Skip to main content

Flavor Core Plugin - Changelog

[2.0.0] - 2026-04-22 — Full-Codebase ionCube Encryption

MAJOR release — Flavor Core's half of the security architecture shift. Pre-release 5 of 8 PHP files were encoded; now 7 of 8 PHP files are encoded (everything except flavor-core.php entry). The two files shipped in v1.2.0 (class-logger.php + class-logs-page.php for the T6.7 Debug Logs system) are now ionCube-encoded. Small surface but architecturally aligned with theme + plugin.

Breaking

  • Full-codebase ionCube encryption. All internal class files now encoded. Blacklist config schema + 3-stack encoding defence shared with theme + plugin. Integrity manifest extended (ioncube + plain_entry tracks). ZIP size unchanged (~163 KB).

[1.2.0] - 2026-04-22 — Debug Logs System (File-Based + Admin Viewer)

Ships a centralized, file-based structured logger for the entire Flavor ecosystem (theme + plugin + core). Introduces FLAVOR_DEBUG as the umbrella debug switch, structured JSON Lines output, admin viewer with filter and prune actions, daily rotation (30-day retention), and automatic filesystem protection. Theme and plugin log helpers auto-upgrade to this logger when Core is active, keeping their legacy fallback intact.

Added

  • Debug Logs system (file-based, structured, per-day rotation + admin viewer). Centralized file logger writes JSON Lines to wp-content/flavor-logs/flavor-YYYY-MM-DD.log. Master switch: define('FLAVOR_DEBUG', true); in wp-config.php enables all levels; errors/critical always log regardless (production ops visibility). Replaces scattered error_log() calls — flavor_log() (theme) and wpec_log() (plugin) helpers auto-upgrade to the file logger when Core is active, keeping legacy WP_DEBUG_LOG path intact. Directory auto-created with .htaccess deny-all + empty index.php on first use. Admin viewer at Flavor → Debug Logs with filter by level/source/search + actions (prune >30 days / delete file / clear all). Daily WP cron auto-removes files older than 30 days. Size guard: skips writes if today's file exceeds 10 MB. Path-traversal safe. New global helper flavor_core_log($level, $msg, $ctx, $source) callable from anywhere.

[1.1.1] - 2026-04-21 — Post-Update Cache Invalidation (Three-Layer Fix) & Debug Log Gating

Ships the critical post-update cache-invalidation fix that pairs with Theme v4.5.1 + Plugin v8.3.1, plus hardens the debug log viewer to be dev-only.

Updated

  • Debug log viewer gated behind FLAVOR_CORE_DEBUG constant. Previously always-on, now a dev-only tool — enable with define('FLAVOR_CORE_DEBUG', true); in wp-config.php. Zero DB writes in production for log entries when off.

Fixed

  • Frontend broke after Core-driven product update — three-layer fix. Root cause was missing flush_rewrite_rules() after Core-managed updates (manual WP activation triggers it, but Core's update path bypasses activation hooks). When combined with OpCache staleness and cache-table staleness, caused single product pages and storefront routes to break post-update until user manually saved Permalinks. Fix: new invalidate_caches_after_update() helper clears all three layers (OpCache, custom cache tables, WP rewrite cache) at the end of every successful product update.

[1.1.0] - 2026-04-20 — Update Manager, Per-Component Versioning & Dashboard Suppression

Session focus: Complete rewrite of the update system (pre-update ZIP backup, chicken-and-egg fix, per-component versioning), full Core-managed update flow for both Theme + Plugin (WP Dashboard suppression, one-click update, cron), and a wave of bug fixes to the update pipeline discovered during live testing.

Added

  • Update Manager — Core-only update management for both products. NO WP Dashboard integration — updates are managed exclusively from Flavor → Dashboard. Version checking with Hub API (12h cache). Product update from dashboard with progress overlay (manual download+unzip for plugin, Theme_Upgrader for theme). Component update buttons delegate to product AJAX. "Check for Updates" force-refresh. Cron checks product + component updates. FLAVOR_CORE_MANAGES_UPDATES constant — theme/plugin skip their own update hooks when Core is active.

Updated

  • Complete update system rewrite — Pre-update ZIP backup to wp-content/flavor-backup/ (full directory → compressed ZIP). Backup gate: if backup fails → update ABORTS. Clean sequential flow: Backup → Delete → Extract → Components. All backup logic moved into update-manager.php (Flavor Core). Zero dependency on theme/plugin code during update (eliminates chicken-and-egg). 3-step progress overlay: Backing Up → Updating → Downloading Components.
  • ionCube encoder upgraded to encoder84 — Auto-selects highest available: encoder84 → 83 → 82 fallback. Loader 15.5+ on PHP 8.5 supports files from encoder 8.2/8.3/8.4 (confirmed by ionCube release notes).
  • Admin menu update badge — "Flavor" admin menu now shows red badge with count of available product updates (WP native styling).
  • Per-component versioningcomponent-registry.json now tracks individual version per component. Build and upload scripts use per-component version instead of a shared global version. Upload includes version sync step (PUT current_version for skipped ZIPs).
  • Client migration for per-component versions — One-time migration syncs stored installed component versions with real module versions from ModuleManager (theme) and 1.0.0 baseline (plugin). Clears stale update cache.

