Native B2B: RFQ Product Catalog & Inquiry Form
Native B2B: RFQ Product Catalog & Inquiry Form
Description
Native B2B is a professional-grade Product Catalog and Request for Quote (RFQ) system for WordPress. Designed with a native-first, zero-bloat architecture, it provides a high-speed alternative for wholesale businesses and lead generation sites.
Core Features
- Custom Product Management: Effortlessly manage wholesale products with tiered pricing and technical specifications.
- Professional RFQ System: High-performance AJAX-based inquiry form that integrates seamlessly into any theme.
- Advanced Anti-Spam Shield: Protect your inbox with Math Challenges, Akismet integration, and Honeypot fields.
- Global Notifications: Get instant alerts via Slack, Discord, Telegram, Feishu, Email, Bark, and NTFY.
- Data Automation: Automatically synchronize inquiry data to Google Sheets via Apps Script.
- Analytics Dashboard: Monitor leads and analyze inquiry peak hours with our unique Hotspot Analysis tool.
- Enterprise Ready: One-click CSV export and daily automated database maintenance.
Usage
- Add Products: Navigate to ‘B2B Products’ -> ‘Add New’. Fill in the title, description, and tiered pricing in the provided meta boxes.
- Display Catalog: Use the shortcode
[ezls_gallery columns="4"]on any page to display your product grid. - Inquiry Button: Use
[ezls_inquiry_btn]on custom pages to trigger the RFQ popup. - Configuration: Visit ‘B2B Products’ -> ‘Settings’ to connect your notification channels and data integration credentials.
- Lead Management: View and process incoming leads under the ‘Inquiries’ menu. Use the ‘Hotspot Analysis’ to optimize your sales staffing.
Google Sheets Integration
This integration uses a secure Google Apps Script to send inquiry data to your Google Sheet in real-time.
Part 1: Create the Google Sheet & Apps Script
- Create Google Sheet: Go to sheets.google.com, create a new spreadsheet, and name it (e.g.,
B2B Inquiries). - Set Up Headers: In the first row, set up the following headers exactly as written (case-sensitive):
Time,ID,Product,Name,Email,Tel,IM,Message,Link. - Open Apps Script: In your spreadsheet, go to
Extensions->Apps Script. -
Paste Script Code: Delete any default code in the
Code.gsfile and paste the entire script below:// Copyright (c) 2024 EEZZ.NET. All rights reserved.
// This script is provided for use with the “Native B2B” WordPress plugin.
const API_PASSWORD = “YOUR_SECRET_PASSWORD”;
const sheet = SpreadsheetApp.getActiveSpreadsheet().getActiveSheet();
function doPost(e){try{if(!e||!e.postData||!e.postData.contents){throw new Error(“Invalid request: No data received.”)}const params=JSON.parse(e.postData.contents);if(params.AuthKey!==API_PASSWORD){return createJsonResponse({“status”:”error”,”message”:”Authentication failed.”})}const newRow=[params.Time||new Date(),params.ID||’N/A’,params.Product||’N/A’,params.Name||’N/A’,params.Email||’N/A’,params.Tel||’N/A’,params.IM||’N/A’,params.Message||’N/A’,params.Link||’N/A’];const lock=LockService.getScriptLock();lock.waitLock(30000);try{sheet.appendRow(newRow)}finally{lock.releaseLock()}return createJsonResponse({“status”:”success”})}catch(error){console.error(“Error processing request: “+error.toString());return createJsonResponse({“status”:”error”,”message”:”An internal error occurred: “+error.message})}}
function createJsonResponse(data){return ContentService.createTextOutput(JSON.stringify(data)).setMimeType(ContentService.MimeType.JSON)} -
Set Password & Save: In the script, change
"YOUR_SECRET_PASSWORD"to your own strong password and save the project.
Part 2: Deploy and Configure
- Deploy as Web App: Click
Deploy->New deployment. Select typeWeb app. - Set Access: Under “Who has access”, select
Anyone. This is critical. - Authorize & Copy URL: Click
Deploy, authorize the script (you may need to click “Advanced” -> “Go to…”), and copy the generated Web app URL. - Configure in WordPress: Go to
B2B Products->Settings. Paste the Web app URL and your password into the Google Sheets section and save changes.
External Services
This plugin connects to third-party services to provide notifications, data sync, and spam protection. No data is sent to these services unless you explicitly configure the corresponding credentials in the plugin settings.
-
Akismet Anti-Spam
- Purpose: To check inquiry submissions for spam.
- Data Sent: When a user submits an inquiry, their IP address, user agent, referrer, name, email address, and message content are sent to the Akismet service.
- Links: Terms of Service, Privacy Policy
-
Telegram Bot API
- Purpose: To send real-time notifications for new inquiries to your configured chat.
- Data Sent: When a new inquiry is received, details such as the product name, customer name, and email are sent via the Telegram Bot API.
- Links: Terms of Service, Privacy Policy
-
Slack (Incoming Webhook)
- Purpose: To send real-time notifications for new inquiries to your Slack workspace.
- Data Sent: When a new inquiry is received, the product name, customer name, message preview, and a link to the product page are sent to the configured Slack webhook URL.
- Links: Privacy Policy
-
Discord (Webhook)
- Purpose: To send real-time notifications for new inquiries to your Discord server.
- Data Sent: When a new inquiry is received, the product name, customer name, email, and a link to the product page are sent to the configured Discord webhook URL.
- Links: Privacy Policy
-
Feishu / Lark (Webhook)
- Purpose: To send real-time notifications for new inquiries to your Feishu/Lark group.
- Data Sent: When a new inquiry is received, the inquiry ID, product name, customer name, email, and message text are sent to the configured Feishu webhook URL. If a Feishu signing secret is configured, a timestamp and HMAC signature are also included for request verification.
- Links: Terms of Service, Privacy Policy
-
Bark
- Purpose: To send real-time push notifications for new inquiries to your mobile devices via your self-hosted or public Bark server.
- Data Sent: When a new inquiry is received, the inquiry ID and customer name are sent to the configured Bark server URL.
- Links: Project Repository & Documentation
-
ntfy
- Purpose: To send real-time push notifications for new inquiries to your mobile devices via your self-hosted or public ntfy server.
- Data Sent: When a new inquiry is received, a notification message containing the customer name and product name is sent to the configured ntfy topic URL.
- Links: Terms of Service (ntfy.sh), Privacy Policy (ntfy.sh)
-
Google Sheets (via Apps Script Webhook)
- Purpose: To automatically sync inquiry data to a Google Sheets spreadsheet for record-keeping and analysis.
- Data Sent: When a new inquiry is received, the inquiry code, product name, customer name, email, phone, IM platform, IM account, message, product link, and timestamp are sent to the configured Google Apps Script webhook URL. An API password (set by the site administrator) is included for authentication.
- Links: Google Privacy Policy
Installation
- Upload the entire
native-b2b-rfq-product-catalog-inquiry-formfolder to the/wp-content/plugins/directory. - Activate the plugin through the ‘Plugins’ menu in WordPress.
- The plugin will automatically initialize the database tables required for lead management.
- Go to ‘B2B Products’ in your admin sidebar to start adding your B2B catalog.
- For real-time data sync, follow the
== Google Sheets Integration ==guide below.
Screenshots

