WordPress.org
Get WordPress
WordPress.org

Plugin Directory

Laqira Payments for WooCommerce

Laqira Payments for WooCommerce

By Laqira Protocol
Download

Description

Laqira Payments is a secure, efficient, and Fully Decentralized Asset-Agnostic Multi-Network Payment Gateway for WooCommerce, enabling businesses to accept digital payments seamlessly with advanced blockchain technology. It offers enhanced flexibility and security, transparent financial statements, and in-app wallet features for users.

Key Features:

  • Fully Decentralized: Uses blockchain for secure, anonymous transactions without third-party oversight.
  • Asset-Agnostic: Allows payments in any origin asset and provides stablecoin in destination to providers, minimizing risk and maximizing stability.
  • Multi-Network Support: Supports diverse network payments, with user options dependent on provider acceptance and configuration.
  • Chainlink Price Feeds: Automatic exact amount detection and stablecoin depeg detection for vendor settlement.
  • Security: Utilizes HttpOnly cookies for JWT authorization and employs robust input hardening and sanitization throughout.

How LaqiraPayments Works:

  1. Provider Registration: Register on LaqiraPayments and receive a dedicated smart contract address (API key) where transparent financial records are carved.
  2. Plugin Setup: Install the LaqiraPayments plugin, input your API key, and configure settings.
  3. Customer Payment: Customers select the LaqiraPayments method, choose a network and cryptocurrency, connect their wallet, and complete the transaction.

External Services

This plugin connects to external services to complete wallet connections, read blockchain data, send blockchain transactions, load payment metadata, verify payment state, and open provider or explorer links. No external request is made merely by activating the plugin. After a merchant configures payment contract, wallet, RPC, or metadata settings, the plugin may contact configured or bundled payment/blockchain services during checkout/payment flows, scheduled cache refreshes, transaction verification, payment metadata loading, or when a user clicks an external link shown by the plugin.

1) Required Laqira runtime services
* What the service is used for: Laqira services are used for provider registration links, support/documentation links, Laqira Pay account or wallet pages, Laqira-hosted payment metadata, payment contract metadata, token/network metadata, and payment verification data when the merchant configures Laqira-hosted endpoints or Laqira Pay account flows.
* Domains that may be opened or requested: laqirapay.com, laqirahub.com.
* What data is sent and when: When an administrator or customer clicks a Laqira link, the browser sends normal HTTPS request data such as IP address, user agent, referrer, and any data included in the destination URL. When the merchant uses Laqira-hosted configuration or metadata endpoints, the browser or store server may send configured provider/payment metadata, payment contract identifiers, token/network identifiers, transaction hashes, wallet addresses where required for payment verification, and normal HTTPS request data.
* Required or optional: Required when the merchant uses Laqira provider registration, Laqira-hosted metadata, or Laqira Pay account/payment metadata flows; optional for support/documentation/account links.
* Terms of Service: https://laqira.io/terms-and-conditions
* Privacy Policy: https://laqira.io/privacy-policy

2) WalletConnect / Reown runtime services
* What the service is used for: These services power the wallet connection modal, wallet discovery, WalletConnect sessions, WalletConnect relay/RPC features, session verification, telemetry/status endpoints used by the wallet connection libraries, and wallet deep-link routing.
* Domains that may be requested by the generated checkout bundle or opened from the admin settings link: cloud.walletconnect.com, api.web3modal.org, rpc.walletconnect.org, relay.walletconnect.org, pulse.walletconnect.org, echo.walletconnect.com, verify.walletconnect.com, verify.walletconnect.org, secure.walletconnect.org, secure-mobile.walletconnect.com, secure-mobile.walletconnect.org, walletconnect.com, walletconnect.org, reown.com.
* What data is sent and when: When a customer opens the wallet modal, searches/selects a wallet, scans a QR code, connects a wallet, or signs/submits a blockchain transaction, the browser may send wallet connection metadata, project ID, selected chain/network, wallet address or session identifiers, relay messages, transaction/session metadata, and normal HTTPS/WebSocket request data such as IP address and user agent.
* Required or optional: Required for WalletConnect/Reown wallet connection flows; optional if the customer uses an injected wallet flow that does not require WalletConnect.
* Terms of Service: https://reown.com/terms-of-service
* Privacy Policy: https://reown.com/privacy-policy

