Test Mode

Test Mode is a safety feature that automatically prevents all dangerous actions during your automated tests.

Why is Test Mode important?

When you run a test flow, Flowguard simulates real user actions on your website - such as filling out and submitting forms. Without Test Mode, real data could be sent:

• Real emails to customers or employees
• Newsletter subscriptions to external services
• CRM entries in your sales system
• Webhooks to third parties (Zapier, Make, etc.)
• New posts or users in your database
• Payment requests to payment providers

What does Test Mode do?

Test Mode intercepts all these actions and prevents them automatically:

• No real emails are sent
• No external API calls to newsletter tools, CRMs or webhooks
• No database changes (new posts, pages, users)
• No scheduled tasks are created
• Captchas are automatically bypassed (for smooth testing)

Instead: All blocked actions are logged and displayed after each test.

---

Why is Test Mode "Recommended"?

Test Mode is enabled by default because:

1. Protection from real submissions: You can test safely without accidentally sending real emails
2. No duplicates: Prevents test contacts in your CRM or newsletter tool
3. Clean database: No test entries in your live database
4. Saves costs: No accidental API calls that could incur costs
5. Professional: Customers don't receive test emails with "Test 123" content

Recommendation

Keep Test Mode always enabled unless you consciously want to send real data in a live test.

---

Configure Settings

Where do I find Test Mode settings?

WordPress Admin > Flowguard > Settings > Testing Tab

Available Options

1. Enable Test Mode (Main Switch)

Status: Recommended: Enabled

• Enabled: All test flows are protected, no real actions are executed
• Disabled: WARNING - Flows will execute real actions!

---

2. Email Handling (Email Strategy)

Choose how emails are handled in Test Mode:

Option A: Block all emails (Default)

What happens:

• Emails are completely blocked and not sent
• All details are logged (recipient, subject, CC, BCC)
• No mailbox is burdened

When to use:

• For most tests (default recommendation)
• When you only want to test if the form works
• When you don't want test emails in your mailbox

Option B: Redirect to test email

What happens:

• All emails are redirected to one test email address
• CC and BCC recipients are automatically removed (privacy!)
• You can review the email content
• Original recipient is recorded in the log

When to use:

• When you want to review the email content
• For testing email templates
• When you want to ensure emails actually arrive

Requires:

• Test Email Address - Enter your test email address (e.g., tests@yourcompany.com)

---

3. Test Email Address (only for "Redirect")

Example: flowguard-test@yourcompany.com

• All test emails will be sent to this address
• It's best to use a dedicated test address
• Do NOT use a real customer email address

---

What gets blocked?

1. Emails

Blocked:

• Contact form notifications
• Order confirmations
• Newsletter confirmations
• Admin notifications
• All emails via wp_mail()

Details in log:

• To
• Subject
• CC recipients (if present)
• BCC recipients (if present)
• Redirect (in "Redirect" mode)

2. External HTTP Requests

Blocked:

• Newsletter subscriptions (Mailchimp, Sendinblue, etc.)
• CRM integrations (HubSpot, Salesforce, etc.)
• Webhooks (Zapier, Make, n8n, etc.)
• Analytics tracking
• Social media APIs
• Payment APIs (Stripe, PayPal, etc.)

Allowed: (not blocked)

• Requests to your own WordPress site
• Requests to localhost (for development)

Details in log:

• Host (e.g., api.mailchimp.com)
• URL
• Method (GET, POST, etc.)
• Purpose (Newsletter, CRM, Webhook, etc.)

3. Database Changes

How it works: Test Mode uses a "False Positive" strategy - forms think they succeeded, but nothing is actually saved!

Blocked (with fake success):

• New posts - Returns fake post ID (e.g., -12345)
• New pages - Returns fake post ID
• New users - Returns fake user ID (e.g., -56789)
• Post metadata
• User metadata
• WordPress options (update_option, add_option, delete_option)

Why "fake success"?

• Forms submit successfully (no error messages)
• Success pages display normally
• Flows complete without failing
• BUT: No real data is created!

