Prevent payment popup caching by default via PHP headers

[erommel]

Since there are some issues reported that are related to "Invalid security token" error, it would be a good idea to send no cache headers during payment popup page display.

Another option is to load popup-related data via ajax request on page load, but this would definitely and noticeably slow payment popup display. This could be implemented as experimental option setting for the situations when no cache headers are not working. I've created a new issue for this #179

[erommel]

This would only help if payment popup is cached by browser, but won't help if it is cached on server and visitors get cached version from server itself.