Grain & Mortar Website - Session Notes

Date: February 6, 2026

What We Worked On

• Mailchimp newsletter spam fix: Replaced embedded Mailchimp form with custom WordPress AJAX endpoint + Mailchimp API integration, with 4 layers of spam protection (nonce, honeypot, timestamp, rate limiting)
• Hero spacing: Added 30px bottom margin below the Lottie animation on the homepage
• Budget range slider removal: Ripped out the entire budget slider system from the Gravity Forms contact form (fields 20-23, JS, CSS, plugins deactivated)
• Email delivery investigation: Discovered form notifications never reach Gmail inbox — no SMTP plugin installed, WordPress sending via PHP mail() from Flywheel's server without SPF/DKIM authorization
• FluentSMTP setup (partial): Installed and configured FluentSMTP for Google Workspace SMTP, but blocked on App Password — team doesn't have the hello@grainandmortar.com password available

Key Decisions Made

• Mailchimp: Ditched embedded form entirely, built custom AJAX form with direct API integration. Switched from double opt-in to immediate subscription (status: 'subscribed').
• Budget sliders: Full removal, not just hiding. User said "rip it out" — fields deleted from GF, JS file deleted, CSS removed, both slider plugins deactivated (not deleted).
• SMTP: Going with FluentSMTP + Gmail SMTP (smtp.gmail.com:587/TLS) with App Password auth. Simpler than Google Workspace OAuth2.
• Entry #566 (Christa Carr / York Dental Arts): Legit inquiry but has typo in email — yorkdentalarts@outloo.com (missing "k" in outlook). Can't reply directly. GP Email Validator green checkmark only validates format, not domain existence.

Changes Made

New Files

• functions/mailchimp.php — Custom AJAX endpoint with Mailchimp API v3 integration
• assets/js/newsletter.js — Frontend form handler
• docs/GRAVITY-FORMS-BUDGET-SLIDER-REMOVAL.md — Complete removal reference with restoration instructions
• docs/archive/README.md — New archive directory index

Modified Files

• footer.php — Replaced embedded Mailchimp form with custom AJAX form
• functions.php — Added mailchimp.php require
• functions/styles-scripts.php — Added newsletter.js enqueue, removed budget-tracker.js enqueue
• functions/third-party-scripts.php — Removed old Mailchimp validation script
• assets/css/theme.css — Hero animation spacing (margin-bottom: 30px), newsletter response styles, fixed #mce-responses display
• assets/css/gravity-forms.css — Removed ~160 lines of slider CSS (noUi, jQuery UI, budget-pulse animation)
• wp-config.php — Added MAILCHIMP_API_KEY and MAILCHIMP_LIST_ID constants
• docs/CONTACT-FORM.md — Stripped all slider references, updated for current state
• docs/README.md — Updated index (added removal doc, archive subdirectory)

Deleted Files

• assets/js/gravity-forms-budget-tracker.js

Archived Files

• docs/BUDGET-SLIDER-SETUP.md → docs/archive/BUDGET-SLIDER-SETUP.md

Gravity Forms Changes (via admin)

• Deleted fields 20, 21, 22, 23 from Form ID 2

Plugins

• Deactivated: Gravity Forms Range Slider Add-On, Multiple Range Slider For Gravity Form Pro
• Installed + activated: FluentSMTP 2.2.95 (not fully configured yet)

Still Pending

1. FluentSMTP password: Need App Password from Google account that owns hello@grainandmortar.com. Settings are pre-filled, just needs the password pasted in and saved.
2. Production deployment: All changes are local only. Need to: - Push theme file changes to production (Flywheel) - Install FluentSMTP on production and configure identically - Add Mailchimp constants to production wp-config.php - Deactivate slider plugins on production - Delete slider fields from production Gravity Forms
3. Christa Carr follow-up: Legit lead from York Dental Arts (dental office rebrand). Email typo means can't reply — Google "York Dental Arts" to find them.
4. Git commit: None of today's changes have been committed yet.

Technical Notes

• Mailchimp API key: af1f4edaf4948aa8d4354cbebf33259c-us4 (stored in wp-config.php)
• Mailchimp List ID: 13bf14e6ef
• FluentSMTP config: smtp.gmail.com / port 587 / TLS / username hello@grainandmortar.com
• GP Email Validator: Only checks email format, NOT domain existence. The green checkmark on entries is misleading for typo'd domains like outloo.com.
• WP-CLI doesn't work from terminal on Local by Flywheel (503 error). Use Chrome DevTools MCP to interact with WordPress admin instead.
• Gravity Forms field deletion: Used form.fields.splice() via Chrome DevTools evaluate_script, then clicked Save Form button.

Session saved February 6, 2026