth percentage for low intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for scroll depth consideration. Values below this are counted toward low intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -1972 +1972 @@
                                        value="<?php echo esc_attr( isset( $medium_intent['time_spent'] ) ? $medium_intent['time_spent'] : 30 ); ?>"
                                        min="0" max="3600" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum time spent on page for medium intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for time spent. Meeting 2 out of 3 medium thresholds = medium intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -1979 +1979 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[medium_intent][clicks]"
-                                       value="<?php echo esc_attr( isset( $medium_intent['clicks'] ) ? $medium_intent['clicks'] : 3 ); ?>"
+                                       value="<?php echo esc_attr( isset( $medium_intent['clicks'] ) ? $medium_intent['clicks'] : 1 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum number of clicks for medium intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for clicks. Meeting 2 out of 3 medium thresholds = medium intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -1988 +1988 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[medium_intent][scroll_depth]"
-                                       value="<?php echo esc_attr( isset( $medium_intent['scroll_depth'] ) ? $medium_intent['scroll_depth'] : 50 ); ?>"
+                                       value="<?php echo esc_attr( isset( $medium_intent['scroll_depth'] ) ? $medium_intent['scroll_depth'] : 15 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum scroll depth percentage for medium intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for scroll depth. Meeting 2 out of 3 medium thresholds = medium intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -2007 +2007 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[high_intent][time_spent]"
-                                       value="<?php echo esc_attr( isset( $high_intent['time_spent'] ) ? $high_intent['time_spent'] : 60 ); ?>"
+                                       value="<?php echo esc_attr( isset( $high_intent['time_spent'] ) ? $high_intent['time_spent'] : 45 ); ?>"
                                        min="0" max="3600" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum time spent on page for high intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for time spent. Meeting 2 out of 3 high thresholds = high intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -2016 +2016 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[high_intent][clicks]"
-                                       value="<?php echo esc_attr( isset( $high_intent['clicks'] ) ? $high_intent['clicks'] : 5 ); ?>"
+                                       value="<?php echo esc_attr( isset( $high_intent['clicks'] ) ? $high_intent['clicks'] : 2 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum number of clicks for high intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for clicks. Meeting 2 out of 3 high thresholds = high intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>
@@ -2025 +2025 @@
                             <td>
                                 <input type="number" name="opti_behavior_intent[high_intent][scroll_depth]"
-                                       value="<?php echo esc_attr( isset( $high_intent['scroll_depth'] ) ? $high_intent['scroll_depth'] : 75 ); ?>"
+                                       value="<?php echo esc_attr( isset( $high_intent['scroll_depth'] ) ? $high_intent['scroll_depth'] : 50 ); ?>"
                                        min="0" max="100" step="1" class="small-text" />
-                                <p class="description"><?php esc_html_e( 'Minimum scroll depth percentage for high intent classification.', 'opti-behavior' ); ?></p>
+                                <p class="description"><?php esc_html_e( 'Threshold for scroll depth. Meeting 2 out of 3 high thresholds = high intent.', 'opti-behavior' ); ?></p>
                             </td>
                         </tr>

opti-behavior/trunk/readme.txt

@@ -1 @@
-=== Opti-Behavior ===
+=== Opti-Behavior - Behavior Analytics That Grows Your Business ===
 Contributors: optiuser
 Donate link: https://optiuser.com/
@@ -5 +5 @@
 
 Requires at least: 5.8
-Tested up to: 6.8
+Tested up to: 6.9
 Requires PHP: 7.4
-Stable tag: 1.0.7
+Stable tag: 1.0.8
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -243 +243 @@
 
 == Changelog ==
+
+= 1.0.8 - 2025-12-08 =
+* Feature: User Intent Rules - Advanced system for analyzing and categorizing user behavior patterns
+* Enhancement: Analytics Dashboard time filter now defaults to 30 Days for better data overview
+* Fix: Improved favicon handling for referrer websites with proper fallback support
 
 = 1.0.7 - 2025-12-02 =
@@ -326 +331 @@
 == Upgrade Notice ==
 
+= 1.0.8 =
+New User Intent Rules feature for behavior analysis, Analytics Dashboard now defaults to 30-day view, and improved favicon handling for referrer websites.
+
 = 1.0.7 =
 Important update with French translations, visitor tracking improvements, and username display in Top Engaged Users. Enhanced coding standards compliance and debug logging controls.

