Zen Cart 英文版 v1.3.9a 发布

发布zencart最新消息、安全补丁。强烈建议订阅本版面,通过电子邮件即时接收最新消息。

版主: admin

Zen Cart 英文版 v1.3.9a 发布

帖子Jack » 2010-04-22 10:38

v1.3.9 英文版下载http://www.zen-cart.cn/modules/wfdownloads/singlefile.php?cid=6&lid=211

v1.3.9 的新特性

v1.3.9 在 v1.3.8 基础上有很多改进和修正,包括:

* 兼容 PHP 5.3.x
* 改进 PCI 扫描,防止常见的错误
* 改进 SSL 检测
* Session 处理改进:特别针对IE改进了共享型 SSL 配置
* Session 处理改进:结束时关闭、删除多余的初始化等等
* 改进了搜索功能
* 改进了防止黑客的功能
* /images/ 目录增加了 .htaccess 文件,以及其它一些安全更新
* 产品页面和产品列表现在支持 Canonical 网址(权威网址),参见 /includes/init_includes/init_canonical.php
* 改进开发工具 (智能搜索、大小写敏感选项等)
* USPS 模块更新为 RateV3 接口并包含所有直到 2010年4月的更新
* PayPal 英国 - 支持3D 安全
* 支持 PayPal 的微支付 (micropayments)
* 当fsockopen() 被禁用时,增加通过CURL处理 PayPal IPN
* 更新了PayPal,Linkpoint (改名为 FirstData) 和Authnet 支付模块
* 单独分开内置的税栏
* 增加简易页面的独立样式
* 修复默认SQL文件中国家、货币的错误 (删除了旧的国家等)
* 修复/更新/增加了各种通知调用
* 初步兼容MySQL 6-alpha
* 更新 spiders.txt 文件提高效率并更新数据
* 改进configure.php 文件的只读检测 (如果可写且权限允许,将自动设置为只读)
* 多种性能提高,包括释放浪费的内存来提高速度
* 默认打开 PHP错误记录,因为错误不显示到浏览器 (基于安全考虑) (可以在管理页面的商店管理中清空日志)
* 在信用卡号码栏目关闭自动填写功能,防止浏览器记录、恢复信用卡信息
* 通知朋友功能防止垃圾信息
* 管理登录页面的保护 - 增加了延时防止暴力破解密码


补丁

v1.3.9 包含了自从v1.3.8后的很多补丁,包括:

