s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)


The s2Member® Framework (free) integrates with PayPal Website Payments Standard (also free). Sell „Buy Now” or Membership access to your site. Restrict access to Roles, Capabilities, Posts, Pages, or anything else in WordPress.

Protect your WordPress Posts, Pages, Tags, Categories, URIs, BuddyPress/bbPress, and even portions of content within Posts, Pages, themes, plugins. Easily configurable & highly extensible. You can even protect downloadable files and streaming audio/video. Store files locally, or use s2Member’s integration with Amazon® S3/CloudFront.

s2Member is powered almost entirely by WordPress shortcodes, making complex integrations quick & easy. Sell recurring (or non-recurring) subscriptions with lots of flexibility. Or sell „Buy Now” access in various ways. You can also sell specific Posts/Pages, sell access to file downloads, or sell Custom Capabilities that provide highly configurable access to specific portions of your content.

You can learn more at s2Member.com.

Reasons to upgrade to „s2Member® Pro”

  • Stripe™ integration via Pro-Forms (one-step checkout).
  • PayPal Pro™ integration via Pro-Forms (one-step checkout).
  • Authorize.Net™ integration via Pro-Forms (one-step checkout).
  • Plus ClickBank™, Unlimited Membership Levels, Coupon Codes, Gift/Redemption Codes, Pro API, and more!

With 1000’s of customers, an intelligent open-community, comprehensive documentation, video tutorials, APIs, the s2Member Codex, KB articles, and over 50,000 forum posts; s2Member just can’t be beat!

Secure WordPress content and offer users/members a secure checkout solution that integrates seamlessly with WordPress Roles/Capabilities. It’s like a cash machine. s2Member puts money back in your pocket with every customer you acquire. You can learn more at s2Member.com.


Copyright: © 2013 WP Sharks (coded in the USA)

Released under the terms of the GNU General Public License.

Credits / Additional Acknowledgments

Capturi ecran

  • s2Member Screenshot #1
  • s2Member Screenshot #2
  • s2Member Screenshot #3
  • s2Member Screenshot #4
  • s2Member Screenshot #5
  • s2Member Screenshot #6
  • s2Member Screenshot #7


NOTICE: If you are an s2Member Pro customer in need of support, please use our support center at s2Member.com.

s2Member® is Very Easy to Install

  1. Upload the /s2member folder to your /wp-content/plugins/ directory.
  2. Activate the plugin through the Plugins menu in WordPress®.
  3. Navigate to the s2Member® Options panel for configuration details.

See Also (s2Member.com)

Detailed installation/upgrade instructions.

Is s2Member compatible with Multisite Networking?

Yes. s2Member and s2Member Pro, are also both compatible with Multisite Networking. After you enable Multisite Networking, install the s2Member plugin. Then navigate to s2Member → Multisite (Config) in the Dashboard on your Main Site.

Întrebări frecvente

NOTICE: If you are an s2Member Pro customer in need of support, please use our support center at s2Member.com.

Please Check the Following s2Member® Resources
Translating s2Member®

Please see: http://s2member.com/r/translations/


30 august 2020
Great free plugin with powerful features if you know how to use it. Lighter than every other membership plugin and secure of all membership plugin, my only two reasons for choosing it. Pro version is available for a one-time fee, unlike other plugins. Quality of code is top-notch without any bloat. Now coming to the shortcomings, my site dashboard freezes when I am trying to edit the features of s2member. The membership levels are sequential. Not frequently updated like other plugins. Thank you
11 iunie 2020
The integration with paypal and membership expiry is fantastic. Support has been helpful when needed. Documentation is good, and the custom functions allow for greater customisation in the site Content filtering based on membership roles is easy to implement All in all this plugin abstracts most of the membership headaches away from the website. The only drawbacks, are that it takes a while to wrap your head around, and isn't the prettiest in terms of its built-in UI. But the power of the plugin far outweighs these minor issues.
28 mai 2020
So glad I found this. It works brilliantly for our needs. Not experiencing any of the negatives reported by others. A little technical to set up but instructions are clearly presented on the main plugin page, love the seamless integration with PayPal. Everything we need. Thank you so much for creating this!
20 octombrie 2020
Very difficult to understand and use it, broke my website, had to reset my website from scratch and when I requested a refund I have received no answer. I do not recommend it at all, I gave it a very bad review everywhere wherever I find a website for rating and reviewing this plugin
8 aprilie 2020
Update: I posted my issue on the Forum and had a great response from members on how to fix my issue. Thanks for the help. I'm glad I kept the plugin. ----- I bought the S2Member Pro thinking that I would receive the additional features offered and support. Having an issue with the code integration with Stripe and my website (meaning it doesn't work!) I have no one to ask questions. My solution is asking the forum community for help or paying a freelance person for help. This is BS. I wouldn't have spend the money if I realized the developer is just cashing in on his design and has stopped actively supporting his customers! (And yes I have watched your videos and read your forum!)
Citește toate cele 198 de recenzii