Allowed: (not blocked)

• Flowguard's own data (flow results, logs, settings)
• WordPress core functions (cron, transients)
• Temporary data (transients)

4. Scheduled Tasks

Blocked:

• WP-Cron events
• Action Scheduler tasks
• Delayed emails
• Automatic backups (triggered by tests)

5. Captchas & Anti-Spam

Automatically bypassed:

• Google reCAPTCHA
• hCaptcha
• Cloudflare Turnstile
• Akismet Anti-Spam

Why: So your automated tests run smoothly

---

Test Mode in the Flow Editor

Automatic Protection in the Editor

Test Mode is active in the Flow Editor!

• The Flow Editor activates Test Mode automatically (when enabled in settings)
• Form submissions in the editor are protected
• Emails are blocked/redirected
• External API calls are prevented

How does it work?

Technical approach: Query Parameter Injection

1. The editor adds ?flowguard_preview=1 to all URLs in the iframe
2. This parameter is automatically maintained across all navigations:
   • Link clicks
   • Form submissions
   • JavaScript redirects
   • Browser history changes
3. WordPress detects this parameter and activates Test Mode
4. The parameter is visually hidden - you won't see it in the URL bar
5. The parameter is filtered from recordings - your saved flows contain clean URLs

When is Test Mode active?

Test Mode is active in TWO scenarios:

1. Flow Editor (with settings enabled)
   • While browsing in the editor iframe
   • Automatically for all navigations
2. Automated Flow Runs
   • When you click "Run Flow"
   • Throughout the entire flow execution
   • All blocked actions displayed in logs

Test Mode is NOT active:

• In normal frontend browsing (outside editor)
• If Test Mode is disabled in settings

---

View Test Logs

After each flow run, you can see exactly what was blocked:

Where do I find the logs?

1. Go to Flowguard > Flows
2. Find the flow with a completed run
3. Click "View Log"

What do the logs show?

In the header:

• Number of steps
• Number of successful steps
• Number of failed steps
• Number of blocked actions (orange)

In the timeline:

• All executed steps (green = successful, red = failed)
• Blocked actions (orange) with details:
  • Email Blocked: Which email was blocked
  • Email Redirected: Where it was redirected to
  • HTTP Request Blocked: Which external service was blocked
  • Database Write Prevented: What was not written to the DB
  • Cron Job Prevented: Which scheduled task was prevented

---

Frequently Asked Questions (FAQ)

Q: Do I have to activate Test Mode for each flow individually?

A: No! Test Mode is a global setting and automatically applies to all flows.

Q: Can I disable Test Mode for specific flows?

A: Currently, there is only a global setting. If you want to run a "real" test, temporarily disable Test Mode in the settings.

Q: Do my tests become slower with Test Mode?

A: No! Test Mode actually makes tests faster because external API calls are blocked immediately (no waiting for timeouts).

Q: What happens if I disable Test Mode?

A: All flows will then execute real actions:

• Real emails will be sent
• Real data will be transmitted to external systems
• Real entries in the database

WARNING

Only disable for deliberate live tests!

Q: Does Test Mode work with WooCommerce?

A: Yes! Orders are not created, order emails are blocked, and payment APIs are not called. See the WooCommerce Testing Guide for details.

Q: What if a plugin uses custom email functions?

A: Test Mode intercepts all emails that run through WordPress' wp_mail() function. Most plugins use this. In rare cases (direct SMTP connection), an email might get through.

---

Best Practices

DO (Recommended approach)

1. Always keep Test Mode enabled for normal tests
2. Use "Redirect to test email" when you want to check email content
3. Review test logs regularly to see what was blocked
4. Use a dedicated test email address (not your main address)
5. Briefly disable Test Mode only for deliberate live tests (and immediately re-enable it afterwards!)

DON'T (Avoid)

1. Don't disable Test Mode permanently - Risk of accidental live actions!
2. Don't use real customer emails as test address
3. Don't test without Test Mode in the development environment
4. Don't assume that emails aren't arriving - check the logs!

---

Related Documentation

• Settings - Configure all Flowguard settings
• WooCommerce Testing - Safe WooCommerce checkout testing
• Running Flows - How flow execution works