Allowing Gateway Webhooks or IPN Data into a Protected Site (for testing or development)

Many development and staging sites want to restrict total access to the site’s folder on the webserver. One of the easiest ways to do this is by setting a UNIX password at the server level.

This advanced developer recipe shows you how to set up custom .htaccess rules to allow your Webhook or IPN data through this security measure. This will allow you to properly configure and test payment gateways in Paid Memberships Pro.


About the Recipe

If your site has a UNIX password or is in Coming Soon/Maintenance Mode, your gateway will not be able to get to your site and send their data.

The recipe below will allow any of the listed IP addresses access to your website and will prompt everyone else to enter your secret UNIX username and password.

Note that this recipe specifically allows the IP addresses of the PayPal IPN Live Server and the Stripe Webhook. If you are using another gateway or using PayPal in Sandbox mode you will need a separate list of IP addresses. Please consult your payment gateway documentation to locate their active IP addresses.

This recipe will only work with sites restricted by a UNIX password. If you are using a Coming Soon plugin, you’ll need to take another approach to allow gateway access to your site (the easiest method is to disable the maintenance mode while running your tests). We’ll try to put together a similar recipe for popular plugins with this feature, or you can open topic in the members-only support forum for personal help.


The Code Recipe

This code recipe requires a Plus Account or higher.

View Membership Options

PMPro Update 1.9.4

Version 1.9.4 of Paid Memberships Pro is being pushed out shortly. This update includes fixes that could impact sales, and we recommend everyone upgrade as soon as possible. There are two updates in particular to look out for related to our Stripe integration as well as new frontend layouts for improved display across devices.


The included Stripe PHP Library has been updated to the latest version.

While not necessary, after upgrading it is a good idea to log into Stripe to change your API settings to use the latest version of the Stripe API. To do this log into Stripe, click on API in the left sidebar, then click on “Upgrade Available” and follow the directions.

If you don’t see the “Upgrade Available” link, then you are already running on the latest version of the Stripe API. Be sure to test checkouts on your site after making this change. For 72 hours, you’ll be able to roll back to the previous version of the Stripe API if needed.


“Table-free” Frontend Pages for Improved Display on All Devices

In an effort to improve the display and responsive layout of default plugin pages, v1.9.4 of Paid Memberships Pro has migrated to a “table-free” layout for selected frontend pages. Affected pages include those pages using the following shortcodes: [pmpro_checkout], [pmpro_confirmation], and [pmpro_billing]. These pages have been updated to use a div-based HTML layout where possible instead of a table-based layout.

We’ve done our best to make sure this update has minimal impact on all of our users, but if you notice UI issues after performing the update (in particular users with custom checkout templates or CSS styling might be affected), you can use the Table Layout Add On to revert to the table-based layout on your site. Note that if you roll back PMPro entirely, you will lose the benefit of the 30+ other fixes and enhancements included in this update. So using the table pages add on the preferred way to fix any UI issues that come up.

It is also important to note that this add on is meant as a temporary solution while you update your site to make use of the new div-based layout. We will support the plugin for about a year. During that time, be sure to reach out to use with any issues caused by our add ons and code and take time to update your own customizations to work with the new layout.


Add Ons Updated to be “Table-free” and for 1.9.4 Compatibility

Many of our Add Ons have also been updated to use the new div-based layout or other bug fixes included in this update. Those add ons will have updates available as well, so be sure to update all of your PMPro Add Ons with update notices before you update the core Paid Memberships Pro plugin.

Affected Add Ons Include


How to Update

Please update Paid Memberships Pro from the plugins page of your WordPress dashboard. You can also get the latest version of PMPro here or version 1.9.4 specifically here.


Changelog

In terms of number of fixes and enhancements, this is one of our largest updates ever. The full list of updates is below.

