- Add highly optimized Dockerfile with Nginx and PHP-FPM 8.4
- Add docker-compose.yml configured with Redis and MariaDB 10.11
- Implement entrypoint.sh and supervisord.conf for background workers
- Refactor legacy IMAP scripts into scheduled Artisan Commands
- Secure app by removing old routes with hardcoded basic auth credentials
- Configure email attachments to use Laravel Storage instead of insecure public/tmp
Change object property access to array access for blog data in add-on template.
The config('app.blogs') returns arrays not objects, causing "Attempt to read
property 'slug' on array" error on /temp-gmail route.
Fixes $blog->slug, $blog->post_image, and $blog->post to use array syntax
in resources/views/livewire/add-on.blade.php:607,614,616
Remove flex items-center from blog post content container that was causing
content elements to display horizontally instead of their natural vertical
flow. This ensures proper text and element stacking within individual
blog posts.
Fixes layout issue in resources/views/livewire/blog.blade.php
- Replace manual subscription queries with dedicated User model scopes
- Use withActiveSubscription() and withoutActiveSubscription() methods
- Improve consistency and maintainability of subscription logic
- Remove Stripe-specific field references for multi-provider support
- Remove single unique constraint on username
- Add composite unique constraint on username, username_type, and provider_type
- Update Filament username form validation with custom unique rule
- Add descriptive validation message for duplicate usernames
- Remove single unique constraint on domain name
- Add composite unique constraint on name, domain_type, and provider_type
- Update Filament domain form validation with custom unique rule
- Add descriptive validation message for duplicate domains
Add sandbox API keys, callback URL configuration, and additional payment options including currency, lifetime, fee settings, underpayment coverage, auto withdrawal, and mixed payment support to
the OxaPay provider seeder.
- Add comprehensive OxaPay payment provider with invoice creation, webhook processing, and subscription status sync
- Implement conditional payload fields (to_currency, callback_url) based on configuration
- Create universal sync command for all non-recurring payment providers
- Add subscription model fields for payment tracking
- Implement proper status mapping between OxaPay and Laravel subscription states
- Add webhook signature validation using HMAC SHA512
- Fix bulk delete and individual delete actions using before() hook with halt()
- Add daily/weekly billing cycle options to plan resource and Polar provider
- Enhance payment confirmation with dynamic polling and loading states
- Add graceful handling for deleted plans in subscription display
- Update Polar provider to support dynamic billing cycles
- Add support for subscription.uncanceled webhook event
- Fix spelling mismatch for subscription.canceled (Polar) vs subscription.cancelled (code)
- Implement proper cancel_at_period_end handling in subscription.canceled events
- Add cancelled_at field updates for subscription.updated events
- Handle Polar's spelling variants (canceled_at vs cancelled_at) consistently
- Remove non-existent pause_reason column from subscription uncanceled handler
- Enhance webhook logging with detailed field update tracking
- Add comprehensive cancellation metadata storage in provider_data
- Gracefully handle null provider_subscription_id in payment confirmation polling
All Polar webhook events now properly sync subscription state including
cancellation timing, reasons, and billing period details.
Add comprehensive webhook validation and processing system with Polar.sh integration:
- Create built-in Standard Webhooks package following official specification
- Implement HMAC-SHA256 signature validation with base64 encoding
- Add webhook factory for multi-provider support (Polar, Stripe, generic)
- Replace custom Polar webhook validation with Standard Webhooks implementation
- Add proper exception handling with custom WebhookVerificationException
- Support sandbox mode bypass for development environments
- Update Polar provider to use database-driven configuration
- Enhance webhook test suite with proper Standard Webhooks format
- Add PaymentProvider model HasFactory trait for testing
- Implement timestamp tolerance checking (±5 minutes) for replay protection
- Support multiple signature versions and proper header validation
This provides a secure, reusable webhook validation system that can be extended
to other payment providers while maintaining full compliance with Standard
Webhooks specification.
BREAKING CHANGE: Polar webhook validation now uses Standard Webhooks format
with headers 'webhook-id', 'webhook-timestamp', 'webhook-signature' instead of
previous Polar-specific headers.
- Add Polar-specific date field mapping in PaymentOrchestrator (current_period_start, current_period_end, cancelled_at, trial_end)
- Handle both cancellation scenarios: cancel_at_period_end=true and existing cancelled_at timestamp
- Map customer_cancellation_reason and customer_cancellation_comment from Polar to database
- Update billing page to show correct renewal vs expiry dates based on cancellation status
- Restrict cancel button to activation_key provider only (Polar uses customer portal)
- Fix button spacing between "Manage in Polar" and "Sync" buttons
- Ensure both "Sync" and "Recheck Status" buttons use identical sync functionality
- Add provider_checkout_id column to separate checkout ID from subscription ID
- Update Polar provider to store checkout ID separately and set subscription ID to null initially
- Implement smart sync logic that queries Polar API when subscription ID is missing
- Add fetchPolarSubscriptionId method to find active subscriptions via customer ID
- Update webhook handlers to use provider_checkout_id for subscription lookup
- Make makeAuthenticatedRequest public to enable Subscription model API access
- Support plan metadata matching for accurate subscription identification
- Add fallback to most recent active subscription when no exact match found
This resolves sync button issues by properly tracking checkout vs subscription IDs
and enables automatic subscription ID recovery when webhooks fail.
