- Fix #210: If there are multiple reCaptcha on the page check and validate the one on the Stripe billing form only.
- Update implementation for cancel subscription. Option to notify (default Yes) is now available on the backend cancel subscription form.
- Fix #218: Ensure disallowed characters in description don't stop contributions from being processed.
- Fixes to system checks (check for sweetalert was showing description for firewall extension).
- Fix #215 Errors encountered when anonymous users switch payment processors.
- Fix for 5.28 and propertybag.
This release REQUIRES that you upgrade mjwshared to 0.8.
- Fix #196: Recurring contributions with incorrect amount per default currency in stripe.
- Fix #198: Trigger postInstall hook so we set the revision and don't trigger the upgrader on install.
- Fix #182: Failed subscription payment, receipt sent, but contribution not updated when retried.
- Change validator error class to match CiviCRM (use crm-inline-error instead of error css class - see https://github.com/civicrm/civicrm-core/pull/16495)
- Don't specify charset/collation when creating tables on new installs (use the database default).
- Return 200 OK for webhook events we don't handle (normally they won't be sent as the extension specifies what it requires but if configured manually it may receive events that we don't handle).
- Switch to new "recommended" contribution.repeattransaction and payment.create for new IPN payments.
- Implement new doCancelRecur functionality and hide optional notify processor on 5.27+ (this has no impact on older versions of CiviCRM).
- Fix CSRF token issues with civicrmStripeConfirm.js (3ds challenge was not triggering on thankyou page).
- civicrmStripeConfirm.js is now a library available at CRM.payment.confirm and builds on CRM.payment.
- Initial support for \Civi\Payment\PropertyBag.
- Improve handling of network errors when loading Stripe elements and add a new jquery event: crmBillingFormReloadFailed.
- Improve user notifications during pre-authentication and confirmation.
- Add check for recommended SweetAlert extension.
- Fix #208 use window.alert if SweetAlert is not installed.
- Make sure we reset submitted flag if we are not able to submit the form.
- Fix issues with form validation when you enable the "On behalf of Organisation" block on contribution pages - see #147 (comment 38994) and https://github.com/civicrm/civicrm-core/pull/17672.
This release REQUIRES that you upgrade mjwshared to 0.7 and your Stripe API version must be 2019-12-03 or newer.
The Stripe "element" now follows the current CMS/CiviCRM locale.
Add jquery form events:
- 'crmBillingFormReloadComplete' and document jquery events.
- 'crmBillingFormNotValid' so 3rd-party integrations can re-enable custom submit buttons etc. Add custom property on billing form to allow for custom validations
Add support for sweetalert library on form validation errors so we popup nice messages when you are missing required fields and for card errors and you click submit.
Make sure we don't submit the form if we have a reCaptcha and it is not valid.
Add setting to disable billing address fields.
Major improvements to form validation before submission - this significantly reduces the number of payments that are authorised but not captured.
Add a minimum API version so we don't have problems every time Stripe release a new API version.
Change style of card element
- Make sure we generate backend contact links for customer metadata (previously they would sometimes get generated as frontend links).
- Fix missing receipts for recurring subscription payment #122.
- Fix #178 recurring payments for webform_civicrm when "Interval of installments" is selected.
- If Stripe is not using the same currency as the payment was made we need to convert the fees/net amounts back to the CiviCRM currency.
- Fix #196 Recurring contributions with incorrect amount per default currency in stripe - if Stripe uses a different currency to CiviCRM the amounts for recurring contributions were not being recorded correctly in CiviCRM.
- Fix #189 Error on membership contribution page with autorenew set to automatic.
- Further tweaks to get tests working
- Initial steps to modernize the testing infrastructure.
- Add some docblocks to the code.
- Switch to event.code from deprecated event.keyCode.
- Add support for a function getTotalAmount that could be used to retrieve amount from form if defined.
- Restrict use of amount when creating paymentIntents.
- Fix issues with stripe js on thankyou pages.
- Call IPN->main() from inside a try catch to allow loops !94
- Use minifier extension to minify js/css assets (much easier for development as we don't ship minified files anymore).
6.3.2 Security ReleaseRelease 6.3.2
If you are using Stripe on public forms (without authentication) it is strongly recommended that you upgrade and consider installing the new firewall extension.