Contributori și dezvoltatori

„s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)” este un software open-source. La acest modul au contribuit următoarele persoane.


Istoric modificări


  • (s2Member Pro) Enhancement: Added „Powered by Stripe” to Stripe pro-form’s payment card field. Kudos to Josh, see post 6716.

  • (s2Member Pro) Bug Fix: Stripe subscription cancellations were not happening when they should. This release updates the API integration for it and fixes that behavior. Kudos to Matt for reporting it, see post 6909.

  • (s2Member Pro) Bug Fix: Updating the card with Stripe’s pro-form sometimes gave an incorrect „missing billing method” error. Kudos to Corey, see post 7058.

  • (s2Member Pro) Small fix: Removed Bitcoin mention next to Stripe in Gateways list. Missed it in v191022.


  • (s2Member Pro) Bug Fix: In some rare cases, another plugin loaded Stripe’s class before s2Member, so when s2 tried loading it there’d be an error. This release fixes the check for the class before trying to load it. See issue #1170

    Note: s2Member won’t have control over what version of the Stripe SDK was loaded by the other plugin. You’ll need to get that other plugin to have an up-to-date version. If you don’t have another plugin loading Stripe, this is not relevant to you.

  • (s2Member Pro) Bug Fix: When using a 100% off coupon, requiring no payment, the Stripe pro-form was still loading the card field and requiring it, preventing the free signup. That’s fixed in this release. See issue #1171

  • (s2Member Pro) Bug Fix: The Stripe pro-form, when given an invalid card, didn’t give a clear error message for it, and instead just „invalid parameter”. Now it shows the correct card error, making it possible for the customer to try a different card to complete the payment.

  • (s2Member Pro) Feature Update: The Indian Rupee was added to the list of currency symbols.

  • (s2Member Pro) Feature Enhancement: The s2Member Pro add-on, not being a regular plugin was not uploadable via the WP plugin manager. This made it necessary to FTP, which is complicated for some site owners. In this release I made it possible for the plugin manager to upload or remove the Pro add-on.

    Note: It still is not a regular plugin. The activation link or status in the plugins manager is irrelevant, but I couldn’t find how to remove it. s2Member Pro activates automatically when its version matches the Framework’s, and it’ll be mentioned next to the Framework’s version in the plugins manager.


  • (s2Member Pro) Feature Enhancement: The Stripe pro-forms can now handle 3D Secure 2 for Strong Customer Authentication, as required by the new European regulation that came into effect recently. Props to those in the beta testing group, especially Brice and Felix. See thread 5585.

  • (s2Member Pro) Feature Enhancement: The Stripe pro-form now has the card field inline, instead of opening a modal to enter it. Before it required clicking the link to open the modal, enter the card details, submit that, and then submit the pro-form. Now you enter the card details as part of the pro-form. See issue #588.

  • (s2Member Pro) Stripe Integration Updates: Upgraded the Stripe PHP SDK from v1.18 to v7.4.0, and the API from 2015-07-13 to 2019-10-08. Upgraded the integration from the Charges API to the latest Payment Intents API. Upgraded the card input from the old Stripe Checkout modal, to the new Stripe.js and Elements.

  • (s2Member Pro) Optimization: Stripe’s JavaScript now only gets included if the page has a Stripe pro-form.

  • (s2Member Pro) Removed Stripe Bitcoin: Stripe dropped Bitcoin last year, it’s not available anymore. This update removes the Bitcoin options and mentions from the s2 admin pages.

  • (s2Member Pro) Bug Fix: Subscriptions without at trial were showing a „trialing” status in Stripe for the first period. This behavior has now been solved. It will only say trialing when you set a trial period (free or paid) in your Stripe pro-form shortcode. See issue #1052.

