Release of 3.0.18 - Connecting the loose ends

Posted in Latest News

This new VirtueMart 3 Version is completing the vm3.0 series. There won't be any new vm3.0.x updates other than if we have a security issue. Some of our developers are still developing on Joomla 2.5 to ensure the backward compatibility. But from now on, any new version will be developed on the most recent Joomla or WordPress releases. We won't break the compatibility by purpose, but we just cannot test any longer for older versions.

We have got VirtueMart running on WordPress already in our laboratory. WordPress opens a new market for shops which do not need a complex CMS setup. The last big task is at the moment only the router, which must be adjusted to the WordPress links. The ACL is at the moment only roughly translated, but it will be possible to make it more fine grained later, so that we can simulate 80% of the Joomla rights within Wordpress. Transforming VirtueMart to a cms-less system forces us to use an own user table. So in future we will have real Virtuemart users, not being based on the old Joomla table. The basic trick is that we still use a light version of the Joomla libraries, so extension developers can easily write extensions compatible to Joomla and WordPress. We hope that we can extend this technique to integrate VM into more CMS systems like Drupal. We plan to publish a beta before Christmas.

Since it is the last of its series, we added some of the membership features to the main version. So product variants work now also in the category browse view. Changing the ordering within a dropdown of a multivariant was quite painful. But we added a drag and drop for the children list, so it is very easy to adjust.

Here an incomplete list of the new features

New Features for shopowners

  • Customfields of type S (String) and P (Property) can be used to automatically create a dropdown for search (like tags)
  • Added ajax for child variants in category browse view - MV (MultiVariant) and GC (GenericVariant)
  • Category view now has the same options for displaying additional VM content as were available in the virtuemart view (which is now deprecated)
  • Update of com_tcpdf to tcpdf version 6.2.12
  • Added drag and drop sorting of MultiVariants in product edit
  • Already loaded grouped products are not displayed twice on the same browse view
  • Product is now virtually added to the cart before the conditions are tested. So it works now also for weights and other conditions (not just price)
  • User dependent currency for invoice, mail, and order view
  • Currency can now use the "space character" in the display format
  • Payment and shipment methods can now be edited in different currencies
  • Changed addProductToRecent so that it always stores 10 product ids; can be adjust by hidden config max_recent_products
  • Added a template vmbeez3 derived from beez3
  • New VirtueMart/Joomla! 3 full installer
  • Paypal accepts multiple currencies
  • Amazon works now with the cart ajax and updated library
  • Avatax taxfreightcode added

New Features for developer and templater

  • shopfunctions::getLoginForm works now with a sublayout login, so it can be used in other views
  • Added trigger plgVmOnCheckoutCheckStock
  • Removed id tag from dropdowns to ensure that chosen can always generate a unique id
  • Quite a lot of JS enhancements, more robust and faster
  • Added function sendCurrForm, which simply fires the form if an input has the right class.
  • Plugins can now define in the constructor which values should be handled as convertables

Important for shops with overrides

The new js for using ajax for reloading product content uses now always the same class. The class is "product-container". Just search for the div with "productdetails-view productdetails" and add "product-container". In case you want the ajax reload within a product modul, you need to adjust the overrides here also. Furthermore the layout login of the user view is now in the sublayout folder. Members who used the ajax for child variants within the browse view should change the layout back to default.

For a full list of all changes or more information how to adjust your overrides, please read here in our forum 

VirtueMart Releases VM3.0.14 and Announces a New Collaboration with 2Checkout to Provide Seamless International Payments for Online Retailers

Posted in Latest News

We are excited to announce the release of two different versions. The 3.0.14 is the direct succesor and is without VirtueMart Frame VMF. The new 3.1.0 is with new VirtueMart Frame VMF. Both versions include the addition of several notable new features.

VirtueMart is pleased to announce a new partnership with global payments provider, 2Checkout. 2Checkout enables merchants from nearly anywhere in the world to accept payments easily. Its checkout experience is optimized for mobile and other devices, and it provides top-tier security and fraud prevention, as well as dedicated customer support.

Tens of thousands of merchants already trust 2Checkout to help them maximize online sales conversions by providing global payments with a localized buying experience. Now VirtueMart’s merchants can enjoy the same service in just minutes. Once merchants download the new VirtueMart 3 extension, they can select 2Checkout as their payment provider and follow a few easy steps to set up a fully-integrated solution. For more information, please visit

VirtueMart helps online businesses around the world sell every day. Together with 2Checkout, we can now make this process even easier. Merchants can securely adapt to local languages, currencies and payment methods with just one, simple integration.


2Checkout is a global payment provider that makes it easy to accept payments from anyone, anywhere. Trusted by tens of thousands of merchants in 211 markets around the world, 2Checkout offers easy signup and implementation, with top-notch customer support. Businesses and organizations can accept payments using 8 payment methods and in 26 currencies, and settle in 25 home currencies. 2Checkout offers both hosted checkout forms and APIs, and integrates with more than 100 shopping carts. For more information, please visit


Vm3.0.14 is a clean update for any older vm version. We fixed some bugs and added some new features paid by the membership system

  • Change order status of multiple selected orders in the order list using one simple click
  • Create links without Category Name and/or without product suffix
  • product parent id editing field in product edit, so products can be attached to patterns
  • Product multivariants can use a radiolist instead of dropdowns
  • PHP7 compatibilty

This is a very mature release. The maintrunk is already working with the new VMF system which should help to write a bridge for Wordpress. The vm3.1 version is for developers and eager early adopters. For the moment it is the goal, that the whole core works with the new abstraction layer, to concentrate and bundle the bridgeable code.

You should always take a backup of your database. The tableupdater has been strongly enhanced and should handle tables with broken or missing primary fields (fields with auto_increment) a lot better. Note that whilst this has been tested on numerous deployments of VM it is still relatively new.

Changes from vm3.0.12 - vm3.0.14:
- 2checkout added, fixed, and tested
- order filter keeps state
- printing of order within order edit
- added VmConfig::get( 'vm_num_ratings_show', 3 ) to getReviews function
- checkFixJoomlaBEMenuEntries enhanced and moved to core update script (was before in the AIO)
- small fixes for amazon
- fix for media json for the media handler and language
- added limitbox to top for product and category list for joomla3 compatibility
- unique ids for html field vmcategories dropdown
- fix for multiple useage of categoryListTree
- product parent id editing field in product edit, so products can be attached to patterns
- heidelpay update
- Paypal IPN in case payment type='cart' and payment_currency=order_currency
- Updated router, works now without product suffix
- Important code adjustment for avatax
- added ssl support for add to cart popup
- cache for language loading to prevent loading it twice.
- fixed mod_virtuemart_product, added divs for price js and added vmJsApi::writeJS() for cached modules content (cant be cached).
- php7 adjusted html.php,
- product filter in administrator view keeps entered values
- enhanced function getMyOrderDetails, also registered users can now visit a guest order, if they enter correct order pw
- fixed language loading of invoices
- enhanced table updater, better handling of auto_increment fields
- fixed small error in product listing shows media 0 if no media is attached.
- MultiVariant as radio selection
- new layout for category module
- cleaned css
- security and rights managment, (mainly already done for vm3.0.12)
- fixes for tos.php, to set it unrequired
- create Product Clone sets the clone unpublished and product_ordered, product_sales to 0
- Router has new option, to create links without CategoryName
- absolute urls for canonical
- alternative layotus for FE modules
- js validator also for shipment addresses
- Enhanced js validation of country/state combo
- max_cats_per_product
- added hidden config product.published, which determines if a new product is already published. (by default not published)
- browse page shows generic child variants
- Added perms for order editing to the model
- better and robust code for vmvalidator js
- Fix for vmuploader.php, when exif_imagetype is not supported
- added bulk set order status in order admin list
- captcha only for guests
- Added that the top category uses the set metadata
- added loading of product images for invoice
- orderDetails are now accessible in order_done.php
- enhanced tableupdater, also correcting missing Primary Keys

For the brave ones, a preview on vm3.1 (direktdownload):

Critical Security Leak in all Joomla Versions, please update immediatly

Posted in Latest News

The Joomla! team released today a new version with some security hardenings and fixing a critical security leak in all joomla versions.

