BuddyPress

Change Log

v120517

• (Maintenance Release) Upgrade immediately.
• (s2Member Pro) PayPal® Pro Forms. This release removes all limitations on the maximum length of an initial trial/period. It is now possible to offer any number of days/weeks/months/years for free, or at a different initial rate.
• (s2Member Pro) Authorize.Net® Bug Fix. Max length (i.e. maxlength="") adjusted in Pro Forms integrating with Authorize.Net. Transactions were sometimes failing due to character length restrictions imposed by the Authorize.Net® API. Fixed in this release. Please see this thread for further details.
• (s2Member/s2Member Pro) JW Player® Code Samples. Updated code samples for JW Player®, to reduce the possibility of a namespace conflict in configuration variables. For further details, please check this thread.

v120514

• (Maintenance Release) Upgrade immediately.
• (s2Member Pro) Payflow® API Support. s2Member® Pro now supports PayPal® Pro accounts operating with the Payflow® edition. It is now possible to process recurring payments through newer PayPal® Pro accounts (e.g. those which may use the new Payflow® API for recurring billing). Please note, this feature should ONLY be used by site owners with a brand new PayPal® Pro account, which has Recurring Billing service enabled under the Payflow® edition. Site owners with existing PayPal® Pro accounts are NOT impacted by this feature, nor should they attempt to use this feature. For further details, please check your Dashboard under: s2Member® -> PayPal® Options -> Payflow® Account Details.
• (s2Member Pro) Authorize.Net® Shortcode Attribute. A new Shortcode Attribute rrt="", is available for Authorize.Net® Pro Forms. For further details, please check your Dashboard under: s2Member® -> Authorize.Net® Forms -> Shortcode Attributes (Explained).
• (s2Member Pro) Authorize.Net® Bug Fix. Transactions were sometimes failing due to character length restrictions imposed by the Authorize.Net® API. Fixed in this release. Please see this thread for further details.
• (s2Member/s2Member Pro) Remote Request Hook. A few developers requested this. A new WordPress® Hook was added to s2Member’s remote connection routine. Search s2Member’s source code for Hook name: ws_plugin__s2member_before_wp_remote_request.
• (s2Member Framework) PayPal® Buttons. Restrictions limiting the number of days/weeks/months/years allowed in recurring periods for a PayPal® Button have been increased. Max days was increased from 7 to 90, weeks remains at 52 max, months is up from 12 to 24 max; years increased from 1, up to 5 years max. This change impacts PayPal® Standard Buttons only, and does NOT affect Pro Forms, which operate on restrictions imposed by the PayPal® Pro API (and these are slightly different).
• (s2Member/s2Member Pro) JW Player® Code Samples. Updated code samples for JW Player®. For further details, please check your Dashboard under: s2Member® -> Download Options -> JW Player® Code Samples.

v120309

• (s2Member Pro) ccBill® Cancellations. It’s now possible for s2Member to pull ccBill® “cancellation” events, from the ccBill® DataLink Service Suite. For further details and configuration options, please check this section of your Dashboard: s2Member -> ccBill Options -> DataLink Integration.
• (s2Member/s2Member Pro) Bug fix. Some PHP installations running in safe mode were experiencing 400 Bad Request errors whenever s2Member’s Amazon® CloudFront configuration routines for file downloads were processed. Fixed in this release.

v120308

• (s2Member/s2Member Pro) Custom Registration/Profile Fields. Now possible to create a Custom Field that’s always hidden, during both registration and any future Profile edits (e.g. for administrative purposes only).
• (s2Member/s2Member Pro) Compatibility. Minor updates for compatibility with the coming release of WordPress® v3.4.
• (s2Member Pro) Bug fix. Broken link in UI leading to: s2m-pro-extras.zip. Corrected in this release.

v120301

• (s2Member Pro) ClickBank. Bug fix in call to http_build_query() related to arg_separator. This affected installations of PHP with something other than a default INI value for argument separators. Fixed in this release for better compatibility.
• (s2Member/s2Member Pro) File downloads. Bug fix in s2Member’s handling of the "file_storage" parameter to API Function s2member_file_download_url(). Fixed in this release.

v120219

• (s2Member) File downloads. s2Member’s .htaccess rules updated to also support older versions of the Apache 1.x series. However, we still recommend that you run s2Member® with Apache 2.0 or higher. Or, with another modern web server that’s Apache-compatible, such as LiteSpeed.
• (s2Member) Link updates. Some of the documentation built into the s2Member® plugin contained links which were outdated after our recent move to the new s2Member.com. These links have now been updated within the plugin.
• (s2Member) New video tutorial. s2Member® Intros, Framework and Pro
• (s2Member) New video tutorial. s2Member® File Downloads, Complete Series / From Basics On Up
• (s2Member) New video tutorial. s2Member® File Downloads, Amazon S3/CloudFront/JW Player
• (s2Member) New video tutorial. s2Member® File Downloads, Remote Auth/Podcasting
• (s2Member) New video tutorial. s2Member® File Downloads, GZIP Conflicts?
• (s2Member) New video tutorial. s2Member®, Using The PayPal Sandbox

v120213

• (s2Member) File downloads. GZIP conflicts can now been resolved for file downloads. s2Member now introduces an .htaccess rewrite rule, which is automatically installed during activation and/or a future upgrade of the s2Member® Framework plugin. These rewrite rules are installed into your root .htaccess file for WordPress (if it’s writable). If your .htaccess file is not writable, you will get a warning in your s2Member -> Download Options panel.

  For further details, please check your Dashboard under: s2Member -> Download Options -> Preventing GZIP Conflicts. Or see this KB article.

