readme.txt

=== s2Member® Framework (Membership, Member Level Roles, Access Capabilities, PayPal Members) ===

Plugin Name: s2Member® Framework
Plugin URI: http://s2member.com/
Tags: membership, subscribers, subscriber, members only, roles, capabilities, capability, register, signup, paypal, ecommerce, restriction
Version: 210526
Stable tag: 210526
Tested up to: 5.7-RC3-50511
Requires at least: 4.2
Requires PHP: 5.6.2
Tested up to PHP: 7.4.6
License: GNU General Public License v2 or later.
Contributors: WebSharks, JasWSInc, raamdev, clavaque, eduan
Author: WP Sharks
Author URI: http://s2member.com/
Donate link: http://s2member.com/donate/
Beta link: http://s2member.com/beta-testers/
Forum URI: http://s2member.com/r/forum/
Privacy URI: http://s2member.com/privacy-policy/
Changelog URI: http://s2member.com/changelog/
Video Tutorials: http://s2member.com/r/s2member-videos/
Knowledge Base: http://s2member.com/kb/
Newsletter: http://s2member.com/r/subscribe/
PayPal Pro Integration: http://s2member.com/r/pp-account-types/
Text Domain: s2member
Domain Path: /src/includes/translations

s2Member® is a powerful free membership plugin for WordPress. Protect members only content with Member Level Roles and Access Capabilities.

== Description ==

The free s2Member® Framework lets you protect WordPress content and offer users a secure checkout solution to get access.

Easy to configure and highly extensible.

You can protect the whole site, certain areas, or even just parts of pages.

Sell recurring (or non-recurring) subscriptions with lots of flexibility. Or sell "Buy Now" access in various ways.

Protect your WordPress posts, pages, tags, categories, URIs, BuddyPress/bbPress, and even portions of them.

Provide highly configurable access to specific portions of your content with Levels or Access Capabilities.

You can also protect downloadable files and streaming audio/video. Store files locally, or use s2Member's integration with Amazon S3 and CloudFront CDN.

Sell specific Posts/Pages, File Downloads, or Access Capabilities.

Sell access to your site's content with single "buy now" payments or recurring payments subscription Memberships.

Integrates with PayPal's Website Payments Standard (also free).

Like a cash machine, s2Member puts money back in your pocket. Monetize your website now with s2Member.

Add now s2Member Framework to your site and start making money with it!

= Some reasons to upgrade to "s2Member Pro" =

- Unlimited Membership Levels.
- Renewal reminder emails.
- Content dripping.
- Single-step registration and payment with s2Member Pro-forms.
- Stripe, PayPal Pro and Authorize.Net integration via Pro-forms.
- Pro-form Coupon Codes and Gift/Redemption Codes.
- ClickBank buttons integration.
- Pro API for new integrations.
- Public Members Directory.
- User bulk Import/Update/Exporter tools.
- Multisite Network support.
- Login and registration forms to include in your pages or posts.
- ... and more!

With thousands of customers, an intelligent open community, comprehensive documentation, video tutorials, APIs, the s2Member Codex, KB articles, and thousands of forum posts; s2Member just can't be beat!

[-> Click Here for more details](http://s2member.com/)

== Installation ==

**NOTICE:** If you are an s2Member Pro customer in need of support, please use [our forum at s2Member.com](http://s2member.com/r/forum/).

---

= s2Member is Very Easy to Install =

Just like any other normal plugin:

- From the WP Admin's [Plugins Add New Screen](https://wordpress.org/support/article/plugins-add-new-screen/). 
- Or via FTP upload the `s2member` folder from the zip to your `/wp-content/plugins/` directory.
- Activate it from **Plugins** page in your WordPress Admin.

Here's a [quick-start video](https://www.youtube.com/watch?v=qlKn-I-0W6U) for a simple basic setup to get you started.

= See Also (s2Member.com) =

[Detailed installation/upgrade instructions](http://s2member.com/installation/).

= Is s2Member compatible with Multisite Networking? =

Yes, s2Member Pro for Unlimited Sites is compatible with Multisite Networking. After you enable Multisite Networking, with s2Member Framework and Pro enabled, navigate to `s2Member → Multisite (Config)` in the Dashboard on your Main Site.

== Screenshots ==

1. s2Member Screenshot #1
2. s2Member Screenshot #2
3. s2Member Screenshot #3
4. s2Member Screenshot #4
5. s2Member Screenshot #5
6. s2Member Screenshot #6
7. s2Member Screenshot #7

== Frequently Asked Questions ==

**NOTICE:** If you are an s2Member Pro customer in need of support, please use [our forum at s2Member.com](http://s2member.com/r/forum/).

---

= Please Check the Following s2Member Resources =

* s2Member FAQs: <http://s2member.com/faqs/>
* Knowledge Base: <http://s2member.com/kb/>
* Video Tutorials: <http://s2member.com/videos/>
* Community: <http://s2member.com/r/forum/>
* Codex: <http://s2member.com/codex/>

= Translating s2Member =

Please see: <http://s2member.com/r/translations/>

== License ==

Copyright: © 2013 [WP Sharks](https://www.wpsharks.com/) (coded in the USA)

Released under the terms of the [GNU General Public License](http://www.gnu.org/licenses/gpl-2.0.html).