3) Wallet application providers and wallet discovery/deep-link services
* What the service is used for: The bundled wallet connection libraries include support for wallet-specific discovery pages, mobile deep links, install links, and optional wallet-specific connection flows for providers such as MetaMask / Consensys, Rainbow, Safe, Coinbase Wallet, Phantom, Solflare, Trust Wallet, and other wallets exposed by the bundled wallet libraries.
* Domains that may be opened or requested depending on the wallet selected by the customer: metamask.io, metamask.app.link, metamask-sdk.api.cx.metamask.io, mm-sdk-analytics.api.cx.metamask.io, fwd.metamask.io, rainbow.me, rainbow.download, rnbwapp.com, enhanced-provider.rainbow.me, learn.rainbow.me, www.rainbowkit.com, app.safe.global, phantom.app, solflare.com, t.me, go.cb-w.com, meldcrypto.com, apps.apple.com, play.google.com, chrome.google.com, microsoftedge.microsoft.com, addons.mozilla.org, addons.opera.com, trustwallet.com.
* What data is sent and when: These requests occur when the wallet connection UI is loaded, when the customer chooses a supported wallet, opens a wallet deep link, follows an install link, or uses a wallet-specific connection flow. The browser may send wallet/app selection metadata, chain/network information, wallet connection/session identifiers, public wallet address where required by the selected wallet flow, and normal HTTPS request data such as IP address and user agent.
* Required or optional: Optional; the customer chooses the wallet provider.
* MetaMask / Consensys Terms of Service: https://consensys.io/terms-of-use
* MetaMask / Consensys Privacy Policy: https://consensys.io/privacy-notice
* Rainbow Terms of Service: https://app.userainbow.com/static/documents/terms-of-service.pdf
* Rainbow Privacy Policy: https://rainbow.me/privacy

4) Merchant-configured RPC endpoints
* What the service is used for: Merchants may configure RPC endpoints so the plugin can read smart contract data, refresh payment/network metadata, check balances and allowances, verify transactions, estimate gas, and broadcast transactions requested by the customer.
* Domains that may be requested: Any RPC endpoint configured by the merchant in the plugin settings or returned by the merchant’s configured payment metadata.
* What data is sent and when: During checkout/payment flows, scheduled cache refreshes, transaction verification, or payment metadata loading, the browser or store server may send blockchain query data such as chain ID, contract address, token address, wallet address where needed, transaction hash, transaction payload data, token/contract metadata requests, and normal HTTPS request data such as IP address and user agent.
* Required or optional: Required when the selected payment configuration depends on a merchant-configured RPC endpoint. The merchant is responsible for choosing RPC providers whose Terms of Service and Privacy Policy are suitable for the store’s use case.

