*** Lloyds Cardnet Gateway Changelog ***

2026-03-16 - version 3.0.12

* Compliance - Renamed all script, style, and AJAX action handles to use unique "autify-lloyds-" prefix to meet WordPress plugin directory naming standards
* Compliance - Updated nonce names, transient keys, and lock keys with plugin-specific prefixes to prevent namespace collisions
* Compliance - Renamed global JavaScript variables with "autifyLloyds" namespace to avoid global scope conflicts
* Security - Added nonce verification for Apple Pay and Google Pay payment processing AJAX requests (CSRF protection)
* Security - Added recursive sanitization of webhook data using sanitize_text_field() across all webhook handlers
* Security - Added input sanitization for $_GET parameters in admin pages using sanitize_text_field() and wp_unslash()
* Security - Added JSON validation and error checking in PaymentJS webhook handler
* Security - Added header value sanitization in PaymentJS webhook processing
* Fix - Added null-safety checks for wc_get_order() across all payment handlers to prevent fatal errors on missing orders
* Fix - Added isset() guards for AVS/CVV response fields, cart totals, and shipping address data to prevent undefined index notices
* Fix - Improved JSON decode error handling in Google Pay payment data processing
* Fix - Added proper validation for shipping methods array access and WP_Query availability checks
* Enhancement - Order not found errors now display user-friendly notices and redirect to checkout instead of failing silently
* Enhancement - Improved transaction notification URL validation for incomplete webhook data
* Code Quality - Removed legacy deleteOldLogFiles() method from Gateway Helper
* Code Quality - Updated CSS file references to use prefixed filenames

2026-03-03 - version 3.0.11

* Compliance - Removed hard-coded "Powered by" credit link from public-facing payment form to comply with WordPress plugin directory attribution guidelines
* Compliance - Updated External Services section with full disclosure of all third-party services including Terms of Use and Privacy Policy links
* Compliance - Added disclosure for Fiserv Checkout Solution, Apple Pay, Google Pay, and Autify Digital License API external services
* Compliance - Added Fiserv Terms of Use and Privacy Notice links for First Data / IPG Online and Payment JS services
* Fix - Google Pay (on-site) shipment issues

2026-02-02 - version 3.0.10

* Performance - Removed flush_rewrite_rules from every page load, now only runs on plugin activation/deactivation
* Fixed - WordPress PHPCS compliance improvements
* Improved - 3Ds Flow improvements

2026-01-09 - version 3.0.9

* Added - Configuration to enable or disable subscription
* Fixed - Double Subscription Request
* Fixed - WordPress PHPCS compliance improvements

2026-01-09 - version 3.0.8

* Fixed - WordPress PHPCS compliance improvements
* Fixed - GET method call curl issue

2026-01-02 - version 3.0.7
* Added - Transaction Reports table with advanced filtering (status, payment method, date range)
* Added - CSV export functionality for transaction reports with all filters applied
* Added - Full-text search across all transaction columns (Order ID, Amount, Status, Card Details, IPs, etc.)
* Added - Transaction summary statistics showing total transactions, amounts, and refunds
* Added - Traffic light verification status indicators (CVV, Street, Postcode checks) in reports
* Added - Transaction details meta box on WooCommerce order view page with payment and fraud details
* Added - Cardnet Status column in WooCommerce order grid with payment status, verification indicators, and card info
* Added - License sync cron job for automatic license validation
* Improved - Unified refund processing across all payment methods (Card, Apple Pay, Google Pay)
* Improved - Centralized table name management in gateway helper
* Improved - External CSS file for admin styles instead of inline styles
* Improved - Support for both legacy post-based orders and HPOS (High-Performance Order Storage)
* Fixed - WordPress PHPCS compliance improvements
* Fixed - Added translator comments for i18n strings with placeholders
* Fixed - Proper variable prefixing for WordPress coding standards
* Fixed - Added phpcs:ignore comments for WooCommerce core hooks usage
* Dev - Comprehensive unit test coverage for new features
* Dev - Refactored verification status methods to camelCase naming convention

