Fixed account connection flow to correctly store Stripe credentials after linking a Marketing 360 account
Fixed payment gateway not appearing on checkout after account is connected
Fixed process_admin_options not firing to persist stripeKey and stripeAccountId after Save Changes
Fixed get_stripe_details, set_account_details, and add_stripe_details_callback to correctly read and write account details
Fixed webhook signature validation — conditional was inverted, allowing forged requests and rejecting legitimate ones; switched to hash_equals() to prevent timing attacks
Fixed timestamp validation in webhook handler returning bare return instead of return false
Fixed testmode property hardcoded to false instead of reading from plugin settings, which caused live charges to always be processed regardless of Test Mode setting
Fixed debug query parameters (?showdetails, ?registerdomain, ?getresults) removed from gateway constructor — ?getresults exposed customer payment token records to unauthenticated requests
Fixed level 3 data overwrite in request_with_level3_data() — $level3_data was immediately reset to an empty array, causing level 3 data to always be skipped
Fixed Apple Pay domain registration — debug echo/print_r/die() block was preventing the function from ever completing and exposing authorization tokens
Restored idempotency key logic in registerApplePaySubdomain()
Restored seven settings validation methods that were commented out (M360 account, client ID, client secret, live publishable key, live secret key, test publishable key, test secret key)
Removed hardcoded live credentials that were present in commented-out code