5) Bundled chain metadata and default RPC references
* What the service is used for: Bundled wallet/web3 libraries include default chain metadata and fallback RPC references for providers and networks such as thirdweb, Arbitrum, BNB Chain, Merkle, Base, Polygon, Mantle, WalletConnect RPC, and Infura / Consensys. These references may be used by the selected wallet, configured network metadata, merchant/network settings, or bundled library when the customer starts a blockchain payment flow.
* Domains that may be requested depending on the configured network, selected wallet, and bundled library defaults: bsc-dataseed.binance.org, rpc.walletconnect.org, 56.rpc.thirdweb.com, api.avax.network, arb1.arbitrum.io, mainnet.base.org, polygon.drpc.org, rpc.mantle.xyz, eth.merkle.io, mainnet.infura.io, goerli.infura.io, sepolia.infura.io, arbitrum-mainnet.infura.io, arbitrum-goerli.infura.io, polygon-mainnet.infura.io, polygon-mumbai.infura.io, optimism-mainnet.infura.io, optimism-goerli.infura.io, avalanche-mainnet.infura.io, avalanche-fuji.infura.io, linea-mainnet.infura.io, linea-goerli.infura.io, celo-mainnet.infura.io, celo-alfajores.infura.io, aurora-mainnet.infura.io, aurora-testnet.infura.io, palm-mainnet.infura.io, palm-testnet.infura.io, starknet-mainnet.infura.io, starknet-goerli.infura.io, starknet-goerli2.infura.io.
* What data is sent and when: If a bundled/default RPC endpoint is used during a selected wallet or network flow, the request may include JSON-RPC data such as wallet address, transaction payload data, contract addresses, chain ID/network details, transaction hash, and normal HTTPS request data such as IP address and user agent.
* Required or optional: Required only when the selected wallet/network/library flow uses one of these bundled/default RPC endpoints. Not every bundled RPC URL is called by the plugin.
* WalletConnect RPC Terms of Service: https://reown.com/terms-of-service
* WalletConnect RPC Privacy Policy: https://reown.com/privacy-policy
* Infura / Consensys Terms of Service: https://consensys.io/terms-of-use
* Infura / Consensys Privacy Policy: https://consensys.io/privacy-notice
* thirdweb Terms of Service: https://thirdweb.com/terms
* thirdweb Privacy Policy: https://thirdweb.com/privacy-policy
* Arbitrum Terms of Service: https://arbitrum.io/tos
* Arbitrum Privacy Policy: https://arbitrum.io/privacy
* BNB Chain Terms / Disclaimer: https://www.bnbchain.org/en/disclaimer
* BNB Chain Privacy Policy: https://www.bnbchain.org/en/privacy-policy
* Merkle Privacy Policy: https://www.merkle.io/privacy
* Base Terms of Service: https://docs.base.org/terms-of-service
* Base Privacy Policy: https://docs.base.org/privacy-policy
* Polygon Terms of Use: https://polygon.technology/terms-of-use
* Polygon Privacy Policy: https://polygon.technology/privacy-policy
* Mantle Terms of Service: https://www.mantle.xyz/terms
* Mantle Privacy Policy: https://www.mantle.xyz/privacy-policy

6) Blockchain explorers, explorer APIs, and transaction links
* What the service is used for: The plugin and bundled blockchain libraries may generate links to blockchain explorers or include explorer API metadata so customers or administrators can inspect transaction hashes, addresses, or network data.
* Domains that may be opened or referenced depending on the selected network: bscscan.com, api.bscscan.com, etherscan.io, api.etherscan.io, goerli.etherscan.io, sepolia.etherscan.io, arbiscan.io, api.arbiscan.io, basescan.org, api.basescan.org, mantlescan.xyz, api.mantlescan.xyz, snowtrace.io, api.snowtrace.io, polygonscan.com, solscan.io.
* What data is sent and when: A request is sent when a customer or administrator clicks an explorer link, or when a bundled library queries explorer API metadata for a supported chain. The browser or API request may include the transaction hash, wallet or contract address, selected network, and normal HTTPS request data such as IP address and user agent.
* Required or optional: Optional for clicked explorer links; explorer API metadata may be required by the selected wallet/library/network.
* BscScan Terms of Service: https://bscscan.com/terms
* BscScan Privacy Policy: https://bscscan.com/privacyPolicy
* Etherscan Terms of Service: https://etherscan.io/terms
* Etherscan Privacy Policy: https://etherscan.io/privacyPolicy
* Arbiscan Terms of Service: https://arbiscan.io/terms
* Arbiscan Privacy Policy: https://arbiscan.io/privacyPolicy
* BaseScan Terms of Service: https://basescan.org/terms
* BaseScan Privacy Policy: https://basescan.org/privacyPolicy
* PolygonScan Terms of Service: https://polygonscan.com/terms
* PolygonScan Privacy Policy: https://polygonscan.com/privacyPolicy