- Add comprehensive billing page with current subscription display and transaction history
- Integrate Polar.sh customer portal for subscription management
- Fix Polar API endpoint from /customer-portal to /customer-sessions
- Use Polar's direct customer_portal_url response for seamless redirect
- Add responsive button layout with cursor-pointer styling
- Implement human-readable timestamps using diffForHumans()
- Add subscription sync functionality with 30-minute recheck window
- Include subscription cancellation with modal confirmation
- Support activation key provider with pending activation display
- Add proper error handling and user feedback messages
- Create PaymentCancelController with authentication and subscription detection
- Design responsive cancellation view with red/orange gradient theme
- Add session token logging and recent subscription lookup functionality
- Update payment cancel route to use new controller with auth middleware
- Include security assurances and proper navigation to checkout/dashboard
- Remove broken route references and ensure all buttons link to valid pages
- Add sanitizePolarErrorMessage() method to convert API errors to user-friendly messages
- Improve error logging with structured data instead of raw response bodies
- Add validation error handling with field-specific messages
- Remove sensitive information (emails, domains, UUIDs) from error messages
- Update checkout, subscription, customer, and product error handling
- Add status code-based error mapping for better user experience
- Add PaymentSuccessController with authentication and subscription selection logic
- Create PaymentConfirmation Livewire component with polling mechanism
- Implement real-time subscription status verification via Polar provider API
- Add confetti animation for successful payment confirmation
- Design responsive payment success page with dark mode support
- Fix Polar provider field mapping (updated_at -> modified_at)
- Add comprehensive error handling and logging
- Support multiple subscription status states (verifying, activated, pending, error)
- Implement automatic polling with 30-second intervals (max 5 attempts)
- Add fallback redirects and user-friendly status messages
- Build PolarProvider from scratch with proper HTTP API integration
- Add encrypted configuration loading from payment_providers table via model
- Implement sandbox/live environment switching with proper credential handling
- Fix product creation API structure for Polar.sh requirements
- Add comprehensive error handling and logging throughout checkout flow
- Fix PaymentController checkout URL handling to support Polar's checkout_url response
- Add debug logging for troubleshooting checkout session creation
- Support both regular and trial checkout flows for Polar payments
- Add PaymentProviderSeeder with initial provider data (Stripe, Lemon Squeezy, Polar, OxaPay, Crypto, Activation Key)
- Create migration to disable JSON constraints and change configuration column from JSON to TEXT
- Update PaymentProvider model cast from 'array' to 'encrypted:array' for secure configuration storage
- Replace hardcoded provider-specific buttons with dynamic database-driven approach
- Update getPlanProviders() to include display_name from payment_providers table
- Simplify plan-card.blade.php with single if/else logic for all providers
- Move trial button outside loop and comment for future implementation
- Use "Pay with {display_name}" pattern for consistent button text
- Maintain special handling for activation_key provider with disabled state
- Replace getAllowedProviders() method with direct database query
- Add filtering for enabled plan providers and active payment providers
- Include sort ordering for consistent provider display
- Improve performance by using direct database access instead of model method
Dynamic Provider Integration:
- Replace hardcoded provider arrays with database-driven payment_providers lookup
- Display provider status (Active/Inactive) in selection dropdowns
- Add provider_variant_id and provider_product_id input fields to plan configuration
- Update EditPlan and SubscriptionForm with dynamic provider selection
- Add empty state handling with helpful guidance when no providers exist
UI/UX Improvements:
- Format billing_cycle_days to readable text (Daily, Weekly, Monthly, Quarterly, Annually)
- Add color-coded badges for billing cycle frequency
- Fix plan_providers and plan_feature_limits count display with eager loading
- Implement intelligent color coding for count indicators
- Add visual status indicators for provider availability
Database Compatibility:
- Fix SQLite strftime() compatibility across all dashboard widgets
- Fix CAST AS REAL syntax in ChurnAnalysis widget
- Add database-agnostic date and cast expression methods
- Support MySQL, SQLite, PostgreSQL, and SQL Server
Bug Fixes:
- Fix null reference error in SubscriptionForm provider_data access
- Add null safety checks for new subscription creation
- Optimize queries with withCount() to prevent N+1 issues
Performance Optimizations:
- Add eager loading with withCount() for relationship counts
- Optimize plan provider and feature limit queries
- Prevent N+1 query issues in resource tables
BREAKING CHANGE: Plan provider configuration now uses dynamic provider options
from payment_providers table instead of hardcoded list.
Replace SQLite-specific functions with database-agnostic expressions to support
MySQL, SQLite, PostgreSQL, and SQL Server across all Filament dashboard widgets.
- Fix strftime() date formatting in SubscriptionMetrics, RevenueMetrics, and TrialPerformance
- Fix CAST AS REAL syntax in ChurnAnalysis widget
- Add getDateFormatExpression() method for date function compatibility
- Add getCastExpression() method for CAST syntax compatibility
- Support MySQL/MariaDB, SQLite, PostgreSQL, and SQL Server drivers
- Maintain identical functionality across all database types
Fixes multiple SQLSTATE[42000] syntax errors when using MySQL/MariaDB databases.
- Add dynamic seeder discovery from database/seeders directory
- Create interactive checkbox interface for Unix systems with arrow key navigation
- Implement Windows-compatible fallback mode with number-based selection
- Add cross-platform terminal detection and appropriate interface handling
- Include descriptive information and default selection for each seeder
- Support bulk operations (select all/none) and individual toggling