• (s2Member) Optimization. Slow query w/ memory issues during activation on a Multisite Network with over 30K Users/Members. Fixed in this release.
• (s2Member) Compatibility. Litespeed web server compatibility added to all areas of s2Member. A few mod_rewrite tweaks were needed. Fixed in this release.
• (s2Member) Bug fix. Automatic list transitioning issue, which was affected by Payment Button integrations where s2Member’s Auto-Return handler was getting in the way. Fixed in this release.
• (s2Member/s2Member Pro) Bug fix. Due to an issue that once existed in releases of s2Member prior to v110927, s2Member’s Auto EOT System was sometimes failing to succeed in cases where no IPN Signup Vars could be found (but only for Members who originally joined under a release of s2Member prior to v110927). s2Member v120213 resolves this elusive bug with a built-in workaround (i.e. a built-in default value in the code), specifically for this scenario.
• (s2Member Pro) Bug fix. If Membership Levels were changed with s2Member Pro via /wp-config.php using define("MEMBERSHIP_LEVELS", 1) or similar; s2Member was failing to cleanup all unused Capabilities in the wp_user_roles array, which may have been associated with previously used Membership Levels. This had no harmful side effects, but it was a bug nevertheless. Upgrading to the latest installation of s2Member automatically cleans up any Capabilities this bug left behind. New installations of s2Member will not be affected by this at all.
• (s2Member/s2Member Pro) Routine maintenance. Overall review of the codebase, security review, general code cleanup and maintenance.
• (s2Member) New website. A new website has been launched for s2Member. Please see: s2Member.com
• Coming soon. Work continues on the next generation of s2Member®.

v111220

• (s2Member Pro) Security fix. PayPal® Pro and Authorize.Net® Forms were vulnerable to an XSS attack, reproducible with a Coupon Code containing special characters. Discovered by ControlScan™. Fixed in this release. For further details, please see this thread.
• (s2Member Pro) Security hardening. s2Member’s Systematics routine hardended against a possible attack coming from a spoofed IP address matching that of the installation server itself. For further details, please see this thread.
• (s2Member Pro) Security hardening. PayPal® Pro and Authorize.Net® Forms hardended against a possible attack against card types. Discovered by ControlScan™. For further details, please see this thread.

v111216

• (s2Member/s2Member Pro) Bug fix. ClickBank® not passing all s2 Vars after return from a non-recurring transaction. Fixed in this release. For further details, please see this thread.
• (s2Member) Bug fix. Amazon® S3/CloudFront issues with ACLs upon auto-configuration routine. Leading to a 400 error code. Fixed in this release. For further details, please see this thread.
• (s2Member/s2Member Pro) WordPress® v3.3 / v3.4. Updates for compatibility with WordPress® v3.3, and initial compatibility scans against WordPress® v3.4-alpha. Everything looks good. This release of s2Member also remains compatible with the WordPress® v3.2.x series.

v111206

• (s2Member/s2Member Pro) WordPress® v3.3. Updates for compatibility with WordPress® v3.3. This release of s2Member also remains compatible with the WordPress® v3.2.x series.
• (s2Member/s2Member Pro) Bug fix. An important bug was identified in s2Member’s handling of certain EOT events associated with Subscr. Modifications ( under the right scenario ). Fixed in this release.
• (s2Member Pro) reCAPTCHA™ bug fix. An issue with reCAPTCHA™ public/private keys, on s2Member Pro Forms ( particularly on Free Registration Forms ), which was related to some data loss suffered by Google’s reCAPTCHA™ service; has been resolved in this release. In addition, a new UI panel has been introduced, allowing site owners to use their own public/private keys associated with reCAPTCHA™; if they so choose. This is optional however. For further details, please check your Dashboard here: s2Member -> General Options -> CAPTCHA Anti-Spam Security. Requires s2Member® Pro.
• (s2Member/s2Member Pro) Security hardening. Additional security checksums have been added to s2Member’s utility encryption methods to make these routines even more secure.
• (s2Member/s2Member Pro) Security hardening. Additional security protocols have been added to s2Member’s core PayPal® processors to make these routines even more secure.
• (s2Member Pro) Deprecated feature. For s2Member Pro Forms with Custom Return URLs on success, the %%response%% Replacement Code within URLs is now deprecated, in favor of the new %%s_response%%. For further details, please check your Dashboard here: s2Member -> PayPal/Authorize.Net Pro Forms -> Custom Return URLs On Success -> Replacement Codes.
• (s2Member/s2Member Pro) Security fix. A security vulnerability related to unsigned URLs leading to checkout pages for ccBill®, ClickBank® and Google® Checkout, has been addressed in this release. For further details, please see this thread.