7) Remote payment metadata, token metadata, ABI, and IPFS endpoints
* What the service is used for: The plugin reads remote JSON, ABI, token, network, and metadata files so it can load supported assets, contract ABIs, chain metadata, wallet metadata, and payment configuration data. This includes the server-side request made by BlockchainService::getRemoteJsonCid() to the CID/metadata URL returned by the configured Laqira payment contract.
* Domains that may be requested depending on the selected network and bundled library metadata: ipfs.io, arweave.net, 4byte.sourcify.dev, raw.githubusercontent.com, docs.soliditylang.org, and any merchant-configured CID, ABI, token, network, or RPC metadata URL.
* What data is sent and when: When the plugin refreshes blockchain configuration data or the checkout interface needs token/network/ABI metadata, the browser or store server requests the remote URL and sends normal HTTPS request data such as IP address and user agent. If the URL includes a CID, token, contract, network, or transaction identifier, that identifier is sent as part of the request URL.
* Under which conditions: Requests are sent only after the merchant has configured the payment contract/RPC settings or when checkout/payment screens need the metadata to display available networks and assets.
* Required or optional: Required when the selected payment configuration depends on remote metadata; optional when required metadata is already available locally.
* Terms of Service / Privacy Policy: For Laqira-hosted metadata, see https://laqira.io/terms-and-conditions and https://laqira.io/privacy-policy . For the ipfs.io public gateway, see https://ipfs.tech/legal/ ; IPFS privacy background is documented at https://docs.ipfs.tech/concepts/privacy-and-encryption/ .

8) Static bundled library references that are not plugin runtime services
Generated JavaScript bundles include third-party wallet/web3 library strings, documentation URLs, example URLs, package metadata, app-store install links, wallet deep-link domains, browser issue URLs, standards URLs, and optional media/embed references. These strings may appear in bundled JavaScript, but Laqira Payments does not intentionally call them as plugin runtime services unless a customer clicks a link, the selected wallet opens its own deep link, the selected wallet/library flow uses that service, or a merchant explicitly configures one of those URLs.

  • Examples found in bundled libraries: docs.metamask.io, medium.com, ethstats.net, snowtrace.io, api.snowtrace.io, solscan.io, go.cb-w.com, t.me, apps.apple.com, play.google.com, chrome.google.com, microsoftedge.microsoft.com, addons.mozilla.org, addons.opera.com, www.youtube.com, player.vimeo.com.

Note: Some bundled Composer, JavaScript, CSS, and license files contain documentation URLs, issue tracker URLs, example URLs, standards URLs, or project homepages. Those references are not automatically contacted by Laqira Payments during normal plugin operation. The lists above focus on domains that the generated runtime bundle, wallet libraries, configured blockchain/payment metadata, or user-clicked links may actually request or open.

Important Note: No external request is made merely by activating the plugin. After administrator configuration, external requests may occur during checkout/payment screens, scheduled cache refreshes, wallet connection, blockchain reads, transaction submission or verification, payment metadata loading, or when a user clicks an external link shown by the plugin.

Source Code

Human-readable source code, build tools, and build instructions for the generated JavaScript bundles are available at https://github.com/LaqiraProtocol/laqira-payments . The checkout bundle is generated from the source files under src/ with npm run build; the release ZIP is generated with tools/build-release-artifact.sh.

Translations

  • English (en_US)
  • Chinese (zh_CN)
  • Hindi (hi_IN)
  • Spanish (es_ES)
  • Italian (it_IT)
  • Turkish (tr_TR)

Support

For support or bug reports, please visit the official support page at https://laqirahub.com/laqira-pay/introduction or the support forum.

Screenshots

The Laqira Payments settings screen in WooCommerce.
The Laqira Payments settings screen in WooCommerce.
The checkout flow where the customer selects a network and digital asset.
The checkout flow where the customer selects a network and digital asset.
The order recovery and transaction details experience for completed or repairable orders.
The order recovery and transaction details experience for completed or repairable orders.

Installation

Step 1 – Prerequisite (WooCommerce): Make sure WooCommerce is installed, updated to the latest version, and active on your WordPress site before you begin.

