The most complete member management and membership subscriptions plugin for WordPress
Paid Memberships Pro gives you all the tools you need to start, manage, and grow your membership site. The plugin is designed for premium content sites, online course or LMS and training-based memberships, clubs and associations, members-only product discount sites, subscription box products, paid newsletters, and more.
Users can select a membership level, complete checkout, and immediately become members of your site. You decide what content your member can access. Members can log in, view payments, update billing info, or cancel their account directly on your site.
Simple to set up, deeply customizable
- Restrict access to members-only content.
- Create unlimited membership levels with flexible pricing including free memberships, trials, recurring payments and subscriptions, one-time payments, and more.
- Integrate with Stripe, PayPal, and other popular gateways.
- Manage your full membership data, import and export members or orders, and view reports on sales and revenue, cancellations, expirations, and signups.
- Robust REST API endpoints including native integration with Zapier to connect your apps and automate workflows with no code.
- 100% GPL, fully open source, and integrated with loads of third-party platforms.
Member Experience Features
- Frontend Log In
- Frontend User Registration
- Frontend Password Recovery
- Frontend Profile Editing
- Membership Account Dashboard
- Membership Invoices and Billing Information Pages
- Custom User Profile and Registration Form Fields
- Custom Member Emails
- Restrict WP Dashboard Access
- Hide the WP Toolbar
Content Protection Features
- Restrict Default Content: posts and categories, pages, and blocks.
- Restrict Custom Post Types: events, courses, downloads, and any custom post type, including WooCommerce products.
- Protect Courses: Create courses with lessons and manage member access access. Integrates membership with third party LMS plugins including LearnDash and LifterLMS.
- Create an Interactive Members-only Community: lock down BuddyPress and bbPress.
- Drip-Feed / Series Type Content
- Offer personalized content to each member, customize navigation menus, and design unique member dashboards.
- Restrict Elementor elements or Beaver Builder modules.
- Offer Member Directories and Profiles for your members.
Integrated Payment Gateways
All of our payment gateways are included in the plugin. Choose from Stripe, PayPal, Authorize.net, Braintree, or 2Checkout. You can offer multiple gateway options at checkout including PayPal Express or offline payment by check or direct transfer.
Flexible Level Pricing and Expirations
- One-time Payments
- Recurring Subscriptions
- Custom Trials
- Custom Renewal Dates
- Variable Pricing and Donations
- Discount Codes
- Prorated Payments
- Yearly, Monthly, Daily, and Hourly Expiration.
Popular Add Ons
Extend the features of your membership site or integrate with third-party services through our library of over 65 Add Ons. Some of the most popular features include:
- WooCommerce Integration to sell membership as a product or offer members-only discounts in your shop.
- Integrate members with email marketing platforms including Mailchimp.
- Manage Affiliates with Add Ons or use a popular third-party systems like AffiliateWP.
- Let members log in or join with their social media profiles.
- Design your site using popular Page Builders like Elementor, Page Builder by SiteOrigin, Beaver Builder, and Divi. We offer 15 core membership blocks for the WordPress Block Editor (Gutenberg).
- Create a sales landing page with banners to run a sitewide or flash sale.
- Offer members-only events with Events Manager, The Events Calendar, Sugar Calendar, or All-in-One Event Calendar.
Paid Memberships Pro is a free membership plugin for WordPress
Our plugin is 100% GPL and available from the WordPress repository or on our site at www.paidmembershipspro.com. The full version of the plugin is offered with no restrictions or additional licenses required. Developers should get involved at our GitHub page.
This plugin provides 15 blocks.
- PMPro Page: Billing
- PMPro Page: Account Profile View
- PMPro Page: Account Invoices
- PMPro Page: Confirmation
- PMPro Page: Account Memberships
- PMPro Page: Account (Full)
- Login Form
- PMPro Page: Cancel
- Membership Required Block
- PMPro Page: Account Links
- PMPro Page: Account Profile Edit
- PMPro Page: Invoice
- Membership Levels and Pricing Table
- Membership Checkout Form
- Membership Checkout Button
Download, Install and Activate!
- Go to Plugins > Add New to find and install Paid Memberships Pro.
- Or, download the latest version of the plugin, then go to Plugins > Add New and click the “Upload Plugin” button to upload your .zip file.
- Activate the plugin.
Complete the Initial Plugin Setup
Go to Memberships > Dashboard in the WordPress admin to begin setup. Our Initial Setup Tutorial will show you how to configure the following required pages:
- Membership Levels: Add one or more levels
- Page Settings: Generate frontend pages
- Payment Gateway: Select and configure your gateway and SSL
- Email: Customize email settings and email templates
- Advanced Settings: Update non-member messages, content filters, dashboard access, and more.
More Installation and Setup Documentation
I need help installing, configuring, or customizing the plugin.
Please visit our support site at https://www.paidmembershipspro.com for more documentation and our support forums.
I found a bug in the plugin.
Please post it in the WordPress support forum and we’ll fix it right away. Thanks for helping.
My site is broken or blank or not letting me log in after activating Paid Memberships Pro
This is typically caused by a conflict with another plugin that is trying to redirect around the login/register pages or trying to redirect from HTTP to HTTPS, etc.
To regain access to your site, FTP to your site and rename the
wp-content/plugins/paid-memberships-profolder to wp-content/plugins/paid-memberships-pro-d (or anything different). Now WP will not be able to find PMPro, and you can gain access to /wp-admin/ again. From there, visit the plugins page to fully deactivate Paid Memberships Pro. (You’ll want to rename the folder back to paid-memberships-pro again.)
Long term, you will need to find and fix the conflict. We can usually do this for you very quickly if you sign up for support at https://www.paidmembershipspro.com/pricing/ and send us your WP admin and FTP credentials.
Does PMPro Support Multisite/Network Installs?
“Supporting multisite” means different things to different people. This guide covers the three primary ways you can use Paid Memberships Pro in a network.
Out of the box PMPro will basically act as a stand alone plugin for each site. Each site has its own list of membership levels, members, payment settings, etc.
Our Member Network Sites Add On allows members to choose a site name and title at checkout and will set up a network site at checkout.
Our Multisite Membership Add On allows you to manage memberships at the ‘Main’ Network site and provide or restrict access on other Network Subsites.
If you would like more help using PMPro on a network install, sign up for support at https://www.paidmembershipspro.com.
Does PMPro Support X?
Not sure? You can find out by doing a bit a research.
Contributors & Developers
“Paid Memberships Pro — Restrict Member Access to Content, Courses, Communities — Free or Paid Subscriptions” is open source software. The following people have contributed to this plugin.Contributors
“Paid Memberships Pro — Restrict Member Access to Content, Courses, Communities — Free or Paid Subscriptions” has been translated into 16 locales. Thank you to the translators for their contributions.
Interested in development?