Increasingly spammers are finding CiviCRM sites and spamming the linked Stripe account with 1000s of attempted payments and potentially causing your Stripe account to be temporarily blocked.
Add support for firewall extension
Add system check to recommend installing firewall extension
Add checks and restrictions to AJAX endpoint
Add cache code to js/css resources so they are reloaded immediately after cache clear.
#168 Improve handling of webhooks with mismatched API versions - now we track the dashboard API version and don't try to explicitly set a webhook API version. You may still need to delete and re-add your webhook but should not need to next time the API version changes.
- #126 Stripe element now uses the CMS/CiviCRM locale so it will appear in the same language as the page instead of the browser language.
- Add crm-error class to stripe card errors block so it is highlighted on non bootstrap themes
- Fix Stripe.ipn API when working with charge.captured/succeeded
- Update documentation to mention contributiontransactlegacy extension
- #147 Add workaround and set required billing fields via jquery
- #153 Support multiple participant registration and CiviDiscount with zero amount.
- Fix non-stripe submit check - if amount is zero.
This release REQUIRES that you upgrade mjwshared to 0.6 and your Stripe API version to 2019-12-03.
If you wish to test the upgrade you can remain on an older version or later but should update the API version as soon as you are happy.
- Update required Stripe API version to 2019-12-03
- Add support for recording partial refunds from Stripe.
- For forms that have multiple submit buttons (eg. Save, Save and New) override the submit handler on all of them (This fixes some more instances of missing PaymentIntentID on the backend forms).
- Resolve issues with backend forms and tax amounts (fixes issues with backend forms that include an additional tax amount).
- Resolve issues with money formats that don't use a dot as decimal separator (eg. €1.024,20).
- Update required Stripe API verison to 2019-12-03.
- Fix issues with StripeSubscription.import and mismatched id/customer_id params.
- Fix #125 Thousands of failed/spam transactions for charge.failed webhook (We ignore and return 200 OK to Stripe so it does not retry if there is no customer ID).
- Change default to 1 hour to cancel uncaptured payments based on client feedback.
- Update definition of getAmount to match current version in CiviCRM core.
- Pre-fill existing billing postcode if we already have address.
- Fix recurring contribution issue on drupal webform.
- #148 Fix Credit or debit card translation.
- Fix #149 Cannot submit payment from back end when tax and invoicing disabled.
- Make sure we detect memberships as auto-renew when they are "forced".
- Make sure we always load the recurring contribution ID properly.
- #121 Fix auto-recurring membership payments.
- Stripe.ListEvents API - properly handle newer way to record trxn_id value.
- Change doRefund signature to match what is in CiviCRM core (fixes a PHP warning).
- Track paymentIntents and cancel uncaptured ones after 24 hours.
Configurable via scheduled Job.process_stripe and API.
- Refactor to support updating amount and re-confirming once we reach the thankyou page.
- When we don't know the amount, pre-auth the card but don't confirm, then update the amount requested.
This resolves, for example, registering multiple participants. Users may receive an additional confirmation step such as 3d secure on the Thankyou page if their card issuer requires it.
- Refactor passing of token parameters to use pre_approval_parameters.
This should resolve some issues with PaymentIntent not found.
- Improve support for refunds in preparation for work in CiviCRM core (#15476-15479).
- Add CiviCRM version info to stripe customer - this is useful when troubleshooting issues on client sites as it is important to know whether a reported issue may have been fixed in a later version.
- Fix #110 -Allow submit if amount is 0.
- Fix and record paymentIntents for recurring contributions - show authentication to user on thankyou page.
this checks loads 3d secure etc from Stripe if required.
- Don't try to record refund for an uncaptured payment.
When an uncaptured payment is cancelled it triggers a charge.refunded event. But we don't want to record this in CiviCRM as it was never "captured" and the payment was never really taken.
- Track paymentIntents and cancel uncaptured ones after 24 hours.
- Fix #103 - Allow submission of drupal webform when there are multiple processors on the page (eg. Stripe + Pay later).
- Send email receipts from Stripe by default (as this was what 5.x did). Add a setting under Administer->CiviContribute->Stripe Settings to enable/disable receipts from Stripe.
- Support recording full refunds from Stripe.
This release fixes a MAJOR issue that caused duplicate payments to be taken when a new recurring contribution (subscription) was setup. All users of 6.x should upgrade.