Step 2 – Install & activate the plugin: Go to Plugins > Add New > Upload Plugin, upload the Laqira Payments .zip file, click Install Now, then click Activate.

Step 3 – Register on LaqiraPay: Go to https://laqirapay.com, connect your wallet, and create your provider account. (See screenshot 1)

Step 4 – Enable your networks: On LaqiraPay, enable the blockchain networks you want your customers to be able to pay with (for example BNB Smart Chain, Ethereum, Polygon). Only enabled networks will be available at checkout. (See screenshot 2)

Step 5 – Copy your API Key: Copy the API Key generated for your account on LaqiraPay. (See screenshot 3)

Step 6 – Configure the plugin settings: Navigate to WooCommerce > Settings > Payments, open Laqira Payments, and fill in the fields exactly as below: * API Key: paste the API Key you copied from LaqiraPay in Step 5. * Laqira RPC Url: https://bsc-dataseed.binance.org * Laqira Contract Address: 0x52ab753dd301e4fb5bf00d9bfeb55e356a44064d * WalletConnect Project ID: 57c157d7249ecf6e78dc45ede079eb07 Then click Save. Below the API Key field the plugin shows which networks are active for your configuration (e.g. “BNB Smart Chain is Active”). (See screenshot 4)

Step 7 – Clear the Web3 cache: Click the Clear Web3 Cache button so the plugin reloads your latest network and configuration data.

Step 8 – Enable the payment method: Under WooCommerce > Settings > Payments, toggle Laqira Payments to Enabled. Your store is now ready to accept crypto payments. (See screenshot 5)

Minimum Requirements:

  • PHP version: 8.1 or higher (as per validation report and plugin file)
  • WordPress version: 6.3 or higher (as per validation report and plugin file)
  • WooCommerce version: 8.2 or higher (as per validation report and plugin file)

FAQ

Do I need SSL for my store to use LaqiraPayments?

Yes, using an SSL certificate (HTTPS) is strongly recommended for all e-commerce sites to ensure the security and integrity of payment transactions.

How do I get my API Key?

Your unique Laqira Pay Provider API Key (which acts as your provider address) can be obtained by connecting your wallet and registering as a Provider on the LaqiraPayments website (https://laqirapay.com).

What happens if a transaction fails?

LaqiraPayments includes robust Order Recovery features that help track and manage failed or pending transactions, including a dedicated section on the WooCommerce Order Editing page to repair orders by TXHash.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Laqira Payments for WooCommerce” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Laqira Payments for WooCommerce” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

0.9.38

  • Security – Escaped the order recovery shortcode output before returning it to WordPress.
  • Security – Replaced manual AJAX nonce verification in checkout and transaction recovery handlers with check_ajax_referer() calls that WordPress.org review tools can detect.
  • Security – Removed the nonce-less persistent tab option update from the Order Recovery admin redirect and now derive the active settings tab from the validated request state.
  • Fixed – Replaced invalid Terms/Privacy URLs and expanded the external services disclosure for Laqira services, Consensys/Infura RPC endpoints, and remote CID/IPFS metadata requests.
  • Fixed – Deferred Web3 cache cron scheduling until init to avoid early WooCommerce translation loading notices during first activation.
  • Fixed – Updated test bootstrap coverage so the PHPUnit suite loads plugin files after defining ABSPATH.

