diff --git a/modules/billing/admin_config.php b/modules/billing/admin_config.php
index d143a368..a7683526 100644
--- a/modules/billing/admin_config.php
+++ b/modules/billing/admin_config.php
@@ -634,8 +634,7 @@ rsort($bakFiles); // newest first
   $diag_lv_wh_set    = ($cfgVals['paypal_live_webhook_id']       ?? '') !== '';
   $diag_wh_path      = '/' . ltrim((string)($cfgVals['paypal_webhook_path'] ?? '/paypal/webhook.php'), '/');
   $diag_wh_full_url  = $computedWebhookUrl;
-  // Correct disk path: billing module root + separator + webhook path (no leading slash)
-  $diag_wh_file      = rtrim(__DIR__, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . ltrim($diag_wh_path, '/\\');
+  $diag_wh_file      = rtrim(__DIR__, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . ltrim($diag_wh_path, '/');
   $diag_wh_exists    = file_exists($diag_wh_file);
 
   // Active mode credential check
diff --git a/modules/billing/api/capture_order.php b/modules/billing/api/capture_order.php
index b93d30b5..588bfca6 100644
--- a/modules/billing/api/capture_order.php
+++ b/modules/billing/api/capture_order.php
@@ -132,6 +132,11 @@ cap_log('CAPTURE_RESULT', ['success' => $capture['success'], 'txid' => $capture[
 
 if (!$capture['success']) {
     cap_log('CAPTURE_FAILED', $capture);
+    // Sanitize raw capture data before logging — never store secrets
+    $captureForLog = $capture;
+    foreach (['client_secret', 'access_token', 'refresh_token'] as $_sk) {
+        unset($captureForLog[$_sk]);
+    }
     $repo->logPaypalError([
         'context'         => 'capture_order',
         'error_code'      => $capture['error'] ?? 'capture_failed',
@@ -139,7 +144,7 @@ if (!$capture['success']) {
         'paypal_debug_id' => $capture['debug_id'] ?? null,
         'order_id'        => $paypalOrderId,
         'user_id'         => $userId,
-        'raw_json'        => $capture,
+        'raw_json'        => $captureForLog,
     ]);
     ob_clean();
     echo json_encode([
diff --git a/modules/billing/classes/BillingRepository.php b/modules/billing/classes/BillingRepository.php
index 98f29862..de859970 100644
--- a/modules/billing/classes/BillingRepository.php
+++ b/modules/billing/classes/BillingRepository.php
@@ -340,7 +340,7 @@ class BillingRepository
             $rawJson = substr($rawJson, 0, 65536) . '…[truncated]';
         }
         $stmt->bind_param(
-            'sssssssss',
+            'ssssssiis',
             $context, $errorCode, $message, $debugId, $orderId, $captureId,
             $billingOrderId, $userId, $rawJson
         );