frybread
Member
As I explained above, it would mean people input payment system configuration and it would be visible to admin.
For me that's not acceptable.
Let's say the admin gets someone's Stripe API secret key. What's the worst thing they can do?