opti-behavior/trunk/views/dashboard-views.php

@@ -66 +66 @@
      * @param string      $period     Selected period.
      */
-    function opti_behavior_views_render_dashboard_header( $self, $date_range = null, $period = 'last7days' ) {
+    function opti_behavior_views_render_dashboard_header( $self, $date_range = null, $period = 'last30days' ) {
         $start_val = $date_range && isset( $date_range['start'] ) ? substr( $date_range['start'], 0, 10 ) : '';
         $end_val   = $date_range && isset( $date_range['end'] ) ? substr( $date_range['end'], 0, 10 ) : '';
@@ -128 +128 @@
                     <div class="stat-label"><?php echo esc_html__( 'Visitors', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['visitors'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['visitors'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-visitors" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -136 +139 @@
                     <div class="stat-label"><?php echo esc_html__( 'Sessions', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['sessions'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['sessions'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-sessions" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -144 +150 @@
                     <div class="stat-label"><?php echo esc_html__( 'Page Views', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['pageviews'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['pageviews'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-pageviews" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -157 +166 @@
                     <div class="stat-label"><?php echo esc_html__( 'Avg. Session Time', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['avg_session_time'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['avg_session_time'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-avg-session-time" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -165 +177 @@
                     <div class="stat-label"><?php echo esc_html__( 'Avg. Scroll Depth', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['avg_scroll_depth'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['avg_scroll_depth'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-avg-scroll-depth" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -173 +188 @@
                     <div class="stat-label"><?php echo esc_html__( 'Bounce Rate', 'opti-behavior' ); ?></div>
                     <div class="stat-change <?php echo esc_attr( $cls( $changes['bounce_rate'] ?? 0 ) ); ?>"><?php echo esc_html( $fmt( $changes['bounce_rate'] ?? 0 ) ); ?></div>
+                    <div class="stat-history">
+                        <canvas id="history-bounce-rate" width="280" height="50"></canvas>
+                    </div>
                 </div>
             </div>
@@ -309 +327 @@
                             <div class="visitor-item grid">
                                 <span class="visitor-datetime"><?php echo esc_html( $visitor['visited_at'] ?? '' ); ?><?php if ( ! empty( $visitor['time_ago'] ) ) : ?> - <span class="ago"><?php echo esc_html( $visitor['time_ago'] ); ?></span><?php endif; ?></span>
-                                <span class="visitor-flag-country"><span class="visitor-flag"><?php echo esc_html( $visitor['flag'] ); ?></span> <span class="visitor-location"><?php echo esc_html( $visitor['country'] ); ?></span></span>
+                                <span class="visitor-flag-country"><span class="visitor-flag"><?php echo $visitor['flag']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></span> <span class="visitor-location"><?php echo esc_html( $visitor['country'] ); ?></span></span>
                                 <span class="visitor-pageblock"><span class="visitor-title"><?php echo esc_html( $visitor['page_title'] ?? '' ); ?></span><a class="visitor-url" href="<?php echo esc_url( $visitor['current_url'] ?? '' ); ?>" target="_blank" rel="noopener"><?php echo esc_html( $visitor['current_url'] ?? '' ); ?></a></span>
                                 <span class="visitor-ip-col"><span class="visitor-ip-pill">

opti-behavior/trunk/views/sessions-views.php

@@ -108 +108 @@
                             <td><code><?php echo esc_html( $r['visitor_short'] ?? $r['visitor_id'] ); ?></code></td>
                             <td><?php echo esc_html( $r['device'] ?? '' ); ?></td>
-                            <td><?php echo esc_html( ( $r['country_flag'] ?? '' ) . ' ' . ( $r['country'] ?? '' ) ); ?></td>
+                            <td><?php echo esc_html( $r['country_flag'] ?? '' ) . ' ' . esc_html( $r['country'] ?? '' ); ?></td>
                             <td class="column-numeric"><?php echo esc_html( $r['duration_human'] ?? '' ); ?></td>
                             <td class="column-numeric"><?php echo (int) ( $r['pages'] ?? 0 ); ?></td>