s2Member v170425-RC (Release Candidate)

[raamdev]

General Availability Target Date: May 2nd, 2017

Downloads

• s2Member Framework v170425-RC
• s2Member Pro v170425-RC (requires being logged into s2member.com)

Changelog

• (s2Member/s2Member Pro) PHP v7 Compat. Enhancements: This release adds an integration with the Defuse encryption library for PHP, making it possible for s2Member to move away from the mcrypt_*() family of functions in versions of PHP >= 7.0.4, where the mcrypt library has been deprecated — mcrypt_*() will eventually be removed entirely.

  Starting with this release of s2Member, if you're running s2Member on PHP v7.0.4+, the Defuse library will be used automatically instead of mcrypt. See Issue #1079.

  Note: Backward compatibility with mcrypt functions will remain for now, especially for the decryption of any data that was previously encrypted using RIJNDAEL-256; i.e., data encrypted by a previous release of the s2Member software. s2Member is capable of automatically determining the algorithm originally used to encrypt, which allows it to decrypt data using Defuse, else RIJNDAEL-256, else XOR as a last-ditch fallback.

  API Functions: s2member_encrypt() & s2member_decrypt(). These two API Functions provided by s2Member are impacted by this change. Starting with this release, if you're running s2Member on PHP v7.0.4+, the Defuse library is used automatically instead of the older mcrypt extension. Not to worry though; the s2member_decrypt() function is still capable of decrypting data encrypted by previous versions of the s2Member software.

• (s2Member/s2Member Pro) UI Fix: All menu page notices should be given the notice class and the additional notice-[type] class instead of the older generic updated and error classes. Fixed in this release. Related to Issue #1034

• (s2Member/s2Member Pro) UI Fix: Plugins displaying Dashboard-wide notices using the older updated and error classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: Issue #1034

• (s2Member/s2Member Pro) UI Fix: Improving color highlighting in input fields following a media library insertion; e.g., when adding a custom logo to the login/registration page.

• (s2Member Pro) Bug Fix: Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See Issue #1077.

• (s2Member Pro) Bug Fix: Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See Issue #1055.

• (s2Member Pro) Stripe Bug Fix: This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS z-index setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user's inability to enter details into the Stripe popup form. In this release, s2Member's customization of the z-index stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles z-index adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See Issue #1057.

• (s2Member/s2Member Pro) Security Enhancement: This release removes the %%user_pass%% Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see Issue #954. This Replacement Code was removed as a security precaution.

• (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: 'PHP Warning: Parameter 2 to c_ws_plugin__s2member_querys::_query_level_access_coms() expected to be a reference, value given'. This was resolved by removing the strict 'by reference' requirement from the list of parameters requested by s2Member.

• (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: 'PHP Warning: Illegal string offset 'user_id' in s2member/src/includes/classes/sc-eots-in.inc.php'. This was resolved by typecasting $attr to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

See also: s2Member v170425-RC Release Announcement

Reporting Issues / Feedback

Please report any issues or feedback related to this Release Candidate using this GitHub issue. Please post a comment below with details.

If you are reporting a UI-related issue, please include a screenshot.

If you are reporting a bug, please provide list of steps to reproduce and if the bug is related to an existing GitHub issue, please provide a link to that GitHub issue as well.

---

Reported Issues to Fix

None at this time.

[renzms]

Tested Confirmed Working:

---

• (s2Member/s2Member Pro) UI Fix: All menu page notices should be given the notice class and the additional notice-[type] class instead of the older generic updated and error classes. Fixed in this release. Related to Issue s2Member interferes with Comet Cache Pro Dashboard message  #1034

• (s2Member/s2Member Pro) UI Fix: Plugins displaying Dashboard-wide notices using the older updated and error classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: Issue s2Member interferes with Comet Cache Pro Dashboard message  #1034

• (s2Member/s2Member Pro) Security Enhancement: This release removes the %%user_pass%% Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see Issue Notifications API for Registrations Sends Password in Plain Text  #954. This Replacement Code was removed as a security precaution.

Admin Notification:

New User Notification:

• (s2Member Pro) Bug Fix: Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See Issue Problems with s2Member Export After 20170221 Update #1055.