v111105

• (s2Member Pro) New feature. It is now possible to configure Coupon Codes that are ONLY valid on specific Pages/Posts which may hold one of your s2Member Pro Forms. For further details, please check the examples in your Dashboard, here: s2Member -> Pro Coupon Codes.
• (s2Member Pro) New feature. Affiliate Coupon Codes make it possible for your affiliates to receive credit for sales they refer, using one of your Coupon Codes. Here’s how it works. You tell your affiliates about one or more of the Coupon Codes that you accept. Each of your affiliates can add their affiliate ID onto the end of any valid Coupon Code, like this: COUPON-CODE-A:123; where COUPON-CODE is the valid Coupon Code that you’ve configured, and 123 is the affiliate’s ID. If a Customer comes to your site, and they use a Coupon Code with an affiliate ID on the end of it; your affiliate will be tracked automatically by s2Member. If this Customer actually completes the sale, the referring affiliate will be credited with whatever commission your affiliate program offers. For further details, please check the examples in your Dashboard, here: s2Member -> Pro Coupon Codes -> Affiliate Coupon Codes.
• (s2Member/s2Member Pro) New feature. It is now possible to protect all Posts, but only of a specific Post Type. For further details, please check your Dashboard, under: s2Member -> Restriction Options -> Post Level Access Restrictions.
• (s2Member Pro) Improvement. The s2Member Pro Login Widget now has improved handling of its %%previous%% Replacement Code for login redirections. For further details, please see this thread.
• (s2Member/s2Member Pro) MOP Vars improved. s2Member MOP Vars ( Membership Options Page Variables ), have been improved in this release. For further details, please check your Dashboard, under: s2Member -> API / Scripting -> Membership Options Page (Variables).
• (s2Member/s2Member Pro) bbPress®. Dropped legacy support for bbPress® stand-alone version. s2Member still supports the WordPress® plugin version of bbPress® v2.0+. However, from this version forward, we will no longer support the legacy s2Member Bridge to the stand-alone version of bbPress®. If you’ve already installed the s2Member Bridge for the stand-alone version of bbPress®, using a previous release of s2Member, your s2Member Bridge plugin should continue to work. However, the s2Member bbPress® Bridge is no longer included with s2Member, and we will not support the stand-alone version of bbPress® from this point forward.
• (s2Member) Bug fix. s2Member function c_ws_plugin__s2member_utils_gets::get_all_post_ids() was not properly excluding Post Type nav_menu_item. Fixed in this release.
• (s2Member) Bug fix. s2Member function c_ws_plugin__s2member_utils_gets::get_all_child_category_ids() was not including empty terms. Fixed in this release.
• (s2Member) Bug fix. s2Member function c_ws_plugin__s2member_utils_gets::get_all_tag_ids() was not including empty terms. Fixed in this release.
• (s2Member/s2Member Pro) Routine maintenance. Some code optimization, some cleanup, and some organizational improvements in preparation for new features in a coming release.
• (s2Member/s2Member Pro) WordPress® 3.3-beta2. Compatibility updates for the coming release of WordPress® 3.3.

v111029

• (s2Member Pro) Compatibility. s2Member Pro now supports automatic upgrades through filesystem methdologies, other than direct. For further details, please see this thread.
• (s2Member) Bug fix. A bug in the s2Member framework was causing some IPNs with txn_type = recurring_payment_suspended_due_to_max_failed_payment to get bypassed inadvertently. Fixed in this release. For further details, please see this thread.
• (s2Member Pro) Bug fix. A bug in s2Member Pro’s AliPay® integration was causing an error could not find existing User ID. Fixed in this release. For further details, please see this thread.
• (s2Member Pro) Bug fix. A bug in s2Member Pro’s AliPay® integration was causing issues in duplicate IPNs received from AliPay®. Fixed in this release.
• (s2Member/s2Member Pro) Compatibility. File Downloads. s2Member now considers server software environments before chunking file downloads, avoiding issues with partially corrupted files on some hosting platforms. In addition, s2Member is now capable of falling back on a flushed delivery method so it can continue to avoid memory issues on shared hosting accounts, even when Transfer-Encoding: chunked is not possible. These improvements allow s2Member to remain compatible in edge cases. Such as when running on Litespeed and/or Windows servers; or on shared hosting platforms that have fewer resources available.
• (s2Member Pro) Bug fix. Automatic upgrader failing on copy command when running at HostGator. Fixed in this release.
• (s2Member/s2Member Pro) Security fix. The /s2member-files/ directory (with newly updated Mod Rewrite rules in its .htaccess file) was allowing directory indexing inadvertently, on some servers. This was a low-level vulnerability, because although directory indexing was possible, protected file access was not. Fixed in this release. For further details, please see this thread.
• (s2Member/s2Member Pro) Bug fix. A bug related to the init() Hook firing an early call to c_ws_plugin__s2member_systematics::is_wp_systematic_use_page() was identified. Fixed in this release. One symptom of this bug was for Users/Members to have trouble accessing a BuddyPress registration form after having paid for Membership, under the right scenario.
• (s2Member/s2Member Pro) New API Functions. New API Functions: s2member_shorten_url(), s2member_user_downloads(), s2member_total_downloads_of(), and s2member_total_unique_downloads_of(). For further details, please check the s2Member Codex.
• (s2Member/s2Member Pro) Routine maintenance. Some code optimization, some cleanup, and some organizational improvements in preparation for new features in a coming release.
• (s2Member/s2Member Pro) WordPress® 3.3-beta2. Compatibility updates. CSS tweaks, JavaScript tweaks and other considerations for the coming release of WordPress® 3.3.

v111017

• (s2Member/s2Member Pro) Bug fix. s2Member now works around a known bug in PHP, related to the parse_url() function. For further details, please see this PHP bug report.
• (s2Member/s2Member Pro) Compatibility. Improvements to s2Member’s wp_mail() conformity, related to the reducton of "Name" <email> to just email. This release should work to further improve email deliverability in edge cases, particulary on sites running an SMTP mail plugin.
• (s2Member/s2Member Pro) Compatibility. Improvements to s2Member’s JW Player® integration. s2Member now prevents unreserved chars, i.e. array ("-", ".", "_", "~") from being URL-encoded in file download URLs, maximizing compatibility with many media players, including JW Player®. In previous releases, JW Player® would randomly fail on some RTMP streams with error Stream Not Found. Fixed in this release. For further details, see RFC 3896.
• (s2Member/s2Member Pro) Compatibility. Initial testing against WordPress v3.3-beta1. Looks pretty good. A few minor cosmetic issues still need to be addressed in a future release of s2Member though.
• (s2Member/s2Member Pro) Compatibility. Tested against BuddyPress v1.5.1. Updated s2Member to support $bp->maintenance_mode, and other cases where bp_core_loaded is NOT fired at all.
• (s2Member/s2Member Pro) Routine maintenance. Some code optimization, some cleanup, and some organizational improvements in preparation for new features in a coming release.
• (s2Member/s2Member Pro) Bug fix. Edge case identified where the /s2member-o.php file was failing to fallback on full WordPress®. Fixed in this release.