0.9.37

  • Fixed – Migrated public WooCommerce payment identifiers, checkout block handles, AJAX actions, and custom helper functions to plugin-specific Laqira Payments names while preserving legacy settings compatibility.
  • Fixed – Removed remote Google Fonts references from bundled and generated assets used by the release package.
  • Security – Re-audited request input handling, nonce verification, and WooCommerce admin capability checks around AJAX, settings, and order metabox flows.
  • Security – Removed the legacy whole-request fallback from the shared request input helper so only explicitly expected request keys are read.
  • Fixed – Replaced hardcoded plugin path detection with WordPress-safe plugin APIs and plugin constants.
  • Fixed – Hardened the GitHub Actions release build so production Composer dependencies are rebuilt with --no-dev, generated assets are sanitized, and the final package is validated before zipping.
  • Fixed – Corrected distribution ignore rules so Composer runtime source files inside vendor are preserved, preventing activation failures on clean WordPress installs.
  • Fixed – Excluded nested dependency lock files such as vendor/**/package-lock.json from the release package.
  • Fixed – Restored WooCommerce order-pay rendering compatibility for retrying failed or interrupted payments in classic and block checkout contexts.
  • Fixed – Split admin order recovery metabox behavior so recorded tx_hash orders use the recovery status metabox while orders without a transaction hash use the failed transaction recovery form.
  • Changed – Refined WordPress.org documentation, explicit external service domain disclosures, screenshots text, and release strategy notes.

0.9.36

  • Fixed – Prepared the WordPress.org release candidate after clean-install activation and transaction smoke testing.

0.9.35

  • Fixed – Fix some issues (Remove plugin update class , readme.txt, vendor folder)

0.9.34

  • Fixed – Updated the plugin distribution process so generated release zip files exclude development-only files and unnecessary vendor artifacts.
  • Fixed – Expanded the external services documentation in the readme to clearly describe wallet connectivity, RPC, remote JSON metadata, and explorer links.
  • Fixed – Replaced the remaining non-prefixed constants and the legacy recovery shortcode with plugin-specific names to improve WordPress.org compliance.
  • Fixed – Added direct-access guards for the remaining PHP entry points, including generated asset PHP files.

0.9.33

  • Security – Hardened AJAX/admin request handling with stricter unslash/validation flows and defensive order checks in transaction confirmation paths.
  • Security – Improved SQL safety in legacy transaction persistence by using prepared SQL markers for table identifiers and IDs, and documenting unavoidable direct queries.
  • Fixed – Replaced discouraged functions (strip_tags, parse_url) with WordPress-safe alternatives and added missing translators comments for replacement strings.
  • Fixed – Reworked global function naming to plugin-prefixed names and synchronized bootstrap calls to match the new function names.
  • Fixed – Added direct-access guards for remaining PHP entry files and aligned uninstall SQL handling with safer $wpdb->prepare() usage.
  • Chore – Updated readme.txt tags.

0.9.32

  • Fixed: Fix some language strings.
  • Fixed: Optimize webpack bundle.

0.9.31

  • Changed – Updated plugin display name to Laqira Payments for WooCommerce.
  • Changed – Updated plugin slug to laqira-payments.
  • Fixed: Restored the settings view by renaming the admin templates to the laqira-payments-… filenames expected by AdminController.
  • Fixed: Deferred the activation log until init to avoid _load_textdomain_just_in_time warnings caused by loading translations too early.
  • Fixed: Prevented SQL syntax errors in the legacy AJAX confirmations by inlining the sanitized table name before preparing SELECT COUNT(1) queries.

0.9.30

  • Security: Added nonce enforcement for order recovery confirmations.
  • Security: Restricted admin-only confirmation to users with WooCommerce management capabilities.
  • Fixed: Guarded template entry points against direct access.
  • Fixed: Switched the gateway icon to a bundled local asset.
  • Fixed: Added missing rel="noopener noreferrer" to external links opened in a new tab.
  • Fixed: Updated web3p/web3.php to 0.3.2.
  • Fixed: Updated bundled Semantic UI assets to 2.5.0.
  • Changed: Updated plugin display name to Laqira Payments for WooCommerce.

0.9.29

  • Fixed: Removed dynamic translation usage for non-literal strings to comply with WordPress i18n standards.
  • Fixed: Removed custom plugin update mechanism to meet WordPress.org repository guidelines.
  • Fixed: Improved settings registration by adding sanitize callbacks for all registered options.
  • Fixed: Ensured support for array and nested option values during sanitization.
  • Fixed: Removed discouraged manual textdomain loading when using WordPress.org language packs.
  • Fixed: General code cleanup and compliance improvements for WordPress.org review.

