| 开发者 | mralaminahamed |
|---|---|
| 更新时间 | 2026年7月7日 18:46 |
| 捐献地址: | 去捐款 |
| PHP版本: | 8.1 及以上 |
| WordPress版本: | 6.9 |
| 版权: | GPL-2.0-or-later |
| 版权网址: | 版权信息 |
[ador_country_selector]) asks donors to identify their country before proceeding to checkout. Selection is stored in sessionStorage to avoid repeated prompts./wp-json/ador/v1/webhook/{account_id}) with independent HMAC signature verification.$wpdb->prepare() throughout.alamin-donation-router folder to the /wp-content/plugins/ directory.composer install --no-dev --optimize-autoloader inside the plugin directory.AUTH_KEY and SECURE_AUTH_SALT are set to strong, unique values in wp-config.php — these are required for credential encryption.[ador_country_selector] to your donation landing page.This plugin supports the GiveWP PayPal Donations gateway (also known as PayPal Commerce / PPCP) only. It does not affect or support other GiveWP gateways such as Stripe, Authorize.net, or PayPal Standard.
There is no hard limit on the number of PayPal Business accounts you can configure. Each account requires its own PayPal Developer REST app (Client ID and Client Secret) and its own webhook URL registered in PayPal's developer portal.
Yes. PayPal Client IDs and Client Secrets are never stored in plaintext. They are encrypted with AES-256-GCM using a key derived via HKDF-SHA256 (RFC 5869) from your WordPress AUTH_KEY and SECURE_AUTH_SALT constants (32-byte key). The random nonce and GCM authentication tag are stored alongside the ciphertext as a base64 blob. Credentials are never written to any log. If AUTH_KEY or SECURE_AUTH_SALT are changed, stored credentials become unreadable and must be re-entered.
Yes. The plugin works with both PayPal sandbox and live environments. Add your sandbox accounts the same way as live accounts, using the Client IDs and Secrets from your sandbox REST apps. Register sandbox webhook URLs in PayPal's developer portal using a publicly accessible HTTPS URL (use a tunnelling tool such as ngrok for local development). See operations.md for a full sandbox testing procedure.
If no active routing rule exists for the selected country, the credential router falls back to GiveWP's primary PayPal account. The donation is not blocked — it proceeds normally using the default account. An error entry is written to the PHP error log with prefix [ADOR] for the operator's attention.
No. The plugin hooks into GiveWP exclusively through WordPress filters, actions, and GiveWP's public IoC container (give()). No GiveWP core files are modified.
Yes. The plugin registers additional GiveWP email template tags that you can insert into your existing GiveWP email templates (GiveWP → Settings → Emails). Tags include {paypal_account_entity_name}, {paypal_account_entity_tax_id}, {paypal_account_receipt_number}, and four others. Tags return an empty string for donations not routed through this plugin, so existing templates work without changes.
Verify that dompdf/dompdf is installed by running composer install in the plugin directory. Confirm that the ador_pdf_receipts_enabled option is set to a truthy value in wp_options. Check the PHP error log for a line beginning [ADOR] PDF receipts disabled: — this will include the underlying error message.
ador_block_on_untested_givewp filter to fail closed).mode column and a composite UNIQUE(merchant_id, mode) constraint.WP_List_Table's own action field and dispatched to no handler, dying with an empty error page; the routing field is now printed after the table so it wins.wp_options when GiveWP refreshes an access token.ador_paypal_mode option.{prefix}ador_accounts and {prefix}ador_country_routing with schema versioning.PayPal_Credential_Router intercepting GiveWP's IoC container before every PayPal AJAX payment request to substitute per-account credentials.MerchantDetail::class and MerchantDetails::class covering all GiveWP PayPal credential resolution paths.POST /wp-json/ador/v1/webhook/{account_id} with HMAC-SHA256 signature verification and idempotency checking.[ador_country_selector] with sessionStorage persistence.FOR UPDATE lock.ador_pdf_receipts_enabled option flag.ador_credentials_routed and ador_webhook_processed.current_user_can( 'manage_give_settings' ) capability checks on all admin-only actions.$wpdb->prepare() for all parameterised database queries.