  • BUG FIX: Fixed issue where PayPal was not working for amounts over $1000.
  • BUG FIX: Non-decimal currencies now handled correctly with Stripe.
  • BUG FIX: Fixed issue where updating a Stripe subscription from the edit user page could cancel the subscription once the webhook fired.
  • BUG FIX: Fixed issue where “admin_cancelled” memberships weren’t being calculated correctly in membership reports.
  • BUG FIX: Fixed issue where users could not drag and drop to change the order of membership levels.
  • BUG FIX: pmpro_getMembershipLevelsForUser() would sometimes return duplicate levels in the array if the user had multiple active entries in the pmpro_memberships_users table.
  • BUG FIX: Updated includes/metaboxes.php to call pmpro_getAllLevels() instead of relying on the $membership_levels global which is problematic.
  • BUG FIX: Fixed a few strings that weren’t wrapped for translation or were using the old text domain.
  • BUG FIX: Fixed redirect error that occured when the levels page was not set.
  • BUG FIX: Updated getfile.php to support file names with urlencoded characters (e.g. spaces) in them. (Thanks, florent from PMPro blog)
  • BUG FIX: Fixed notice when use the getfile.php script due to using add_filter instead of apply_filters in the mimetype class.
  • BUG FIX: Fixed the all time views column for the logins report.
  • BUG FIX: Fixed fatal error on the logins report, member shortcode and other issues when using PHP7.1+.
  • BUG FIX: Fixed issue with saving arrays using pmpro_setOption()
    up the lines of text.
  • BUG FIX: Fixed typo in the string “Are you sure you want to do that? Try again.”
  • BUG FIX: Fixed a few strings that used the wrong text domain or weren’t wrapped correclty for translation.
  • BUG FIX/ENHANCEMENT: Now bundling Google’s jsapi.js file for use in the reports.
  • BUG FIX/ENHANCEMENT: Fixed issue where some emails (e.g. the password reset email) would not have wpautop applied to them, crunching
  • BUG FIX/ENHANCEMENT: Better checking for Theme My Login compatibility when handling login redirects.
  • BUG FIX/ENHANCEMENT: Better error handling for Braintree.
  • BUG FIX/ENHANCEMENT: Membership stats widget now shows first 3 levels based on level order.
  • BUG FIX/ENHANCEMENT: Added the pmpro_member_shortcode_access filter
  • ENHANCEMENT: Updated the Stripe PHP library to version 5.2.2 and updated Stripe to use the latest version of their API, 2017-08-15.
  • ENHANCEMENT: Changed frontend pages (e.g. checkout.php) to use a div-based layout instead of tables. Important information here if you are using custom page templates or notice UI issues after upgrading
  • ENHANCEMENT: Added pagination to the discount codes page in the admin. Also sorting codes in descending order by ID. Use the pmpro_discount_codes_per_page filter to change the per page limit from 15.
  • ENHANCEMENT: Updated plugin admin pages with better links to documentation and support.
  • ENHANCEMENT: Updated plugin frontend pages checkout, billing, confirmation, and single invoice to remove most table based layouts.
  • ENHANCEMENT: Better error message if trying to checkout using an existing user’s email address.
  • ENHANCEMENT: Added the pmpro_report_levels filter to let users change levels and order of levels for the memberships.php report.
  • ENHANCEMENT: Updated video and copy for readme.txt.
  • ENHANCEMENT: Added user display name to Memberlist search query
  • ENHANCEMENT: Added Russian Ruble as a currency.
  • ENHANCEMENT: Changed the dated term “CVV” to “Security Code (CVC)” when shown on the frontend.
  • ENHANCEMENT: Added .doc and .docx to the mimetype class.
  • ENHANCEMENT: Added Portuguese language files. (Thanks, Secundino Correia)
  • ENHANCEMENT: Updated plugin admin pages with better links to documentation and support.
  • Setting up a Developer Account to Test Your Payment Gateway

    Using Paid Memberships Pro in your selected payment gateway’s “testing/sandbox” mode allows you to test membership checkout without processing real payments. Sandbox mode requires unique credentials that vary based on the active payment gateway.

    This post covers how to set up your test or sandbox account so that you can run tests on a membership checkout.


    Testing your Payment Gateway.

    Technically, all you need to do to start accepting payments on your site is sign up for a payment gateway and paste the appropriate API information into the Memberships > Payment Settings page in the WordPress admin of your site.