The critical security leak was already used in the wild. This means it is not a leak, which was disovered by an audit, it is security issue which is already exploited. blogged about

Protect Your Site Now

If you are a Joomla user, check your logs right away. Look for requests from or as they were the first IP addresses to start the exploitation. I also recommend searching your logs for “JDatabaseDriverMysqli” or “O:” in the User Agent as it has been used in the exploits. If you find them, consider your Joomla site compromised and move to the remediation / incident response phase.

For securing your joomla 1.5/2.5 pages, just follow this link It is basically replacing one file.

We post this news, because some of our core members discovered this IPs in his logs. Not a VirtueMart page, but as far as we know it wouldnt make a difference.

Point of Sale for VirtueMart

Posted in Latest News

pos for webshops - connect your virtuemart with your brick&mortar store

We are proud to offer the direct link between online and offline sales with VirtueMart & POS for Webshops.

Now there is a complete Point of Sale (POS) available for VirtueMart. When you have a physical store and a VirtueMart webshop you can sell goods with your Point of Sale without giving your sales staff access to the VirtueMart backend. All products / orders / calculation rules / customers will be synchronized into the POS.

The sales staff can check the VirtueMart weborders from the POS and take the goods from the store with the OrderPicker. After an order is picked it will change the order status in Virtuemart automatically into a pre-defined status like “Ready for Shipment”. When new goods arrive from the supplier you can add those to the (VirtueMart) stock just by scanning the product barcode in the Stockmanager.

Some of the Key Features

  • Direct sync with VirtueMart
  • Easy interface
  • Different logins
  • Use VM calculation rules and Shopper Groups
  • Add customer to an order
  • Use barcodes to add products to an order.
  • Customize the sync options with the Payment methods in the POS.
  • You can print receipts as well as invoices.
  • Orderpicker and Stockmanger included.
  • And much more…

Security Release VirtueMart 3.0.12, plus new goal, new docs

Posted in Latest News

More Security

The company found a new issue, a possible XSS. It misuses the array keys in the URL. Most servers prevent such an URL by default, but nevertheless we've added another protection. We also found and fixed some smaller bugs and glitches in advanced functions and last but not least we added missing backward compatibility for some cases. This release follows 3 release candidates with more than 2000 downloads altogether.

New Goal

Sticking to the Joomla API has emerged as an unlucky decision for us. The future plan is to write more for our own framework VMF, which will give us the freedom to also use other systems than Joomla. The idea is to write a small framework, so that extensions written for VirtueMart should also work on different platforms than Joomla. In other words, instead of developing a standalone VirtueMart, we will try to write an easily bridgeable VirtueMart. We already saw a VirtueMart running on Drupal, so it can't be too hard. But first we want to look into Wordpress. Of course we will need test users and suggestions from developers who are familiar with Wordpress and VirtueMart. So please join our forum if you have some experience with these. We also think about using the Joomla platform by the team of Johan Janssens for our next full installer.

New Docs

Due to our membership system we did find some time to update our manual. We added a lot of pages, which explain general VirtueMart concepts at - It's worthwhile to read them. Even VirtueMart veterans already found some new tricks in it!

Some New Features/Fixes:

  • different thumbnail sizes are possible now (actually a fix, but no one knew it anyway, for templates please read here
  • cart should keep address data of the user, if an error happens like "email already taken"
  • use captcha only for guests
  • Added "None" option for some order status lists.
  • media handling per vendor
  • vmUploader checks uploaded files by MIME and may cancell the upload, controlled by ACL
  • vRequest is now also filtering the array keys (recursive)
  • enhanced synchronise Media (no 10k limit anylonger)
  • moved creation of virtuemart_userinfos and virtuemart_order_userinfos to install_essential_data.sql to prevent that changed fields are reverted updating vm
  • added hidden config updEngine to prevent changing of the table engine
  • added main controller missing for joomla3 to the AIO

The full bug fix list is available here this time:

We also updated VirtueMart 2.6. The new version got the security fixes, enhanced payment plugins and uses now mainly the vm3 table layout. It increases noticeable the performance


Please read here

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.