v111011

• (s2Member/s2Member Pro) Bug fix. An array to string conversion error was found in Profile editing panels whenever a multi-option Select Menu was created as a Custom Registration/Profile Field with s2Member. Fixed in this release. For further details, please see this thread.
• (s2Member/s2Member Pro) Email recipients / compatibility fix. A bug found by an s2Member Pro customer, related to PHP’s mail() function in PHP 5.2 < 5.2.11 was preventing some email messages from being processed properly. Fixed in this release. For further details, see this thread and/or this PHP bug report please.
• (s2Member/s2Member Pro) Bug fix. s2Member was redirecting logged-in Users/Members to the Download Limit Exceeded Page whenever an attempt to download a file was made by a User/Member with access at a Level that was NOT allowed to access files period. s2Member should have been redirecting these specific requests to the Membership Options Page instead, with MOP Vars included. Fixed in this release. For further details, please see this thread.
• (s2Member/s2Member Pro) Documentation updates. s2Member’s built-in Dashboard documentation has been updated in several places. This should work to further help site owners that are new to s2Member. In addition, s2Member’s inline documentation now includes tips for integrating BuddyPress, when/if BuddyPress is installed and activated in your WordPress® installation.
• (s2Member/s2Member Pro) Logging. s2Member now adds the currently installed version of PHP to its log entries, if logging is enabled by the site owner.
• (s2Member/s2Member Pro) AWeber. A bug was found in s2Member’s AWeber integration. When/if you configured s2Member NOT to collect First/Last Names, the email subscription request was not being parsed properly on the AWeber side of things, due to a regex issue in their built-in PayPal Email Parser. Fixed in this release. In addition, s2Member has built a Custom Email Parser for AWeber, which is optional, but definitely recommended. Please see this thread for further details.
• (s2Member/s2Member Pro) Bug fix. A bug was found in s2Member’s email configuration routine, which made it possible ( based on other plugin combinations running in concert with s2Member ), for s2Member to drop existing mail_from values configured by other plugins, which may have resulted in delivery failures, particularly when/if a site was configured to use an external SMTP server, which MAY require that your From: header reference a specific address, one that is directly associated with your external SMTP account. Fixed in this release. In addition, please be advised that if you run an SMTP mail plugin with WordPress®, you should be sure to configure your s2Member -> General Options -> Email Configuration with a valid From: address ( i.e. one matching your SMTP configuration perhaps ). Most free SMTP servers, such as Gmail/Yahoo, require that your From: header match the email address associated with your account. Please check with your SMTP service provider before attempting to configure plugins like s2Member to use a different From: address when sending email messages. For further details, please check your Dashboad, under: s2Member -> General Options -> Email Configuration.
• (s2Member/s2Member Pro) MailChimp®/AWeber® list transitioning. s2Member’s list transitioning routine ( an optional feature ) has been further optimized and improved. In addition, it is now possible to force the transition of Users/Members from one set of lists to another, even when s2Member is unable to remove them from an existing list. For further details, please check your Dashboard under: s2Member -> API List Servers -> Automate Unsubscribe / Opt-Outs.
• (s2Member/s2Member Pro) Reset or lock-in Roles/Capabilities. A new development tool is available in your Dashboard, which makes it possible for developers to reset and/or lock-in the Roles/Capabilities associated with s2Member. For further details, please check your Dashboard, under: s2Member -> General Options -> Membership Levels/Labels.
• (s2Member/s2Member Pro) Routine maintenance. Some code optimization, some cleanup, and some organizational improvements in preparation for new features in a coming release.

v111003

• (s2Member) Bug fix. Fatal eval() error inside: /includes/classes/no-cache.inc.php. Fixed in this release.

v111002

• (s2Member) BuddyPress v1.5 fix. Issues with BuddyPress v1.5 and s2Member’s URI Restrictions; corrected in this release. Hook priority updated, and template_redirect converted to wp at priority 2, giving s2Member the ability to integrate with BuddyPress v1.5 properly in all scenarios.
• (s2Member) tinyURL® bug fix. s2Member’s handling of potential failures in the output of tinyURLs, generated by the tinyURL® API; was NOT considering all failure possibilities. A symptom of this bug was to see URLs in your Signup Confirmation Email (occassionally, upon connection failure to the tinyURL® API, when it was down for whatever reason) starting with: Error#. Corrected in this release.
• (s2Member) URL Shortening API (Preference). s2Member now includes a class method dedicated to URL shortening service APIs. Currently, s2Member will use the tinyURL® API first (i.e. tinyurl.com ), and then use the Google® URL Shortening API (i.e. goo.gl ) as a backup when/if the tinyURL® API is down for whatever reason. In this release, a new configurable option is available, which allows advanced site owners to preference the Google® Shortening API over tinyURL®, if they desire. It is also possible to integrate your own custom GET request, for whichever service you prefer. For further details, please check your Dashboard, under: s2Member -> General Options -> URL Shortening API (Preference).
• (s2Member) Bug fix. Bug first introduced in s2Member v110912. s2Member’s new optimized method of loading its CSS/JS was causing some problems on a few Windows® server environments. In some cases, s2Member was unable to properly identify itself through the /s2member-o.php file, given limitations of the core WordPress® function plugin_basename(). A symptom of this bug was for s2Member to fail at loading its CSS/JS libraries. Fixed in this release.
• (s2Member) Security fix. It was possible for some of s2Member’s code sample files to be executed directly. Not a proven vulnerability, but definitely NOT a good idea to allow this either. Fixed in this release, by renaming all .php files inside the /includes/menu-pages/code-samples/ directory. These files now have a .x-php extension. As an additional line of defense, a new .htaccess file with deny from all is automatically placed inside the main /s2member/includes/ directory. None of these files should be available pulicly anyway. s2Member’s exsiting realpath() file scans remain in place too, which further prevents the direct execution of .php files.