- Don't take payment twice on recurring payments (This was happening because a payment was being created via a paymentIntent and subsequently via the first invoice generated by the subscription - currently we don't support 3D secure on subscriptions, this will be fixed in a future release).
- If we get an error when submitting, make sure we run Stripe submit next time as well so we generate a paymentIntent/paymentMethod for the payment (this fixes the issue where only the first submission attempt would succeeed - subsequent submission attempts would fail with "Missing paymentIntentID").
You need to Fix/Create webhook after installing this update to add the
charge.capturedevent to the list of events sent to the webhook.
- Handle charge.succeeded/charge.captured when no customer_id is provided - fixes 400 errors / missing customer_id.
- Remove invalid setting of customer on paymentIntent (no user impact).
- Small improvements to Stripe Plan code (no user impact).
Note: You should use this CiviCRM core patch if using webform_civicrm 4.28.
- Fix issue with charge.succeeded triggering error on recurring contributions
This release fixes a number of bugs/issues identified after the release of 6.0.
IMPORTANT! If upgrading to 6.x for the first time make sure you install the mjwshared extension BEFORE you upgrade Stripe.
This release requires an upgrade to version 0.4 of the MJWShared extension.
ALL users of 6.0 should upgrade to this release.
If upgrading to 6.x for the first time, please upgrade directly to 6.1 (do not install 6.0 first).
- Support cards that do not request a postal/zip code (fixes #80).
- Enable payments on backend (*fixes #79).
- Resolve multiple issues with "more than one" payment processor on the form and stripe failing to submit if it wasn't the first to be selected:
- Fix issue when script is reloaded by changes of payment processors.
- Improve handling for multiple processors and pay later.
- Make sure we clear the paymentIntentID from the session once we've used it (this prevents a browser refresh trying to use an already captured paymentIntent).
Switch to Stripe Elements for SAQ-A compliance on most sites and support the European Secure Customer Authentication (SCA) payments directive.
This is a major new release. You cannot rollback once you've upgraded.
This extension REQUIRES the mjwshared extension.
You MUST update your API version on the stripe dashboard!
- Use Stripe Elements.
- Use PaymentIntents and comply with the European SCA directive.
- Require Stripe API Version: 2019-09-09 and ensure that all codepaths specify the API version.
- Switch publishable key/secret key in settings (upgrader does this automatically) so they are now "correct" per CiviCRM settings pages.
- Support cards using 3dsecure and cards not using 3dsecure (workflows with Stripe are slightly different but both are now handled).
- Use minified versions of js/css.
- Improve payment descriptors and customer information that is sent from CiviCRM to Stripe.
- Add basic support for PaymentProcessor.refund API.
- CiviCRM Event Cart (requires additional funding, changes should probably be made in CiviCRM core to standardize that workflow rather than adding support via this extension).
- Card payments via the admin backend (this was supported in 5.4.1 but has unresolved issues with Stripe Elements when used via popup forms and is not allowed in most situations when complying with the SCA payments directive unless you are approved to accept "MOTO" payments).
Thanks to Rich Lott (@artfulrobot) for contributing and testing release.
- We don't need to confirm the payment until we capture it
- payment method id is not required when passing in an existing payment intent
- Add minified versions of js/css
- Remove onclick attribute from submit form so that CiviContribute forms do stripe processing before submission
- Description and Customer fields in Stripe backend - fixes #78
- Support recurring payments with paymentIntents/Elements. Cancel subscription with Stripe when we reach recurring end date
- Update required Stripe API version to 2019-09-09
- Handle confirmation pages properly for contribution pages (make sure we pass through paymentIntentID).
- Handle card declined on client side.
- Support creating recurring payment (subscription).
- Handle IPN events for charges / invoices (support cancel/refund etc).
- Add basic support for PaymentProcessor.refund API.
- Remove membership_type_tag from plan name.
Note that backend payments are not currently supported.
- Support Drupal Webform CiviCRM.
- Support Event Registration.
- Support Confirm/Thankyou pages on contribution pages / events.
- Support cards using 3dsecure and cards not using 3dsecure.
Initial preview release with Stripe Elements and PaymentIntents to support new European SCA requirements. Note that ONLY a one-off contribution via a contribution page has been tested for this release. Most other functions (including recurring) will NOT work properly