Installing and activating the plugin

Accessing the "B2B Products" menu

Adding a new B2B product

Viewing the B2B product list (Admin View)

Visiting the B2B product archive page (User View)

Viewing a single product page

Filling out the B2B inquiry form

Submitting the inquiry form

Viewing the new inquiry in the admin dashboard

Configuring notification channels before receiving inquiries
Faq
No. This plugin is built to be lightweight and fast, operating independently of WooCommerce.
The form is designed to inherit your theme’s styles, but you can override CSS using the ‘Additional CSS’ section in the Customizer.
Reviews
Changelog
1.1.9
- SECURITY: Replaced client-generated math captcha token with server-side UUID, eliminating IP collision and token forgery vectors.
- SECURITY: Added IP-based rate limiting to the math challenge AJAX endpoint (max 30 requests / 5 min per IP).
- SECURITY: CSV export now checks total row count before loading; exports over 10,000 rows prompt the admin to filter first.
- FIX: Inquiry code is now generated before INSERT, removing the two-step PENDING-placeholder + UPDATE patten that could leave orphaned codes.
- FIX: Plugin deactivation now properly clears all scheduled cron hooks including the daily cleanup event.
- FIX: Janitor cron now cleans all plugin transient types in a unified query, covering math rate-limit counters and gallery caches.
- FIX: Math challenge transient key no longer depends on client IP + client token, preventing NAT collision between concurrent users.
- FIX: Reduced false-positive PHPCS warnings flagged by Plugin Check (variable prefixes, prepare() usage, direct query annotations).
- I18N: Regenerated .pot file for version 1.1.9.
1.1.8
- FIX: Hardened a database query in the admin dashboard to be fully compliant with
wpdb::prepare()standards, resolving a security warning. - DOCS: Added disclosure for the Bark notification service to the “External Services” section in readme.txt, as required by plugin guidelines.
1.1.7
- FIX: Corrected a PHP syntax error in the archive template file.
- FIX: Ensured all setting fields registered via
register_settingare properly sanitized before encryption or saving. - DOCS: Expanded the “External Services” section in the readme.txt with detailed descriptions of data sent.
1.1.6
- Initial submission with fixes based on automated review feedback.
1.1.5
- Initial stable release.