* 1.3.8/1.3.8a 的所有发布的补丁
* v1.3.8/1.3.8a 及更早版本的所有安全补丁
* BUGSFORUM-168 Added stronger detection of suhosin usage: now disables certain features which are incompatible with suhosin, instead of throwing errors in places like whos_online
* "Catchable fatal error" fixes
* Tax calculation fixes in various places
* Fix division-by-zero errors in ot_coupon.php and ot_group_pricing.php
* Various fixes to Gift Certificate, Coupon, Group Discount, etc order-total modules
* Customer DOB was getting erased if admin edited customer data and min DOB length was set to 0
* Error when deleting ALL attributes
* Tell-A-Friend was sending wrong URL if product used alternate product-type
* Add safety to payment modules to prevent attempt to re-install once already installed, since that has always thrown ugly (although harmless) SQL errors on the screen
* Category metatags could not be removed once added
* Unknown column "o.orders_id in 'on clause' when using admin order search
* Back button navigation tweaks
* TEXTAREA attributes with character limit could delete typed text when limit reached
* queryFactoryResult errors addressed
* Can no longer delete categoryID=0 ... which could happen in limited cases, thus deleting all products and categories unexpectedly.
* Spiders could occasionally trigger PHP server errors if they attempted to add-to-cart
* Spiders list updated and pruned
* Session handling improvements including wiser parsing of tld
* Fixes to email handling
* IE8 fix to admin UI
* Fix for credit-covers issues when using loworder-fee type modules
* Fix some secure/nonsecure warning triggers
* Fix Discount Coupons to allow for:
- Add All Products in 1 Cat
- Remove All Products in 1 Cat
- NOTE: you specify DENY or ALLOW and that is how you ADD or REMOVE
- Allow Links to Products or Categories in ordered list plus popup help
* Various multiple-language bugs
* Added ability to define DB_CHARSET to automatically trigger a mysql SET NAMES statement if needed for things like UTF8 support, preventing the need to edit the db class
* various banner-manager date fixes
* various fixes to media-collection components such as media-manager, sort-orders of clips, etc
* Fix GV balance display on side panel when customer has a balance but no order and was displaying as $0.00
bug in admin reviews pagination
* Prevent display of HOME_PAGE_META_KEYWORDS etc if people mistakenly skip that part of their upgrade. Defaults to normal content as if define was set to blank.
* Various admin page fixes to javascript validation code
* fix bug which prevented admin from getting copies of "all" coupon emails sent out (was only getting a copy of the last email sent)
* eliminate secure warnings when Customer is not logged in and adds to cart then hits checkout and merge carts happen and return to shopping_cart and hit submits to update cart etc.
* Shipping Estimator is displayed open on shopping_cart vs being a button
* fix incorrect display of tax rate when deleting tax rates
* Fix category look up to use master_categories_id
* Fixes SaleMaker Priced by Attribute
* Fixes Admin Display of Product Category from displaying "something" on Linked Products
* Fix categories name lookup based on product master_categories_id vs random categories_id from products_to_categories
* Fix navigation on add/cancel featured/specials from products_price_manager and back
* Fix breadcrumbs not to include products_name when on listing and Display Cart is off and does not break Reviews
* Fix salemaker bug on Entire Catalog not being selected on edit when set
* fix broken reviews where reviews are stuck on same product and work like specials and new products
* fix for dropped connections on timeouts due to slow external methods
* Fix function free_shipping_weights value on Product weight and Attribute weight in shopping cart
* Added noindex,nofollow to admin pages to aid in reducing admin indexing if logins are bypassed somehow
* force use of SSLv3 in authorize.net modules (system requirement by authnet)
* fix to prevent countries from being deleted if currently assigned to address_book records
* zones shipping module: Auto build additional Zones when $this->num_zones is changed and already installed
* Add SSL-detection support for Zeus SSL Accelerator/Load-balancer by detecting HTTP_SSLSESSIONID
* fix small logic bug in sqlpatch tool
* Admin specials: Prevent GIFT from being put on Special in Manual entry just like in regular entry
* fix: Storage of email_html in email_archive table problematic
* incorporate forum-suggested change to accommodate upper-case characters in phpbb usernames
* Fix bug on duplicate Discount Coupon success message
* regex fixes on cc validation class for better detection of card types
* fix order-status pulldown on admin orders page for consistency
* switch the whois lookup in whos_online to domaintools site instead of dnsstuff
* PayPal Express Checkout now uses default email-format when creating an account
* add additional port support for gmail
* search page was showing slashes in some cases if search result came up with no records found
* added warning to admin to indicate if /admin/ folder hasn't been renamed
* fix address-format inconsistency bug (if multiple address-book entries are shown and include different formats, page was only observing the format of the *last* item in the list, not honoring each individual address's proper format code)
* BUGSFORUM-798 - fix store-manager bug which croaks when using Optimize DB if database name has hyphens in it
* fix credit covers problems in coupon
* fix rounding error and ensure $cost is a number not a string
* fix zone restriction problems in some shipping modules
* BUGSFORUM-801 - fix newsletter signup box bug where checkbox is auto-selected and user deselects it
* BUGSFORUM-809 - language typo
* BUGSFORUM-442 - quick fix for strict data-typing in 1.3.9 for product update pages in admin. (v2.0 will use proper bindvars approach)
* add robots_example.txt to help minimize some confusion on the matter
* Set up 301-Redirect if a spider attempts to visit a URL that contains a ZENID, in effect removing the zenid from the spider's database
* BUGSFORUM-546: 111219: Paypal IPN orders not recorded if order-total addons are missing language files
* BUGSFORUM-632: 117422: PayPal Shipping Labels Not Sync'ing