2.8.1 — 2022-05-10
- BUG FIX/ENHANCEMENT: Fixed typos in some block descriptions. #2064 (@mircobabini)
- BUG FIX: Fixed issue where the digest email cron and some others were running more often than intended. #2070 (@mircobabini)
2.8 — 2022-05-05
- FEATURE: Added refunds buttons for Stripe and Paypal Express orders. #1948 (@JarrydLong)
- FEATURE: Released Beta version of Stripe Checkout. Add
define('PMPRO_STRIPE_CHECKOUT_BETA_ENABLED', true);to your wp-config.php to enable this gateway during the beta. #1923 (@dlparker1005)
- ENHANCEMENT: Introduced a new set of functions that handle cron-related tasks including:
pmpro_get_crons()to get the list of PMPro registered crons. #1999 (@sc0ttkclark)
- ENHANCEMENT: New filter
pmpro_registered_cronswhich you can register new crons to be handled by PMPro. They show up in the PMPro Site Health info and are automatically scheduled when they need to be. #1999 (@sc0ttkclark)
- ENHANCEMENT: Added an opt-in stats collection so we can get better insight on how people use Paid Memberships Pro. (@sc0ttkclark, @ideadude)
- ENHANCEMENT: Added Formal German translation files. #1926
- ENHANCEMENT: Tracking library conflicts in Site Health, e.g. when other plugins are loading gateway libraries at the same time as PMPro. (@dparker1005)
- ENHANCEMENT: UI/UX improvements to the Orders admin area for list and single edit view. #2017 (@kimcoleman)
- ENHANCEMENT: Improved the UI for email template variables reference on the Settings > Email Templates admin page. #2018 (@kimcoleman)
- ENHANCEMENT: Various other UI improvements to the admin area. #2019 (@kimcoleman)
- ENHANCEMENT: Improved block names, descriptions, keywords, and organization for discover and usability. #2011 (@kimcoleman)
- ENHANCEMENT: Added “show_noaccess” as a setting on the Membership Required block for swapping in the appropriate content message. #2011 (@kimcoleman)
- ENHANCEMENT: Added filter ‘pmpro_braintree_transaction_sale_array’ to allow adding or adjusting of the sale transaction method. #2006 (@andrewlimaza)
- ENHANCEMENT: Moved the TOS input inside the label to support multiline i18n. #2002 (#mircobabini)
- ENHANCEMENT: Added new action
pmpro_checkout_after_tosto output content after the TOS. #2003 (@mircobabini)
- ENHANCEMENT: Added filters to change gateway ipn/webhook logfile. #1996 (@mircobabini)
- ENHANCEMENT: Added filter to perform actions during PPHttpPost() method of the PayPal gateways. #1992 (@mircobabini)
- ENHANCEMENT: Added untranslated gateway identifiers to Site Health info. #1989 (@JarrydLong)
- BUG FIX/ENHANCEMENT: Fixed escaping and localization for many strings across the codebase. #1976 (@mircobabini)
- BUG FIX/ENHANCEMENT: Resolve admin area conflicts with other plugins using similar class names. #1991 (@sc0ttkclark)
- BUG FIX: Crons are now automatically rescheduled if they disappear form the cron schedule. #1999 (@sc0ttkclark, @mircobabini)
- BUG FIX: Resolved problems with PHP float precision and prevent passing along faulty floats to the gateway APIs. #1929 (@sc0ttkclark)
- BUG FIX: Fixed issue where TOS setting was not saving when using the PayFast gateway. #1990 (@andrewlimaza)
- BUG FIX: Fixed issue where the is_renewal() method didn’t work during the pmpro_added_order hook. (@andrewlimaza)
2.7.5 — 2022-03-01
- ENHANCEMENT: Now sending “name” separate from the “description” when creating customers for Stripe checkouts. (@ideadude)
- ENHANCEMENT: You can now search the members list on specific user table columns or user meta fields by using a colon in your search term. These queries are faster than the default queries. The format is meta_key:meta_value (no backticks). You can also use login, nicename, email, url, or display_name as the meta_key and the users table will be searched against the related column. (@ideadude)
- BUG FIX/ENHANCEMENT: Increased search limit to make sure we reuse Stripe “prices” when members check out for recurring plans with Stripe. (@ideadude)
- BUG FIX: Fixed issue where Stripe application fees were still charged for PMPro Standard and PMPro Builder license holders. From now on, payments and subscriptions will not include the fee. (@ideadude)
2.7.4 — 2022-02-22
- ENHANCEMENT: Adjusting the readme title and description. (@kimcoleman)
- ENHANCEMENT: Improved error handling for Stripe Prices. (@dparker1005)
- ENHANCEMENT: Adjusted the ‘/change_membership_level’ route to support email and create_user parameter to improve our Zapier integration. No parameters are removed, this is to ensure backwards compatibility for any pre-existing applications using this REST route. (@andrewlimaza)
- ENHANCEMENT: Now showing new vs renewal orders on the sales and revenue reports. (@ideadude, @JarrydLong, @kimcoleman)
- ENHANCEMENT: Better tool tips in the sales and revenue reports. (@ideadude, @JarrydLong, @kimcoleman)
- ENHANCEMENT: Now handling recurring_payment_profile_created IPN transactions and updating the payment_transaction_id for new orders made via PayPal. (@mircobabini)
- ENHANCEMENT: Added pmpro_webhook_unhandled action at the end of any webhook handler. (@mircobabini)
- BUG FIX/ENHANCEMENT: Updated logic and text around license keys to account for new premium plans. (@ideadude, @kimcoleman)
- BUG FIX/ENHANCEMENT: Made Terms of Service text a bit darker for accessibility. (@kimcoleman)
- BUG FIX/ENHANCEMENT: Updated queries in includes/cleanup.php to use WPDB delete method for better DB escaping. (@andrewlimaza)
- BUG FIX/ENHANCEMENT: Fixed the text domain for some strings that weren’t translatable. (@mircobabini)
- BUG FIX/ENHANCEMENT: Fixed misspelled text domains in the pmpro_reset_password_form() function. (Thanks, @isaiahfb)
- BUG FIX: Fixed issues with the update billing page when using PayPal Websites Payments Pro. (@dparker1005)
- BUG FIX: Fixed issues with Stripe checkouts when users had previous checkouts throug a different gateway. (@dparker1005)
- REFACTOR: Removed unused condition in send method of PMProEmail class. (Thanks, @freax)
- BUG FIX: Fixed notice when pmpro_check_plugin_version was called for an invalid plugin file. (@ideadude)
2.7.3 — 2022-02-01
- ENHANCEMENT: Added CSS to make sure input fields input fields aren’t extra tiny/short, e.g. in the Twenty Twenty Two theme. (@kimcoleman)
- BUG FIX: Fixed a fatal error for older PHP sites when visiting the page settings in the admin dasboard. (@andrewlimaza)
- BUG FIX: Fixed issue where license keys were incorrectly flagged as invalid if expiring within 1 month. (@ideadude)
- BUG FIX: Fixed issue where billing addresses were not added to the Stripe customer at checkout. (@dparker1005)
2.7.2 — 2022-01-17
- BUG FIX/ENHANCEMENT: Improved error messages when creating subscriptions with Stripe. (@dparker1005)
- BUG FIX: Fixed issue where certain Stripe trial periods would be sent to the Stripe subscription as longer than intended. #1912 (@dparker1005)
- BUG FIX: Fixed visual issues with dropdowns in our blocks when using Full Site Editing in WP 5.9+. #1909 (@sc0ttkclark)
2.7.1 — 2022-01-13
- BUG FIX: Fixed issue on some MySQL setups that would throw an error about the primary key in the pmpro_memberships_pages and pmpro_memberships_categories tables.
