A Joomla 5 System Plugin that injects the Userback feedback widget into your Joomla site for easy bug reporting, screenshots, and feedback collection.
- Backend Widget: Display the Userback widget in Joomla Administrator
- Frontend Widget: Optionally display on the public frontend
- Backend Session Detection: Automatically show widget to users with active admin sessions when browsing the frontend
- User Group Control: Restrict widget visibility by Joomla user groups (backend and frontend separately)
- Guest Access: Optionally show widget to non-logged-in visitors
- Token Validation: Prevents enabling the plugin without a valid Userback access token
- Safe Failure: Silently fails without crashing if configuration is invalid
- Download the latest release ZIP from the Releases page or download this repository as a ZIP
- In Joomla Administrator, go to System > Extensions > Install
- Upload and install the ZIP file
- The plugin is automatically enabled with a default access token and Super Users group selected for both backend and frontend
- Access Token: Your Userback project access token (required). Get this from your Userback dashboard.
- Enable in Backend: Show/hide the widget in the administrator area (default: Yes)
- Backend User Groups: Restrict which user groups see the widget in the backend. Leave empty to show to all backend users.
- Enable on Frontend: Show/hide the widget on the public site (default: No)
- Frontend User Groups: Restrict which user groups see the widget on the frontend. Leave empty to show to all logged-in users.
- Show to Guests: Allow non-logged-in visitors to see the widget (default: No)
The plugin checks for widget visibility in this order:
- Backend session: If the visitor has an active administrator session cookie, show the widget (respecting user group settings)
- Frontend login: If the visitor is logged in on the frontend, check their user groups
- Guest: If "Show to Guests" is enabled, show to non-logged-in visitors
This means administrators can browse the frontend and still see the feedback widget without needing to log in separately.
- Log into your Joomla site
- The Userback widget appears (typically on the right side of the screen)
- Use the widget to:
- Report bugs with screenshots
- Annotate issues visually
- Provide feedback and suggestions
- Submissions go directly to your Userback project
- Custom Data Extras JSON field for appending arbitrary key/value pairs to every feedback submission
- User identification (name, email, user groups, Joomla version) attached to every submission
- Page context metadata (URL, component, view, layout, item ID, template, hostname, environment)
- Native screenshot toggle with auto-detection of localhost/staging/dev hostnames
- Separate backend and frontend categories for dashboard routing
- Security fix: patched stored XSS via unsanitized access token (token now validated and JSON-encoded)
- Added embed mode selection: access token or full script paste
- Removed default access token for security
- Added clickable button to open plugin settings after install or update
- Added default Userback access token for easier initial setup
- Backend and frontend user group restrictions now default to Super Users
- Frontend widget display is now enabled by default
- Plugin is automatically enabled after installation
- Fixed backend session detection for database and filesystem session handlers
- Fixed user group parameter handling for array and comma-separated formats
- Added MD5 and SHA-256 hash fallbacks for session ID matching
- Added frontend widget support
- Added backend session detection for frontend display
- Added user group restrictions for backend and frontend
- Added guest access option for frontend
- Improved session detection using database queries
- Initial release
- Backend widget injection
- Access token validation
This plugin consists of:
userbackadmin.php- Main PHP plugin logicuserbackadmin.xml- Manifest file for installation and configuration
Clone, fork, or contribute on GitHub!
GNU General Public License version 3 or later. See LICENSE for details.
Developed by Cybersalt Consulting Ltd.
Contributors:
- Gurnoor Deol - Original development