
Ecrypt WooCommerce Base Plugin Changelog
=================================

## 2024-07-03 - Version 0.0.1
- **Security Improvements**: 
  - Fixed detected usage of non-sanitized input variables in multiple instances:
    - `$_POST['ecrypt_payment_gateway-card-name']` in `Ecrypt_Payment_Gateway_Token_Api.php` line 45
    - `$_POST['ecrypt_payment_gateway-card-number']` in `Ecrypt_Payment_Gateway_Token_Api.php` line 46
    - `$_POST['ecrypt_payment_gateway-card-expiry']` in `Ecrypt_Payment_Gateway_Token_Api.php` lines 47, 49, 90
    - `$_POST['ecrypt_payment_gateway-card-cvc']` in `Ecrypt_Payment_Gateway_Token_Api.php` line 48
    - `$_POST['ecrypt_payment_gateway-card-zipCode']` in `Ecrypt_Payment_Gateway_Token_Api.php` line 49
  - Ensured all output is run through an escaping function:
    - Found in `functions/core.php` line 153
    - Found in `EcryptPaymentMethod.php` line 226
- **AI-Assisted Recommendations**: Incorporated AI suggestions to further secure codebase by modifying specific lines in:
  - `Ecrypt_Payment_Gateway_Token_Api.php`
  - `EcryptPaymentMethod.php`

This version focuses on addressing security vulnerabilities and implementing AI recommendations to enhance code safety.

## 2024-08-22 - Version 0.0.2

- **Security Improvements**:
  - Improved data validation and sanitization.

- **External Service Documentation**:
  - Added detailed documentation on Ecrypt API usage, endpoints, and privacy compliance.

## 2024-11-21 - Version 0.0.3
- **File Naming Compliance**:
  - Renamed all files to follow WordPress naming conventions:
    - `EcryptCustomerWallet.php` -> `ecrypt-payment-gateway-customer-wallet.php`
    - `EcryptPaymentExceptions.php` -> `ecrypt-payment-gateway-exceptions.php`
    - `EcryptPaymentMethod.php` -> `ecrypt-payment-gateway-method.php`
    - `EcryptTokenApi.php` -> `ecrypt-payment-gateway-token-api.php`
    - `EcryptPaymentApi.php` -> `ecrypt-payment-gateway-transaction-api.php`
    - `core.php` -> `ecrypt-payment-gateway-core-init.php`

- **Security Improvements**:
  - Added `!defined( 'ABSPATH' )` checks to prevent direct file access in all PHP files.
  - Enhanced sanitization and validation:
    - Used `wp_unslash()` and `sanitize_text_field()` for `ecrypt_payment_nonce` in:
      - `ecrypt-payment-gateway-method.php` line 305
      - `ecrypt-payment-gateway-customer-wallet.php` lines 246 and 63
    - Ensured proper escaping for all dynamic outputs in:
      - `ecrypt-payment-gateway-core-init.php`
      - `ecrypt-payment-gateway-method.php`
  - Added comprehensive checks for required fields and improved error handling messages:
    - Example: `Missing required field: card number` in `ecrypt-payment-gateway-token-api.php`.

- **Internationalization (I18n)**:
  - Updated all text domains to `ecrypt-payment-gateway-for-woocommerce`.
  - Added translators' comments for strings with placeholders:
    - Found in `ecrypt-payment-gateway-method.php` line 510.

- **ReadMe Updates**:
  - Documented external API usage, endpoints, and terms of service.
  - Added privacy and security notices for compliance:
    - API Endpoints documented for `/customers`, `/transactions/sale`, and `/transactions/refund`.

This version addresses all issues reported by the WordPress plugin review team and ensures compliance with WordPress coding standards, security practices, and internationalization requirements.

## 2025-10-08 - Version 1.0.3
- **Added**:
  - Added support for block checkout
  - Added composer for autoloading and testing
- **Test**:
  - Added testing via composer, PHPUnit and BrainMonkey
  - Added unit tests for blocks support class
  - Added unit tests for customer wallet class
  - Added unit tests for token api class
  - Added unit tests for transaction api class
  - Added unit tests for core class
- **Refactor**:
  - Add new exception class to handle errors in various classes to reduce return statements in class methods
  - Refactor various class methods to reduce cognitive complexity

## 2025-10-15 - Version 1.0.4
- **Fixed**:
  - Updated toolkit version

## 2026-01-08 - Version 1.0.5

- **Fixed**:
  - Updated toolkit version for block checkout addressing responsive site concerns
- **Added**:
  - Update order status to failed on failed payment

## 2026-02-23 - 1.1.0

- **Added**:
  - Authorization transaction type
  - Ability to Capture authorized transactions via order actions in order details screen
  - Ability to Void unsettled orders via order actions in order details screen
  - Accepted cards icons to block and classic checkout payment box

## 2026-04-02 - 1.1.1

- **Fixed**:
  - customer wallet uncaught error responses
  