2025-11-18 - version 3.0.6
* Security - Fixed security vulnerabilities with proper sanitization of $_GET, $_POST, $_REQUEST data
* Security - Added comprehensive validation using sanitize_text_field() and wp_unslash() functions
* Security - Enhanced payment token handling and form processing security
* Added - Complete WooCommerce address line 2 support across all payment methods
* Added - Address line 2 integration for Payment JS, Apple Pay, Google Pay, and HPP
* Added - Comprehensive unit test coverage for all new features
* Fixed - WordPress Plugin Check compliance - plugin now passes all validation checks
* Fixed - Debug logging made conditional - error_log() only runs when WP_DEBUG is enabled
* Fixed - Enhanced security for AJAX requests with proper nonce verification
* Fixed - Improved address data handling in redirect payment forms
* Update - All payment gateway classes with secure data handling practices
* Update - License manager with enhanced AJAX security
* Update - WooCommerce tested up to version 10.3.5
* Dev - Enhanced payment processing with proper data sanitization throughout
* Dev - Improved error handling and validation across all gateway methods

2025-10-14 - version 3.0.5
* Added - Full tokenization support for HPP/Redirect payment gateway
* Added - Card saving functionality for registered users in HPP gateway
* Added - Dynamic challenge indicator based on transaction type
* Added - Smart credential sequence handling (FIRST/SUBSEQUENT)
* Fixed - Duplicate token saving between webhook and order confirmation
* Fixed - Session dependency in webhook (now uses order meta)
* Improved - PO number building logic with dedicated helper method
* Improved - Payment request data structure with modular builder methods
* Improved - Code organization with reduced duplication
* Removed - Deprecated class-autify-lloyds-shop-page-handler.php file
* Update - 3D Secure challenge requirements for subscription and card saving
* Update - Webhook token handling without session dependency
* Dev - Added buildPONumber(), buildPaymentRequestData(), buildOrderData() helper methods
* Dev - Added buildSubscriptionRequestData() for subscription renewals
* Dev - Added build3DSecureData() for authentication parameters
* Dev - Enhanced token storage with duplicate prevention mechanism

2025-09-10 - version 3.0.4
* Added - WooCommerce HPOS (High Performance Order Storage) compatibility
* Fixed - PHP syntax error with WC_VERSION constant check
* Fixed - Missing isset() check in secure3dResponse handling
* Update - Code organization with plugin tracker functionality
* Update - Error handling and logging for API communications
* Dev - Maintained all existing security measures

2025-09-08 - version 3.0.3
* Fixed - Checkout Solution compatibility issues
* Update - Payment processing stability
* Update - WooCommerce tested up to version 10.1.2

2025-08-28 - version 3.0.2
* Added - Support for WooCommerce checkout blocks
* Fixed - Token-based payment processing
* Update - 3D Secure authentication flow
* Update - Payment status webhook handling

2025-08-26 - version 3.0.1
* Added - Apple Pay integration
* Added - Google Pay integration
* Added - Express checkout buttons on product pages
* Fixed - Order confirmation page display issues
* Update - Payment method selection UI

2025-08-13 - version 3.0.0
* New - Complete plugin rewrite for improved performance
* Added - Checkout Solution payment method
* Added - PaymentJS gateway support
* Added - Redirect payment method
* Added - Support for subscription payments
* Added - Comprehensive admin reporting dashboard
* Update - Payment processing architecture
* Update - Error handling and user notifications
* Dev - Enhanced data validation and sanitization

2025-03-01 - version 2.0.0
* New - Migration to new Lloyds Cardnet API v2
* Added - Enhanced 3D Secure 2.0 support
* Added - Strong Customer Authentication (SCA) compliance
* Fixed - Timeout issues with large orders
* Update - API response handling

2024-07-20 - version 1.1.0
* Added - Payment method icons
* Fixed - SSL certificate verification
* Update - Checkout field validation
* Dev - Input sanitization improvements

2023-06-01 - version 1.0.0
* New - Initial release