=== PayPal API Subscriptions === Contributors: zackdesign Donate link: http://www.zackdesign.biz/paypal-api-subscriptions Tags: subscription, paypal, recurring, billing, register Requires at least: 4.0 Tested up to: 6.9.1 Stable tag: 1.1.0 Requires PHP: 7.4 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Provides an all-in-one registration point for subscribers to your blog. Uses Paypal API and recurring billing. == Description == Paypal API Subscriptions is designed to allow your users to register on your blog and subscribe all at once. The Paypal API keeps them on your blog and means that you simply have to skin the Wordpress Admin to suit your site theme. Because it is fully integrated with Wordpress you can keep track of your users easily and effectively. This plugin defaults to the Paypal Sandbox for test results so you can test it for yourself. You really need SSL before you can begin to think of using it for real. It's important to realise that you won't be able to test Express Checkout until you use your own developer API credentials. Features: * Subscription button shortcode tags for your posts * Use your Paypal API credentials * Integrates with Wordpress registration seamlessly * Use a Wordpress Admin Theme to make the user transition completely transparent! * Adheres to all Paypal Guidelines and Requirements * Uses Wordpress-supplied error checking in the registration form for both transactions and fields! This means no registered users by accident. * Automatically tests using the Sandbox SDK credentials Need help? Contact me at [Zack Design](http://www.zackdesign.biz "Zack Design"). == Installation == 1. Upload the 'subscriptions' folder to the `/wp-content/plugins/` directory 2. Activate the plugin through the 'Plugins' menu in WordPress 3. Add tags to your post text: In any post where you want a subscription button add this tag: `[ppsa]NAME|PRICE|FREQUENCY|PERIOD[/ppsa]` This will create the subscription button. E.g. [ppsa]news|20|5|day[/ppsa] - this means 'bill me 20 dollars every 5 days for news' Acceptable period values: day, week, month, year 4. Test your registration form by clicking through from the subscription button 5. Enable SSL on your site 6. Place your Paypal API credentials in Wordpress Settings -> Paypal API Subscriptions 7. Optionally change the thank you message 8. It is recommended you test once again using SSL and real money (say 10, 20 cents) 9. Create as many subscription buttons as you want! == Changelog == = 1.1.0 = * Security: Added ABSPATH guards to all PHP files * Security: Added input sanitization throughout (sanitize_text_field, absint, floatval, wp_unslash) * Security: Added output escaping throughout (esc_html, esc_attr, esc_url, wp_kses_post) * Security: Enabled SSL verification for PayPal API calls * Security: Added capability check on options page (manage_options) * Fix: Updated capability level from deprecated numeric '8' to 'manage_options' * Fix: Replaced get_option('siteurl') URL building with plugins_url() * Fix: Replaced get_bloginfo('url') / get_bloginfo('wpurl') with home_url() / wp_login_url() * Fix: Fixed undefined variable $cert in paypal class constructor * Fix: Fixed undefined variable $error in show_error() method (now uses $this->error) * Fix: Fixed bare constant `x` (now uses string 'x') in credit card masking * Fix: Replaced deprecated login_messages filter with login_message * Fix: Replaced recursive years() function with simple loop * Fix: Safe session handling with session_save_path fallback and headers_sent() check * Fix: Removed bundled jQuery 1.2.6 in favour of vanilla JS * Fix: PHP 8.x compatibility — added isset() checks on $_SESSION, $_POST, $_GET access * Fix: Used wp_die() instead of echo/die for error output * Fix: Replaced date() with gmdate() for timezone-safe date handling * Updated: Requires PHP 7.4, tested up to WordPress 6.7 = 1.0 = * First release! == Frequently Asked Questions == = CURL Error = Your server needs the PHP curl extension to run this plugin and talk to Paypal. If you don't have shell access ask your host to install it. = Transaction Failure = Read the error. Try checking your API credentials, try running without them, and try checking your currency code. Also ensure that you're not doing something impossible like setting 30 months in a year.