  • (s2Member Pro) Bug Fix: The Stripe pro-form installments via the rrt shortcode attribute were charging an extra payment before ending the subscription. There was an error in the time calculation for this. This is solved in this release. Props to Brice. See thread 5817.

  • (s2Member Pro) Bug Fix: Some payments through the Stripe pro-form were creating a new Stripe customer when the user was already a customer. The Stripe customer ID was not being saved correctly in the user’s profile. This is solved in this release. Props to demeritcowboy for reporting it.


  • (s2Member) PayPal Integration Update: PayPal deprecated the subscription modification button. Using the old possible values for this, now gives an error on PayPal’s site. This button has been removed from the PayPal Standard integration in s2Member. Props to Tim for reporting it, see forum thread 5861, and issue #1157.

  • (s2Member) Bug Fix: PayPal would sometimes return the customer without the Custom Value expected by s2Member, incorrectly triggering an error. A small delay has now been added when needed to wait for PayPal to provide the missing value, so that the customer is met with the correct success message on return. Props to Josh Hartman for his help. See forum thread 5250.

  • (s2Member) Bug Fix: Google’s URL shortening service has been discontinued. The s2Member integration with it was removed in this release. Props to Felix Hartmann for reporting it.

  • (s2Member) Feature Enhancement: The popular URL shortening services have been abused in spam emails, and this can cause your site’s emails with shortened signup URLs to end up in the spam folder. It’s now possible to disable URL shortening when trying to avoid this problem. Props to Felix Hartmann for suggesting it. See forum thread 5697.

  • (s2Member Pro) New Feature: It is now possible to use a custom URL shortener other than the defaults in the s2Member Framework. This is particularly useful to use YOURLS for your links, making them unique to your site, looking more professional and avoiding the spam filters issue mentioned above. For more info see this forum post.


  • (s2Member Pro) Authorize.Net Hash Upgrade: Authorize.Net announced the end-of-life for their MD5 Hash in favor of their new SHA512 Signature Key. Support for this has been added to s2Member Pro. The MD5 Hash is not provided by Authorize.Net any more, so the field for it in s2Member has been disabled. Props @krumch for his work. For further details see forum thread 5514.

    Note: For those that already used the MD5 Hash in their configuration, it is kept there and will keep working while Authorize.Net accepts it, which will not be much longer. It’s important to update your integration with the new Signature Key. Once you have your Signature Key in the s2Member configuration, it will be favored over the old MD5 Hash._

  • (s2Member Pro) Bug Fix: The multisite patch for wp-admin/user_new.php wasn’t finding the code to replace because of changes in the latest releases of WordPress. It has now been updated, as well as the instructions in the Dashboard for those that prefer to apply it manually. Props @crazycoolcam for reporting it. For further details see Issue #1132.

    Note: If you already had patched this file in the past, it’s recommended that you remove the previous patch restoring it to the original file, and let s2Member Pro patch it again now, otherwise you risk getting it patched over the previous one and ending up with errors. After the new patch, please review that file to verify that it’s correct._

  • (s2Member Pro) Bug Fix: The search results for s2Member-List were not being ordered as specified in the orderby attribute when this was a field from the usermeta table in the database, e.g. first_name, last_name. This is now fixed and working correctly. Props to @stevenwolock for reporting it. For further details see Issue #1103.

  • (s2Member) WP 5.2 Compat. Enhancement: s2Member has been tested with WP up to 5.2.2-alpha. With WP_DEBUG enabled, only one „notice” was found. In wp-login.php it said ‘login_headertitle is deprecated since version 5.2.0! Use login_headertext instead.’ This release now uses login_headertext and doesn’t get that notice anymore. Props Azunga for reporting it. See forum thread 5962.


  • (s2Member/s2Member Pro) PayPal IPN Compatibility: This release includes an updated PayPal IPN handler that is capable of reading number-suffixed IPN variables that are now being sent by PayPal’s IPN system in some cases, for some customers. We strongly encourage all site owners to upgrade to this release as soon as possible, particularly if you’re using PayPal to process transactions. Props @openmtbmap and @patdumond for reporting. See: Issue #1112


  • (s2Member/s2Member Pro) PHP v7 Compat. Enhancements: This release adds an integration with the Defuse encryption library for PHP, making it possible for s2Member to move away from the mcrypt_*() family of functions in versions of PHP >= 7.0.4, where the mcrypt library has been deprecated — mcrypt_*() will eventually be removed entirely.