2.7 — 2022-01-13
- FEATURE: Added a “Spam Protection” option to the advanced settings page. When used, IP addresses are blocked from checkout if there are more than 10 failures within 15 minutes. (@ideadude)
- ENHANCEMENT: Checkouts with Stripe will now reuse Stripe Products and Prices. (@dparker1005)
- ENHANCEMENT: User profile now links to Stripe customer so that subscriptions can easily be directly updated in Stripe rather than through Subscriptions Updates which is now deprecated. (@dparker1005)
- ENHANCEMENT: Improved usability of the Require Membership metabox for sites with a large number of levels. #1885 #1692 (@kimcoleman)
- ENHANCEMENT: Include reCAPTCHA on Billing Page form. #1884 (@ideadude)
- ENHANCEMENT: Membership pages URLs are now included in the Site Health Information. (@JarrydLong)
- BUG FIX/ENHANCEMENT: Set the default for the
trueto reduce impact of the functionality on sites that don’t need it. #1868 (@dparker1005)
- BUG FIX/ENHANCEMENT: Consolidated the “Free memberships only” option into the “All memberships” option for enabling reCAPTCHA to ensure that paid memberships with discounts that make the membership $0 cost show reCAPTCHA consistently. #1878 #1840 (@JarrydLong)
- BUG FIX: Resolved PHP 8 fatal error with Authorize.net Silent Post handling. #1899 (@ZebulanStanphill)
- BUG FIX: The new filter
pmpro_admin_pagesetting_post_typereplaces the now deprecated filter
pmpro_admin_pagesetting_post_type_arrayto allows setting one specific post type instead of always getting the first from an array. #1866 #1865 (@ipokkel)
- BUG FIX: Resolved issue where users may not be linked to their Stripe customer. (@dparker1005)
- BUG FIX: Now including all levels (public and hidden) in the Paid Memberships Pro section of Site Health information. #1898 (@kimcoleman)
- BUG FIX: Set cancelled/error status from PayPal Express IPN even when an order has no user. #1897 (@mircobabini)
- BUG FIX: Ensure styles are removed from excerpts generated for protected content. #1894 (@sc0ttkclark)
- BUG FIX: Various text adjustments for readability. #1892 (@kimcoleman)
- BUG FIX: Set primary key for
wp_pmpro_memberships_pagestables. #1891 (@ideadude)
- BUG FIX: Fixes around the
pmpro_manage_memberslist_columnsfilter to accommodate sites that aren’t in English. #1879 #1876 (@JarrydLong)
- BUG FIX: Use the correct cancel method when cancelling an oder through PayPal Standard IPN requests. Fixes compatibility with PMPro Cancel on Next Payment Date add on. #1882 (@mircobabini)
- BUG FIX: Discount code expiration date is now properly being used in the REST API. #1877 (@JarrydLong)
- BUG FIX: Remove the
SHIPTOPHONENUMparameter sent to PayPal Website Payments API and encode all parameters passed into API updates. #1883 (@dparker1005)
- BUG FIX: Resolve timezone issue with Stripe subscriptions to resolve problems where trials would receive an extra day depending on the time of checkout. #1874 (@dparker1005)
- BUG FIX: Now using a single product per level and a single Stripe price per payment amount to prevent duplicate products and prices. #1824 (@dparker1005)
- REFACTOR: Organized and simplified Stripe gateway class. (@dparker1005)
2.6.7 — 2022-01-06
- SECURITY: Updated escaping in the pmpro_getLevelAtCheckout and pmpro_checkDiscountCode functions as extra precaution against SQL injections. (Thanks, WPScan)
2.6.6 — 2021-11-18
- SECURITY: Updated escaping on the discount codes page in the dashboard to prevent XSS attacks. #1867 (Thanks, Erwan from WPScan)
- BUG FIX/ENHANCEMENT: Added code to remove duplicate active rows in the pmpro_memberships_users table after level change. This might have happened e.g. if users were purchasing a level via the WooCommerce Add On multiple times. #1860 (@dparker1005)
- BUG FIX/ENHANCEMENT: Improved the REST API endpoints to better support Zapier native requirements. #1862 (@andrewlimaza)
- BUG FIX: Fixed PHP notices in the name parser library. #1861 (@sc0ttkclark)
2.6.5 — 2021-11-12
- ENHANCEMENT: Introduced new action
pmpro_before_commit_express_checkoutto allow additional changes after an order has been saved but before sending customer to PayPal Express checkout. #1852 (@mircobabini)
- BUG FIX/ENHANCEMENT: Added login compatibility for Jetpack WordPress.com SSO when using the PMPro login page. #1848 (@sc0ttkclark)
- BUG FIX: Fixed PHP notices from status headers when server protocol information is unavailable. #1849 (@dparker1005)
- BUG FIX: Fixed metadata compatibility for membership levels and orders when calling
get_pmpro_membership_order_meta()so they support getting all meta values for all keys. #1853 (@mircobabini)
- BUG FIX: Escape all Webhook communication debug output coming from gateways. #1855 (@ideadude, Victor Garcia)
2.6.4 — 2021-11-02
- ENHANCEMENT: Now including some information from the htaccess file in Site Health, including whether a getfile.php script is defined or if caching is being used. (@sc0ttkclark)
- ENHANCEMENT: Now including some of the PMPro-related PHP constants in the Site Health. (@sc0ttkclark)
- ENHNACEMENT: Now including the minimum PHP version (5.6 currently) in the readme.txt so it’s shared on the WordPress.org page. (@sc0ttkclark)
- ENHANCEMENT: Added scrollable classes to the member history shown on user profile edit page in the dashboard. (@kimcoleman)
- BUG FIX/ENHANCEMENT: Now sending a 200 OK status message early when the Stripe webhook is running to avoid timeout issues. We may use this new pmpro_send_200_http_response in the other webhook/IPN handlers later on. (@dparker1005)
- BUG FIX/EHNANCEMENT: Removed the “fee” info from the edit user page. This was often misleading. The fee is still shown on the members list and frontend account page. Future updates will include work to make sure the fee is more accurate in cases where subscriptions or levels are being changed by admins after checkout. (@ideadude)
- BUG FIX/ENHANCEMENT: Once again enqueuing the admin.css file on all WP admin pages. This fixes issues where styles weren’t being applied to the edit user/profile page in the dashboard. (@ideadude)
- BUG FIX/ENHANCEMENT: Removed the “Member Value Report”. We didn’t intend to move this over from the old Member History add on. The report was inaccurate and had optimization issues. (@kimcoleman)
- BUG FIX/ENHANCEMENT: Added login compatibility for wordpress.com hosted sites. This fixes some issues with wordpress.com’s SSO when using the PMPro login page. (@sc0ttkclark)
- BUG FIX: Fixed issue introduced in 2.6.3 where memberships were not being cancelled when cancelled at PayPal. (@mircobabini)
- BUG FIX: Now including time when calculating profile start date. In the past, we would set it to 00:00:00 which could add or remove a few hours from the subscription. (@dparker1005)
- BUG FIX: Fixed issue where enddates were incorrectly set sometimes when expiration period was “Hour”. (@kimwhite)
2.6.3 — 2021-10-11
- ENHANCEMENT: Now passing “app” information to Stripe through API calls. (@dparker1005)
- ENHANCEMENT: Updated PayPal IPN to detect messages for refunds to at least log it. (@mircobabini)
- ENHANCEMENT: Updated PayPal IPN to differentiate between cases where the initial payment failed vs a subscription was cancelled. (@mircobabini)
- ENHANCEMENT: Better styling of the membership levels history when empty. (@mircobabini)
- BUG FIX/ENHANCEMENT: Now showing better error messages when license key checks fail due to connection issues. (@ideadude)
- BUG FIX: Improved PayPal API integration to handle cases where PayPal is returning encoding errors but still processing payments and subscriptions. (@mircobabini)
- BUG FIX: Fixed issue where the Stripe sandbox key wasn’t saved properly when using Stripe connect. (@dparker1005)
- BUG FIX: Fixed issue where a double $$ was showing up in specific emails. (@andrewlimaza)
- BUG FIX: Fixed warnings in various webhook and IPN handlers. (@ideadude)
- BUG FIX: Fixed warning in the admin activity email cron job. (@andrewlimaza)
2.6.2 — 2021-09-17
- ENHANCEMENT: Made username the first column in the members list. This helps with the mobile view. #1764 (@dparker1005)
- BUG FIX/ENHANCEMENT: Will now block uninstall.php from running if an older version of PMPro is deleted from the plugins page. #1773 (@mircobabini)
- BUG FIX/ENAHCEMENT: Expanded the allowed HTML for pmpro_kses to support email templates and added a pmpro_kses filter. #1770 (@sc0ttkclark)
- BUG FIX/ENHANCEMENT: Updated the CSS for “clickable” labels in checkbox lists. #1752 (@kimcoleman)
- BUG FIX: Fixed bug with sending test emails from the email templates page. #1765 (@ideadude)
- BUG FIX: Added the !!membership_level_confirmation_message!! var to the list on the email tempaltes page. #1783 (@kimwhite)
- BUG FIX: Updated the SendWP link per their new dashboard area. #1777 (@kimcoleman)
- BUG FIX: Fixed bug where PMPro-related usermeta was sometimes blanked out if those fields weren’t present at checkout, e.g. when a logged in user was checking out. #1762 (@andrewlimaza)
- BUG FIX: Fixed issue where gateway-related notices weren’t showing up on the discount codes page. #1757 (@mircobabini)
- BUG FIX: Fixed some design issues with the member history tables. #1753 (@mircobabini)
- BUG FIX: Fixed issues where the option to block subscribers from the dashboard would interfere with other plugins, e.g. the MailPoet plugin. #1749 (@sc0ttkclark)
- BUG FIX: Fixed issues where the RTL stylesheets might not load if your theme overrode frontend.css or admin.css but didn’t have the RTL equivalents. (@ideadude, @sc0ttkclark)
22.214.171.124 — 2021-08-25
- BUG FIX: Fixed issue with PMPro blocks not showing up in the block editor.
