LW Simple Forms

Description

LW Simple Forms is a versatile WordPress form plugin that allows you to create customizable forms. It supports the Japanese-style workflow of a complete form submission process:

1. Input screen – Users enter their information
2. Confirmation screen – Users review their input before submitting
3. Completion screen – Thank you message after successful submission

The plugin also supports a simpler one-step submission process when confirmation is not needed.

A sample form with all supported field types is automatically created on first activation, so you can get started right away.

Important: Cache Plugin Compatibility
If you are using a caching plugin (e.g., WP Super Cache, W3 Total Cache, WP Total Cache, LiteSpeed Cache) or a CDN (e.g., Cloudflare), form submissions may not work correctly because cached pages do not process POST data. Please exclude the form page URLs (input, confirmation, completion, error) from caching.

CSS Styling
This plugin does not include any frontend CSS for form display. You are expected to style the forms using your own theme’s stylesheet. HTML/CSS samples are available for reference on the plugin’s website.

Development Concept

• HTML-First Approach: This plugin is designed to faithfully reproduce your designed HTML forms, confirmation screens, and error screens without forcing you to adapt to plugin limitations. The forms conform to your design, not the other way around.

• Built for Web Professionals: LW Simple Forms does not provide CSS or HTML templates for the frontend. It’s specifically created for web designers and developers who already have designed their form screens and need a way to implement the functionality. (HTML/CSS samples are available for reference.)

• Minimalist Philosophy: This plugin intentionally maintains a minimalist approach, focusing on core functionality rather than excessive features. We prioritize site speed and minimal data usage to keep your websites running efficiently.

Key Features

• Complete Form Workflow: Create forms with input screen, error screen, confirmation screen, and completion screen
• Flexible Design: Customize each screen with your own HTML
• Form Validation: Server-side and client-side validation for each input field (required fields, email format, phone number validation)
• Email Notifications: Send confirmation emails to both administrators and users
• Security Features: CSRF protection, data sanitization, input validation, and secure data handling
• Multiple Field Types: Support for text fields, text areas, checkboxes, radio buttons, select menus, and multi-select menus
• Shortcode Support: Easy integration into WordPress pages via shortcodes
• Custom HTML: Design your forms with complete HTML freedom
• Multi-Form Support: Create and manage multiple forms on a single site
• Database Storage: Form data is temporarily stored in the database rather than in sessions or cookies, allowing for unlimited submission data
• JavaScript/No-JavaScript Support: Forms work properly even in environments where JavaScript is disabled (e.g., screen readers)
• Field Validation: Extensive validation system with customizable error messages
• reCAPTCHA v3 Support: Optional Google reCAPTCHA v3 integration for spam protection
• Duplicate Submission Prevention: PRG (Post-Redirect-Get) pattern prevents duplicate form submissions on page reload
• Security Measures: Protection against common vulnerabilities including CSRF attacks and header injection

Usage Guide

1. Design and create the HTML for input screen, confirmation screen, and completion screen
2. Register each screen as a WordPress page
3. Create a new form from “Forms” in the WordPress admin panel
4. Configure each section. You can configure the following:
   • HTML for each screen (input, confirmation, completion)
   • URL for each screen
   • Administrator email settings
   • User email settings
   • Validation settings (required fields, email format, phone number validation)
5. Use the “Parse HTML” button to automatically extract form fields from your input screen HTML
6. Add the appropriate shortcodes to your pages
7. Test the form operation before going live

Note: This plugin is designed to give you maximum freedom in writing form HTML, so you need to write the HTML for your form pages yourself. The plugin does not provide CSS or images for form display. HTML samples are available for reference.

Supported Input Fields

• <input type="text">
• <input type="tel">
• <input type="email">
• <input type="radio">
• <input type="checkbox">
• <textarea>
• <select>
• <select multiple>

Form Screen Placeholders

Input Screen:
* Use [lwsf_value_fieldname] to display previously entered values
* Use [lwsf_error_fieldname] to display validation error messages
* Use [lwsf_send] for the submit button

Confirmation Screen:
* Use [lwsf_confirm_fieldname] to display submitted values
* Use [lwsf_back] for the back button
* Use [lwsf_send] for the submit button

Completion Screen:
* Use [lwsf_field_fieldname] to display submitted values

Email Settings

Available placeholders for email templates:
* [lwsf_field_fieldname] – Display submitted form data
* [lwsf_site_admin_email] – Display site admin email
* [lwsf_site_name] – Display site name
* [lwsf_site_home_url] – Display site URL

Additional Information

• For items that allow multiple selections (<input type="checkbox">, <select multiple>), you need to add [] to the name attribute.
  Example:

  • For checkboxes: <input type="checkbox" name="services[]" value="ServiceA"> Service A <input type="checkbox" name="services[]" value="ServiceB"> Service B
  • For select multiple:
    <select id="products" name="products[]" multiple size="4">
<option value="ProductA">Product A</option>
<option value="ProductB">Product B</option>
</select>

• Works in environments where JavaScript is disabled, such as screen readers

• The outputted source code uses entity references for security measures and stable operation
• Includes Japanese language files (UTF-8 only)
• Avoids using reserved WordPress query variable names for form fields to prevent conflicts
• PHP Compatibility: Requires PHP 7.4 or higher. Tested on PHP 7.4 and PHP 8.3.

Data Storage and Security

• Form submissions are temporarily stored in the WordPress database (prefix_lwsf_form_data table)
• Data is automatically cleaned up after 1 hour
• All user inputs are sanitized before processing
• CSRF protection is implemented on all form submissions
• Email headers are validated to prevent header injection

Why This Plugin Was Created

This plugin was created because MW WP Form, which had been used for client work for many years, ended development. There was a need for a form plugin with confirmation screens that operated cleanly. The plugin was created primarily for web development work, and we thought many web development companies might have similar needs.

Future Implementation Plans

• The ability to change validation error messages
• PHP-based validation hooks that operate before and after form submission
• Additional validation types (URL, numeric values, custom regex patterns)
• Hooks to trigger at important timings such as just before and just after email sending
• File upload handling

Privacy Policy

This plugin stores form submission data in the WordPress database (prefix_lwsf_form_data table) for the purpose of displaying confirmation and completion screens. Data is automatically deleted after 1 hour.

When enabled, user email addresses may be used to send confirmation emails to form submitters.

When reCAPTCHA v3 is enabled, form submission data (reCAPTCHA token and user’s IP address) is sent to Google’s reCAPTCHA verification API (https://www.google.com/recaptcha/api/siteverify) for spam detection. Please refer to Google’s Privacy Policy and Terms of Service for details on how Google handles this data. No other data is shared with external services.