- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 16549
Implemented new restriction parameters provided by the VirtueMart core to our native payment plugins PayPal, Amazon Pay, Sofort, Authorize.net, eWay, heidelPay, Klarna, Skrill, 2checkout and Realex The latter also received a general update and has been renamed to 'globalpayments' because it was acquired by Global Payments Inc. some time ago.. There is a slight change in the handling of pending orders. The new procedure is described here: https://docs.virtuemart.net/manual/general-concepts/215-checkout-process.html
New Features
- Added disabling of inherited related products and related categories
- Customfields for shoppergroups
- External media: Create thumbnails on the fly directly from remote server. Added extra permission for uploading remote media
enhanced or changed behaviour
- Removed automatically selected ‘replace’ when selecting a media for upload
- Removed keeping of customfield search filters when switching categories
- Reconsidered the function deleteOldPendingOrder. The sql now always considers the time. New behaviour described here:
https://docs.virtuemart.net/manual/general-concepts/215-checkout-process.html - Added message of missing/not writeable folder to the checkPath function
- The customer_notified function now works only for the emails of the customer, the vendor email is always sent according to the orderstatus
Bugs
- Fixed missing array key in getPayment
- Fixed missing renderShipmentDropdown in shipment view
- Taxes per bill were accidently not added to the shipment tax calculation
- fixed overwrite prices in Paypal Express. Invalid token set the cart paymentmethod always to 0, even when paypal was not selected
- Fixed creation of extra plugin tables of plugins textinput and specification
- The vmplugin onStoreInstallPluginTable had replaced a $name against $this->name
- Fixed breadcrumb for menu item pointing to productdetails. When menu item name and productname is the same, the productname is not written twice.
- Added missing getDbo in state model (thx GJC)
- Invoice view: Fixed foreach loop for the shipment address
- Fixed a new (old) bug in order editing for the case discount before VAT
Completed
- Added missing language
- Updated vmprices.js so that it works also for quantity buttons in the cart (thank you Abhhishek)
- Added country Montenegro
- Safepath config model, added JPath clean before storing of the Path, added more check cases for wrong paths
- Prices replaced init and step against data-init and data-step (the JS has a fallback)
- Customer_notified works now only for the emails of the customer, the vendor email is always sent according to the orderstatus
Of Interest for developers
- Important fix in cart helper function checkAutomaticSelectedPlug, the automaticSelected.type variable is now only set to true, if there is only one method.
- Plugins using the core restriction remove automatically the xml vars with the same name. So we can easily write backward compatible payment/shipment plugins. Please read here http://docs.virtuemart.net/tutorials/development/240-important-adjustments-for-virtuemart-3-6.html
- In the vmdefines function defines, changed default from site to 0, if 0 is used the appId is taken from joomla
- Added resetting of categoryRecursed in router and category model before calling getCategoryRecurse removed unsed code
- For the weight_countries shipment plugin, address type just by STsameAsBT only
- For function getVendorCurrency added a fallback for empty vendorId and a vmTrace to find the problem http://forum.virtuemart.net/index.php?topic=141856.msg506893#msg506893
- Added function getSafePathFor, which gives and if applicable creates a path for a certain topic. Old function checkSafePath now creates automatically the invoice path
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 28078
More than 10000 commits later
With this version VirtueMart has exceeded the 10 000 code commits mark and approximately 150 commits have been integrated into VirtueMart since we released the last stable version of VirtueMart 3.4.x a while ago. In the meantime we have released some development and release candidate versions. Among the many improvements and small bug fixes, here are some of the more noteworthy changes:
For Shop Owners
Enhancing the edit order feature was a very hard nut to crack and took much longer than expected. We did implement additional attributes like the "is Paid", which allows shop owners to see confirmed but unpaid orders, which is especially of interest for purchases on account and also for paid but refunded orders. There are also some features that will be rarely visible, e.g. an unpaid order for the order status "Refund" shows the message "not recommended" because unpaid and not yet delivered orders should simply be cancelled.
