As the title says, I'll soon release a version that has (a kind of) stable status. For it seems that I have to do security testing on my own, I've done it and have do admit, that the default permissions for admin/storeadmin modules also included "demo". Since we're all "demo" users without registering, this is a kind of security issue. So I apply to all users of mambo phpshop to remove "demo" from the phpShop modules
- tax,
- store,
- product,
- shopper,
- order,
- isshipping
{mosimage}
Read something from the ChangeLog:
- done some table optimizations
- better "cancel" navigation in admin -> not javascript document.history(-1), but
leads forward to the list, offset, keyword where you came from
- errors are given out as mambo messages. The most important variables are
stored in $_SESSION and are restored in case of an error, so navigation and display
isn't disturbed
- FIXED THE DAMN "empty cart" bug, we get $cart, $auth, $ps_vendor_id by $_SESSION now
must have had something to do with Server configuration
- switched searches from POST to GET mode for easier navigation
- fixed offset validation (patch for phpShop 0.7.0 patch) in MODULE and COMPONENT
- fixed an error in REQUEST array validation in phpshop.php (component)
- if a user is registering himself to Mambo/phpshop on the checkout.index.php
he's autmatically logged in after successful registration
- login redirect from checkout.index.php doesn't lead the shopper
to the frontpage anymore. A user logs in and stays in checkout
- added "Add to Cart" button to the browse page
- products which are assigned to two different categories
won't show up twice in search result list
- Payment discount support was corrected so you can use
posivitve and negative values - they are now displayed correctly
on all order related pages
- fixed the link to admin.function_form.php in header.php
- Payment options: if you have no Credit card payment methods or no "other payment methods"
then there will be no longer "Credit Card: (empty)" or "Other Payment Methods (empty)"
- phpshop account management updates the user's email address in mos_users now
- vendor list shows only vendors with id>1 (id 1 == you!), so you don't won't have the idea to
delete yourself...
- new module: Vendor (shows a drop-down-list and a link list of all vendors -> links lead
to shop.browse.php and display all products of the specific vendor)