v110927

• (s2Member) BuddyPress v1.5 compatibility. Misc tweaks.
• (s2Member) Documentation improvements. New documentation covering Shortcode Attributes and API Function parameters for the new [s2File /] Shortcode, and for the new API Function s2member_file_download_url(). Please check your Dashboard, under: s2Member -> Download Options -> Shortcode Attributes / API Functions ( Explained ).

v110926

• (s2Member/s2Member Pro) BuddyPress v1.5. Updated for compatibility with BuddyPress v1.5.
• (s2Member Pro) Bug fix. A bug first introduced in s2Member Pro v110912 was causing problems for Pro Forms integrated on a Child Blog of Multisite Blog Farm. Fixed in this release.
• (s2Member/s2Member Pro) Bug fix. Custom Registration/Profile Fields configured to require an EXACT number of characters and/or digits was NOT being handled properly by s2Member in all cases. Fixed in this release.
• (s2Member/s2Member Pro) Bug fix. A bug first introduced in s2Member v110912 was causing problems with s2Member’s default email customization templates. Double percent signs %% for Replacement Codes were being reduced by s2Member’s internationalization routines, to just single percent signs %, thereby nullifying them as valid Replacement Codes. Fixed in this release. If you installed s2Member and/or s2Member Pro v110912 – v110915 on a clean installation of WordPress®, it would be a good idea to have a quick look at your email customizations with s2Member, just to make sure your Replacement Codes have double percent signs around them ( for example, this is valid: %%registration_url%%, and this is NOT valid: %registration_url% ).
• (s2Member) Amazon® S3/CloudFront. s2Member is now fully integrated with Amazon® CloudFront, in addition to its existing support for Amazon® S3. Please note, one of the greatest things about Amazon® CloudFront, is its ability to stream/seek media files in the truest sense of the word over the RTMP protocol. For sites delivering protected FLV/MP4/OGG/WEBM and other streaming audio/video file types over the RTMP protocol, Amazon® CloudFront is our recommendation. Once you’ve successfully configured s2Member to use both Amazon® S3 and Amazon® CloudFront together, please review this section in your Dashboard: s2Member -> Download Options -> JW Player® & RTMP Protocol Examples. s2Member will automatically serve your protected files over the RTMP protocol, using an Amazon® CloudFront Streaming Distribution. In fact, s2Member can even configure all of your Amazon® S3/CloudFront Distros, ACLs, and Policies automatically; making it possible for just about anyone to stream media s2Member-protected files in real-time.
• (s2Member) s2File Shortcode. s2Member now provides a new Shortcode: [s2File /]. For further details, please check your Dashboard, under: s2Member -> Download Options -> Basic Download Restrictions.

v110915

• (s2Member Pro) Bug fix. A bug first introduced in s2Member/s2Member Pro v110912+ was causing parse errors on Authorize.Net Free Regisration Forms. Fixed in this release.

v110913

• (s2Member) Compatibility. s2Member v110912+ requires WordPress® v3.2+.
• (s2Member) Bug fix. A bug first introduced in s2Member v110912 related to JavaScript/CSS files not loading properly on some installations has been corrected in this release. One symptom of this bug was s2Member’s failure to display Pro Form integrations properly in some cases. Another symptom may have been improper handling of Registration Form validations.
• (s2Member) HostGator. Tildas ( ~ ) found in some encrypted data strings were triggering mod_security conflicts on sites powered by HostGator. This release corrects the problem on HostGator by stripping tildas from query strings processed by s2Member. In addition, HostGator has been very helpful in white-listing the s2Member application across its entire network to prevent interruption of service. For further details, please check this thread.

v110912

• (s2Member) Compatibility. This version of s2Member requires WordPress® v3.2+.
• (s2Member) Alternative View Protections. s2Member’s Alternative View Protections are now more flexible, allowing specific types of Protections to be applied individually now, instead of in groups. In addition, there are two new types of Alternative View Protection available: Comment Feeds (new), and WordPress® Navigation Menus (new). For further details, please check your Dashboard, under: s2Member -> Restriction Options -> Alternative View Protections.
• (s2Member Pro) Independent Custom Capabilities. The integration of Independent Custom Capabilities from the last release, has now been completed for all of s2Member’s Payment Gateways. In this release, we completed Independent Custom Capability integration for ClickBank®, Google® Checkout, ccBill®, and AliPay®. Independent Custom Capabilities are already possible with PayPal®, PayPal® Pro, and Authorize.Net®, from the last release. Further improvements to this aspect of s2Member Pro will come in a future release.
• (s2Member/s2Member Pro) Security. Back-end panels for both s2Member and s2Member Pro have been updated to use password input fields, anywhere/everywhere sensitive data is being configured. This helps to further safeguard various API and Payment Gateway credentials on your installation of WordPress®. In other words, some sensitive data that you configure for s2Member, will now appear with just x’s xxxxxxxxxxxxxxx, instead of the actual data that you entered; ( e.g. password input fields secure this information from prying eyes ).