The old function for displaying missing medias in the VirtueMart 'Media List', was just a filter over the loaded list. Previously it was only possible to search within the first 400 medias for missing ones. The problem here obviously was that the job can't be done just by an sql query. It must check the state of a media in the filesystem. So it was ‘impossible’ to list them on pages following the first one. The new function runs the query up to 1000 times, but stops when the first page is filled. Lets assume, the pagination is set to 30 and there are 500 missing medias within the first 30 000 medias, then it just displays the first 30. On the other hand, if the pagination is set to 400 and you have 399 missing media out of 400 000, you would see those missing 399 missing media.
iStraxx donated a simplified version of their ‘Download Plugin’. It allows to download a file once. It is of course working with indirect links, which means the user gets a link pointing to the plugin and the plugin decides if the user gets a file.
For Developers
Since we pay a lot of attention to the desires of plugin developers, shipment/payment methods can now use new restriction parameters provided by the core, which are very simple to implement. See our tutorial link for more details: https://docs.virtuemart.net/tutorials/development/236-update-payment-shipment-plugin-using-new-core-restrictions.html
There is a major change in vmAccess. The new system checks for rights without checking a task only for admin/manager. When a task is given, it checks only for the task. The old system always checked against admin/manager plus given tasks.
There are some new permissions and some have been removed. In the case of backend user input, the "vm.raw" and "vm.html" permission filters have been removed. We now use the Joomla validator for input.
Spyros Petrakis added a nice feature: The category module can now be displayed using the menu seperator of joomla. Just use the desired menu and id as a class, for example mod_virtuemart_category-id.
Future development
There are many ideas in the roadmap for VirtueMart. Currently we are working on a new frontend template with the very famous template developer "Virtueplanet" and a lot more is evolving in the background. At present we also need helping hands for the new backend template. Join our team! Becoming a team member is simple. Just demonstrate in our forum that you know what you are talking about and write a request here http://forum.virtuemart.net/index.php?board=139.0
Another idea is to make VirtueMart available for Wordpress users. We also need helping hands here. The idea is to use the Joomla libraries as much as possible, which is why we will also work on Joomla 4.
Further ideas for the VirtueMart core are: Enhanced calculator, enhanced multichilds, enhanced display (more radios with images instead of dropdowns), adapting the joomla customfield system and so forth....
Other changes
Shopowner:
- new hidden config "hideEmptyCustomfields" hides empty customfields
- search customfields, removed options of empty customfields
- new switch "newBackendTemplate". Just add to the virtuemart.cfg newBackendTemplate=1 to try the new backend template. Currently only the configuration view is updated.
- translateable calculation rule names
- vendor mail if order status changed has adjustable text per order status now COM_VIRTUEMART_MAIL_VENDOR_CONTENT_
- removed storing of cart to table for normal cart calls
- enhanced snippets.php for Searchengines
- enhanced coupon listing,
- added published to coupons
- delivery address get automatically named with the zip and a random number
- buttons for the add-to-cart popup
- removed the second button group on top to avoid problems with captchas.
- validateUserData, validation of the country/state works now also when the state is unpublished
- fixed custom model, in case of wrong extension_id, updating now to the correct extension_id
- attachment for emails: Very important fix, views are instances and so attached medias must be set to an empty array to prevent sending wrong attachments
Major updates for the cart
- loading an old cart does not override already entered values
- defaults are now correctly loaded not only into the fields but also into the cart address arrays
- automatic selected ship/payment works now loading all available methods. Before it was only working if there was only one method left.
- Fixed Paypal Smartbuttons
- product added popup (padded.php) displays now actually added product amount (set in the cart helper)
- product model, loading price should now consider the time offset correctly
- removed dragndrop ordering for products, if there is more than one page (the js is not prepared for)
- removed print view popup of invoices. It produced a different print, than by pdf.
Developer
- new loading of Plugins to ensure correct execution sequence. In case of site, they are loaded directly in loadConfig. replaced JPluginHelper::importPlugin against VmConfig::importVMPlugins
- Important fix for 404 handling to prevent loop when an unpublished category is browsed
- fixed 404 in case controller was not found
- moved the classes vmAccess, vmUri in extra files
- moved Reporting/echo function in an own file
- product model enhanced sql for omitted products
- fixed json view for customplugins in edit customs, dropdowns were not correctly loaded and got stored with wrong default values
- which lead to wrong default order status for some 3rd party plugins, therefor also a fix for the field orderstatus to load comma seperated default values correctly
- new function getStrByAcl to get Strings from the Request by ACL
- moved the price display of plugins in an own sublayout.