== Upgrade Notice ==

= v160801 =

(Maintenance Release) Upgrade immediately.

== Changelog ==

= v210526 =

- (s2Member Framework & Pro) **UI Enhancement**: Started improving the admin interface. Lightened up the colors, and changed the layout a little bit. 

- (s2Member Framework) **UI Enhancement**: Added title tag to buttons to manage custom profile fields in admin, to improve use with screen-reader. [Thread 8836](https://f.wpsharks.com/t/8836/12)

- (s2Member Pro) **UI Fix**: Fixed typo in pro-form `rrt` attribute description. [Issue 1204](https://github.com/wpsharks/s2member/issues/1204)

- (s2Member Framework) **Bug Fix**: Registration Date sometimes wasn't formatted correctly with the s2Get shortcode. [Thread 8730](https://f.wpsharks.com/t/8730)

= v210208 =

- (s2Member Pro) **Enhancement**: In the Stripe integration, cancelling a subscription in the last minutes of a period, may cause the invoice for the new period to remain there and still be charged later. Now s2Member Pro attempts to find a draft or open invoice for the subscription being cancelled, and void it. Thanks Alan for reporting it. See [post 8386](https://f.wpsharks.com/t/8098).

- (s2Member Pro) **UI Enhancement**: Improved Stripe pro-form error message when trying to create a subscription with a bad card. Thanks everyone that reported it. See [issue #1184](https://github.com/wpsharks/s2member/issues/1184), [post 6043](https://f.wpsharks.com/t/6043), and [post 8386](https://f.wpsharks.com/t/8386).

- (s2Member Pro) **Enhancement**: Added the new action hooks `ws_plugin__s2member_pro_before_stripe_notify_event_switch` and `ws_plugin__s2member_pro_after_stripe_notify_event_switch` in the Stripe endpoint to allow customizations, e.g. new event handlers.

- (s2Member Pro) **UI Fix**: Removed some leftover mentions of Bitcoin support in Stripe's options.

- (s2Member Pro) **UI Fix**: Removed a couple of deprecated shortcode attributes from the documentation for Stripe's pro-form, leftovers from the old integration. Kudos to Debbie for bringing my attention to them. See [post 8053](https://f.wpsharks.com/t/8053).

- (s2Member Framework) **UI Fix**: Fixed some broken links and video players in the admin pages.

- (s2Member Framework) **Bug Fix**: Resolved a warning given when changing users role in bulk from the WP Admin > Users page.

- (s2Member Server Scanner) **Bug Fix**: Updated the [Server Scanner](https://s2member.com/kb-article/server-scanner/) to remove some outdated warnings.

= v201225 =

- (s2Member Framework) **Bug Fix**: View Password icon WP's login page was not displaying correctly. Kudos to Beee4life for reporting it. See [issue #1187](https://github.com/wpsharks/s2member/issues/1187)

- (s2Member Framework and Pro) **Enhancement**: Refactored PHP's deprecated _create_function_ with anonymous functions. Kudos to Berry for reporting it, see [post 6069](https://f.wpsharks.com/t/6069) 

- (s2Member Framework) **Bug Fix**: Added a check for empty return variable before trying to use it in paypal-utilities.inc.php.

- (s2Member Framework) **Bug Fix**: Added checks for undefined indexes before trying to use them in paypal-return-in-subscr-or-wa-w-level.inc.php.

- (s2Member Framework) **Bug Fix:** Added a check for undefined index before using it to define a couple of s2 constants. Kudos to Berry for reporting it, see [post 8181](https://f.wpsharks.com/t/8181/) 

- (s2Member Pro) **Bug Fix**: s2's payment notification when creating a Stripe subscription, was being sent twice. Added a check to ignore the webhook for the subscription's on-session first payment; s2's webhook endpoint is for off-session events. 

- (s2Member Framework) **Enhancement**: Added a new hook for the payment notification on subscription creation or buy now payments.

- (s2Member Pro) **Bug Fix**: Stripe paid trials were accumulating on failed payment attempts, causing a larger charge when it finally succeeded. Kudos to Alan for his help through the many attempts to fix this one, see [post 7002](https://f.wpsharks.com/t/7002).

- (s2Member Pro) **Enhancement**: Stripe duplicate payments were happening randomly to a few site owners, apparently from bad communication between their server and Stripe's. Added idempotency to prevent duplicates. Kudos to Alan and everyone in the forum that reported and gave details on this behavior, see [post 7002](https://f.wpsharks.com/t/7002)

= v200301 =

- (s2Member Pro) **Enhancement:** Added "Powered by Stripe" to Stripe pro-form's payment card field. Kudos to Josh, see [post 6716](https://f.wpsharks.com/t/6716).

- (s2Member Pro) **Bug Fix:** Stripe subscription cancellations were not happening when they should. This release updates the API integration for it and fixes that behavior. Kudos to Matt for reporting it, see [post 6909](https://f.wpsharks.com/t/6909).

- (s2Member Pro) **Bug Fix:** Updating the card with Stripe's pro-form sometimes gave an incorrect "missing billing method" error. Kudos to Corey, see [post 7058](https://f.wpsharks.com/t/7058).

- (s2Member Pro) **Small fix:** Removed Bitcoin mention next to Stripe in Gateways list. Missed it in [v191022](https://s2member.com/s2member-v191022-now-available/).