- REFACTOR: Some JS functions and element IDs and names have been prefixed with pmpro_ to avoid conflicts.
2.6.1 — 2021-08-24
- SECURITY: Added capability checks to further tighten security around email template settings. (@ideadude, @sc0ttkclark)
- SECURITY: Added a pmpro_kses function and using that to sanitize email template bodies and all email bodies before sending. (@ideadude, @sc0ttkclark)
- ENHANCEMENT: Added Email Templates link to PMPro Dashboard for getting started. #1722 (@kimcoleman)
- ENHANCEMENT: All actions in the admin list tables are now filterable for Discount Codes (
pmpro_discountcodes_row_actions), Membership Levels (
pmpro_membershiplevels_row_actions), and Orders (
pmpro_orders_user_row_actions). #1686 (@sc0ttkclark, @mircobabini)
- BUG FIX: Ensure our admin scripts/styles only load on PMPro admin pages. #1724 (@sc0ttkclark)
- BUG FIX: Remove unused code in
pmpro_comments_filter()that was triggering a PHP warning. #1730 (@freax)
- BUG FIX: Stop turning on autoloading for PMPro options when saving them. #1719 (@freax)
- BUG FIX: Prevent fatal error for PHP 8 in
pmpro_email_templates_email_data()to strictly check for
WP_Userobjects. #1729 (@ZebulanStanphill)
- BUG FIX: Fix problem where
pmpro_round_price()would not take into account currencies with decimals set to 0. #1732 (@dparker1005, @ipokkel, @sc0ttkclark)
- BUG FIX: Clarify that Stripe Legacy keys remain connected and will continue to work. #1735 (@dparker1005, @sc0ttkclark)
2.6 — 2021-08-12
- FEATURE: Updated Stripe integration to use Stripe Connect. See Gateway Fees for information about transaction fees for Stripe Connect and our platform fee for those without an active Plus/Unlimited license.
- FEATURE: Improved REST API endpoints to support Zapier integration natively.
- FEATURE: You can now set levels to expire after a certain number of hours, and can set users to expire at a specific time down to the minute.
- FEATURE: The Member History Add On has been merged into the core PMPro plugin. A table of the user’s membership and order history is shown on the edit user page of the admin dashboard.
- FEATURE: The Email Templates Add On has been merged into the core PMPro plugin. You can edit PMPro-related email templates from the Memberships -> Settings -> Email Templates page in the admin dashboard.
- FEATURE: You can now use PMPro blocks in the new widget area of WP 5.8.
- BUG FIX/ENHANCEMENT: Establishing style for scrollable boxes throughout core plugin.
- BUG FIX/ENHANCEMENT: Using HTTPS to set the pmpro_visit cookie if over HTTPS. (Thanks, freax on GitHub)
- BUG FIX: Fixed fatal error in PHP 8 when deleting a Stripe webhook. (Thanks, Zebulan Stanphill)
- BUG FIX: Fixed warnings shown on the widget page when using WP 5.8+.
126.96.36.199 — 2021-08-02
- ENHANCEMENT: New scripts to use WP CLI to update pot and po/mo files.
- BUG FIX/ENHANCEMENT: Updated cancellation logic to support upcoming Cancel on Next Payment Date Add On changes.
- BUG FIX/ENHANCEMENT: Making sure to use the correct security setting when calling setcookie from an HTTPS site. (Thanks, freax on GitHub)
- BUG FIX: Now archiving Stripe products after checkout. We create a unique product for each checkout, and these would clutter up the Stripe reports.
- BUG FIX: Fixing data erasure and data export request action for login page.
- BUG FIX: Fixed issue where PMPro settings on Elementor elements could override the “should_render” setting incorrectly. (Thanks, codezz on GitHub)
- BUG FIX: Now catching the case where you try to email an invoice for an order that has no user.
188.8.131.52 — 2021-07-05
- BUG FIX/ENHANCEMENT: The ‘Edit Code: %s’ string on the discount codes page is now wrapped for translation.
- BUG FIX: Fixed issue with the getfile.php script introduced in 2.5.10.
2.5.10 — 2021-06-25
- SECURITY: Fixed XSS vulnerability on the edit order page in the dashboard. (Thanks, Scott Kingsley Clark)
- ENHANCEMENT: Improved escaping and localization for the message returned when clicking to apply discount code.
- ENHANCEMENT: Now hiding gateway setting API keys behind asterisks.
- ENHANCEMENT: Added some extra hooks to the edit membership levels page in the dashboard: pmpro_membership_level_after_billing_details_settings, pmpro_membership_level_after_other_settings, pmpro_membership_level_after_content_settings.
- ENHANCEMENT: Added a pmpro_after_order_settings_table hook to the edit order page in the dashboard.
- BUG FIX/ENHANCEMENT: Now passing a CARDONFILE parameter with PayPal Payflow payment and subscription transactions.
- BUG FIX/ENHANCEMENT: Using the wp.passwordStrength.userInputDisallowedList function from WP 4.5 if available.
- BUG FIX/EHNANCEMENT: Now making sure that the pmpro_update_order and pmpro_updated_order hooks fire whenever an order is updated in the DB.
- BUG FIX: Fixed issue in getfile script where parameters in the URL would cause File not found errors.
- BUG FIX: Fixed how the PayPal IPN handler handles cases where a subscription is set up correctly but the initial payment failed. We now correctly cancel these users and mark their order as error.
- BUG FIX: Improved error handling in the PayPal Express integration, particularly when a subscriptions PROFILESTATUS is missing.
- BUG FIX: User registered date is now shown in local time.
- BUG FIX: Fixed issue where the deprecated pmpro_getClassForField function wasn’t returning a value properly. (Thanks, Elena Draculet)
- BUG FIX: Updated the pmpro_sort_levels_by_order function to use level IDs for keys, since some code expects that for level arrays. This matches the behavior we had before introducing this function.
- BUG FIX: Updated the pmpro_changeMembershipLevel function always set the order status to error if that was passed in as the “old level status”.
- BUG FIX: Fixed warning in searches/pages when PMPro pages is not set.
- BUG FIX: Fixed warnings being generated when using PHP 8 and Divi
- BUG FIX: Fixed warnings related to PayPal Express session variables.
184.108.40.206 — 2021-05-12
- BUG FIX/ENHANCEMENT: Updated pmpro_changeMembershipLevel() to return null if the user’s level is not changed. For the past 2 vesions, we’ve been returning true in these cases, which caused PMPro to send emails to the admin when the edit use page was saved, even if there was no level change. This change has been backported to versions 2.5.8 and 2.5.9.
2.5.9 — 2021-05-05
- ENHANCEMENT: Adjusting style for prices and price parts shown on the frontend.
- ENHANCEMENT: Adjusting HTML for links in the Orders table in the dashboard.
- BUG FIX: Reverted the change to the pmpro_is_checkout() function. Since we default to the first available level, calling pmpro_getLevelForCheckout() was causing pmpro_is_checkout to return true on ALL pages. This disrupted a lot of functionality.
- BUG FIX: Fixed warnings in the pmpro_getLevelAtCheckout() function.
- BUG FIX: Fixed issue where “All Time Sales” was showing up as 0, even when there were sales.
2.5.8 — 2021-04-30
- ENHANCEMENT: Added
pmpro_membership_content_filterfilter to let other plugins change how PMPro filters member content.
- ENHANCEMENT: Improved de_DE email template translation. (Thanks, biker238 on GitHub)
- ENHANCEMENT: Added
- ENHANCEMENT: Improved display of prices on invoices and added pmpro_display_price_parts function and filters so plugins like the upcoming AvaTax add on can add subtotals to the price displays.
- ENHANCEMENT: Added a pmpro_after_all_membesrhip_level_changes hook that fires at the end of the page load and can be used to process all membership changes in bulk.
- ENHANCEMENT: The “User” column on the orders page now shows the username and email.
- ENHANCEMENT: Added a pmpro_stripe_create_subscription_array filter. (Thanks, ermGit on GitHub)
- BUG FIX/ENHANCEMENT: pmpro_change_level returns true now if the function is called to change a user’s level to one they already have.