    Starting with this release of s2Member, if you’re running s2Member on PHP v7.0.4+, the Defuse library will be used automatically instead of mcrypt. See Issue #1079.

    Note: Backward compatibility with mcrypt functions will remain for now, especially for the decryption of any data that was previously encrypted using RIJNDAEL-256; i.e., data encrypted by a previous release of the s2Member software. s2Member is capable of automatically determining the algorithm originally used to encrypt, which allows it to decrypt data using Defuse, else RIJNDAEL-256, else XOR as a last-ditch fallback.

    API Functions: s2member_encrypt() & s2member_decrypt(). These two API Functions provided by s2Member are impacted by this change. Starting with this release, if you’re running s2Member on PHP v7.0.4+, the Defuse library is used automatically instead of the older mcrypt extension. Not to worry though; the s2member_decrypt() function is still capable of decrypting data encrypted by previous versions of the s2Member software.

  • (s2Member/s2Member Pro) UI Fix: All menu page notices should be given the notice class and the additional notice-[type] class instead of the older generic updated and error classes. Fixed in this release. Related to Issue #1034

  • (s2Member/s2Member Pro) UI Fix: Plugins displaying Dashboard-wide notices using the older updated and error classes should be handled better to avoid displaying them below the s2Member header (on s2Member menu pages) and with non-default WordPress styles. See: Issue #1034

  • (s2Member/s2Member Pro) UI Fix: Improving color highlighting in input fields following a media library insertion; e.g., when adding a custom logo to the login/registration page.

  • (s2Member Pro) Bug Fix: Merchants using PayPal Pro (Payflow Edition) to charge a fixed non-recurring fee following an initial 100% free trial period, were seeing their member accounts EOTd after the trial ended, instead of the EOT Time being set to the end of the fixed term period. Props @patdumond, James Hall, and many others for reporting this in the forums and at GitHub. See Issue #1077.

  • (s2Member Pro) Bug Fix: Updating PHP syntax in Simple Export tool, for compatibility w/ modern versions of PHP. Props @patdumond for reporting and helping us locate the underlying cause of this problem. See Issue #1055.

  • (s2Member Pro) Stripe Bug Fix: This releases corrects a seemingly rare conflict between s2Member and Stripe on certain mobile devices and in certain scenarios. In a case we examined, there was a problematic CSS z-index setting in the s2Member source code that was, at times, causing problems in the stacking order, which resulted in a user’s inability to enter details into the Stripe popup form. In this release, s2Member’s customization of the z-index stacking order has been removed entirely, as it is no longer necessary in the latest revision of the Stripe popup, which already handles z-index adequately. Props @jaspuduf for reporting and for helping us diagnose the problem. See Issue #1057.

  • (s2Member/s2Member Pro) Security Enhancement: This release removes the %%user_pass%% Replacement Code from the API Registration Notification email that is sent to a site owner; i.e., when/if it is configured by a site owner. Props @patdumond see Issue #954. This Replacement Code was removed as a security precaution.

  • (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: ‘PHP Warning: Parameter 2 to c_ws_plugin__s2member_querys::_query_level_access_coms() expected to be a reference, value given’. This was resolved by removing the strict ‘by reference’ requirement from the list of parameters requested by s2Member.

  • (s2Member/s2Member Pro) Bug Fix: Resolving internal warning: ‘PHP Warning: Illegal string offset ‘user_id’ in s2member/src/includes/classes/sc-eots-in.inc.php’. This was resolved by typecasting $attr to an array in cases where WordPress core passes this as a string; e.g., when there are no attributes.

  • (s2Member Pro) Bug Fix: Incorrect default option value for reject_prepaid="" attribute in Stripe Pro-Forms. See: Issue #1089


  • (s2Member/s2Member Pro) JW Player v7: This release adds support for JW Player v7 in the [s2Stream /] shortcode. See Issue #774.

  • (s2Member Pro) Bug Fix: Allow Pro-Forms to use success="%%sp_access_url%%" without issue. See Issue #1024.