• (s2Member Pro) Stripe Bug Fix: This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS z-index setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user's inability to enter details into the Stripe popup form. In this release, s2Member's customization of the z-index stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles z-index adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See Issue Mobile issue with Stripe Integration (Retrieving stripe.js from the incorrect URL?) #1057.

• (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: 'PHP Warning: Illegal string offset 'user_id' in s2member/src/includes/classes/sc-eots-in.inc.php'. This was resolved by typecasting $attr to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

Working without Error notices

To Be Tested:

• (s2Member/s2Member Pro) PHP v7 Compat. Enhancements: This release adds an integration with the Defuse encryption library for PHP, making it possible for s2Member to move away from the mcrypt_() family of functions in versions of PHP >= 7.0.4, where the mcrypt library has been deprecated — mcrypt_() will eventually be removed entirely.

• Starting with this release of s2Member, if you're running s2Member on PHP v7.0.4+, the Defuse library will be used automatically instead of mcrypt. See Issue [PR] Mcrypt Deprecation in PHP 7.x. #1079.

• Note: Backward compatibility with mcrypt functions will remain for now, especially for the decryption of any data that was previously encrypted using RIJNDAEL-256; i.e., data encrypted by a previous release of the s2Member software. s2Member is capable of automatically determining the algorithm originally used to encrypt, which allows it to decrypt data using Defuse, else RIJNDAEL-256, else XOR as a last-ditch fallback.

• API Functions: s2member_encrypt() & s2member_decrypt(). These two API Functions provided by s2Member are impacted by this change. Starting with this release, if you're running s2Member on PHP v7.0.4+, the Defuse library is used automatically instead of the older mcrypt extension. Not to worry though; the s2member_decrypt() function is still capable of decrypting data encrypted by previous versions of the s2Member software.

• (s2Member/s2Member Pro) UI Fix: All menu page notices should be given the notice class and the additional notice-[type] class instead of the older generic updated and error classes. Fixed in this release. Related to Issue s2Member interferes with Comet Cache Pro Dashboard message  #1034

• (s2Member/s2Member Pro) UI Fix: Plugins displaying Dashboard-wide notices using the older updated and error classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: Issue s2Member interferes with Comet Cache Pro Dashboard message  #1034

• (s2Member/s2Member Pro) UI Fix: Improving color highlighting in input fields following a media library insertion; e.g., when adding a custom logo to the login/registration page.

• (s2Member Pro) Bug Fix: Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See Issue Non-Recurring Subscription Being Downgraded Following Free Trial (PayPal) #1077.

• (s2Member Pro) Bug Fix: Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See Issue Problems with s2Member Export After 20170221 Update #1055.

• (s2Member Pro) Stripe Bug Fix: This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS z-index setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user's inability to enter details into the Stripe popup form. In this release, s2Member's customization of the z-index stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles z-index adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See Issue Mobile issue with Stripe Integration (Retrieving stripe.js from the incorrect URL?) #1057.

• (s2Member/s2Member Pro) Security Enhancement: This release removes the %%user_pass%% Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see Issue Notifications API for Registrations Sends Password in Plain Text  #954. This Replacement Code was removed as a security precaution.

• (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: 'PHP Warning: Parameter 2 to c_ws_plugin__s2member_querys::_query_level_access_coms() expected to be a reference, value given'. This was resolved by removing the strict 'by reference' requirement from the list of parameters requested by s2Member.

• (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: 'PHP Warning: Illegal string offset 'user_id' in s2member/src/includes/classes/sc-eots-in.inc.php'. This was resolved by typecasting $attr to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

[renzms]

@jaswrks / @raamdev

Issue testing with:

(s2Member Pro) Bug Fix: Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See Issue #1077.

