The Apple Pay Payment Gateway Module for WHMCS integrates Apple Pay transactions through Braintree. This expanded changelog preserves every original release detail while adding context on why each change was necessary, the operational impact, and steps administrators should take. Updates focus on security hardening, library compatibility, and resolution of issues encountered in production environments such as incorrect currency passing or failed refunds.
Regular updates to the Braintree SDKs are required to address API deprecations, incorporate security patches, and maintain transaction success rates. Early versions established basic functionality while later releases added robustness for subdirectory installs, multi-currency sites, and stricter validation. Review these notes before applying any upgrade to anticipate configuration changes or testing focus areas.
#Key Improvements by Category
- Security: CSRF protection on payment payloads, mandatory HTTPS checks, encryption of WHMCS payment details in JavaScript, and verified transaction states before refunds
- Compatibility: Apple Pay v3 migration, repeated Braintree core and JS library updates, full system URL asset loading, subdirectory resource fixes, and licensing system compatibility
- Bug Fixes: Currency passing on callbacks, refund completion failures, decryption of payment_secure values, language key warnings, and Bootstrap styling for alerts and errors
- Features: Client-side debugging via alerts, instance method refactoring, WHMCS Convert To support, multilingual interface, conditional Apple Pay button display, and improved logging
#Detailed Version History
#Version 1.5.0 - Released 10.06.2018
Now using Apple Pay v3 (from v1). Client-side debugging (though alerts) now available for easier debugging. CSRF protection added to payment request payload. The v3 upgrade aligns the module with Apple's current API requirements, enabling stricter validation and broader device support. Debugging alerts allow developers to inspect payload construction and response handling directly in the browser without external tools. CSRF protection validates the origin of payment requests, mitigating injection risks during the sensitive checkout phase.
#Version 1.2.2 - Released 10.05.2018
Move to instance methods from class-level methods. Support for the WHMCS "Convert To" option. Refactoring to instance methods improves encapsulation and future extensibility when customizing the gateway. The Convert To support ensures administrators can reassign invoices to this gateway without triggering fatal errors or data loss.
#Versions 1.2.1, 1.2.0, 1.1.9, 1.1.8 - 2018 Releases
Multiple releases updated the Braintree core libraries to the latest build and updated Braintree JS references to the latest builds. Version 1.1.8 added improvements to refunds to verify the transaction is in one of the valid required states. These library updates pull in vendor fixes for API stability and security. The refund verification prevents attempts on transactions in settled or disputed states, reducing error noise in gateway logs and providing accurate feedback to staff.
#Versions 1.1.7 to 1.1.5 - 2017 Releases
Updated the references to the Braintree JS libraries. Assets directory removed from the applepay gateway directory as it is no longer needed. Resolved an issue where the currency was not being passed on callbacks. Resolved an issue where refunds may not complete. Assets now load using the full WHMCS system URL. Updated to work with the improved licensing system (build 3.0.0+). Moved the Braintree library to the vendor folder. Callback improvements for multiple currencies. Full URL asset loading corrects path resolution on installations using URL rewriting or non-root directories. Currency callback fixes ensure accurate settlement in non-default currency environments. Licensing updates prevent validation failures after WHMCS core upgrades.
#Versions 1.0.9 to 1.0.3 - 2017 and 2016 Releases
Updated the Braintree core libraries to the latest build. Updated the Braintree JS libraries to the latest builds. Added check to make sure the request is being made over HTTPS. Improved language checks to display key when the language key does not exist instead of a PHP warning. Resolved an issue where resources would not load for WHMCS systems located in a subdirectory. Added multilingual support. Updated the Braintree JS client implementation for their 3.6.3 release. Check to ensure the payment_secure can be properly decrypted. Improved the text of Apple Pay error notices. Improved the gateway log output for transactions. Module error outputs will now use the Bootstrap CSS classes. Implemented Braintree's v3.5.0 JS API. Alert boxes will now use Bootstrap CSS styles. Apple Pay button will only show when / where supported. WHMCS payment details are now encrypted within the javascript calls. The HTTPS enforcement satisfies Apple Pay requirements and prevents mixed-content warnings. Multilingual support expands the module audience beyond English-only installations. The conditional button display avoids presenting an unsupported option that would generate console errors or user confusion.
#Version 1.0.0 - Released 09.19.2016
Initial Release. This established the foundational Apple Pay flow using the Braintree gateway, serving as the baseline for all subsequent security, compatibility, and usability enhancements.
#Practical Takeaways
Apply updates incrementally and test Apple Pay flows on supported devices after each upgrade, focusing on callback handling and refund paths. Enable client-side debugging when diagnosing integration problems. Maintain current Braintree credentials and monitor WHMCS gateway logs for decryption or state-validation errors. For initial setup, activate the gateway in WHMCS, configure Braintree merchant keys, and verify SSL certificate coverage before going live.
Comments
No comments yet