0.9.28

  • Added support for additional blockchain networks: zkSync
  • Added support for additional blockchain networks: Optimism

0.9.27

  • Security – Prevent duplicate on-chain payments by locking orders during processing and rejecting additional transaction hashes once recorded.
  • Fixed – Disable repeated payment submissions in the checkout modal while a payment request is processing.

0.9.26

  • Changed – change plugin slug
  • Security – rename and refactor the admin transactions list table to sanitize query parameters and replace debug output with escaped JSON.

0.9.25

  • Changed – fix perg_replace #3 parameters to ensure not null (php 8.1+)

0.9.24

  • Changed – update test environments

0.9.23

  • Security – Reuse the shared laqira_payments_filter_input helper for exchange-rate submissions so superglobals are unslashed before sanitization.
  • Security – Normalize request methods, option keys, and nonces prior to validation to eliminate PHP 8.1 deprecation warnings surfaced in QA.
  • Security – Refactored the admin transactions list table to sanitize list-query parameters and remove debug output.

0.9.22

  • Changed – Renamed admin/bootstrap/helpers to match WordPress class-*.php conventions and updated Composer autoloading.
  • Security – Hardened admin settings sanitization with enforced nonce/capability checks and consistent unslash/sanitize flows.
  • Fixed – Added PHPCS-compliant documentation and normalized asset loading throughout the admin bootstrap and JWT utilities.

0.9.20

  • Fixed – fix some warning:
    – remove FILTER_SANITIZE_STRING constant (deprecated since PHP 8.1)
    – fix webpack.js to solve Potential Leaked Secrets
  • Added – Add README.TXT file based on woocommerce and wordpress structure

0.9.19

  • Changed – Aligned exchange rate view config formatting and updated persistence tests.
  • Changed – Refined admin settings sections to include dedicated exchange rate and order recovery tabs.
  • Changed – Refactored order recovery admin settings and cleaned up the settings view.

0.9.18

  • Security – Fixed PHPCS & semgrep issues.

0.9.17

  • Security – Fixed PHPCS & semgrep issues.

0.9.16

  • Fixed – Fixed INPUT_REQUEST.

0.9.15

  • Enhanced – Ran PHPCS tests.

0.9.14

  • Security – Hardened input handling and escaping for LaqiraPayments across AJAX controllers, logging, and helper utilities.
  • Fixed – Improved CLI input handling and sanitization fallbacks.
  • Changed – Allowed scripts in confirmation markup.

0.9.13

  • Fixed – Guarded blockchain integrations until required settings (API key, contract address, RPC URL) are saved.

0.9.12

  • Security – Locked down rendered templates and sanitized admin/front-end output.
  • Security – Hardened transaction confirmation flows and replaced raw SQL with prepared statements.
  • Security – Fortified logging and request sanitization.
  • Security – Improved blockchain error handling and documentation hygiene.

0.9.11

  • Fixed – Handled hex transaction statuses for PHP 8 compatibility.

0.9.10

  • Fixed – Guarded WooCommerce cart reset when session is unavailable.

0.9.9

  • Fixed – Removed leading newline before PHP tag in LegacyAjax.php to avoid header warnings.
  • Fixed – Handled null CID values in blockchain lookups.
  • Fixed – Localized settings script data.

0.9.8

  • Changed – Raised the minimum supported PHP version to 8.1 and updated project documentation.

0.9.7

  • Fixed – Prevented plugin bootstrap from triggering activation and handled missing composer autoloaders gracefully.
  • Security – Enforced secure cookies, default SSL verification and sanitized transaction metadata rendering in admin area.
  • Fixed – Handled unavailable checkout data, stopped repeated cart refresh loops and restored Place order button behaviour.
  • Fixed – Normalized stored transaction hashes, guarded against missing ABI data and ensured confirmations persist to the database.
  • Fixed – Added multi structure permalink support.
  • Fixed – Fetched Web3 data automatically and cleared its cache when any plugin settings option updated.

0.6.2

  • Changed – Changed plugin name to LaqiraPayments from WooLaqiraPayments.

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum