- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 37
Just some minor fixes. All this fixes are already ported to VirtueMart 5.But check your coupons, some shops had problems with the last token integration, this new version should fix this. All other enhancements are safe.
Interesting for shopadmins
- Fixed couponhandling. Moved the token check before the function setCouponCode
- added jpeg to multiple image uploads
- product model, small fix for correct search of products in a subcategory of a selected category
- added a hidden config for product slug handler. Can be set to "changed", which changes the slug if productname got changed, or "always"
- Enhanced 404 handling, parts of the router used a fallback, which was wrong
- Userfields in cart add captcha only, if it is allowed to register without product in cart
- PayPal checkout, order approved should not sent an email anylonger
- PayPal checkout configuration, removed invalid order stati in order dropdowns
Interesting for developers
- plgVmInitialise was just for the FE, added trigger plgVmInitialiseBE for the BE
- calculatorH enhanced the old rules cache. New calculator is now created without using delivery country or state. The new cache handles per vendorid, delivery country and states. All in a new static function loadAllRulesCached
- manufacturer model added triggers plgVmBeforeStoreManufacturer and plgVmAfterStoreManufacturer
- user cache works now for id 0 too
- vmtable self::$loadedX => $this->_loadedX
- Field vmorderstate added option to exclude stati
- added to vmTables the possibility to add a where (and not using the primary key)
DOWNLOAD VirtueMart 4.6.6
NOW (needs Membership)
Just Fixes
- Category model, fixed missing parents in case loaded by cache, but loaded by router without parents
- Little fiix by stAn of RuposTel for authorizenet plugin.
- Small fix in custom view to prevent error if there is no custom
- Some minors, removed setRouterVars after loadConfig in the module
- little fix for the getChildCategoryListObject to prevent str_replace with null
- catched 500: count(): Argument #1 ($value) must be of type Countable in reviews, if no review given
- cart helper, function add fixed the quantity array if it does not fit the given product id array
Optimisations
- changed currencydisplay to reuse already loaded vendor currency
- currency model, found uncached query and replaced against default getVendor function (likely cached or reused)
- shoppergroup model, the function getShoppergroup and getDefault share their result in the cache now, which spares 2 sql calls
- cart helper, $this->setCartIntoSession, removed the second param true, because actually we need it only one time at begin to prevent that a checkout is fired more than one time (spares 4-6 sql calles)
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 225
We underestimated the problems with the missing tokens, despite the given manual Fix Missing Token in Checkout VirtueMart 4.6.x.
So first I added a Plugin, which sets the missing token per trigger as default html. But most people did not see it, so the team asked to add a fix directly in the core. Later I let a community user test the new option. The user asked an AI where to find that option and the AI was surprisingly perfectly updated by the committs of the svn, but then failed with the right version numbers. Freaky at meta level correct, but wrong on the facts. Just as an interesting sidenote. And it used the expression. "Auto token system". Sounds great. So lets use "the new VirtueMart auto token system" ;-)
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 421
Another important security and bugfix release 4.6.0
An XSS found again by Adam Wallwork. This time I did general update of our filters, many functions got enhanced. Some filters are now always active, we do not leave it to the developers. This version is NOT working on Joomla 6, we will release a new VirtueMart 5 too match all the changes.
For Updaters
If you get the error in the cart "Invalid token". Please read this tutorial https://docs.virtuemart.net/tutorials/templating-layouts/fix-missing-token-in-checkout-virtuemart-4-6-x
What else happened?
We heavily work on a namespaced VirtueMart version, which runs without legacy plugin on Joomla 3 up to Joomla 6.
Read more: We put on the helmet! Important Security release 4.6.0
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 1267
Whats going on here? 3rd security release within 6 months? Yes that is unusual, but better the leaks are found and closed than wrong safety feeling. In this special case we provide also the fix for old installations. It should work for any installation higher than vm3.6
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 1202
The security issue requires the permission to edit categories, so it is even likely that no shop is affected. Only multivendor shops that allow category editing may be affected. This issue was found by Adam Wallwork.
A small feature has been added for the checkboxes of “tos” and similar. It is now possible to use an article id or alias in the "default" field to load a joomla article if custom userfield and layout "tos" is selected. It is also possible to set the text to the "description" field only. Very handy for additional contract terms.
We have replaced our old TcPdf library with the official updated version 6.8.2 of TcPdf. The versioning was taken from the library. So it looks like a high jump, but the library has no new features, but is better secured and adapted for PHP8.
We have opened a new discord server which is in general free for any community member. The forum shows the invite link, if you are at least in the "Jr. Member" group, which is the first after "Beginner". You are welcome to join us there.
DOWNLOAD VirtueMart 4.4.8
NOW needs membership
Read more: Security and Bugfix release 4.4.8 - Discord Server
