Billplz Addon for Contact Form 7
| 开发者 | alvindcaesar |
|---|---|
| 更新时间 | 2026年4月30日 09:53 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 6.9 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
This is a gateway extension for Contact Form 7 plugin to use Billplz Payment Gateway.
Payments are processed offsite at Billplz and the customer will be redirected back to your site after completing the payment.
安装:
Automatic Installation
- Sign in to your WordPress site as an administrator.
- In the main menu go to Plugins -> Add New.
- Search for Billplz for Contact Form 7 and click install.
- That's it. You are now ready to start accepting Billplz payment on your website through your contact form.
更新日志:
1.3.0 - April 29, 2026
- New: Failed payments now appear in the payments admin tab and have their own Failed view filter.
- New: The example payment form created on activation is automatically selected as the active payment form.
- Security: Verified Billplz signature inside the payment confirmation shortcode so crafted URLs can no longer expose another payer's details.
- Security: Required a capability check and bulk-action nonce on the payments admin table before deleting or marking entries completed.
- Security: Escaped the transaction ID link in the payments admin table.
- Security: Verified the paid amount reported by Billplz against the recorded bill before marking a payment completed.
- Security: Sanitized API, general, and email settings on save, including X-Signature key and email body input.
- Security: Hardened the credentials notice to escape its admin URL and run a capability check.
- Improvement: Payment redirect now works with Contact Form 7's Ajax submission flow.
- Improvement: Billplz callback completion is now idempotent, so repeated callbacks cannot reprocess the same payment.
- Improvement: Confirmation email now sends as HTML with the correct Content-Type header and escapes transaction placeholders.
- Improvement: Payments admin table now uses the site timezone for the Submitted and Paid columns.
- Fix: Stopped writing the 0000-00-00 zero datetime to paid_at, which failed under MySQL strict mode.
- Compatibility: Tested up to WordPress 6.9.
- Security: Fixed XSS vulnerability in admin area payment table links.
- New: Added option to send email confirmation on payment success.
- New: Added ability to select multiple forms as payment forms.
- Improvement: Codebase refactoring for better organization.
- New: Display current mode status (Live / Test) on the dashboard's admin bar.
- New: A payment redirect page will be automatically created and selected by default upon plugin activation.
- Improvement on settings page UI
- Fix: Fatal error upon activation when Contact Form 7 is not active.
- Stable release
- Release Candidate-1