  • (s2Member/s2Member Pro) AWS Region: Adding AWS region ap-northeast-2. See Issue #1033.

  • (s2Member/s2Member Pro) AWS Region: Adding AWS region eu-west-2. See Issue #1033.

  • (s2Member) Bug Fix: This release corrects a minor server-side validation bug that was related to the use of non-personal email address. See Thread #1195 and Issue #1054.

  • (s2Member) Bug Fix: Updated several outdated links within the software; e.g., removing older www. references, correcting forum links, and more. Also corrected missing changelog. See Issue #1027.

  • (s2Member Pro) Pro Upgrader: The pro upgrader has been refactored and now asks for your s2Member Pro License Key instead of your s2Member.com password. The next time you upgrade to the most recent version of s2Member Pro, you will be asked for your License Key. You can obtain your License Key by logging into your account at s2Member.com. Once logged in, visit your ‘My Account’ page, where you will find your License Key right at the top. See Issue #668.

  • (s2Member/s2Member Pro) CloudFlare Compat.: Enhancing compatibility with Rocket Loader via data-cfasync="false" on dynamic s2Member scripts. See: Issue #1038.


  • (s2Member Pro) Bug Fix: Stripe refund notifications via the Stripe Webhook were always interpreted by s2Member as full refunds. This release corrects this bug so that s2Member will handle partial refunds via the Stripe API properly in all cases. Props @raamdev for reporting.

  • (s2Member/s2Member Pro) Bug Fix: Updating profile via [s2Member-Profile /] when changing email addresses may leave the old email address on configured email list servers in some scenarios. Props @renzms for reporting. For further details see issue #1007.

  • (s2Member/s2Member Pro) SSL Compatibility & Option Deprecation: In previous versions of s2Member there was a setting in the UI that allowed you to force non-SSL redirects to the Login Welcome Page. By popular demand, this setting has been deprecated and removed from the UI.

    New Approach: The new approach taken in the latest release of s2Member is to automatically detect when a non-SSL redirection should occur, and when it should not occur (i.e., when the default WordPress core behavior should remain as-is).

    s2Member does this by looking at the FORCE_SSL_LOGIN and FORCE_SSL_ADMIN settings in WordPress, and also at your configured siteurl option in WordPress. If you are not forcing SSL logins, or your siteurl begins with https:// (indicating that your entire site is served over SSL), non-SSL redirects will no longer be forced by s2Member, which resolves problems on many sites that serve their entire site over SSL (a growing trend over the past couple years).

    Conversely, if FORCE_SSL_LOGIN or FORCE_SSL_ADMIN are true, and your configured siteurl option in WordPress does NOT begin with https:// (e.g., just plain http://), then a non-SSL redirect is forced, as necessary, in order to avoid login cookie conflicts; i.e., the old behavior is preserved by this automatic detection.

    Overall, this new approach improves compatibility with WordPress core, particularly on sites that serve all of their pages over https:// (as recommended by Google).

    Backward Compatibility: As noted previously, the old option that allowed you to configure s2Member to force non-SSL redirects to the Login Welcome Page has been officially deprecated and removed from the UI. However, the old option does still exist internally, but only for backward compatibility. A WordPress filter is exposed that allows developers to alter the old setting if necessary. You can use the filter to force a true or false value.

    add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_true');
    // OR add_filter('ws_plugin__s2member_login_redirection_always_http', '__return_false');

  • (s2Member/s2Member Pro) Bug Fix: Username/password email being sent to users whenever Custom Passwords are enabled in your s2Member configuration and registration occurs via the default wp-login.php?action=register form. Fixed in this release. See also: issue #870 if you’d like additional details.

  • (s2Member Pro) Bug Fix: In the [s2Member-List /] search box shortcode an empty action="" attribute produces a warning due to invalid syntax in HTML v5. Fixed in this release. See Issue #1006

  • (s2Member/s2Member Pro) IP Detection: This release improves s2Member’s ability to determine the current user’s IP address. s2Member now searches through HTTP_CF_CONNECTING_IP, HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_X_CLUSTER_CLIENT_IP, HTTP_FORWARDED_FOR, HTTP_FORWARDED, HTTP_VIA, and REMOTE_ADDR (in that order) to locate the first valid public IP address. Either IPv4 or IPv6. Among other things, this improves s2Member’s compatibility with sites using CloudFlare. See also: issue #526 if you’d like additional details.

  • (s2Member Pro) JSON API: In the pro version it is now possible to use the s2Member Pro Remote Operations API to send and receive JSON input/output. This makes the Remote Operations API in s2Member compatible with a variety of scripting languages, not just PHP; i.e., prior to this release the Remote Operations API required that you always use PHP’s serialize() and unserialize() functions when making API calls. The use of serialize() and unserialize() are no longer a requirement since input/output data is now sent and received in the more portable JSON format. For new code samples, please see: Dashboard → s2Member → API / Scripting → Pro API For Remote Operations. See also: issue #987 if you’d like additional details on this change.

    Note: The old s2Member Pro Remote Operations API has been deprecated but will continue to function just like before (via serialize() and unserialize()) for the foreseeable future. Moving forward, we recommend the new JSON code samples. Again, you will find those under: Dashboard → s2Member → API / Scripting → Pro API For Remote Operations

  • (s2Member/s2Member Pro) Enforce data types when determining PHP constants. See this GitHub issue if you’d like further details.

  • (s2Member/s2Member Pro) Phing Build Routines: Starting with this release, developers working on the s2Member project are now able to perform builds of the software via the websharks/phings project; i.e., the structure of the plugin directories has been changed (slightly) to conform to Phing and PSR4 standards. This makes it easier for our developers to prepare and release new versions of the software in the future.


  • (s2Member/s2Member Pro) WP v4.6 Compatibility. A full round of tests was performed against this release of s2Member, s2Member Pro, and the upcoming release of WordPress v4.6. In particular, the new HTTP API needed testing, along with the new optimized loading sequence in WordPress v4.6. Our tests indicate there are no compatibility issues, and we therefore encourage all s2Member site owners to upgrade to WordPress v4.6 whenever it becomes available publicly.

  • (s2Member/s2Member Pro) Bug Fix: Allow for < and > to work in the [s2If php="" /] shortcode attribute as expected. Some Visual Editors convert these into &lt; and &gt;, so it’s necessary to interpret them as such whenever the shortcode is parsed by s2Member.

  • (s2Member/s2Member Pro) JS API: Reducing the number of variables provided by the s2Member JavaScript API by default, and adding a new filter that allows them to all be enabled when/if desirable: ws_plugin__s2member_js_api_constants_enable. Props @JeffStarr for reporting.


  • (s2Member/s2Member Pro) Security Enhancement: This release forces CURLOPT_SSL_VERIFYPEER to a value of TRUE in the AWeber SDK that is used when/if you integrate with AWeber. In short, this forces AWeber to have a valid/verifiable SSL certificate before any data is exchanged between s2Member and the AWeber API behind-the-scenes. Props at WordPress security team for reporting this.


  • (s2Member/s2Member Pro) PHP Compat./Bug Fix: This follow-up release includes a patch that will prevent fatal errors when s2Member and/or s2Member Pro are installed on a site running PHP v5.2 or PHP v5.3; i.e., this release corrects a bug that was causing fatal errors on these older versions of PHP. Note that s2Member and s2Member Pro are once again compatible with PHP v5.2+, up to PHP v7.0. Props @krumch. See also: this GitHub issue for details.


  • (s2Member/s2Member Pro) WP v4.5 Compatibility. This release offers full compatibility with the latest release of WordPress v4.5. Nothing major was changed for standard WordPress installations, but there were a few subtle tweaks here and there to improve v4.5 compatibility. We encourage all users to upgrade right away.

    NOTE: WP v4.5 for Multisite Networks running s2Member Pro: This release corrects a bug first introduced in the previous release of s2Member Pro that resulted in an error message (Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found) when updating to WP v4.5. It has been corrected in this release, but in order to avoid this problem altogether please follow this procedure when upgrading WordPress.

    WP v4.5 Multisite Upgrade Procedure:

    • Upgrade s2Member and s2Member Pro ​before​ updating WordPress core.
    • Then upgrade WordPress core and observe that Multisite Patches are applied properly.

    If you have already upgraded to WP v4.5 and worked past this issue by patching manually, that’s fine. You can still upgrade s2Member and s2Member Pro. After the upgrade you may feel free to enable automatic patching again if that’s desirable.

  • (s2Member/s2Member Pro) Bug Fix: This release corrects a bug first introduced in the previous release which was causing a PHP warning about cf_stream_extn_resource_exclusions. A symptom was to have mysterious problems with [s2Stream /] or the [s2File /] shortcode. Fixed in this release. Props at @raamdev @renzms for reporting. See also this GitHub issue for details.

  • (s2Member/s2Member Pro) PayPal SSL Compatibility: This release of s2Member provides an https:// IPN URL for PayPal IPN integrations. It also provides a helpful note (in the Dashboard) about a new requirement that PayPal has with respect to the IPN URL that you configure at PayPal.com. s2Member has been updated to help you with this new requirement.

    New PayPal.com IPN Requirement: PayPal.com is now requiring any new IPN URL that you configure to be entered as an https:// URL; i.e., if you log into your PayPal.com account and try to configure a brand new IPN URL, that URL must use https://. PayPal.com will refuse it otherwise.

    However, the notify_url= parameter in standard PayPal buttons should continue to work with either http:// or https://, and any existing configurations out there that still use an http:// IPN URL should continue to work as well. So this is about planning for the future. We have been told that PayPal will eventually require that all IPN URLs use an https:// protocol; i.e., they will eventually stop supporting http:// IPN URLs altogether (at some point in the future), they are not giving anyone a date yet. For this reason we strongly suggest that you review the details given here.

    Since PayPal is moving in a direction that will eventually require all site owners to have an SSL certificate in the future, s2Member’s instructions (and the IPN URL it provides you with) will now be presented in the form of an https:// URL with additional details to help you through the process of configuring an IPN handler for PayPal.

    See: Dashboard → s2Member → PayPal Options → PayPal IPN Integration

    Props @codeforest for reporting. See this GitHub issue for further details.

  • (s2Member/s2Member Pro) Bug Fix: Email field on Registration page not shown as required via * symbol like other fields in this form. Caused by a change in WordPress core. Fixed in this release. Props @spottydog63 @renzms. See also: this GitHub issue for details.

  • (s2Member/s2Member Pro) Bug Fix: E_NOTICE level errors in cache handler when running in WP_DEBUG mode. Props at @KTS915 for reporting. Fixed in this release. See also: this GitHub issue.

  • (s2Member/s2Member Pro) i18n Compatibility: This release of s2Member moves the load_plugin_textdomain() call into the plugins_loaded hook instead of it being run on init. Props @KTS915 for reporting. See also: this GitHub issue for details.

  • (s2Member Pro) Multisite Patches: Fixed a bug (Uncaught Error: Class 'c_ws_plugin__s2member_mms_patches' not found) whenever WordPress was being updated and Multisite Patches were being applied in the pro version of s2Member. See: this GitHub issue for details.

  • (s2Member/s2Member Pro) Security Enhancement: This release of s2Member defaults PayPal Button Encryption to a value of on instead of off; i.e., there is a new default behavior. Existing s2Member installations are unaffected by this change, but if you install s2Member on a new site you will notice that (if using PayPal Buttons), Button Encryption will be enabled by default.

    Note that in order for Button Encryption to work, you must fill-in the API credentials for s2Member under: Dashboard → s2Member → PayPal Options → PayPal Account Details


  • (s2Member/s2Member Pro) Comet Cache Compat.: This release improves compatibility with Comet Cache (formerly ZenCache), whenever you have it configured to cache logged-in users. See also: this GitHub issue. Props @KTS915 for reporting!

  • (s2Member Pro) ClickBank IPN v6 Compat.: Version 6 of the ClickBank IPN system was recently updated in a way that causes it to return transactionType = CANCEL-TEST-REBILL in test mode, instead of the previous value, which was: TEST_CANCEL-REBILL. s2Member Pro has been updated to understand either/or. See also this GitHub issue for further details.

  • (s2Member Pro) Stripe Bug Fix: This release corrects a bug caused by typos in the source code that were preventing refunds from being processed as expected whenever Stripe was integrated. Props @YearOfBenj for reporting this important issue. Props @patdumond for relaying vital information. See also this GitHub issue if you’d like additional details.

