S2Member Pro v260217

(Framework) **Bug Fix:** Prevent PHP fatal error when multiple PayPal Checkout buttons appear on the same page (PHP 8+).

(Framework) **Bug Fix:** PayPal Checkout admin actions (Test Credentials / Webhook / Clear Cache) now submit via POST instead of redirecting (avoids “headers already sent” warnings).

(Framework) **Bug Fix:** PayPal cancellation notifications now backfill missing membership mapping fields (`item_number`, `item_name`, `period1`, `period3`) from stored IPN Signup Vars using the subscription ID ( `recurring_payment_id` / `subscr_id` ), so Auto-EOT is set correctly on cancel.

(Framework) **Bug Fix:** Auto-EOT PayPal status checks now query PayPal Checkout subscriptions via PayPal’s REST Subscriptions API (instead of PayPal's legacy “Recurring Payments” API), preventing “11592” errors and allowing Auto-EOT to detect inactive PayPal Checkout subscriptions.

(Framework) **Security:** PayPal Checkout webhook environment inference now validates the `paypal-cert-url` host before using it (hardens environment inference used during verification).

(Framework) **Security:** PayPal Checkout cancel redirect now validates the destination URL and safely falls back to the site home URL.

(Framework) **Security:** PayPal Checkout tokens now use s2Member’s hardened unserialize routine.

(Framework) **Security:** Harden unserialization of stored custom capabilities metadata when loading user access rules.

(Framework) **Security:** Harden the registration password handler.

(Framework) **Improvement:** Harden PayPal Checkout endpoint behavior on problematic hosts; return consistent JSON errors (HTTP 500) on notify-proxy failures.

(Framework) **Improvement:** Harden PayPal Checkout REST API/webhook handling for network failures and unexpected/non-JSON responses (avoids PHP 8+ warnings).

(Framework) **Improvement:** PayPal Checkout webhook setup now treats "no change" updates and existing webhook URLs as success (adopts the existing webhook ID automatically).

(Framework) **Improvement:** PayPal Checkout webhook signature verification now auto-detects Sandbox vs Live from inbound headers (so webhooks validate correctly even if the site’s current environment setting differs).

(Framework) **Improvement:** PayPal Checkout logging now includes `env_setting` (site setting) and `env_webhook` (inferred from inbound webhook headers) for clearer Sandbox/Live environment troubleshooting.

(Framework) **Improvement:** PayPal Checkout webhook idempotency cache (event/txn transients) now retains entries for 1 year (reduces long-term option bloat while preserving replay protection).

(Framework) **Improvement:** s2Member’s PayPal “Unsubscribe” button links to PayPal’s subscription management page, and with the new PayPal Checkout integration, when `output="button"` and a PayPal subscription ID is present, s2Member will attempt to cancel the subscription directly.

(Framework) **UI:** Add a description for `paypal-checkout.log` in the Log Viewer dropdown (so it’s not “No description available”).

(Pro) **Improvement:** PayPal Checkout buttons now support `accept="card"` to enable guest debit/credit card payment in the PayPal-hosted checkout experience when available (availability depends on PayPal settings/eligibility and browser privacy protections).

- (Framework) **PayPal Enhancement**: Modernized s2Member’s PayPal integration by adding support for PayPal Checkout with their latest REST APIs, Smart Buttons, and webhook event handling. This release introduces PayPal’s current Checkout platform as an optional, reliable alternative to the legacy PayPal Standard buttons. Existing s2Member PayPal button shortcodes continue to work as-is (no edits required). See: _WP Admin > s2Member > PayPal Options > PayPal Checkout (Beta)_. Thanks to the beta testers, especially Sim Architect.

- (Framework) **Security**: Improved sanitization and normalization of attribute values for the s2Eot, s2Strem and s2Member-Security-Badge shortcodes.
- (Framework) **Security**: Improved sanitization of replacement values for confirmation and notification emails.

- (Framework) **Security**: Improved sanitization for Tracking API replacement values.

- (Framework) **Fix**: Use the site URL host instead of HTTP_HOST for proxy key when Skip Domain Check is enabled.

- (Framework) **Fix**: Ensure the Fallback IPN Signup Vars provide a valid item_number for cancellation handling.

- (Framework) **Security**: Improve handling of registration fields in multisite.

- (Framework & Pro) **UI**: Add a Help panel with contact form to all admin pages.

- (Framework & Pro) **Enhancement**: s2Member now supports sending emails in HTML format, allowing for richer, styled messages with formatting, links, and branding. You can enable this feature under _General Options > Email Configuration > Enable HTML Emails_. When disabled, emails continue to use plain text as before. This feature is currently in beta, so feedback is welcome!

- (Framework & Pro) **Enhancement**: Added a new option to skip the domain validation for notifications from the payment gateways. This allows continued processing of incoming notifications even if the domain in the `custom` value doesn't match the current site's. Useful for subscriptions originated outside of s2Member, or under a different domain. The setting is available under: _WP Admin > s2Member > PayPal Options > PayPal IPN / Instant Payment Notifications_

- (Pro) **UI**: Added the recent IPN Signup Vars Fallback and new Skip Domain Validation to all the gateway options pages.

- (Framework) **Enhancement**: Added the site's language code when loading the reCaptcha.

- (Pro) **UI**: Added a page refresh after the Pro Updater finishes installing the latest Pro release, to update the WP Admin interface and not show the Pro Updater again.

- (Pro) **UI**: Added a page refresh after the Other Gateways options are saved, to update the WP Admin left menu.

(Maintenance Release) Upgrade immediately.

- (Pro) **Enhancement**: Added optional fallback behavior for missing IPN Signup Vars during Stripe webhook processing. When enabled, s2Member will generate a makeshift IPN vars array if none are stored for the user. This helps support migrated or manually imported subscriptions. The setting is available under _s2Member Pro > Stripe Options > Stripe Webhook/IPN Integration_. See [thread 11334](https://f.wpsharks.com/t/11334).

- (Framework) **UI**: Removed admin notice about Easter promo for Pro add-on.

- (Framework) **Enhancement**: Added additional sanitation/validation to the Logs Viewer, although only Administrators have access to it.