- BUG FIX/ENHANCEMENT: No longer calling $order->updateTimestamp() on orders adminpage.
- BUG FIX/ENHANCEMENT: Updated conditional to check ‘street’ instead of ‘name’ when displaying billing address on Invoice/Confirmation.
- BUG FIX/ENHANCEMENT: Improved localization and added missing strings to translation.
- BUG FIX/ENHANCEMENT: Updated to use `get_user_locale1 to load localization.
- BUG FIX/ENHANCEMENT: Now Preserving existing values for
category__not_inwhen filtering search and archive queries.
- BUG FIX/ENHANCEMENT: Fixed sorting of the Membership Level column on the Users List table in the WP admin dashboard.
- BUG FIX/ENHANCEMENT: Added a pmpro_sort_levels_by_order function and using it in various places to make sure levels are listed in the order they are in on the PMPro settings page.
- BUG FIX/ENHANCEMENT: Added an extra check in the pmpro_is_checkout function that helps with issues that were coming up in some add ons.
- BUG FIX/ENHANCEMENT: The level cache now takes into account the $include_active parameter.
- BUG FIX/ENHANCEMENT: The CSS class is now properly added to the body tag when a PMPro page block is used on a page.
- BUG FIX/EHNANCEMENT: Better timezone handling in sales reports.
- BUG FIX/ENHANCEMENT: Fixed a few places where we might think a free order was paid if using a currency with more or less than 2 decimal places.
- BUG FIX: Fixed deprecated jQuery functions in pmpro-admin.js.
- BUG FIX: Fixed warning for a missing/deleted level in the pmpro_post_classes function.
- BUG FIX: Default
pmpro_longform_addressto true on Billing Information page.
- BUG FIX: Fixed
- BUG FIX: Fixed variables passed to the
- BUG FIX: CZK currency should have 2 decimals.
- BUG FIX: Avoiding a redirect loop if the login page is deleted. (Thanks, George Stephanis)
- BUG FIX: Fixed the password reset link in new user notification email when not using pretty permalinks.
- BUG FIX: Fixed issues with password reset URLs on multisite networks.
- BUG FIX: Fixed the issue where sales weren’t showing up on report charts sometimes on the 31st of the month.
2.5.7 — 2021-03-10
- ENHANCEMENT: Added a pmpro_checkout_message filter that can be used to filter error messages shown at checkout.
- BUG FIX/ENHANCEMENT: Now making sure some billing address fields are available for the billing failure emails sent during the PayPal IPN handler.
- BUG FIX/ENHANCEMENT: Fixed issues where HTML entities were shown in level prices in some places when using certain currencies. All prices are sent through a special pmpro_escape_price function that allows div, span, and sup tags with id and class attributes. Also removed from unneeded small tags and grey coloring of prices in certain spots.
- BUG FIX: Now cancelling membership when a SUBSCRIPTION_CANCELED message is sent to the Braintree webhook handler. In the past, we incorrectly sent the payment failed email instead.
- BUG FIX: Fixed display issues with the Require Membership block. The level select field has been swapped with a list of checkboxes.
- BUG FIX: Fixed warnings that occurred when processing failed payments in webhook and IPN handlers.
- BUG FIX: Fixed our Braintree class so we will only attempt to update a user’s credit card and address when the getCustomer method is called at checkout or during a billing update.
- BUG FIX: Fixed issue where refreshing the checkout review page when using PayPal Express caused the associated order to be updated again. Now the order status is updated to review and only updates again when the user confirms.
- BUG FIX: Avoiding warnings when the pmpro_url function is used if the PMPro pages haven’t been set up yet. (Thanks, Thomas Sjolshagen)
- REFACTOR: Updated the pmpro_getSpecificMembershipLevelForUser( $user_id, $level_id ) function so both fields are required. Will still default to the current user if null is passed for the $user_id.
2.5.6 — 2021-03-05
- SECURITY: Now sanitizing and escaping the
orderparameter when filtering the users table in the dashboard. (Thanks, Gen Sato)
- BUG FIX/ENHANCEMENT: Now hiding the ApplePay/GooglePay “Payment Request” buttons when the main checkout form is submitted. This helps to prevent double checkouts.
- BUG FIX: Fixed missing membership data in the billing failed email.
2.5.5 — 2021-02-22
- SECURITY: Better sanitization of parameters on some REST API endpoints.
- SECURITY: Now showing reCAPTCHA field at checkout even for logged in users.
- ENHANCEMENT: Added find_billing_address() method to the MemberOrder class. This will look for the address on the last order with the same sub id or in user meta.
- ENHANCEMENT: Better styling for invoices shown on the frontend.
- ENHANCEMENT: No longer forcing column width % in the members list table.
- ENHANCEMENT: Added a pmpro_doing_webhook action that is fired at the beginning of our webhook/IPN handlers.
- ENHANCEMENT: Added a pmpro_membership_level_after_billing_details_settings hook to the edit membership level page. This hook should now be used to add billing related settings.
- BUG FIX/ENHANCEMENT: Allowing order total to be set to 0, even if there is a subtotal and tax amount.
- BUG FIX/ENHANCEMENT: Stripe checkout fields will now use the language set in the Stripe settings.
- BUG FIX/ENHANCEMENT: The URL check in our notifications code now accepts arrays (e.g. to see if a URL has one of a group of top level domains). This fixes a warning some may have seen in error logs.
- BUG FIX: Fixed issues where totals on PayPal recurring payments were sometimes incorrect if both an mt_gross and amount field were passed via IPN.
2.5.4 — 2021-01-28
- ENHANCEMENT: Bump license year 2021 — 10 years.
- ENHANCEMENT: Now passing billing street in
- ENHANCEMENT: Prefixed our pmpro_stripeResponseHandler function to avoid conflicts.
- ENHANCEMENT: Added getRealPaymentTransactionId method to PayPal Express gateway class to recover a missing transaction ID.
- ENHANCEMENT: Added
pmpro_checkout_before_formaction to hook anything before the membership checkout form.
- ENHANCEMENT: Added avatar as a valid field type for the [pmpro_member] shortcode.
- ENHANCEMENT: Changed license key field to text type and unmasked. Masking implied the key was hashed before saving which is not true.
- ENHANCEMENT: Added
pmpro_discount_code_usedaction hook for when a discount code is used.
- ENHANCEMENT: Stripe will now pull billing address info for recurring orders from webhooks.
- BUG FIX/ENHANCEMENT: Improved user interface, error handling, and messages in the frontend password reset process.
- BUG FIX/ENHANCEMENT: Added a space between state and zip code in billing info.
- BUG FIX/ENHANCEMENT: Now rounding amount sent with Stripe payment request button.
- BUG FIX/ENHANCEMENT: Improved
pmpro_check_plugin_versionfunction to also check a specific value of the
- BUG FIX/ENHANCEMENT: Added
pmpro_membership_ordermetatables to uninstall process.
- BUG FIX/ENHANCEMENT: Escaped things in SQL queries in 2Checkout INS service handler.
- BUG FIX/ENHANCEMENT: Cleaned up levels page template and added MMPU compatibility.
- BUG FIX/ENHANCEMENT: Fixed pagination and export issues with a discount code filter on the Orders admin page.
- BUG FIX/ENHANCEMENT: Prefixed our
pmpro_stripeResponseHandlerfunction to avoid conflicts with other Stripe code that may not be prefixed.
- BUG FIX/ENHANCEMENT: Cleaned up conditionals and escaping improvements in the
- BUG FIX/ENHANCEMENT: Fixed deprecation notices for sites running PHP 8.
- BUG FIX/ENHANCEMENT: Improved SQL query format in the applydiscountcode service.
- BUG FIX: Fixed issues with ReCAPTCHA v2 and certain gateways.
- BUG FIX: Fixed bug where blog name was not showing in Admin Activity email.
- BUG FIX: Improved incorrect PHP doc blocks.
- BUG FIX: Fixed an issue on some sites where password reset link in email was incorrect.
- BUG FIX: Fixed level change issues during 2Checkout checkout.