- added new permission vm.user.editvendor, IMPORTANT the permission vm.user.editshop should be set for the shop owner respectivly the super admin only!
- enhanced setStoreOwner function, which considers the multivendor configuration of the shop now
- changed the initialising of the cart so, that it always loads the userfields with the default values first. Function prepareAddressFieldsInCart is now deprecated
- extra checks in the table vmusers for user/vendor relation
- replaced a continue in a switch against break for php7.3 compatibility
- disabled loading of the jQuery framework from joomla completly if jQuery is disabled in the vm config (by Abhishek)
- disabled loading of popup fancybox/facebox if jQuery is disabled (by Abhishek)
- final update for TcPdf,
a) updated paths,
b) added an hint why there are no images and removed breaking rendering for missing images
c) VmPdf got more error messages and should load the defines by itself, class VmVendorPDF is not anylonger wrapped in if(class_exists('TCPDF')){ - replaced the file_get_contents against the modern JHttpFactory::getHttp
- product details, fixed canonical URL of the parent product
- address fields in the cart can now be initialized filled only with default values but without rendered html and js scripts
- added variable to the cart, which keeps the values set by defaults to determine if a value is set by the user or the system
- addJScript uses now the defer and async correctly again.
- Important fix, related to svn 10005 and forum post http://forum.virtuemart.net/index.php?topic=141797.0- Important fix, related to svn 10005 and forum post http://forum.virtuemart.net/index.php?topic=141797.0This time, a missing customfield is directly added as array to the variantmods array
For Templaters
- Invoice view, the address fields are now directly accessible, for example with echo $this->userfields['BT']['email']
Performance optimisations
- userfield model country field, replaced direct sql by VmTableCountry (getTable,...)
- payment/shipment methods, added cache and own function for getting shoppergroups. This prevents one call per plugin n the cart.
- VmPlugin, added important cache for function selectedThisByMethodId
- getPluginMethods is cached
- router is now using the same parameters as used for product browsing, which saves again a lot sql (products are not extra loaded for router!).
- product model added cached function getCurrentUserShopperGrps, function getProduct finds the CurrentUserShopperGrps itself before it needed to be called before the getProduct function. Same function used in getProductSingle and getProducts!
- enhanced the checkIfCached function, so the router can most time find an already loaded product
- model customfields, enhanced also the cache of the function getCustomEmbeddedProductCustomFields
- optimization for the functions getCountryByID and getCountryIDByName and the country model, loading a country creates directly multiple keys for the cached entry.
- added important improvement, removed random in sql, the randomizing of products is done by loading more than needed an array_shuffle
- router uses now also the cached Table class (reduced sql drastically)
- added autohashing of tables (if set in the constructor)
- model userfields replaced single requests in function getIfRequired against one but cached request.
- Fixed caching in customfields model, loading a product twice with different quantities loaded the customfields plus the cached ones
- Caching in model state functions getStates and testStateCountry
- Caching in mediahandler function getIcon
- getVmPluginMethod set false as default for parameter cache
...and many other minor features, fixes, corrections. See the complete list of commits at http://dev.virtuemart.net/projects/virtuemart/repository
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 27745
This release primarily fixes a bug which affected some users when they updated their shop to VirtueMart 3.4.0. Third party developers should update their systemplugins loading the VirtueMartConfig class analogue to the virtuemart system plug-in. For details please use this link to the forum thread
Also VirtueMart 3.4.2 gives users the oppportunity to test PayPal Smart Buttons. PayPal Smart Buttons offer several style options to customize the look and feel of your smart payment button. You can also use options to display multiple funding sources to the buyer, when appropriate. It is very easy to configure and deprecates the simple "PayPal Exress" and "PayPal Credit" options.
Please read here for the complete news Virtuemart 3.4 prepare for the future and here for the concrete list of changes from vm3.4.0 to vm3.4.1 List of fixes
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 35354
This release is now ready for all our VirtueMart users.