= v200221 =

- (s2Member Pro) **Bug Fix:** In some rare cases, another plugin loaded Stripe's class before s2Member, so when s2 tried loading it there'd be an error. This release fixes the check for the class before trying to load it. See [issue #1170](https://github.com/wpsharks/s2member/issues/1170)

  **Note:** s2Member won't have control over what version of the Stripe SDK was loaded by the other plugin. You'll need to get that other plugin to have an up-to-date version. If you don't have another plugin loading Stripe, this is not relevant to you.

- (s2Member Pro) **Bug Fix:** When using a 100% off coupon, requiring no payment, the Stripe pro-form was still loading the card field and requiring it, preventing the free signup. That's fixed in this release. See [issue #1171](https://github.com/wpsharks/s2member/issues/1171)

- (s2Member Pro) **Bug Fix:** The Stripe pro-form, when given an invalid card, didn't give a clear error message for it, and instead just "invalid parameter". Now it shows the correct card error, making it possible for the customer to try a different card to complete the payment.

- (s2Member Pro) **Feature Update:** The Indian Rupee was added to the list of currency symbols.

- (s2Member Pro) **Feature Enhancement:** The s2Member Pro add-on, not being a regular plugin was not uploadable via the WP plugin manager. This made it necessary to FTP, which is complicated for some site owners. In this release I made it possible for the plugin manager to upload or remove the Pro add-on.

  **Note:** It still is not a regular plugin. The activation link or status in the plugins manager is irrelevant, but I couldn't find how to remove it. s2Member Pro activates automatically when its version matches the Framework's, and it'll be mentioned next to the Framework's version in the plugins manager.

= v191022 =

- (s2Member Pro) **Feature Enhancement:** The Stripe pro-forms can now handle 3D Secure 2 for [Strong Customer Authentication](https://stripe.com/guides/strong-customer-authentication), as required by the new European regulation that came into effect recently. Props to those in the beta testing group, especially Brice and Felix. See [thread 5585](https://f.wpsharks.com/t/5585/).

- (s2Member Pro) **Feature Enhancement:** The Stripe pro-form now has the card field inline, instead of opening a modal to enter it. Before it required clicking the link to open the modal, enter the card details, submit that, and then submit the pro-form. Now you enter the card details as part of the pro-form. See [issue #588](https://github.com/wpsharks/s2member/issues/588).

- (s2Member Pro) **Stripe Integration Updates:** Upgraded the Stripe PHP SDK from v1.18 to v7.4.0, and the API from 2015-07-13 to 2019-10-08. Upgraded the integration from the Charges API to the latest Payment Intents API. Upgraded the card input from the old Stripe Checkout modal, to the new Stripe.js and Elements. 

- (s2Member Pro) **Optimization:** Stripe's JavaScript now only gets included if the page has a Stripe pro-form.

- (s2Member Pro) **Removed Stripe Bitcoin**: Stripe [dropped Bitcoin](https://stripe.com/blog/ending-bitcoin-support) last year, it's not available anymore. This update removes the Bitcoin options and mentions from the s2 admin pages.

- (s2Member Pro) **Bug Fix:** Subscriptions without at trial were showing a "trialing" status in Stripe for the first period. This behavior has now been solved. It will only say trialing when you set a trial period (free or paid) in your Stripe pro-form shortcode. See [issue #1052](https://github.com/wpsharks/s2member/issues/1052).

- (s2Member Pro) **Bug Fix:** The Stripe pro-form installments via the `rrt` shortcode attribute were charging an extra payment before ending the subscription. There was an error in the time calculation for this. This is solved in this release. Props to Brice. See [thread 5817](https://f.wpsharks.com/t/5817/).

- (s2Member Pro) **Bug Fix:** Some payments through the Stripe pro-form were creating a new Stripe customer when the user was already a customer. The Stripe customer ID was not being saved correctly in the user's profile. This is solved in this release. Props to demeritcowboy for reporting it.

= v190822 =

- (s2Member) **PayPal Integration Update:** PayPal deprecated the subscription modification button. Using the old possible values for this, now gives an error on PayPal's site. This button has been removed from the PayPal Standard integration in s2Member. Props to Tim for reporting it, see [forum thread 5861](https://f.wpsharks.com/t/5861), and [issue #1157](https://github.com/wpsharks/s2member/issues/1157).

- (s2Member) **Bug Fix:** PayPal would sometimes return the customer without the Custom Value expected by s2Member, incorrectly triggering an error. A small delay has now been added when needed to wait for PayPal to provide the missing value, so that the customer is met with the correct success message on return. Props to Josh Hartman for his help. See [forum thread 5250](https://f.wpsharks.com/t/5250).

- (s2Member) **Bug Fix:** Google's URL shortening service has been [discontinued](https://developers.googleblog.com/2018/03/transitioning-google-url-shortener.html). The s2Member integration with it was removed in this release. Props to Felix Hartmann for reporting it.

- (s2Member) **Feature Enhancement:** The popular URL shortening services have been abused in spam emails, and this can cause your site's emails with shortened signup URLs to end up in the spam folder. It's now possible to disable URL shortening when trying to avoid this problem. Props to Felix Hartmann for suggesting it. See [forum thread 5697](https://f.wpsharks.com/t/5697).