- BUG FIX: Fixed issue where
checkout_levelsREST API endpoint could return the wrong initial payment
- BUG FIX: Fixed undefined notice for timestamp variable in the Stripe gateway class.
- BUG FIX: Avoiding warnings when user ids are in the memberships_users table, but a user doesn’t exist.
- BUG FIX: Now setting the correct value for membership_id in the admin change emails.
2.5.3 — 2021-01-26
- SECURITY: Fixed indirect object reference vulnerability where order information, including customer names, email addresses, and order numbers could be accessed by non-admin WordPress users. (Thanks, WP Plugins Team)
- SECURITY: Now checking ReCAPTCHA validation before enabling the submit button on the checkout form when using ReCAPTCHA v2. This helps to keep bad actors from testing credit cards on your checkout page. We were already doing a similar check when using ReCAPTCHA v3. Further updates to rate limit credit card failures are planned.
2.5.2 — 2020-10-23
- BUG FIX: Fixed issue where the RECAPTCHA library wasn’t being loaded early enough to validate at checkout.
- BUG FIX: Fixed issue where code in the Stripe class was unsetting some required fields, even if Stripe was not being used at checkout.
2.5.1 — 2020-10-16
- SECURITY: Fixed XSS vulnerability on the Members List page of the dashboard. (Thanks, Ron Masas from Checkmarx.com)
- ENHANCEMENT: Add Ukrainian Hryvnia currency. (Thanks, Mirco Babini)
- ENHANCEMENT: Added a “non-members” option to the Beaver Build module.
- BUG FIX: Fixed issue where only USD and US were allowed with Stripe’s GooglePay/ApplePay buttons.
- BUG FIX: Fixed issue where some profile fields, e.g. those added with Register Helper, were accidentally updated or removed when accessing the frontend profile page.
- BUG FIX: Fixed issue with tracking discount code uses when using the 2Checkout gateway. (Thanks, karambk on GitHub)
- BUG FIX: No longer running excerpts through wpautop when a more tag is used.
2.5 — 2020-10-02
- FEATURE: When using the Stripe Gateway, you may now allow users to pay using Apple Pay, Google Pay, or Microsoft Pay depending on their browser. Enable this feature from the payment settings page.
- FEATURE: Added Divi Builder compatibility.
- FEATURE: Updated the Braintree Gateway class to be able to use the Braintree API for the pmpro_next_payment() function. Note, for performance reasons, you must call this method directly or enable it by hooking it up with code like
add_filter('pmpro_next_payment', array('PMProGateway_braintree', 'pmpro_next_payment'), 10, 3);
- FEATURE: Added ordermeta tables and functions. We will wait about a year for all users to upgrade before using these widespread. (Thanks, Mirco Babini)
- ENHANCEMENT: The “short” version of the level cost text for a free level is now “Free” instead of “0.00 now”.
- ENHANCEMENT: Added a
get_original_subscription_ordermethod to the MemberOrder class. This will return the first order in a subscription when called from a recurring order.
- ENHANCEMENT: Removed the old style license nags.
- BUG FIX/ENHANCEMENT: Using microtime and a static counter int to make sure our order and discount codes are unique. In the past very high traffic sites could run into duplicates if two checkouts happened at the exact same second.
- BUG FIX/ENHANCEMENT: Adjust order delete prompt to support other locales.
- BUG FIX/ENHANCEMENT: Better handling of tax amounts in recurring payments, e.g. when using the PMPro VAT Tax add on.
- BUG FIX/ENHANCEMENT: Optimized how often we hit the Stripe API when events on the checkout page could potentially update the price of checkout.
- BUG FIX/ENHANCEMENT: The checkout_levels api call now takes
- BUG FIX/ENHANCEMENT: No longer running sanitize_text_field on password fields. This would break passwords that had strings of characters resembling html tags.
- BUG FIX/ENHANCEMENT: Now warning admins if the Stripe billing period is longer than 1 year. Billing periods greater than 1 year are not allowed by Stripe.
- BUG FIX/ENHANCEMENT: Now detecting when a Stripe webhook is set up for an older version of the Stripe API and showing a notice with a link to update.
- BUG FIX/ENHANCEMENT: Adding MAXFAILEDPAYMENTS=1 to PayPal add subscription requests. This tells PayPal to cancel a subscription after the first failed payment. In our experience, the automatic retries rarely worked well. This change fixes issues with subscriptions going out of sync or users retaining access to your site when their payment has failed. Members still receive the payment failed email, which prompts users to return to the site to renew.
- BUG FIX/ENHANCEMENT: Fixing some issues where we are adding extra break tags into the password reset email. There are still some issues like this when using certain plugins. We are working on a general fix.
- BUG FIX/ENHANCEMENT: Removed the “coupon amount” field from the edit order page. These were hold outs from the 2007! ecommerce plugin PMPro was forked from. You can set the pmpro_orders_show_coupon_amounts filter to __return_true to show these fields again if you were using them for tracking things in your custom code.
- BUG FIX: Fixed MMPU compatibility when using discount codes.
- BUG FIX: No longer filtering the wp login url when on wp-login.php. This fixes issues with iThemes Security 2FA.
- BUG FIX: Fixed issues where the Stripe webhook was not being updated sometimes when clicking the button to update.
- BUG FIX: Fixed some notices and warnings when using Braintree.
- BUG FIX: Now resetting memberslist page number when changing shown level.
- BUG FIX: Now ensuring that the discount code field updates, update the Request Button price.
- BUG FIX: Fixed issue where non-pretty permalinks may break frontend password resets.
- BUG FIX: Fixed invoice links on the account page. (Thanks, Mateusz Hołtyn)
- BUG FIX: Fixed incorrect label “for” attribute for uninstall setting.
- BUG FIX: Fixed issue where some free plugins distributed by PMPro would show warnings about requiring a Plus license.
2.4.4 — 2020-09-02
- BUG FIX: Fixed fatal error that sometimes occurred on the payment settings page when using PHP 5.6 or earlier.
- BUG FIX: Fixed fatal errors that showed up on the frontend invoice page.
- BUG FIX: Fixed issue where the confirmation message was not showing up in the confirmation email if that option was checked.
- ENHANCEMENT: Added a pmpro_stripe_charge_params filter that can be used to edit or add params sent to the Stripe create charge method. (Thanks, Michael Bester)
- ENHANCEMENT: Tweaked the markup of the invoice page so the payment type information looks a little better.
= 2.4.3 — 2020-08-25
* SECURITY: Fixed a cross-site scripting vulnerability in the code that updates the Required Membership settings on a post. This vulnerability could have been used in conjunction with other security vulnerabilities to trick an admin into editing the membership settings for a page, potentially exposing members only content to non-members. It is unlikely that there was any active exploitation of this vulnerability. This issue may also have shown up as a bug on some sites using page builders, where the membership settings for a post would be cleared out when editing a post. (Thanks to the wp.org plugin review team for catching this issue.)
* SECURITY: Better escaping of variables shown in the Require Membership meta box and related SQL queries.
* BUG FIX/ENHANCEMENT: Renamed the Vietnamese language files to match what is expected.
= 2.4.2 — 2020-08-24
* SECURITY: Updated the PMPro REST API endpoints accessed via the GET method to also require appropriate capabilities to access. The membership confirmation text will be hidden from non-members and non-admins. The endpoints to check a user’s level or access to a post require the pmpro_edit_memberships capability now. You should make sure your API users have the appropriate capabilities to use the API. You can use the pmpro_rest_api_route_capabilities filter and/or pmpro_rest_api_permissions filter to change this behavior.
* BUG FIX: Fixed issues with the PMPro REST API endpoints, including the discount code and checkout level endpoints.
* BUG FIX: Fixed issue with backslashes in the display name when editing form the PMPro frontend profile page.
* BUG FIX: Fixed issue where timestamps were showing up incorrectly for recent orders shown on the dashboard page.
BUG FIX: Fixed issue where PMPro would always try to add capabilities to the administrator role, even if you removed that role for some reason.
* ENHANCEMENT: Added a pmpro_get_no_access_message() function, which can be used to show the no access messages.
* ENHANCEMENT: Added a “show_noaccess” property to the membership shortcode. When set, it will show the noaccess message to users who don’t have the levels specified.