Due to the wide ranging changes we have made to underlying core functions and the removal of old VirtueMart and Joomla compatibility (which was weighing things down and slowing future developments), we have taken more time putting this release together than usual. Initial feedback from our beta testers has shown us that it has been worth the extra effort and time that it took.
Here are some highlights:-
Improved core - VirtueMart core now benefits from using the Joomla classloader providing a more performant and more failproof method for classloading (classes are registered automatically and loaded if need.)
Ready for Joomla 3.9 - The core is ready for Joomla 3.9 and we expect that it will be relatively simple and fast to adapt for Joomla 4
PHP 7.2 - compatible - VirtueMart 3.4 is now php7.2 compatible, users can now benefit from more secure and faster PHP versions.
Javascript updates - We started to rewrite the javascripts to use data-vm instead of classes or ids - fallbacks are provided.
VirtueMart Package improvements - This now automatically installs the VirtueMart Core, AIO, vmBeez3 template and the TCPDF. The installers within the package can still be used individually for those not requiring the full installation.
Next release in progress - Expect to see two new payments, eWay and PayPal's “Smart Buttons”. A new template option which loads for example layouts with a bs4 prefix allows us to develop a completely new frontend template, whilst keeping backward compatibility. We are also planning for a new backend template, for which suggestions are welcome in the forum.
Enhancements
PHP 7.1/2 support
- Encryption and decryption with openssl for PHP 7.2 compatibility.
Order model changes
- New trigger plgVmOnUpdateSingleItem.
- Extra variable $inputOrder to the old triggers plgVmOnUpdateOrderShipment and plgVmOnUpdateOrderPayment.
Products
- New feature "maximum products", "maximum customers" per vendor and "force product pattern".
- Product is loaded for an order even when unpublished.
- New filter for customprototypes in the product listing.
- Products can be assigned a fixed Canonical Category – useful where a product is in multiple categories and the category name forms part of the product URL - product_canon_category_id.
- Admin product list - A bulleted list for categories is now shown. Canonical category is highlighted.
- Product model, getProduct, customfields are always loaded.
- For FE search of items - the product model no longer replaces the search character “-“ with “%”.
- Table change to products_language tables, “product_desc” now set as Datatype “text” (no varchars any longer).
Customfields
- Admin feature to transform a set default list of "S" customfield to another and updates the values in the products that use the transformed customfield. transformSetStringsList.
- Customfields can have the same name using a hidden configuration “unique_customfield_titles” to disable “unique names”.
- New submenu to Joomla to the customfields list.
- New method to calculate the variant price inside the function "getProductPrice" just using TRUE for the second parameter instead of a float
Currency handling
- Calculation of net price rounds final price first (prevents wrong inputs) – calculatorH.
- CurrencyDisplay roundForDisplay we round first before we multiply by quantity (as in the calculator), but not in Rappenrounding mode.
- Rounding in CurrencyDisplay uses "round only display config".
- Small change of rounding in currencydisplay using a different currency.
- New option shared to currency admin views. (Program logic is maybe not complete).
Image handling
- Images createThumb is only executed, when file not available. Forcing of thumb creation is done by deletion.
- Search for unused media in admin.
User switch by admin FE
- New hidden config switches:
- ChangeShopperAlsoUseAdminShoppergroups - Add the shoppergroups of the logged in Admin user to the “switched” user’s shoppergroups.
- ChangeShopperDeleteCart - When a user is chosen by the admin – the cart contents are cleared – prevents accidental inclusion of cart items.
Orders and checkout
- Cart handling a change of the quantity is included in the popup and as extra warning message in the cart.- checkForQuantities changed vmInfo from vmWarn.
- The layout ‘padded’ has a small update to show all quantity warnings in the popup.
- products can use html classes in the cart item row
- Checkout user data is stored, even when the userfield validation fails (the validation is for the checkout process).
- Some work on the $cart->orderdoneHtml = $html; thematic (in vmpsplugin.php).
- Admin Order list, more intuitive sequence for the columns.
