- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 19
The security issue requires the permission to edit categories, so it is even likely that no shop is affected. Only multivendor shops that allow category editing may be affected. This issue was found by Adam Wallwork.
A small feature has been added for the checkboxes of “tos” and similar. It is now possible to use an article id or alias in the "default" field to load a joomla article if custom userfield and layout "tos" is selected. It is also possible to set the text to the "description" field only. Very handy for additional contract terms.
We have replaced our old TcPdf library with the official updated version 6.8.2 of TcPdf. The versioning was taken from the library. So it looks like a high jump, but the library has no new features, but is better secured and adapted for PHP8.
We have opened a new discord server which is in general free for any community member. The forum shows the invite link, if you are at least in the "Jr. Member" group, which is the first after "Beginner". You are welcome to join us there.
DOWNLOAD VirtueMart 4.4.8
NOW with a membership
Enhancements
- Registration fields appear now at the end of the address data fields. This creates are more modern flow for one page checkouts.
- Fixed getInvoiceName to use set layout.
- Order edit, adding selection of tax for shipment/payment
- Added pagination for shipment/payment administration list
- Vendor view, added address fields to skip
Bugfixes
- Function mergeSessionSgrps added cast to array
- Table Media, added fields for convert to ints
- Cart added property cart to prevent dynamic adding
- Replaced shopFunctionsF::getInvoiceName against VirtueMartModelInvoice::getInvoiceName
- vmplugin, added unsetForDebug
- Added some cast to ints storing category xref table
- Guests are only registered if isset($_REQUEST['register'] is true (optin by design)
- Fixed deletion of positions in cart
- vmJsApi fixed popup function so that we can use different containers, but load the same lib
- Search module, removed wrong post data
DOWNLOAD VirtueMart 4.4.6
NOW without membership
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 330
I am sorry guys, the last release was rushed by the security issue and I underestimated that testers were not testing due holidays, silvester and all that. This version now is tested very well. Many hours by different testers went into testing. I added a small tool, which fixes all images which lost the image property for you.
DOWNLOAD VirtueMart 4.4.6
NOW with a membership
Fixed/enhanced/enabled Feature
- Enabled registration on the first page of the BS5 native OPC
- Added small tool, which updates the "is image" property for all media
- Google drive images are working now (just enter the right link with https and set the "is image" checkbox)
- Fixed pagination issues. Pagination should now keep the keyword, or set tags
- Fixed order editing shipment tax
- Added hidden config searchEnabled.
- Fixed problem that people misused the notify list due following
- captcha "repaired" by just replacing the checked option notify_captcha against ask_captcha. This means that the options for the ask a question are used
- by checking if the feature is actually enabled
- by checking if the product is actually out of stock
read more here https://forum.virtuemart.net/index.php?topic=152246.msg543829
For 3rd party developers maybe interesting
- Blocked writing of js if format is pdf, we never want js in our pdfs
- vmjsapi function setPath, the second param is special now and listens on the word "admin" (which cannot be a normal path) to indicate that the script must be loaded from the admin area
Bugfixes
- Fixed problem with "is image" checkbox, which is now prechecked if the media is an image.
- Fixed captcha by removing second param of redirect
- JRoute, second param should be yes (use Xhtml)
- Fixed storing of user address if not in the checkout
- Vmvalidator is now loaded with defer true
- Product model, storing a product should not change the set filter of the list anylonger
- Fixed that sometimes a non published category was used
- Fixed precalculation of variants if an virtual empty option is used
- Router fixes for full category tree and withoiut and menu item and category name mixed mode
- bs5-stockandle layout replaced JFunctions against the vm ones
- Fix in model customfields preventing trim for null
- jQuery 3.7 needs "filter" not "find" (fixes ajax update if there are related products)
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 437
From time to time it happens. We have an XSS issue. Reported by Aman Rai. More Infos later. Version vm4.4.4 has a fix to prevent them.
[Update] After some further investigation together with the Joomla core team, this issue can not be exploited in the latest Joomla versions. If you have Joomla 5.1.4 or later or 4.4.8 or later installed, the issue is already fixed. We did not check against joomla 3.
[Update 2] Sorry guys, a little error found. If you store a product with media, the checkbox "is image" is not preselected. The fix is ready, but this time we want to take more time for testing to prevent such stupid errors (mea culpa).
- Adjustments for Tableupdater to prevent unecessary updating of keys in mysql8
- vmUri extended whitelist, function works now also with given query
- vRequest extended function getVar to work with given source
- install.sql fixed TINYINT(4) against TINYINT(1)
- added the option to add no searchfield
- added setConvertInt also for plugin tables
- added property "isImage" for medias, works BC
- fixed currency if none is set
- fixed adding of new states in the new admin layout
- fixed problem in router
- user registration fix if not in checkout
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 509
Just a note to my last news. The problem goes on, I just tried to install VirtueMart on the last joomla5.3 and it was not even possible to install it. On the other hand, it is funny to read the patch notes. One patch will fix an issue of joomla 5, but for j5.3, we solved it already in this release. The question is, why we have to solve something, which worked since vm2.6? After this release should be more time to work on WP and make some committs.
DOWNLOAD VirtueMart 4.4.2 with the Membership
NOW
Features
- Template vmBasic, Added register and checkout button, removed registration fields from cart view.
- Bundles added option "orderableBrowse" for disabling add to car in listing
- Added option calculateVariantsOnFreshLoad, which directly calculates the price for the selected variant (with php)
- Fixed dragndrop for customs, products, categories, countries
- Added missing states list and states edit layouts to new admin template
- Hiddden config reuseorders, default is set to 0/off now
For developers
- New variable to set origin debug state, vmEcho::$debugSet and vmEcho::$logDebugSet
- VmEcho added check for function_exists('var_dump'), which is used if existing
- VmJsApi function setPath, we add BE and FE override paths only if given, also added the override paths of the current admin template
Fixes
- Fixes for pagination in cowork with RuposTel, correct use of index.php and using categoryId via request over the one set in the menuItem
- Fixed problem with jumping thumbs in product edit related products/categories
- Enhanced table updater to work also with Index and better check which indexes should be modified
- User model, unset register pw in case of fail in log
- Added new pattern using vmEcho::$debugSet
- Fixed old VmConfig::$_debug against VmEcho::$_debug
- Customfields function calculateModificators added check for string before vmJsApi::safe_json_decode
- xml format fixes
- Translated text for "catalogue mode and accessing cart"
- Textinputplugin checks letters only if there are some letters, fixed missing jQuery
- Model customs function getCustoms, removed useless return as $data->items instead just as $data
- Removed outdated dead code
- PayPal Checkout fixed mix of dynamic and static calls
- Use of new VmEcho debugSet pattern and new ppdebug
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 679
The new version 4.4 has few new features, but reflects the evolving development process. Longterm users know that VirtueMart is developed in a rapid prototyping and KaiZen philosophy style. So if we develop a new feature, our testers sometimes have 10 new test versions a day. On the other hand, we try to evolve the code without hard breaks. For example developers can use the same function to get a category tree, but the technic behind that function drastically changed over the years. No stone was left unturned.
A known joomla ecommerce component announced last weeks, that they stop development. Of course some eager developers created a fork, but they will run into the same problems as the prior developers. And these problems are similar to our problems, in that it is not enough to just keep the core development paid and ongoing, we must as a community also keep our 3rd party developers and encourage new ones to join us.
Lets create a VirtueMart for Joomla and Wordpress
Read more: Release of VirtueMart 4.4 and Roadmap, always push beyond