    However, taking some time out to test your payment gateway first will not only give you peace of mind that the gateway is properly set up and ready to start receiving payments but it also gives you a good idea of how the gateway works and whether or not this gateway will be right for you and your members.


    Setup Example: Stripe

    Setting up a Stripe testing account is really quite simple. All you need to do is navigate to the Stripe Registration page, fill in the appropriate fields and click on the “Create your Stripe Account”.

    Once your account is set up , you will be redirected to your Stripe Dashboard and an email will be sent to you asking you to verify your email address. Your Stripe testing account is now set up and you are (almost) ready to start testing it out on your website.

    Note – in order to start using this account to accept actual payments, you will need to “Activate your account” from within the Stripe Dashboard.


    Adding the test API keys to your website.

    To add the relevant Stripe API keys to your website, you will need to navigate to the “API” tab in your Stripe Dashboard and copy both the “Publishable” and “Secret” API key and paste them into your Paid Memberships Pro payment gateway settings. This can be found by navigating to your WordPress Dashboard > Memberships > Payment Settings.

    Note: Remember to set the payment gateway in your payment settings to Stripe and your “Gateway Environment” to “Sandbox/Testing”.

    Once you have added your API keys, save your settings.


    Processing a test checkout.

    It is now time to do a test checkout. Log out of your website completely and proceed to purchase a membership level just as one of your potential customers would. You should eventually be redirected to your checkout page.

    Fill out the checkout form as a normal user would and when you get to the “Payment Information” section, you will need to input a Stripe Testing Card number in order to process the test payment. If you do not use a Stripe testing card, you will receive a “Your card number is incorrect” error message.


    Back to the Stripe Dashboard.

    Once you have successfully processed the membership checkout, you will be able to navigate back to your Stripe Dashboard and see the test data as if it was an actual user who checked out of your site. Feel free to browse through the different menu options to get an overall feel for how this payment gateway works. The more you explore the gateway’s capabilities and limitations, the better idea you will have of whether or not a payment gateway will work for you.


    Time to go live.

    When you have done enough testing and you are now ready change over to a live environment, make sure that you change your “Gateway Environment” to “Live/Production” and complete the fields with your gateway’s appropriate information.

    If you have not yet activated your Stripe account, you will need to do this before you can get your “Live” API keys. Live payments cannot be processed if your integration is still using your test API keys. Once you paste in your live API keys, save your changes.


    Some useful links to get you started.

    Troubleshooting Uncaught Exception: ‘Stripe needs the Multibyte String PHP extension’

    If you’re integrating with Stripe and running into an error with the words “Uncaught Exception”, see below for how to resolve.


    Ask your host to enable ‘multibyte string PHP extension’

    This particular error is between Stripe and your hosting configuration. You should follow up with your host to have the “multibyte string PHP extension” installed.

    Most hosts should be able to do this quickly on your account. You might need to upgrade your plan if you are on a lower level shared hosting plan.


    The Sample Error(s) You May be Seeing

    Fatal error: Uncaught exception 'Exception' with message 'Stripe needs the Multibyte String PHP extension.' in /public_html/wp-content/plugins/paid-memberships-pro/includes/lib/Stripe/Stripe.php:13 Stack trace: #0 /public_html/wp-content/plugins/paid-memberships-pro/classes/gateways/class.pmprogateway_stripe.php(43): require_once() #1 /public_html/wp-content/plugins/paid-memberships-pro/classes/gateways/class.pmprogateway_stripe.php(27): PMProGateway_stripe->loadStripeLibrary() #2 /public_html/wp-content/plugins/paid-memberships-pro/classes/class.memberorder.php(128): PMProGateway_stripe->PMProGateway_stripe('stripe') #3 /public_html/wp-content/plugins/paid-memberships-pro/classes/class.memberorder.php(10): MemberOrder->setGateway('stripe') #4 /public_html/wp-content/plugins/paid-memberships-pro/preheaders/checkout.php(434): MemberOrder->MemberOrder() #5 /public_html/wp-content/plugin in /public_html/wp-content/plugins/paid-memberships-pro/includes/lib/Stripe/Stripe.php on line 13