- Order editing will only store a Ship To address when STsameAsBT is empty. New order variable- STsameAsBT. With a new checkbox to control the addition of a ST address in order edit.
General
- Added JRoute to action of the user edit form in FE.
- Added filter vendors to user list.
- Captcha for vendor contact form.
- Shop configuration for FE views "set bootstrap layout version X", which adds a prefix for example bs2- for loaded layouts.
- Added function "alt" to vmText.
Modifications
- Important update for VirtueMart System plugin. It tries to load the configuration file of the installer and not the already installed one.
- Exchanged hard coded string against vmText.
- Spaces to Tab and indentation.
- Replaced all id="vm. with id="vm-
- Moved the js validation and setting the chosen dropdowns to required in an extra file.
- Removed double id="reg_text", replaced with “class.
- Language string change in de-DE.com_virtuemart_config.ini and en-GB.com_virtuemart_config.ini.
- Removed mootools from vmbeez3 template.
- Added plugintype vmextended to whitefilter of controllers/plugin.php.
- Membership checker shows error in ajax request (simpler to debug).
- Added JRoute to product link in sublayout products.
- js using data-vm="product-container" instead of classes, fallback provided.
- js now uses data-vm, all dependencies to classes will be removed soon. Fallbacks provided.
- vmpsplugin.PHP methods which cannot be selected are now unset from the array of available methods.
- vmplugin function _getLayoutPath is not public and static.
- getMyOrderDetails, changed unused 3rd parameter. It sets now if the config should be considered for ordertracking. Some 3rd parties need it.
- New fallback for product customfields, when the cart is loaded and had no data in the session.
- Changed reload=1 attribute to data-reload=1 (with fallback in js for the old reload=1).
- Changed activation text in registration email, when set to "activation by administrator".
- prepareViewForMail now uses the generic controller, not a specific one (could make trouble with Admin and FE controllers having the same name).
- Cart helper checkAutomaticSelectedPlug, when no method is available the method_id is set to 0.
- Files of extensions are directly copied from temp directory to the correct place.
- Product_name is now handled in the controller as the other special input fields and follows the ACL for writing raw/HTML or just normal text.
- Added to getInstance of the calculationHelper the parameters vendorId, countryId and stateId.
- Test for country/state improved. Added differentiation between valid and require.
- Improve performance of calculationHelper function setCountryState using a new pattern to load the country and state of the registered user.
- Added hidden feature, "directCheckout", which directly starts the checkout process with redirect
Fixes
- URL of currency_converter/convertECB.php must use https now.
- Cart object small fix which prevents overriding of $customProductData, when trigger plgVmOnAddToCartFilter is used.
- Important fix for correct order status for order history.
- Important fix for order editing was causing wrong calculation results - replaced product_item_price for product_discountedPriceWithoutTax for calculation of the subtotal.
- Checkbox cartfields are now correctly stored in the order.
- Fixed return value of function CreateOrderHead http://forum.virtuemart.net/index.php?topic=140616.0.
- Added $view->mediaToSend = array(); in function sendVmMail to prevent sending of cached medias in order status update emails.
- Fix for order_status vs order_status_code.
- heidelpay, small fixes and changes.
- PayPal hosted, fixed currency.
- PayPal hosted payment iframe little catch for EMAILLINK – handles no PayPal response.
- Standard payment: fix in tmpl.
- Standard payment: update order status now happens before orderdone view rendering.
- eway: fix the CVN in case of cart saved fix invoiceDescription.
- authorize.net plgVmOnShowOrderFEPayment changed to public http://forum.virtuemart.net/index.php?topic=133563.msg492466#msg492466.
- Fix in config.php typo in JLoader::register, creditcart.php to creditcard.php.
- Correct storing of customplugins.
- plgVmOnStoreInstallPluginTable of specification plugin.
- Links to shoppergroups in ship-/payment methods listing.
- Text in Virtuemart Search Module doesn't clear https://forum.virtuemart.net/index.php?topic=139961.0.
- Small fix in admin product edit, which prevents removing the categories if a product is stored before the category tree was loaded.
- Problem with not loaded parent categories in product detail.
- Minor errors and typos (for example a note thrown cloning a product (thx Patrick K.).