• (s2Member/s2Member Pro) Translation Support. s2Member and s2Member Pro are now equipped with support for front-end translation, using standardized WordPress® methodologies; i.e. we’ve implemented the use of _x(), and various other translation routines for many aspects of s2Member’s front-end interfaces. For instance, things like Profile panels, Login/Registration Fields, and Pro Form integrations; as well as error messages displayed to Users/Members. Translation support for back-end admin panels provided by s2Member will come in a future release, along with more extensive translation support for front-end aspects.

  Please note, this is but our first step toward internationalizing s2Member and s2Member Pro. Look for further updates/improvements to come in the future.

  Like WordPress® itself, we chose to use the GNU gettext localization framework to provide localization infrastructure for s2Member®. GNU gettext is a mature, widely used framework for modular translation of software, and is the de facto standard for localization in the open source/free software realm. If you’d like to translate s2Member and/or s2Member Pro, please use the POT file found inside /s2member/includes/translations/s2member.pot, which contains all translation entries for both the s2Member Framework ( i.e. the free version ), and also for s2Member Pro.

  The file: /s2member/includes/translations/s2member.pot will be updated with each new release of s2Member.
  If this is your first translation of a WordPress® plugin, this article and/or this article, might be of some assistance. When you are finished translating the s2member.pot file, place your completed s2member-[locale].mo file into this directory: /wp-content/plugins/; and please feel free to share your translation with the rest of the s2Member® community.

  Quick Tip: If you only need to translate the front-end of s2Member, please ignore entries in the s2member.pot file with a context matching s2member-admin. Those sections of s2Member are only seen by site Administrators; they are NOT used in s2Member’s front-end integration with WordPress®. Skipping over translation entries with a context matching s2member-admin can save you time.

• (s2Member) Bug fix / Multisite. A bug fix related to site creation within the Dashboard on a Multisite Blog Farm, has been corrected in this release. For further details, please see this thread.
• (s2Member/s2Member Pro) Bug fix. New Filter added to s2Member’s source code, allowing s2Member Pro site owners to enable/disable tab indexing of reCAPTCHA box controllers ( e.g. the three mundane buttons ) that are skipped over 99.9% of the time anyway. If you’d like to enable tab indexing on these buttons, use: add_filter("c_ws_plugin__s2member_utils_tabindex_recaptcha_icons", "__return_true"); inside a /wp-content/mu-plugins/s2-hacks.php file.
• (s2Member Pro) Bug fix. Some site owners running s2Member Pro, on server configurations with PHP-based output compression enabled, experienced problems with the success="" Shortcode Attribute for s2Member Pro Forms. s2Member Pro has been improved in this regard ( i.e. s2Member Pro now makes better attempts to clear output buffers before returning plain text data with it’s handlers ). In addition, calls to trim() have also been implemented as an additional line of defense against errors reported in the previous release; which were related to URLs with leading white space, returned by s2Member’s core PayPal® IPN processor.
• (s2Member/s2Member Pro) Conformity. s2Member and s2Member Pro now make use of a core WordPress® function for all HTTP status headers ( i.e. status_header(xxx) ).
• (s2Member Pro) Pro Forms / Tabindex ( Bug fix ). s2Member Pro Forms suffered from a bug related to tabindex conflicts whenever MANY Custom Registration/Profile Fields were configured together. Corrected in this release.
• (s2Member Pro) Google® Checkout ( Bug fix ). s2Member Pro’s integration with Google Checkout has been updated in this release to use display-disposition: PESSIMISTIC instead of OPTIMISTIC. This change prevents possible card declines from slipping through, and thereby granting a Customer access inadvertently. With the former OPTIMISTIC behavior, in rare cases when payment authorizaton at Google® Checkout took longer than 20 seconds, s2Member was giving a Customer access to the site, instead of waiting pessimistically for Google® Checkout to complete processing. The updated behavior, now set to PESSIMISTIC, prevents this from occurring. For technical details, see this article.
• (s2Member Pro) ClickBank® ( Bug fix ). s2Member Pro’s integration with ClickBank® has been updated in this release. A bug was found by WebSharks, Inc. Support Rep: Cristián Lávaque, related to the verification of POST vars. Whenever UTF-8 characters appeared in any part of a ClickBank® IPN response received by s2Member, s2Member was failing to verify the checksum, and thus, returning the error: POST vars could not be verified. This issue has been corrected in the latest release of s2Member Pro. In addition, a known bug with ClickBank® cutting off first/last names whenever special characters were part of either name, has now been side-stepped by s2Member Pro’s integration with ClickBank®.
• (s2Member Pro) PayPal® ( Bug fix ). s2Member Pro’s integration with the PayPal® Pro API has been updated in this release. A bug was found by the s2Member community which affected a rare scenario during heavy testing. When/if a site owner was heavily testing s2Member Pro Forms repeatedly, whereby PayPal® Pro Recurring Profiles were created over and over again; one of these Recurring Profiles could still be in a Pending state during a Subscription Modification soon thereafter. This is rare, because Recurring Profiles are usually in a Pending state on the PayPal® side of things, for just a few seconds. However, in this test case, it was possible for s2Member to create a second Recurring Profile through the PayPal® Pro API, and the old one would NOT be terminated properly, because it was still in a Pending state, and unable to be terminated. This release of s2Member Pro resolves this issue and prevents this from occuring under any scenario. Customers and/or site owners testing s2Member Pro Forms will now see an error message related to pending changes, and the Customer would be asked to wait 15 minutes in this rare scenario.

• (s2Member) Protected Files. This version of s2Member updates the .htaccess file in your /s2member-files/ directory with mod_rewrite rules which provide additional flexibility in the way protected files are served to your Customers. With the new mod_rewrite rules, it is now possible to link directly to a protected file, avoiding the use of query string variables ( it’s completely optional though ).