- (s2Member Pro) **New Feature:** It is now possible to use a custom URL shortener other than the defaults in the s2Member Framework. This is particularly useful to use [YOURLS](http://yourls.org/) for your links, making them unique to your site, looking more professional and avoiding the spam filters issue mentioned above. For more info see this [forum post](https://f.wpsharks.com/t/5697/19).

= v190617 =

- (s2Member Pro) **Authorize.Net Hash Upgrade:** Authorize.Net [announced](https://support.authorize.net/s/article/MD5-Hash-End-of-Life-Signature-Key-Replacement) the end-of-life for their MD5 Hash in favor of their new SHA512 Signature Key. Support for this has been added to s2Member Pro. The MD5 Hash is not provided by Authorize.Net any more, so the field for it in s2Member has been disabled. Props @krumch for his work. For further details see [forum thread 5514](https://f.wpsharks.com/t/5514).

  **Note:** For those that already used the MD5 Hash in their configuration, it is kept there and will keep working while Authorize.Net accepts it, which will not be much longer. It's important to update your integration with the new Signature Key. Once you have your Signature Key in the s2Member configuration, it will be favored over the old MD5 Hash._

- (s2Member Pro) **Bug Fix:** The multisite patch for `wp-admin/user_new.php` wasn't finding the code to replace because of changes in the latest releases of WordPress. It has now been updated, as well as the instructions in the Dashboard for those that prefer to apply it manually. Props @crazycoolcam for reporting it. For further details see [Issue #1132](https://github.com/wpsharks/s2member/issues/1132).

  **Note:** If you already had patched this file in the past, it's recommended that you remove the previous patch restoring it to the original file, and let s2Member Pro patch it again now, otherwise you risk getting it patched over the previous one and ending up with errors. After the new patch, please review that file to verify that it's correct._

- (s2Member Pro) **Bug Fix:** The search results for `s2Member-List` were not being ordered as specified in the `orderby` attribute when this was a field from the `usermeta` table in the database, e.g. `first_name`, `last_name`. This is now fixed and working correctly. Props to @stevenwolock for reporting it. For further details see [Issue #1103](https://github.com/wpsharks/s2member/issues/1103).

- (s2Member) **WP 5.2 Compat. Enhancement:** s2Member has been tested with WP up to 5.2.2-alpha. With `WP_DEBUG` enabled, only one "notice" was found. In `wp-login.php` it said 'login_headertitle is deprecated since version 5.2.0! Use login_headertext instead.' This release now uses `login_headertext` and doesn't get that notice anymore. Props Azunga for reporting it. See [forum thread 5962](https://f.wpsharks.com/t/5962).

= v170722 =

- (s2Member/s2Member Pro) **PayPal IPN Compatibility:** This release includes an updated PayPal IPN handler that is capable of reading number-suffixed IPN variables that are now being sent by PayPal's IPN system in some cases, for some customers. We strongly encourage all site owners to upgrade to this release as soon as possible, particularly if you're using PayPal to process transactions. Props @openmtbmap and @patdumond for reporting. See: [Issue #1112](https://github.com/websharks/s2member/issues/1112)

= v170524 =

- (s2Member/s2Member Pro) **PHP v7 Compat. Enhancements**: This release adds an integration with the [Defuse encryption library](https://github.com/defuse/php-encryption) for PHP, making it possible for s2Member to move away from the `mcrypt_*()` family of functions in versions of PHP >= 7.0.4, where the mcrypt library has been deprecated — `mcrypt_*()` will eventually be removed entirely.

  Starting with this release of s2Member, if you're running s2Member on PHP v7.0.4+, the Defuse library will be used automatically instead of mcrypt. See [Issue #1079](https://github.com/websharks/s2member/pull/1079).

  **Note:** Backward compatibility with mcrypt functions will remain for now, especially for the decryption of any data that was previously encrypted using RIJNDAEL-256; i.e., data encrypted by a previous release of the s2Member software. s2Member is capable of automatically determining the algorithm originally used to encrypt, which allows it to decrypt data using Defuse, else RIJNDAEL-256, else XOR as a last-ditch fallback.

  **API Functions:** `s2member_encrypt()` & `s2member_decrypt()`. These two API Functions provided by s2Member are impacted by this change. Starting with this release, if you're running s2Member on PHP v7.0.4+, the Defuse library is used automatically instead of the older mcrypt extension. Not to worry though; the `s2member_decrypt()` function is still capable of decrypting data encrypted by previous versions of the s2Member software.

- (s2Member/s2Member Pro) **UI Fix:** All menu page notices should be given the `notice` class and the additional `notice-[type]` class instead of the older generic `updated` and `error` classes. Fixed in this release. Related to [Issue #1034](https://github.com/websharks/s2member/issues/1034)

- (s2Member/s2Member Pro) **UI Fix:** Plugins displaying Dashboard-wide notices using the older `updated` and `error` classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: [Issue #1034](https://github.com/websharks/s2member/issues/1034)

- (s2Member/s2Member Pro) **UI Fix:** Improving color highlighting in input fields following a media library insertion; e.g., when adding a custom logo to the login/registration page.

- (s2Member Pro) **Bug Fix:** Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See [Issue #1077](https://github.com/websharks/s2member/issues/1077).

