We’ve pushed out an update today which aside from some minor bug fixes, mainly addresses an upcoming deadline for Authorize.net users, as announced here on their site. In a nutshell, Authorize.net will change how we verify Silent Post notifications to make sure the sender truly is Authorize.net, these changes take effect on the 27th June 2019 and therefore an update is required to still receive Authorize.net notifications.
Silent Posts serve one specific purpose in Events Manager, and that is automatically updating a booking previously made and paid for using Authorize.net which is refunded or voided from the authorize.net control panel. This change does not affect the ability to book an event, so if you’re using older versions of Events Manager Pro to process payments via Authorize.net and are wondering whether you should upgrade/renew your license, this depends on how heavily you rely on voided or refunded transactions resulting in an automatically cancelled booking on Events Manager.
We have been testing out options and have found that Silent Posts to be potentially buggy throughout the migration, and have opted to also integrate Webhooks, which are essentially the same thing but in a different format of delivery to your server. Aside from being more reliable, Authorize.net themselves recommend upgrading to Webhooks anyway, so we took the opportunity to do some future-proofing here.
You’ll find an updated set of documentation for Authorize.net, reflecting the new changes and instructions on how to set up Webhooks, it’s pretty easy and just a matter of clicks.
We’re expecting to release a followup update in the coming weeks for both Events Manager and Pro with further bug fixes and some new feature announcements, so stay tuned!
Pro 2.6.4.2 Changeset
- added JSON API endpoint for gateways to send notifications and integrated authorize.net webhooks support,
- added SHA512 hashing support in place of now deprecated MD5 hashing for silent posts,
- added Signature Key field for authorize.net settings which allows for webhooks and new silent post notifications to be verified correctly,
- improved aesthetics of log file entries (for logging enabled),
- added generic api key storage to EM_Gateway object previously only on PayPal
- fixed multiple booking issues with displaying carts in PHP 7.1 due to new session_save functionality
- fixed consent checkbox still showing even if disabled on multiple bookings form
- fixed offline approve warning proceeding when the cancel button is pressed
- added filter for transaction details transaction id, allowing for external links to transaction details on gateway site
- changed output of google static map default hex image when there are API errors, to prevent false positives with security scanners
- fixed coupons not updating count when a booking using the coupon is cancelled or rejected,
- fixed bookings deleting coupons when rejected/cancelled, which causes problems with email templates showing different prices to original booking
- fixed back button to booking form not loading attendee forms for tickets with selected spaces
- added em_pro_loaded action after EM_Pro::init() has executed, add-ons should hook into this rather than init to prevent dependence fatal errors
- added check allowing for regex modifiers to be used in custom field textarea regex rules
- minor tweak to forms editor admin page for recent WP css/class structure
- fixed session locking issues in Site Health checks (and potentially other loopbacks) when Multiple Bookings are enabled
- fixed regex issues where modifiers were not being properly validated and certain complex regex expressions getting characters stripped due to sanitizing and/or JSON stringify on longer forms
- fixed site/event-wide coupons showing in booking options to guest users when anonymous event submissions enabled