  In other words, this update adds new functionality, it does NOT change anything that already existed. This new flexibility may come in handy for site owners serving files through media playback devices that have issues with query string variables. For further details, please check your Dashboard, under: s2Member -> Download Options -> Advanced Mod Rewrite Linkage.

  Dev note. Any existing .htaccess file inside your /s2member-files/ directory will be overwritten by this release, as it should be. However, if you’d like s2Member to preserve a custom .htaccess file that you’ve written, please create this directory and file: /wp-content/mu-plugins/s2-hacks.php, and put this inside it: <?php add_filter("ws_plugin__s2member_preserve_files_dir_htaccess", "__return_true"); ?>. Please do this before you upgrade, if this is your intention.

• (s2Member) Download Keys. There is now a Shortcode equivalent to s2Member’s API function s2member_file_download_key($file, $directive). You can now do this in this WordPress® Visual Editor if you prefer: [s2Key file_download="example-file.zip" /] without needing a PHP Execution plugin.

  For those of you that use the optional $directive parameter, you can do something like this: [s2Key file_download="example-file.zip" directive="ip-forever|universal" /]. For further details, please check your Dashboard, under: s2Member -> Download Options -> Advanced Download Restrictions. Or see this article in the s2Member Codex.

• (s2Member) Localhost Installs. s2Member now includes information for site owners developing in a localhost environment, with WAMP/MAMP or something like EasyPHP. Instructions are now easier to find. For further details, please check your Dashboard, under: s2Member -> General Options -> Localhost WAMP/MAMP Developers.
• (s2Member) PayPal® ( Bug fix ). s2Member was incorrectly handling delayed EOT Times under a specific scenario, as reported here. Corrected in this release.
• (s2Member) JavaScript/CSS Optimization. s2Member now loads its dynamic JavaScript/CSS libraries through a new optimized file called /s2member-o.php, designed to increase the speed at which your installation of WordPress® can load these resources. The new optimized /s2member-o.php file loads only the core WordPress® framework and the s2Member JavaScript and/or CSS file, depending on which is being requested. This new file will eliminate a potential bottleneck on some WordPress® installations, which may have MANY other plugins running in concert with s2Member. It also works to further reduce CPU and memory consumption for all site owners. For further details about why this optimization is beneficial, please see this article.
• (s2Member Pro) PayPal® Express Checkout / Pre-Population. s2Member now pre-populates everything it can through PayPal® Express Checkout integration. If a Customer does NOT already have a PayPal® account when they arrive at Express Checkout, the Account Creation Form at PayPal® will be pre-populated with a minimum of their Name and Email Address. Street address information will ONLY be pre-populated, when/if s2Member collects it for tax purposes. Otherwise, the address information will NOT be pre-populated, because only PayPal® will ask for those details anyway *( i.e. s2Member doesn’t ask for address details when Express Checkout is used; not unless you’re collecting taxes: s2Member -> PayPal® Options -> Tax Calculations ).
• (s2Member) New API Function. This version of s2Member includes a new API Function get_s2member_custom_fields(), designed to provide more information about Custom Registration/Profile Field configuration and values for a specific User. The API function get_user_field() remains available as well. For further details, please see this article in the s2Member Codex.
• (s2Member Pro) Pro Login Widget. This version of s2Member improves the %%automatic%% setting for the Signup URL in Pro Login Widgets. When/if a Customer has already paid for their Membership, the Signup URL presented in the Pro Login Widget will change dynamically, pointing a Customer to the Registration Form, instead of to your Membership Options Page. Of course, this behavior could be overridden by changing the Signup URL to something other than %%automatic%%, if you prefer.

v110815

• (s2Member/s2Member Pro) Independent Custom Capabilities. You can now sell one or more Custom Capabilities using Buy Now functionality, to “existing” Users/Members, regardless of which Membership Level they have on your site ( i.e. you could even sell Independent Custom Capabilities to Users at Membership Level #0, normally referred to as Free Subscribers, if you like ). So this is quite flexible. Independent Custom Capabilities do NOT rely on any specific Membership Level. That’s why s2Member refers to these as Independent Custom Capabilities, because you can sell Capabilities this way, through Buy Now functionality, and the Customer’s Membership Level Access, along with any existing paid Subscription they may already have with you, will remain completely unaffected. For further details, please check your Dashboard, under: s2Member -> PayPal® Buttons -> Capability (Buy Now) Buttons. Independent Custom Capabilities are currently integrated with PayPal® Standard Buttons, PayPal® Pro Forms, and Authorize.Net® Pro Forms only. Integration with other Payment Gateways supported by s2Member Pro will come in a future release.
• (s2Member) API Tracking. This release of s2Member introduces two new API Tracking methods, now making it possible to incorporate Tracking Codes ( i.e. affiliate program integrations, as one example ) for Signup Tracking, Modification Tracking (new), and also for Capability Tracking (new). For further details, please check your Dashboard, under: s2Member -> API Tracking. These new methods are ( in addition to ) s2Member’s API Notifications, which remain available. s2Member’s API Notifications are intended for more advanced tracking integrations, such as a 3rd-party call through an HTTP request.
• (s2Member) Bug fix / Multisite. s2Member’s supplemental API Functions current_user_is(), current_user_is_not() and the ..for_blog() alternatives, were not properly considering Super Administators on a Multisite Network installation. On a Multisite Network, the WordPress $user->has_cap() routine returns true for anything passed in on a Super Administrator account, causing s2Member’s user_is API Functions to return true for Super Administrators in some cases, when it really should NOT have been. Fixed in this release. If you need to use current_user_is() against a Super Administrator, the user_is API Functions introduced by s2Member will only return true in these special cases: current_user_is("super_administrator") and/or current_user_is("administrator"). Super Administrators should always have the administrator Role, for all Blogs in the Network, and s2Member will also consider the fake Role super_administrator ( unique to s2Member ) for cases when you need to test explicity for a Super Administrator. Actually, you could also just use the WordPress core function for this: is_super_admin() ( recommended ).
• (s2Member) Bug fix / Capabilities. When/if you require Custom Capabilities in order to view certain content sections on your site, s2Member was behaving properly in all cases, except for one specific scenario. When an Administrator of the site ( on a normal single-site installation of WordPress ), was attempting to test-view content protected with Custom Capabilities ( this scenario was causing a problem ). What was happening, is that s2Member was seeing that an Adminstrator did not have certain Custom Capabilities defined explicity in their account, and access was being denied ( that’s actually, NOT right ). This was in conflict with the way that s2Member handles all other content protection routines with respect to Administrators. Administrators should automatically have access to all protected content, even if Custom Capabilities are not explicity defined in their account. After all, they are Administrators. In short, this release makes it possible for Administrators of a single-site WordPress installation, to have full access to all content; even when/if Custom Capabilities are required. This should help to prevent confusion for site owners just beginning to understand s2Member’s functionality with respect to Custom Capabilities.
• (s2Member Pro) Bug fix / Coupon Codes. s2Member Pro Forms were failing to apply Coupon Codes properly in some cases. Whenever a Coupon Code eliminated all initial charges for a Trial Amount, s2Member was attempting to charge a zero dollar sale amount, under the right scenario. Fixed in this release.
• (s2Member) API Notifications. Starting with this release, s2Member’s Payment Notifications are also triggered whenever a Buy Now purchase for Independent Custom Capabilities takes place (new). The documentation in your Dashboard has been updated. For further details, please see: s2Member -> API Notifications -> Payment Notifications.
• (s2Member/s2Member Pro) Cookies. Both s2Member and s2Member Pro now fully support the COOKIEPATH, SITECOOKIEPATH, and COOKIE_DOMAIN constants from the WordPress® core, making s2Member more secure on Multisite Networks, and improving compatibility overall for sites that use one or more of these PHP Constants in their /wp-config.php file.
• (s2Member Pro) UI Improvement / tabindex. s2Member Pro Forms have been updated to skip tab indexes on reCAPTCHA box controllers ( e.g. the three mundane buttons ) that are skipped over 99.9% of the time anyway. This allows Pro Form tab controls to jump immediately to the reCAPTCHA input field, if/when enabled by your Shortcode.
• (s2Member Pro) UI Improvement. s2Member’s live feed inside your Dashboard, which is responsible for delivering updates that come from Lead Developer Jason Caldwell and s2Member Support Reps, has been improved in this release. You’ll see this on the right-hand side of s2Member’s UI panels, near the top.
• (s2Member/s2Member Pro) Capability Additions (Changed). In previous versions of s2Member, when generating a Payment Button/Form, it was possible to precede your list of Custom Capabilities with a + sign, indicating that you wish to (Add) new Custom Capabilities instead of (Resetting) a User’s Capbilities to the ones you list. Starting with this release, (Add) is now the default behavior. In other words, the + sign is no longer required, because s2Member will automatically (Add) Capabilities to any that already exist for a particular User/Member, even without the + sign (no longer required). In addition, there is now a new directive available: -all. You may now precede your list of Custom Capabilities with -all, but only if you wish to (Remove/Reset) all Custom Capabilities, and then (Add) new ones. For example: -all,music,videos, would remove any existing Custom Capabilities that may or may not already exist for a particular User/Member, and then add: music,videos. There are additional examples provided by the Payment Button/Form Generators that come with s2Member. Please check your Dashboard if you’d like to learn more.
• (s2Member) Compatibility. s2Member’s ability to modify the WordPress® Admin Bar for Users/Members has been updated to fully support WordPress® v3.2+. This feature now behaves as expected in the latest release. For further details, please check your Dashboard, under: s2Member -> General Options -> Profile Modifications. The Redirection option in that section, has the side effect of manipulating the Admin Bar across the top of your site ( if enabled ), making WordPress® behave properly.
• (s2Member Pro) Options Import/Export. s2Member Pro now makes it possible to export your s2Member options, in their entirety, and then import them into another instance of WordPress®. For further details, please check your Dashboard, under: s2Member -> Import/Export.
• (s2Member/s2Member Pro) Memory. Memory reporting is now added to log entries by s2Member.
• (s2Member/s2Member Pro) JavaScript. Minor optimization of s2Member’s JavaScript routine.

v110812

• (s2Member) Security fix. This release addresses an important security vulnerability in previous releases of the s2Member Framework ( i.e. the free version of s2Member ). Sites with Download Options configured for s2Member should be advised to update to s2Member v110812+ as soon as possible to avoid possible exploits.

v110731

• (s2Member) Bug fix / Multisite. In the Multisite (Config) panel, s2Member was not properly displaying the number of Blogs allowed at Level #0, in some cases.
• (s2Member Pro) Update / ClickBank®. s2Member Pro has been updated to better support ClickBank’s policy on Thank-You Pages. s2Member now provides a link on the ClickBank Return-Page where Customers may contact your support department, and a message regarding charges on a Customer’s bank statement appearing as CLKBANK*COM. This is mandatory for all ClickBank® integrations. ClickBank® will not approve your Products without this information on the Thank-You Page integrated with s2Member. In addition, s2Member now makes it possible to customize your Thank-You Page for ClickBank®. For further details, please check your Dashboard, und