Notice: Undefined index: ACK in /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-utilities.inc.php on line 182 Call Stack: 0.0002 398808 1. {main}() /app/src/index.php:0 0.0003 399096 2. require('/app/src/wp-blog-header.php') /app/src/index.php:17 0.0003 399448 3. require_once('/app/src/wp-load.php') /app/src/wp-blog-header.php:13 0.0003 400192 4. require_once('/app/src/wp-config.php') /app/src/wp-load.php:37 0.0004 401808 5. require_once('/app/src/wp-settings.php') /app/src/wp-config.php:43 0.0354 2721128 6. do_action() /app/src/wp-settings.php:449 0.0354 2721504 7. WP_Hook->do_action() /app/src/wp-includes/plugin.php:453 0.0354 2721504 8. WP_Hook->apply_filters() /app/src/wp-includes/class-wp-hook.php:323 0.0540 2897952 9. c_ws_plugin__s2member_pro_paypal_checkout::paypal_checkout() /app/src/wp-includes/class-wp-hook.php:298 0.0542 2903904 10. c_ws_plugin__s2member_pro_paypal_checkout_in::paypal_checkout() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout.inc.php:67 0.0661 3038344 11. c_ws_plugin__s2member_paypal_utilities::paypal_api_response() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout-in.inc.php:423 Notice: Undefined index: L_ERRORCODE0 in /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-utilities.inc.php on line 184 Call Stack: 0.0002 398808 1. {main}() /app/src/index.php:0 0.0003 399096 2. require('/app/src/wp-blog-header.php') /app/src/index.php:17 0.0003 399448 3. require_once('/app/src/wp-load.php') /app/src/wp-blog-header.php:13 0.0003 400192 4. require_once('/app/src/wp-config.php') /app/src/wp-load.php:37 0.0004 401808 5. require_once('/app/src/wp-settings.php') /app/src/wp-config.php:43 0.0354 2721128 6. do_action() /app/src/wp-settings.php:449 0.0354 2721504 7. WP_Hook->do_action() /app/src/wp-includes/plugin.php:453 0.0354 2721504 8. WP_Hook->apply_filters() /app/src/wp-includes/class-wp-hook.php:323 0.0540 2897952 9. c_ws_plugin__s2member_pro_paypal_checkout::paypal_checkout() /app/src/wp-includes/class-wp-hook.php:298 0.0542 2903904 10. c_ws_plugin__s2member_pro_paypal_checkout_in::paypal_checkout() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout.inc.php:67 0.0661 3038344 11. c_ws_plugin__s2member_paypal_utilities::paypal_api_response() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout-in.inc.php:423 Notice: Undefined index: L_SHORTMESSAGE0 in /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-utilities.inc.php on line 184 Call Stack: 0.0002 398808 1. {main}() /app/src/index.php:0 0.0003 399096 2. require('/app/src/wp-blog-header.php') /app/src/index.php:17 0.0003 399448 3. require_once('/app/src/wp-load.php') /app/src/wp-blog-header.php:13 0.0003 400192 4. require_once('/app/src/wp-config.php') /app/src/wp-load.php:37 0.0004 401808 5. require_once('/app/src/wp-settings.php') /app/src/wp-config.php:43 0.0354 2721128 6. do_action() /app/src/wp-settings.php:449 0.0354 2721504 7. WP_Hook->do_action() /app/src/wp-includes/plugin.php:453 0.0354 2721504 8. WP_Hook->apply_filters() /app/src/wp-includes/class-wp-hook.php:323 0.0540 2897952 9. c_ws_plugin__s2member_pro_paypal_checkout::paypal_checkout() /app/src/wp-includes/class-wp-hook.php:298 0.0542 2903904 10. c_ws_plugin__s2member_pro_paypal_checkout_in::paypal_checkout() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout.inc.php:67 0.0661 3038344 11. c_ws_plugin__s2member_paypal_utilities::paypal_api_response() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout-in.inc.php:423 Notice: Undefined index: L_LONGMESSAGE0 in /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-utilities.inc.php on line 184 Call Stack: 0.0002 398808 1. {main}() /app/src/index.php:0 0.0003 399096 2. require('/app/src/wp-blog-header.php') /app/src/index.php:17 0.0003 399448 3. require_once('/app/src/wp-load.php') /app/src/wp-blog-header.php:13 0.0003 400192 4. require_once('/app/src/wp-config.php') /app/src/wp-load.php:37 0.0004 401808 5. require_once('/app/src/wp-settings.php') /app/src/wp-config.php:43 0.0354 2721128 6. do_action() /app/src/wp-settings.php:449 0.0354 2721504 7. WP_Hook->do_action() /app/src/wp-includes/plugin.php:453 0.0354 2721504 8. WP_Hook->apply_filters() /app/src/wp-includes/class-wp-hook.php:323 0.0540 2897952 9. c_ws_plugin__s2member_pro_paypal_checkout::paypal_checkout() /app/src/wp-includes/class-wp-hook.php:298 0.0542 2903904 10. c_ws_plugin__s2member_pro_paypal_checkout_in::paypal_checkout() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout.inc.php:67 0.0661 3038344 11. c_ws_plugin__s2member_paypal_utilities::paypal_api_response() /app/src/wp-content/plugins/s2member-pro/src/includes/classes/gateways/paypal/paypal-checkout-in.inc.php:423

When testing FOR SANDBOX

https://api-3t.sandbox.paypal.com/nvp?&user=xxxxxxxxxx&pwd=xxxxxxxxxx&signature=xxxxxxxxxx&version=70.0&METHOD=SetExpressCheckout&RETURNURL=http://www.paypal.com/test.php&CANCELURL=http://www.paypal.com/test.php&PAYMENTACTION=Sale&AMT=50&CURRENCYCODE=USD

Just Substitute the user, password and signature and enter in your browser. You should get ACK = SUCCESS if you have input your credentials correctly.

My credentials were correct and same ones I used for testing.

[renzms]

@jaswrks / @raamdev

Issue with PayPal Button and URL test on success. Followed everything in the following KBA - https://s2member.com/kb-article/how-do-i-generate-an-s2member-paypal-button-link/. I was able to Pay, and register, but there was an error notice upon redirection after payment:

Notice:

Notice: Undefined offset: 1 in /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-utilities.inc.php on line 64 Call Stack: 0.0002 388096 1. {main}() /app/src/index.php:0 0.0002 388384 2. require('/app/src/wp-blog-header.php') /app/src/index.php:17 0.0002 388736 3. require_once('/app/src/wp-load.php') /app/src/wp-blog-header.php:13 0.0003 389480 4. require_once('/app/src/wp-config.php') /app/src/wp-load.php:37 0.0004 391096 5. require_once('/app/src/wp-settings.php') /app/src/wp-config.php:43 0.0365 2709240 6. do_action() /app/src/wp-settings.php:449 0.0365 2709616 7. WP_Hook->do_action() /app/src/wp-includes/plugin.php:453 0.0365 2709616 8. WP_Hook->apply_filters() /app/src/wp-includes/class-wp-hook.php:323 0.0617 2881736 9. c_ws_plugin__s2member_paypal_return::paypal_return() /app/src/wp-includes/class-wp-hook.php:298 0.0635 2936896 10. c_ws_plugin__s2member_paypal_return_in::paypal_return() /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-return.inc.php:42 0.0637 2937536 11. c_ws_plugin__s2member_paypal_utilities::paypal_postvars() /app/src/wp-content/plugins/s2member/src/includes/classes/paypal-return-in.inc.php:56

[jaswrks]

@renzms @raamdev Thank you for the update and extensive testing.

The issues you reported are related to debug-level notices, of which there are a few still in the s2Member software. These are harmless though, and can be ignored for now.

To clarify, I have been on a mission to get rid of these for some time now, but there are certain areas of the s2Member codebase that are more sensitive to changes that would be required to get rid of these for good. For that reason, I'd prefer to avoid unnecessary refactoring at this moment, in favor of pushing the changes out that correct real underlying bugs; i.e., The debug-level notices in s2Member are just noise, they don't cause any harm.

@renzms If you can turn off WP_DEBUG mode temporarily and run the test again against s2Member I'd appreciate it. Please let me know if you have any trouble with debug mode off. Anything that shows up with debug mode off is a more serious problem.

Note: This applies to s2Member only. Our other projects should always be tested with WP_DEBUG on. s2Member is an unfortunate exception to that rule, at this moment in time.

[raamdev]

@renzms Could I get a status update on this? Were you able to confirm that everything works when testing with WP_DEBUG disabled? This is ready for a GA release once I get confirmation from you.

[renzms]

@raamdev @jaswrks

All good and confirmed without any notices when WP_DEBUG is disabled.

[raamdev]

s2Member v170524 has been released and includes changes from this GitHub Issue. See the v170524 announcement for further details.

---

This issue will now be locked to further updates. If you have something to add related to this GitHub Issue, please open a new GitHub Issue and reference this one (#1087).