- Category cache.
- Sublayout customfield used duplicate keys.
- Corrected small typo in en-GB.mod_virtuemart_product.ini.
- Fixed some Language translation issues.
- Updated de-DE.mod_virtuemart_product.ini.
- replaced JFactory::getLanguage against vmLanguage::getLanguage.
Minors
- vmstore template foundation.
- Added deletion of Media synchronization progress, when finished..
- Removed old VM_VERSION (j2.5 compatibility).
- Removed more DS, also for paths, added vRequest::filterPath().
- Joomla Fullinstaller.
- Removed unused files.
- Replaced old JError against exception.
- Added missing license notes.
- Some old JRaiseError, JREQUEST_ALLOWHTML (also from old comments).
- Removed unused error reporting(0); in Admin/views/orders/view.raw.php.
- Removed old if !class_exists require's.
- Install script.virtuemart.php removed old j1.6 legacy.
- PayPal updated xml field to vmfile to vmfiles.
- Updated vmbeez install file using the method "upgrade".
- AIO installer replaced is_dir against JFolder::exists to prevent false positive error message.
- Removed some more DS, the remaining DS are meant for realpath, which could be outside of the webfolder.
- Textinput plugin, removed old trigger.
- vmuploader, failing the joomla upload filter returns false.
- Enhanced message when no vendor currency is defined.
- Removed unnecessary language keys. Languages keys which are used in a special language file should never appear in the default component language file.
- Package installer: added fallback in vmplugin to get the xml file from the default folder in case the temporary install folder fails.
- Package installer: added check in updatesmigration.php if xml is available.
- Use an internal variable html, to display the messages. It is echoed for normal install and put in the Request for package install.
- Added template to package.
- Updated js of the template.
- Vendor list is now sending the form and ordered by name.
- Changed function getUserList using user_is_vendor instead of is_vendor.
TCPDF
- Moved tcpdf files to libraries/vendor/tecnickcom/ and libraries/src/Document following the new file structure of Joomla.
- Now also deletes the old "libraries" folder in the be folder in case it exists.
- Removed old j2.5, j1.6 stuff and DS.
- Replaced DS for /.
- Fixed wrong path in getTCPDFFontsList.
- Fixed typo in vmpdf.
Work in progress
- Vendor model another idea to handle a multicurrency store (would mean to create invoices in the user selected currency).
- Better refund of invoices
- Details
- Written by: Max Milbers
- Category: Latest News
- Hits: 34791
This fairly serious XSS discovered by Mattia Furlani pertained only the administration area, so most shops are not affected. Shop owners running a multi-vendor store or fearing that their employees may use this leak should update as soon as possible.
The new core has some fixes for php 7.1 - 7.2 compatibility.
Compliance to the new french financial law
At present we have also integrated some fraud protection requirements to comply with the new French law. This includes, for example, the new invoice processing system. When an invoice was changed, the old treatment renamed the originally created invoice and created a new invoice with the same invoice number. The new treatment creates a regular new invoice number while the old invoice remains listed and accessible. We also added an order item history table. The class vmtable can now automatically save a hash to any entry. For example the order entries store a hash of the important data per line, so it is now possible to check the integrity of an entry. This system is not completed yet.
Further features:
- Behaviour of the table object is more consistent and reliable.
- Behaviour of payment plugins after pressing confirm in the cart and cancelling the payment is now more consistent.
- Removed w3c validation errors.
- Corrected routing for orderdone layout.
- Trigger 'plgVmAfterStoreProduct', added array key "new" to $data, so that we know if a product is new or just updated.
- Customfield date has now two extra parameters to set the initial date and year range. The initial date uses as format DateInterval, so the P0D means use the current.
- Language files updated.
- Long desired fix, dropdowns of prices in product edit work now directly.
- Enhanced handling of the orderdone layout.
- Minor compatibility enhancements of javascript and html.
- _triesValidateCoupon is now emptied after entering a valid coupon.
- Coupons are not automatically removed any longer when expired.
- Full installer now also works with multilingual setup.
The full list is available here http://forum.virtuemart.net/index.php?topic=139652.msg490664