* ENHANCEMENT: Added a pmpro_user_profile_update_errors hook, which can be used to show errors on the PMPro frontend profile page.
* ENHANCEMENT: The pmpro_set_capabilities_for_role() function now returns true or false if the caps were added in case others want to use this function and tell if it worked.
* ENHANCEMENT: You can now include links in the description of the fields you add to the PMPro advanced settings page via the pmpro_custom_advanced_settings filter.
* ENHANCEMENT: Updated the PayPal gateways to use the latest versions of the PayPal buttons.
* ENHANCEMENT: Fixed styling of the PMPro update script notice.
* ENHANCEMENT: Added the pmpro_account_membership_expiration_text filter to the expiration dates shown on the cancel page when using MMPU.
2.4.1 — 2020-08-10
- BUG FIX: Fixed issues with password resets on WP Engine hosting due to security features added by their mu-plugin.
- BUG FIX: Fixed issue where end dates were showing up incorrectly in the confirmation email sometimes.
- BUG FIX: Fixed issue where renewing memberships were extended one day less than they should have been in some cases.
- BUG FIX: Fixed issue where users without a PMPro Plus license were sometimes not getting an error when trying to update a Plus Add On.
- BUG FIX/ENHANCEMENT: Added compatibility for core auto-updates for our Add Ons which aren’t hosted in the .org repository.
- BUG FIX/ENHANCEMENT: Fixed issue where PHP sessions were set up to track ReCAPTCHA even if you weren’t using ReCAPTCHA. ReCAPTCHA is now only loaded on the checkout page. Loading sessions unecessarily would break some Varnish cache setups.
- BUG FIX/ENHANCEMENT: Updated the single invoice/order page. No longer showing the end date, which isn’t really related to the order. Showing a better status related to the order now.
- BUG FIX/ENHANCEMENT: Fixed some links to the PMPro site in the plugin admin area.
- BUG FIX/ENHANCEMENT: Now saving a hash of the Stripe secretkey when saving webhook ids. This allows us to keep track of webhook ids if you switch between gateway environments or swap your Stripe keys for some reason.
- BUG FIX/ENHANCEMENT: No longer running the Terms of Service text through wpautop. This usually just added extra spacing to your TOS. Shortcodes are rendered now though. Added a filter pmpro_tos_content so you can change the TOS content or how it is shown.
- ENHANCEMENT: Added a checkout_levels API endpoint. This will allow us to build features that adjust the price on the frontend at checkout.
- ENHANCEMENT: Added a pmpro_member_profile_edit_form_tag action to the form tag on the frontend member profile page. This is useful to set the form enctype for file uploads.
- ENHANCEMENT: Added Romanian Leu as a currency option.
- ENHANCEMENT: Added the pmpro_stripe_payment_intent_params filter. Useful if you would like to set a specific statement descriptor for the site. See https://gist.github.com/ideadude/16983fdfa0da12fc40ef36d870f4cbd0
- REFACTOR: Removed some unused methods from the Stripe class.
- REFACTOR: Removed the help pointer about the menu location change.
2.4 — 2020-07-24
- FEATURE: Now detecting if the Stripe webhook is set up correctly. You can now create or disable the webhook from the payment settings page in the WP admin dashboard.
- FEATURE: Added a link to use and set up SendWP for more reliable email sending from WP.
- BUG FIX: Fixed further issues with dates and timezones.
- BUG FIX: Fixed issue where reports would cause white screens on some server set ups. We had some report start dates set to 1960, which caused issues. (Thanks, Sam “gausam” on GitHub)
- BUG FIX: Fixed issue with the query to find expiring memberships that happened on certain MySQL setups.
- BUG FIX: Fixed issue that was caused if other code called wp_login_url() too early.
- BUG FIX: Fixed an error in the is_login_page() function.
- BUG FIX: Fixed a fatal error that was happening in PHP 5.2 or earlier due to code syntax that was not supported then. We noticed a few other cases as well, but decided we won’t support PHP 5.2 consistent with WP and other plugins.
- BUG FIX: Fixed the URL used when using 2Checkout in sandbox mode.
- BUG FIX: Fixed issue where the dummy $0 orders created when using the “Stripe Updates” feature weren’t saving with the updated subscription_transaction_id. This would prevent future payments from being linked to that user and could prevent subscriptions cancellations from being synchronized. When updating to PMPro 2.4, an update script will run to try to restore these subscription_transaction_id values. However, any recurring orders that occured when the id was missing will not be added to PMPro. You will have to update them manually.
- BUG FIX/ENHANCEMENT: Showing expiration date as text when it is set as a readonly field. (Thanks, Rodmar “rodmarzavala” on GitHub)
- BUG FIX/ENHANCEMENT: Now checking if headers were already sent before trying to start the PHP session. If headers are sent before PMPro tries to start the session, there is usually another error somewhere on the WP site that needs to be fixed. But at least we aren’t adding to the confusion by trying to start the session late causing another error in the log.
- BUG FIX/ENHANCEMENT: Updated misleading hint for the PayPal Express IPN URL on the payment settings page.
- BUG FIX/ENHANCEMENT: Fixed invalid key description in the SQL in includes/setup.sql. The actually query used to set up table in PMPro was correct though. The setup.sql file is included for reference and developers who want to create the tables “manually” in MySQL.
- BUG FIX/ENHANCEMENT: The post type search filter now supports cases where post type set in WPQuery is an array.
- BUG FIX/ENHANCEMENT: Fixed warning that showed when a user with no levels visited the frontend account page.
- BUG FIX/ENHANCEMENT: Fixing warnings that would be logged at checkout in certain cases.
- BUG FIX/ENHANCEMENT: Better handling of cases where users who checked out using a gateway different from the current setting are shown a message that they cannot update their billing information. They should instead checkout again to renew their membership.
- ENHANCEMENT: Updated to use the latest version of the Stripe API and SDK.
- ENHANCEMENT: More detailed logging for Braintree webhook debug emails.
- ENHANCEMENT: Added a getTransactionStatus method to the PayPal and PayPal Express payment gateway classes. (Thanks, Mirco Babini)
- ENHANCEMENT: Added a checkout_level API call. This will be used in the future to update the price total at checking using JS and is also needed to implement support for Google Pay and Apple Pay through Stripe.
- ENHANCEMENT: Cleaned up the email settings page.
- ENHANCEMENT: Better handling of some login and password reset errors.
- ENHANCEMENT: Added links to the PMPro YouTube and Facebook profiles.
- REFACTOR: Cleaned up some code in incldues/content.php, especially around the pmpro_search_filter() function.
- REFACTOR: Removed the package-lock.json file from the repository.
2.3.4 — 2020-06-18
- SECURITY: Better escaping of values on the billing and confirmation pages.
- BUG FIX: Fixed issue where expiration dates could be set to 1 day in the past when editing a user in the dashboard if certain timezones were chosen in the General settings.
- BUG FIX: Fixed issue where users were redirected back to the /login/ page if WordPress needed them to confirm their admin email address. Users will now be taken to the default WP login page with the form to confirm their email address.
- BUG FIX: Fixed bug where the reset password link in the new user email was not filtered to go to the frontend login page if being used.
- BUG FIX: Fixed issue where some errors were not being shown when password resets failed.
- BUG FIX: Fixed bug with action links added to the orders table.
- BUG FIX: Fixed issue where empty dates would show current date in the members list.
- BUG FIX: Fixed fatal error that was happening when using some of the new API endpoints.
- BUG FIX: Timestamps returned by the Stripe API when getting the next payment date needed to be adjusted based on the site’s timezone setting.
- BUG FIX: Fixed a bug where the change password form wouldn’t show up sometimes when using the login shortcode.
- BUG FIX: Fixed notice in the PayPal IPN handler when adding notes to an order.
- BUG FIX: Fixed issue where PMPro would generate the wrong excerpt in some cases where the more tag was used but the excerpt was generated before the more tag code or blog was not yet converted to HTML. Specifically this fixes an issue with excerpts generated for AMP with the SchemaApp plugin.
- BUG FIX/ENHANCEMENT: Added an advanced setting to “Uninstall PMPro on Deletion”. You must check and save this option first or PMPro will not delete data from the DB when deleting from the plugins page. This keeps users from accidentally deleting orders and member data.