Fixed

  • WP Dashboard showed updates despite Flavor Core — Plugin/theme updates appeared on wp-admin/update-core.php even with Core active. Plugin's checkForUpdate hook was skipped, but stale WP transient data persisted. Fix: Core now actively filters site_transient_update_plugins and site_transient_update_themes to strip our products from WP's update system.
  • Ghost component updates ("36 updates available")check_component_updates() called checkUpdates() but discarded results. Stale data from standalone crons persisted. Fix: Core now stores/clears flavor_component_updates and wpec_component_updates. One-time stale data cleanup on first Core load.
  • Child theme breaks theme detectionget_installed_products() used get_stylesheet() which returns child theme slug. Dashboard showed "Activate" instead of "Active" for theme, component tabs hidden. Fix: get_template() returns parent theme slug regardless of child theme.
  • Component update badges never shown — Field name mismatch: Hub API returns latest_version but PHP read new_version → always empty → no update badges ever appeared. Fix: read latest_version. Also added update count badges on component tabs (orange "N updates" pill) and "Check for Updates" now always reloads to reflect component changes.
  • All components showed false "update available" — Shared component_version (1.2.2) used for ALL 51 components. Every build bumped all, every check showed all as needing update. Fix: per-component versioning in registry + build + upload pipeline. Core components (theme-core, plugin-core) excluded from update checks entirely.
  • Client-side migration ran before theme loadedflavor_core_migrate_component_versions() ran at plugins_loaded priority 5, but ModuleManager loads with the theme (after plugins). Migration found no modules → stored versions unchanged → false update badges persisted. Fix: moved migration to init hook, added v2 flag.
  • Theme update "already up to date" despite update available — Stale version cache (12h TTL) used during update. Fix: force-clear transient before Hub check. Also refreshes stored update data when product is genuinely current.
  • Plugin update 500 critical errorupdate_plugin() had no try/catch; WP_Filesystem() failure caused null pointer crash on $wp_filesystem->delete(). Also called non-existent ComponentInstaller::backupComponents() — correct names are backupComponentsBeforeUpdate() / restoreComponentsAfterUpdate(). Fix: early filesystem init with null check, correct method names, try/catch around entire update flow.
  • Theme update crash "Automatic_Upgrader_Skin::get_errors()" — Two bugs: (1) Automatic_Upgrader_Skin has no get_errors() method → fatal on failure path. (2) Theme_Upgrader::upgrade() reads update_themes transient for package URL, but suppress_wp_theme_update() strips our theme from it → always returns false.
  • Update overwrites new files with old ones (chicken-and-egg) — Theme's Flavor_Component_Installer class already loaded in PHP memory during AJAX. Old backup/restore code ran → overwrote NEW core files with OLD backed-up versions. Fix: moved all backup logic into update-manager.php (Flavor Core). Zero dependency on theme/plugin code during update.
  • Components not downloading after product updatedownloadProductComponents() called getAvailableForInstall() which skipped already-installed components → empty list. Fix: added force_reinstall parameter + 3-step progress overlay.
  • --strip-components removed core files from ZIPbuild-dist.php stripped theme_core/plugin_core categories → removed react-app, assets, ModuleManager from ZIP → site broken after update. Fix: core categories excluded from strip.

[1.0.0] - 2026-04-06 — Initial Release

Added

  • License Management — Centralized license activation/deactivation/verification for both Theme + Plugin from a single admin page. Bundle mode (2 keys) and Theme Only mode with "Same key for both" option
  • Admin Dashboard — 3-state UI: Activation form, Licensed dashboard, Expired state. Indigo gradient header, product cards with masked license keys, quick links
  • Product Installer — Downloads and installs Theme/Plugin ZIPs from Flavor Hub. Manual download + unzip for plugins, Theme_Upgrader for themes. 2-step install+activate flow for plugins. Individual + "Install All Products" buttons with progress overlay
  • Component Tabs — Dashboard shows installed components in tabbed layout (Theme Components / Plugin Components). 2-column grid with check marks, names, real module versions, update badges
  • Auto Component Download — After product install+activate, automatically fetches and downloads all available components via product's own ComponentInstaller. 3-second delay between install and component phase for better UX
  • Global APIflavor_core_is_licensed(), flavor_core_get_tier(), flavor_core_get_license_data(), flavor_core_active(), flavor_core_get_mode() for theme/plugin to check license status
  • Ed25519 Fingerprint — Per-product fingerprint management (file + DB fallback), signature verification, domain check, server cross-verification via SHA256 hash
  • Cron Verification — Twicedaily periodic license verification for all active products
  • Theme Integration — Theme licensing.php detects Core via FLAVOR_CORE_MANAGES_LICENSE constant, delegates license methods inline. Skips own cron and admin notices. License tab shows "Managed by Flavor Core" redirect
  • Plugin Integration — Plugin LicenseManager::init() skips own licensing when Core detected. License state is delegated to Core. Keeps update checker + component AJAX

Architecture

  • Pure PHP + CSS, no React — ionCube compatible
  • wp_options for license storage (lightweight, no custom tables)
  • Option key: flavor_core_licenses (both products in single option)
  • Fingerprint files: .flavor-core-plugin.dat / .flavor-core-theme.dat in wp-content/
  • Admin menu at position 3 (top of sidebar)
  • Prefixed classes (Flavor_Core_*) — no namespaces for ionCube compatibility
Full Version History

For the complete changelog including all previous versions, contact our support team.

Last updated on