  • (s2Member Pro) PayPal Bug Fix: Under some conditions, the EOT behavior in s2Member Pro (when integrated with PayPal Pro) would immediately terminate access whenever a customer’s subscription naturally expires. Recent versions of the Payflow system set the status to EXPIRED, and this was handled as an immediate EOT instead of as a delayed EOT that is subject to date calculations to determine the correct date on which a customer should lose access; i.e., based on what they have already paid for. Fixed in this release. See also: this GitHub issue if you’d like additional details.

  • (s2Member Pro) One-Time Offer Bug Fix: This release corrects some inconsistencies in the One-Time Offers system that comes with s2Member Pro. Symptoms included seemingly unpredictable behavior whenever redirections were configured without a specific Membership Level. Props @jacobposey for reporting. See also: this GitHub issue if you’d like additional details.

  • (s2Member/s2Member Pro) Bug Fix: s2Member was not properly respecting DISALLOW_FILE_MODS in a specific scenario related to GZIP. Props @renzms @kristineds. See also: this GitHub issue for further details.

  • (s2Member,s2Member Pro) Bug Fix: Resolved a minor glitch in the WordPress Dashboard → Settings → General panel, where s2Member’s notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: this GitHub issue if you’d like additional details.

  • (s2Member/s2Member Pro) PayPal Sandbox: This release updates the inline documentation under the PayPal Account Settings section of s2Member. We now suggest that instead of enabling PayPal Sandbox Mode (sometimes buggy at best), that site owners run tests with low-dollar amounts against a live PayPal account instead; e.g., $0.01 test transactions in live mode work great also. See this GitHub issue if you’d like additional details. Props @raamdev for mentioning this again.


  • (s2Member,s2Member Pro) Bug Fix: Resolved a minor glitch in the WordPress Dashboard → Settings → General panel, where s2Member’s notice regarding Open Registration was inadvertently forcing the entire page into italics. Props @renzms @kristineds @raamdev ~ See also: this GitHub issue if you’d like additional details.

  • (s2Member) Multisite Support: This release of s2Member (the free version only) removes full support for Multisite Networks, which is now a Pro feature; i.e., only available in the Pro version.

    Is s2Member still compatible with WordPress Multisite Networking?

    Multisite support is no longer included in the s2Member Framework. However, it is available with s2Member Pro. s2Member Pro is compatible with Multisite Networking. After you enable Multisite Networking, install the s2Member Pro Add-On. Then, navigate to s2Member → Multisite (Config) in the Dashboard of your Main Site. You can learn more about s2Member Pro at s2Member.com.

    I was using the free version in a Multisite Network before. What happened?

    s2Member (when running on a Multisite Network) requires minor alterations in WordPress core that are not compatible with plugins available at WordPress.org (i.e., not allowed) at this time. For this reason, full support for Multisite Networks is now available only in the pro version.

    What if I already configured Multisite options on a site running the free version?

    If you already customized s2Member’s Multisite Network configuration options in a previous release, those settings will remain and still be functional over the short-term; i.e., the functionality that makes s2Member compatible with Multisite Networking is still included, even in the s2Member Framework. However, the routines that deal with core patches, and those that allow you to change Multisite options are no longer available. You will need to acquire the Pro version. Or, you can revert to a previous release. s2Member Framework v151218 is suggested if you go that route.

    See also: this GitHub issue for further details.


  • (s2Member Pro) Reminder Email Notification Exclusions: It is now possible to enable/disable EOT Renewal/Reminder Email notifications on a per-user basis. You can edit a user’s profile in the WP Dashboard and check „No (exclude)” to prevent specific users from receiving any reminder emails that you configured. Props at @patdumond @luisrock. See also this GitHub issue.

  • (s2Member) PHP v7 Compat.: This release addresses one remaining issue with the preg_replace /e modifier as reported in this GitHub issue. Props @nerdworker for reporting. Thanks!

  • (s2Member/s2Member Pro) WP v4.4 Compat.: This release corrects an issue that impacted sites attempting to run s2Member on a Multisite Network; i.e., it corrects a problem with the load.php patch against the latest release of WordPress. Props @crazycoolcam for reporting! See also this GitHub issue.

  • (s2Member/s2Member Pro) Getting Help: This release adds a new menu page titled, „Getting Help w/ s2Member”. This new section of your Dashboard provides quick & easy access to s2Member KB articles, suggestions, and our tech support department (for pro customers). Props @patdumond @raamdev. See also this GitHub issue.

For older Changelog entries, please see the changelog.md file.