- BUG FIX/ENHANCEMENT: Now hiding the profile and change password links on the membership account page if a frontend profile page is not set and users are locked from the WP dashboard by the advanced setting.
- BUG FIX/ENHANCEMENT: Resetting the signups and cancellations report cache when there are new membership level changes.
- ENHANCEMENT: Added a pmpro_get_element_class function and filter. We now use this function when adding classes to HTML elements in our templates. The filter can be used to alter or append to the classes used in the HTML tags. This will make it easier to create code and CSS to make PMPro look better with popular themes.
- ENHANCEMENT: Added a pmpro_authorizenet_post_values filter to the Authorize.net class. An array of $post_values is passed in to be filtered along with a string for the API method about to be called.
- ENHANCEMENT: Added a pmpro_member_profile_edit_user_object_fields filter to add or remove fields from the frontend edit profile page.
- ENHANCEMENT: Now showing information about the current billing method on the update billing page. Can hide this information by having the pmpro_billing_show_payment_method filter return false.
- ENHANCEMENT: No longer saying “Great Work!” in the admin digest emails. This was especially embarrassing if you didn’t have any sales during the diget period.
- REFACTOR: Refactored some code in the CSV exports to avoid false positives by malware scanners.
- REFACTOR: Added a build_post_string method to the Authorize.net class to avoid redundant code.
- REFACTOR: Added a cancelSubscriptionAtGateway method to the PayPal Express class. This is useful if you want to cancel the subscription without cancelling the membership. (Thanks, Mirco Babini)
2.3.3 — 2020-05-13
- SECURITY: Fixed SQL injection vulnerability when logged in as an administrator and adding new orders in the dashboard. JVN#20248858 (Thanks, Kenichi Okuno of Mitsui Bussan Secure Directions, Inc)
- SECURITY: Making sure to properly escape all values on the add/edit order form in the dashboard.
- BUG FIX: Now properly setting the order status to “error” when an initial payment fails when using PayPal Express. Before the order status would be set as “cancelled”, which would count the order toward reports and make it harder to find orders that had errors. (Thanks, Mirco Babini)
- BUG FIX: Fixed issue with the PMPro logo and some other assets loading over the wrong schema (http vs https) in some cases.
- BUG FIX: Fixed issue where the chosen discount code was not shown after submitting when adding a new order through the dashboard.
- BUG FIX/ENHANCEMENT: Using “PMPro” in the admin activity email subject to keep the line shorter and avoid issues when replacing the word “member” via gettext.
- ENHANCEMENT: Added a pmpro_allow_weak_passwords filter. You can set this to return true (like this https://gist.github.com/ideadude/5a12119b9ce1c2aad87b2d69cb8f9505) to allow weak passwords on the change password and reset password pages. Note that at this time, weak passwords are still allowed on the checkout page no matter the value of this filter. We expect to change that in the future. For now, you can use our PMPro Strong Passwords plugin to force strong passwords at checkout.
- REFACTOR: Updated the logic around checking the PMPRO_IPN_DEBUG constant in the IPN handler. (Thanks, Mirco Babini)
2.3.2 — 2020-05-07
- BUG FIX: Fixed errors calling is_main_query() that came up with certain themes.
- BUG FIX: Fixed typo in the pmpro_account_profile_action_links filter.
- BUG FIX/ENHANCEMENT: Added a new force parameter to the pmpro_getAllLevels() function. This is used by the Multisite Membership Add On to fix an issue where levels were missing or incorrect on the subsites.
- ENHANCEMENT: Removed mention of the ezAdsense plugin, which has been discontinued.
- ENHANCEMENT: Added $recipient param in sendAdminActivity() function so you can send additional activity emails like this https://gist.github.com/dparker1005/6bf650370a12aef44adf8c8c26d3e906
2.3.1 — 2020-05-01
- BUG FIX: Fixed infinite redirect issue if no account page was set. Fixed a few other places where we do is_page() type checks just in case.
- BUG FIX: Fixed issue where all pages were retitled to Welcome when logged in, if no login page was set.
- BUG FIX: Fixed issue with BuddyBoss and other themes/plugins that use the_title filter with only one parameter.
- BUG FIX: Fixed error when trying to check if is_main_query in the admin or with certain themes.
2.3 — 2020-05-01
- FEATURE: Added frontend login and password reset.
- FEATURE: Added frontend user profile editing.
- FEATURE: Added [pmpro_login] shortcode and Log In Form block.
- FEATURE: Added [pmpro_member_profile_edit] shortcode and Member Profile Edit block.
- FEATURE: Added “Member Log In” widget.
- FEATURE: Added “WordPress Toolbar” Advanced Setting to hide the WordPress Toolbar from “subscriber” role.
- FEATURE: Added “WordPress Dashboard” Advanced Setting to block dashboard access for the “subscriber” role.
- FEATURE: Added new Admin Activity Email. Weekly emails to the site admin with sales stats and other info. Change how often the email is sent or disable it from the advanced settings tab.
- FEATURE: Added Beaver Builder module compatibility to restrict modules by membership level.
- FEATURE: Created new REST API endpoints and extended existing endpoints.
- FEATURE: Updated Elementor code to allow for restriction of “sections” as well.
- BUG FIX: Updated all timestamp code to be compatible with WordPress v5.4+ which fixes issues where orders could lose one hour or one day when saved.
- BUG FIX: Updated logic to filter body_class on pages with Membership Account shortcode or any “section” of the shortcode displayed.
- BUG FIX: Improved
pmpro_getAllLevelsfunction to cache even when
true. This saves multiple DB hits per page load.
- BUG FIX/ENHANCEMENT: Cancellation report now calculates based on membership enddate.
- BUG FIX/ENHANCEMENT: Fixed warnings and errors in PHP 7.4+.
- BUG FIX/ENHANCEMENT: Updated all uses of “Email” to remove the hyphen.
- BUG FIX/ENHANCEMENT: Updated to default to international addresses on Billing Information page. Fixes a bug with the State Dropdown Add-On.
- BUG FIX/ENHANCEMENT: Now treating “recurring_payment_failed” transactions from PayPal IPN as cancellations. PMPro will cancel membership and attempt to cancel the associated subscription.
- ENHANCEMENT: Added membership level class for the
PMPro_Membership_Levelobject. This is currently only used in the REST API calls, but will eventually be used whenever interacting with a membership level object or array.
- ENHANCEMENT: Added discount code class for the
PMPro_Discount_Codeobject. This is currently only used in the REST API calls, but will eventually be used whnever interacting with a discount code object or array.
- ENHANCEMENT: Now allowing all users and members access to the Membership Account page.
- ENHANCEMENT: Updating logic for all redirects from core pages like Invoices, Billing, and Cancel to allow past members to access their data. Generally more often redirecting where you would expect to in different situations.
- ENHANCEMENT: Several core frontend page style improvements for responsive displays and gateway-dependent fields.
- ENHANCEMENT: Added
getSubscriptionStatusmethod to the Stripe gateway API class. This fixes issues with the PMPro Subscription Check Add-On.
- ENHANCEMENT: Added !!levels_page_url!! and !!login_url!! as replacement variables in Advanced Settings > Message Settings. Using these by default on new installs.
- ENHANCEMENT: Improved Block Editor code and webpack configuration.
- ENHANCEMENT: Added support for
PMPRO_AUTHNET_SILENT_POST_DEBUGto “log” data to /logs/ or send an email to an email address different from the site admin.
- ENHANCEMENT: Added time fields to Memberships > Orders admin page when vieweing, updating or saving an order.
- ENHANCEMENT: Added pmpro_admin_orders_filters and pmpro_admin_orders_query_condition filters to add new filters to the orders page in the dashboard. (Thanks, Mirco Babini)
- ENHANCEMENT: Added an SVG icon to the PMPro blocks category.
- REFACTOR: Improved the Members List list table code to use a function for each column of data and support the code core WP methods for extending list tables with custom columns.
- REFACTOR: Moved all Theme My Login compatiblity code to includes/compatibility/theme-my-login.php and only loading if plugin is active.