- (s2Member Pro) **Bug Fix:** Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See [Issue #1055](https://github.com/websharks/s2member/issues/1055).

- (s2Member Pro) **Stripe Bug Fix:** This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS `z-index` setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user's inability to enter details into the Stripe popup form. In this release, s2Member's customization of the `z-index` stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles `z-index` adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See [Issue #1057](https://github.com/websharks/s2member/issues/1057).

- (s2Member/s2Member Pro) **Security Enhancement:** This release removes the `%%user_pass%%` Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see [Issue #954](https://github.com/websharks/s2member/issues/954). This Replacement Code was removed as a security precaution.

- (s2Member/s2Member Pro) **Bug Fix:** Resolving internal warning: 'PHP Warning: Parameter 2 to c_ws_plugin__s2member_querys::_query_level_access_coms() expected to be a reference, value given'. This was resolved by removing the strict 'by reference' requirement from the list of parameters requested by s2Member.

- (s2Member/s2Member Pro) **Bug Fix:** Resolving internal warning: 'PHP Warning: Illegal string offset 'user_id' in s2member/src/includes/classes/sc-eots-in.inc.php'. This was resolved by typecasting `$attr` to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

- (s2Member Pro) **Bug Fix:** Incorrect default option value for `reject_prepaid=""` attribute in Stripe Pro-Forms. See: [Issue #1089](https://github.com/websharks/s2member/issues/1089)

= v170221 =

- (s2Member/s2Member Pro) **JW Player v7:** This release adds support for JW Player v7 in the `[s2Stream /]` shortcode. See [Issue #774](https://github.com/websharks/s2member/issues/774).

- (s2Member Pro) **Bug Fix:** Allow Pro-Forms to use `success="%%sp_access_url%%"` without issue. See [Issue #1024](https://github.com/websharks/s2member/issues/1024).

- (s2Member/s2Member Pro) **AWS Region:** Adding AWS region `ap-northeast-2`. See [Issue #1033](https://github.com/websharks/s2member/issues/1033).

- (s2Member/s2Member Pro) **AWS Region:** Adding AWS region `eu-west-2`. See [Issue #1033](https://github.com/websharks/s2member/issues/1033).

- (s2Member) **Bug Fix:** This release corrects a minor server-side validation bug that was related to the use of non-personal email address. See [Thread #1195](https://forums.wpsharks.com/t/bugfix-file-custom-reg-fields-inc-php-missing-bracket/1195) and [Issue #1054](https://github.com/websharks/s2member/issues/1054).

- (s2Member) **Bug Fix:** Updated several outdated links within the software; e.g., removing older `www.` references, correcting forum links, and more. Also corrected missing changelog. See [Issue #1027](https://github.com/websharks/s2member/issues/1027).

- (s2Member Pro) **Pro Upgrader:** The pro upgrader has been refactored and now asks for your s2Member Pro License Key instead of your s2Member.com password. The next time you upgrade to the most recent version of s2Member Pro, you will be asked for your License Key. You can obtain your License Key by logging into your account at s2Member.com. Once logged in, visit your 'My Account' page, where you will find your License Key right at the top. See [Issue #668](https://github.com/websharks/s2member/issues/668).

- (s2Member/s2Member Pro) **CloudFlare Compat.:** Enhancing compatibility with Rocket Loader via `data-cfasync="false"` on dynamic s2Member scripts. See: [Issue #1038](https://github.com/websharks/s2member/issues/1038).

= v161129 =

- (s2Member Pro) **Bug Fix:** Stripe refund notifications via the Stripe Webhook were always interpreted by s2Member as full refunds. This release corrects this bug so that s2Member will handle partial refunds via the Stripe API properly in all cases. Props @raamdev for reporting.

- (s2Member/s2Member Pro) **Bug Fix:** Updating profile via `[s2Member-Profile /]` when changing email addresses may leave the old email address on configured email list servers in some scenarios. Props @renzms for reporting. For further details see [issue #1007](https://github.com/websharks/s2member/issues/1007).

- (s2Member/s2Member Pro) **SSL Compatibility & Option Deprecation:** In previous versions of s2Member there was a setting in the UI that allowed you to force non-SSL redirects to the Login Welcome Page. By popular demand, this setting has been deprecated and removed from the UI.

  _**New Approach:** The new approach taken in the latest release of s2Member is to automatically detect when a non-SSL redirection should occur, and when it should not occur (i.e., when the default WordPress core behavior should remain as-is)._

  _s2Member does this by looking at the `FORCE_SSL_LOGIN` and `FORCE_SSL_ADMIN` settings in WordPress, and also at your configured `siteurl` option in WordPress. If you are not forcing SSL logins, or your `siteurl` begins with `https://` (indicating that your entire site is served over SSL), non-SSL redirects will no longer be forced by s2Member, which resolves problems on many sites that serve their entire site over SSL (a growing trend over the past couple years)._

  _Conversely, if `FORCE_SSL_LOGIN` or `FORCE_SSL_ADMIN` are true, and your configured `siteurl` option in WordPress does NOT begin with `https://` (e.g., just plain `http://`), then a non-SSL redirect **is** forced, as necessary, in order to avoid login cookie conflicts; i.e., the old behavior is preserved by this automatic detection._

  _Overall, this new approach improves compatibility with WordPress core, particularly on sites that serve all of their pages over `https://` (as recommended by Google)._

  _**Backward Compatibility:** As noted previously, the old option that allowed you to configure s2Member to force non-SSL redirects to the Login Welcome Page has been officially deprecated and removed from the UI. However, the old option does still exist internally, but only for backward compatibility. A WordPress filter is exposed that allows developers to alter the old setting if necessary. You can use the filter to force a `true` or `false` value._

  ```php
  <?php
  add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_true');
  // OR add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_false');
  ```

- (s2Member/s2Member Pro) **Bug Fix:** Username/password email being sent to users whenever Custom Passwords are enabled in your s2Member configuration and registration occurs via the default `wp-login.php?action=register` form. Fixed in this release. See also: [issue #870](https://github.com/websharks/s2member/issues/870) if you'd like additional details.

- (s2Member Pro) **Bug Fix:** In the `[s2Member-List /]` search box shortcode an empty `action=""` attribute produces a warning due to invalid syntax in HTML v5. Fixed in this release. See [Issue #1006](https://github.com/websharks/s2member/issues/1006)

- (s2Member/s2Member Pro) **IP Detection:** This release improves s2Member's ability to determine the current user's IP address. s2Member now searches through `HTTP_CF_CONNECTING_IP`, `HTTP_CLIENT_IP`, `HTTP_X_FORWARDED_FOR`, `HTTP_X_FORWARDED`, `HTTP_X_CLUSTER_CLIENT_IP`, `HTTP_FORWARDED_FOR`, `HTTP_FORWARDED`, `HTTP_VIA`, and `REMOTE_ADDR` (in that order) to locate the first valid public IP address. Either IPv4 or IPv6. Among other things, this improves s2Member's compatibility with sites using CloudFlare. See also: [issue #526](https://github.com/websharks/s2member/issues/526) if you'd like additional details.

- (s2Member Pro) **JSON API:** In the pro version it is now possible to use the s2Member Pro Remote Operations API to send and receive JSON input/output. This makes the Remote Operations API in s2Member compatible with a variety of scripting languages, not just PHP; i.e., prior to this release the Remote Operations API required that you always use PHP's `serialize()` and `unserialize()` functions when making API calls. The use of `serialize()` and `unserialize()` are no longer a requirement since input/output data is now sent and received in the more portable JSON format. For new code samples, please see: **Dashboard → s2Member → API / Scripting → Pro API For Remote Operations**. See also: [issue #987](https://github.com/websharks/s2member/issues/987) if you'd like additional details on this change.

  _**Note:** The old s2Member Pro Remote Operations API has been deprecated but will continue to function just like before (via `serialize()` and `unserialize()`) for the foreseeable future. Moving forward, we recommend the new JSON code samples. Again, you will find those under: **Dashboard → s2Member → API / Scripting → Pro API For Remote Operations**_

- (s2Member/s2Member Pro) Enforce data types when determining PHP constants. See [this GitHub issue](https://github.com/websharks/s2member/issues/989) if you'd like further details.

- (s2Member/s2Member Pro) **Phing Build Routines:** Starting with this release, developers working on the s2Member project are now able to perform builds of the software via the `websharks/phings` project; i.e., the structure of the plugin directories has been changed (slightly) to conform to Phing and PSR4 standards. This makes it easier for our developers to prepare and release new versions of the software in the future.

= v160801 =

- (s2Member/s2Member Pro) **WP v4.6 Compatibility.** A full round of tests was performed against this release of s2Member, s2Member Pro, and the upcoming release of WordPress v4.6. In particular, the new HTTP API needed testing, along with the new optimized loading sequence in WordPress v4.6. Our tests indicate there are no compatibility issues, and we therefore encourage all s2Member site owners to upgrade to WordPress v4.6 whenever it becomes available publicly.

- (s2Member/s2Member Pro) **Bug Fix:** Allow for `<` and `>` to work in the `[s2If php="" /]` shortcode attribute as expected. Some Visual Editors convert these into `&lt;` and `&gt;`, so it's necessary to interpret them as such whenever the shortcode is parsed by s2Member.

- (s2Member/s2Member Pro) **JS API:** Reducing the number of variables provided by the s2Member JavaScript API by default, and adding a new filter that allows them to all be enabled when/if desirable: `ws_plugin__s2member_js_api_constants_enable`. Props @JeffStarr for reporting.

= v160503 =

- (s2Member/s2Member Pro) **Security Enhancement:** This release forces `CURLOPT_SSL_VERIFYPEER` to a value of `TRUE` in the AWeber SDK that is used when/if you integrate with AWeber. In short, this forces AWeber to have a valid/verifiable SSL certificate before any data is exchanged between s2Member and the AWeber API behind-the-scenes. Props at WordPress security team for reporting this.

= v160424 =

- (s2Member/s2Member Pro) **PHP Compat./Bug Fix:** This follow-up release includes a patch that will prevent fatal errors when s2Member and/or s2Member Pro are installed on a site running PHP v5.2 or PHP v5.3; i.e., this release corrects a bug that was causing fatal errors on these older versions of PHP. _Note that s2Member and s2Member Pro are once again compatible with PHP v5.2+, up to PHP v7.0._ Props @krumch. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/938) for details.

= v160423 =

- (s2Member/s2Member Pro) **WP v4.5 Compatibility.** This release offers full compatibility with the latest release of WordPress v4.5. Nothing major was changed for standard WordPress installations, but there were a few subtle tweaks here and there to improve v4.5 compatibility. We encourage all users to upgrade right away.

  **NOTE: WP v4.5 for Multisite Networks running s2Member Pro:** This release corrects a bug first introduced in the previous release of s2Member Pro that resulted in an error message (`Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found`) when updating to WP v4.5. It has been corrected in this release, but in order to avoid this problem altogether please follow this procedure when upgrading WordPress.

  **WP v4.5 Multisite Upgrade Procedure:**

  - Upgrade s2Member and s2Member Pro ​_before_​ updating WordPress core.
  - Then upgrade WordPress core and observe that Multisite Patches are applied properly.

  _If you have already upgraded to WP v4.5 and worked past this issue by patching manually, that's fine. You can still upgrade s2Member and s2Member Pro. After the upgrade you may feel free to enable automatic patching again if that's desirable._

- (s2Member/s2Member Pro) **Bug Fix:** This release corrects a bug first introduced in the previous release which was causing a PHP warning about `cf_stream_extn_resource_exclusions`. A symptom was to have mysterious problems with `[s2Stream /]` or the `[s2File /]` shortcode. Fixed in this release. Props at @raamdev @renzms for reporting. See also [this GitHub issue](https://github.com/websharks/s2member/issues/901) for details.

- (s2Member/s2Member Pro) **PayPal SSL Compatibility:** This release of s2Member provides an `https://` IPN URL for PayPal IPN integrations. It also provides a helpful note (in the Dashboard) about a new requirement that PayPal has with respect to the IPN URL that you configure at PayPal.com. s2Member has been updated to help you with this new requirement.

  **New PayPal.com IPN Requirement:** PayPal.com is now requiring any new IPN URL that you configure to be entered as an `https://` URL; i.e., if you log into your PayPal.com account and try to configure a _brand new_ IPN URL, that URL _must_ use `https://`. PayPal.com will refuse it otherwise.

  However, the `notify_url=` parameter in standard PayPal buttons should continue to work with either `http://` or `https://`, and any existing configurations out there that still use an `http://` IPN URL should continue to work as well. So this is about planning for the future. We have been told that PayPal will eventually _require_ that all IPN URLs use an `https://` protocol; i.e., they will eventually stop supporting `http://` IPN URLs altogether (at some point in the future), they are not giving anyone a date yet. For this reason we strongly suggest that you [review the details given here](https://github.com/websharks/s2member/issues/914).

  Since PayPal is moving in a direction that will eventually require all site owners to have an SSL certificate in the future, s2Member's instructions (and the IPN URL it provides you with) will now be presented in the form of an `https://` URL with additional details to help you through the process of configuring an IPN handler for PayPal.

  See: **Dashboard → s2Member → PayPal Options → PayPal IPN Integration**

  Props @codeforest for reporting. See [this GitHub issue](https://github.com/websharks/s2member/issues/914) for further details.

- (s2Member/s2Member Pro) **Bug Fix:** Email field on Registration page not shown as required via `*` symbol like other fields in this form. Caused by a change in WordPress core. Fixed in this release. Props @spottydog63 @renzms. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/907) for details.

- (s2Member/s2Member Pro) **Bug Fix:** `E_NOTICE` level errors in cache handler when running in `WP_DEBUG` mode. Props at @KTS915 for reporting. Fixed in this release. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/917).

- (s2Member/s2Member Pro) **i18n Compatibility:** This release of s2Member moves the `load_plugin_textdomain()` call into the `plugins_loaded` hook instead of it being run on `init`. Props @KTS915 for reporting. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/899) for details.

- (s2Member Pro) **Multisite Patches:** Fixed a bug (`Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found`) whenever WordPress was being updated and Multisite Patches were being applied in the pro version of s2Member. See: [this GitHub issue](https://github.com/websharks/s2member/issues/929) for details.

- (s2Member/s2Member Pro) **Security Enhancement:** This release of s2Member defaults PayPal Button Encryption to a value of `on` instead of `off`; i.e., there is a new default behavior. Existing s2Member installations are unaffected by this change, but if you install s2Member on a new site you will notice that (if using PayPal Buttons), Button Encryption will be enabled by default.

  _Note that in order for Button Encryption to work, you must fill-in the API credentials for s2Member under: **Dashboard → s2Member → PayPal Options → PayPal Account Details**_

= v160303 =

- (s2Member/s2Member Pro) **Comet Cache Compat.:** This release improves compatibility with Comet Cache (formerly ZenCache), whenever you have it configured to cache logged-in users. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/888). Props @KTS915 for reporting!

- (s2Member Pro) **ClickBank IPN v6 Compat.:** Version 6 of the ClickBank IPN system was recently updated in a way that causes it to return `transactionType = CANCEL-TEST-REBILL` in test mode, instead of the previous value, which was: `TEST_CANCEL-REBILL`. s2Member Pro has been updated to understand either/or. See also [this GitHub issue](https://github.com/websharks/s2member/issues/882) for further details.

- (s2Member Pro) **Stripe Bug Fix:** This release corrects a bug caused by typos in the source code that were preventing refunds from being processed as expected whenever Stripe was integrated. Props @YearOfBenj for reporting this important issue. Props @patdumond for relaying vital information. See also [this GitHub issue](https://github.com/websharks/s2member/issues/874) if you'd like additional details.

- (s2Member Pro) **PayPal Bug Fix:** Under some conditions, the EOT behavior in s2Member Pro (when integrated with PayPal Pro) would immediately terminate access whenever a customer's subscription naturally expires. Recent versions of the Payflow system set the status to `EXPIRED`, and this was handled as an immediate EOT instead of as a delayed EOT that is subject to date calculations to determine the correct date on which a customer should lose access; i.e., based on what they have already paid for. Fixed in this release. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/873) if you'd like additional details.

- (s2Member Pro) **One-Time Offer Bug Fix:** This release corrects some inconsistencies in the One-Time Offers system that comes with s2Member Pro. Symptoms included seemingly unpredictable behavior whenever redirections were configured without a specific Membership Level. Props @jacobposey for reporting. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/855) if you'd like additional details.

- (s2Member/s2Member Pro) **Bug Fix:** s2Member was not properly respecting `DISALLOW_FILE_MODS` in a specific scenario related to GZIP. Props @renzms @kristineds. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/832) for further details.

- (s2Member,s2Member Pro) **Bug Fix:** Resolved a minor glitch in the **WordPress Dashboard → Settings → General** panel, where s2Member's notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: [this GitHub issue](https://github.com/websharks/s2member/issues/831) if you'd like additional details.

- (s2Member/s2Member Pro) **PayPal Sandbox:** This release updates the inline documentation under the PayPal Account Settings section of s2Member. We now suggest that instead of enabling PayPal Sandbox Mode (sometimes buggy at best), that site owners run tests with low-dollar amounts against a live PayPal account instead; e.g., $0.01 test transactions in live mode work great also. See [this GitHub issue](https://github.com/websharks/s2member/issues/891) if you'd like additional details. Props @raamdev for mentioning this again.

= v160120 =

- (s2Member,s2Member Pro) **Bug Fix:** Resolved a minor glitch in the **WordPress Dashboard → Settings → General** panel, where s2Member's notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: [this GitHub issue](https://github.com/websharks/s2member/issues/831) if you'd like additional details.

- (s2Member) **Multisite Support:** This release of s2Member (the free version only) removes full support for Multisite Networks, which is now a Pro feature; i.e., only available in the Pro version.

  ##### Is s2Member still compatible with WordPress Multisite Networking?
  Multisite support is no longer included in the s2Member Framework. However, it is available with s2Member Pro. s2Member Pro is compatible with Multisite Networking. After you enable Multisite Networking, install the s2Member Pro Add-On. Then, navigate to `s2Member → Multisite (Config)` in the Dashboard of your Main Site. You can learn more about s2Member Pro at [s2Member.com](http://s2member.com/).

  ##### I was using the free version in a Multisite Network before. What happened?
  s2Member (when running on a Multisite Network) requires minor alterations in WordPress core that are not compatible with plugins available at WordPress.org (i.e., not allowed) at this time. For this reason, full support for Multisite Networks is now available only in the pro version.

  ##### What if I already configured Multisite options on a site running the free version?
  If you already customized s2Member's Multisite Network configuration options in a previous release, those settings will remain and still be functional over the short-term; i.e., the functionality that makes s2Member compatible with Multisite Networking is still included, even in the s2Member Framework. However, the routines that deal with core patches, and those that allow you to change Multisite options are no longer available. You will need to acquire the Pro version. Or, you can revert to [a previous release](http://s2member.com/release-archive/). s2Member Framework v151218 is suggested if you go that route.

  _See also: [this GitHub issue](https://github.com/websharks/s2member/issues/850) for further details._

= v151218 =

- (s2Member Pro) **Reminder Email Notification Exclusions:** It is now possible to enable/disable EOT Renewal/Reminder Email notifications on a per-user basis. You can edit a user's profile in the WP Dashboard and check "_No (exclude)_" to prevent specific users from receiving any reminder emails that you configured. Props at @patdumond @luisrock. See also [this GitHub issue](https://github.com/websharks/s2member/issues/816).

- (s2Member) **PHP v7 Compat.:** This release addresses one remaining issue with the `preg_replace` `/e` modifier as reported in [this GitHub issue](https://github.com/websharks/s2member/issues/811). Props @nerdworker for reporting. Thanks!

- (s2Member/s2Member Pro) **WP v4.4 Compat.:** This release corrects an issue that impacted sites attempting to run s2Member on a Multisite Network; i.e., it corrects a problem with the `load.php` patch against the latest release of WordPress. Props @crazycoolcam for reporting! See also [this GitHub issue](https://github.com/websharks/s2member/issues/812).

- (s2Member/s2Member Pro) **Getting Help:** This release adds a new menu page titled, "Getting Help w/ s2Member". This new section of your Dashboard provides quick & easy access to s2Member KB articles, suggestions, and our tech support department (for pro customers). Props @patdumond @raamdev. See also [this GitHub issue](https://github.com/websharks/s2member/issues/814).

For older Changelog entries, please see the [changelog.md](https://github.com/websharks/s2member/blob/master/s2member/changelog.md) file.