* Workaround to accommodate BUGSFORUM-281: 90799: function replace_accents(), Japanese, PayPal
* Partial fix to various PayPal bugs where IPNs weren't allowing proper creation of orders due to MySQL Strict Data typing issues.
* add stock check before Express Checkout commences, preventing checkouts if stock-checks would normally prohibit
* PayPal updates - safer handling for PaymentReview transactions
* PayPal - can now enable address-override switch if store model requires it
* PayPal website payments pro now asks merchant to choose which country their PayPal account is located in, since this more accurately drives how the module should be communicating
* PayPal - fix bug causing wrong order-status to be set on refunds, resulting in them disappearing from orders list
* Add paypal language defines for auto-added descriptions in line-item calcs
* Rudimentary PayPal FMF support to prevent throwing of errors
* authorize.net modules: fix missing $messageStack references
* Skip sending first 4 digits of CC number in order-confirmation email (security requirement)
* Fix missing Refund option for Express Checkout
* Add notifier to shipping/payment classes, to allow contribs to hook in and disable
* Add additional notifiers to order class
* Fix broken notifier functionality in PayPal IPN
* change ereg* functions to equivalent preg functions for PHP 5.3 and PHP 6 compatibility
* Fix wrong order of info on order-status-update emails
* Fix text to use correct text for each review when set to greater than 1
* Fix image or missing image on reviews edits and previews
* Fix bug to Prevent Password Forgotten from being sent as blank when set to 0 length
* Fix mismatched functions on building path to wrong category when Linked Products exist
* Disable the storing of auth_code details as part of customer comments and customer order-confirmation emails, for fraud-prevention reasons
* Options Values Manager - Bring sort order input field into vertical alignment with header and other column contents
* referrals report - Fix broken dates and times months don't have 32 days and days are 24 hours
* BUGSFORUM-820 - error in tax_basis determination for ot_shipping
* UPS/USPS - Fix minimum weights when 0 to be 1 ounce (.0625 pounds)
* USPS - Add missing Priority Mail International Regular/Medium Flat-Rate Boxes/Priority Mail International Small Flat-Rate Box
* USPS - Fixing codes to make USPS happy with changes to ISO and expected country names
* USPS/UPS - quick cheap hack to pass expected codes back and forth between _getQuote() and quote().
* Fix missing backslashes in usps which was breaking intl quotes
* Fix bug where Discount Quanties get copied on Copy Product to Duplicate when marked not to be copied
* Order class - pass on the ID values from cart to order for easier parsing during order processing
* ot_coupon - fix restrictions - Base zone restrictions on Delivery for Free Shipping or Billing for Amount or Percentage
* Bugfix - prevent duplicate messageStack entries
* Some template updates, added bindvars to guard against sql injection
* Fix for cart class breaking on update where there is an upload and a checkbox involved
* Backport support for embedded image attachments in emails which was supposed to be in 1.3.8 and got missed somehow
* Email html checkout template was inserting store name in duplicate
* Fix race condition when updating counter history
* Add ability to set certain countries to show at top of pulldown list, defaulting to store's default country
* Fix Discount Quantities to recognize the Discount Type: NONE to properly disable Discount Quantities and not break calculations
* Trap errors that occur when users fail to properly upload lang file with modules
* Fix Per Unit to not require change to Maximum 5000
* Fix wording on % amount of Order Total on Zones and Table Rate - can mix/match dollar/percentage
* Fix Handling Fee per Box/Order mismatch and add a choice for
* Weight oriented shipping methods
* Packing slip and invoices - Fix format_id for billing address
* IPN updates to identify EC transactions more easily, as long as core code doesn't get changed by end-users
* Fix for lack of proper static properties in php4, also fixes problems with notifiers in ad hoc instantiated classes, ie order class
* Fix missing restrictions limit on coupons
* Show tax desc in tax-rates window to more easily spot empty descriptions which can be confusing
* Prevent admin-side edits from mangling & into & when editing ez-pages
* Fix missing manufacturers filter for displaying Manufacturers with Products to match sidebox setting from Maximum Values
* Fix image to load on all attributes on multiple select of Option Values
* option values manager - Fix for multiple languages showing multiple records for same value when multiple languages
* Remove redundant code in index_filters, improving performance
* Fix ceil error where amounts are less than 0, such as ceil(.6/.2)
* ot_coupon Fix for Minimum Amount to be based on Product totals based on the Restrictions not the full Total Order
* BUGSFORUM-980 - If customer changes spelling of CITY on PayPal end, the change wasn't reflected in the customer's/order's address details.
* zc_install no longer checks CURL over proxy if regular CURL test fails
* BUGSFORUM-982 - Fix minor bug where messageStack alert not being shown, due to syntax error, with payment/shipping modules missing language files.
* Fix bold cheapest bug in shipping estimator to match checkout_shipping
* Fix problems caused by using double-quotes in attribute option names/values
* Add additional notifiers for tare/shipping/quote/cheapest to shipping control class
* Fix bug with virtual-content-cart sending customers back thru checkout-payment and confirmation screens a second time after returning from paypal express checkout
* BUGSFORUM-1008 - fix issue with newsletters not sending properly due to queryFactoryObject error caused by typo
* BUGSFORUM-1005 - fix typo in shipping estimator parameter, which was causing duplicate "name" attributes on input field, thus causing validation error
* BUGSFORUM-1014 - fix bad ID problem in shipping methods selector in checkout_shipping template
* Add note to USPS debug emails to tell the recipient how to turn them off, since so many are confused by it.
* Updates to linkpoint-api (firstdata) payment module
* Fixed order-of-operations problem with cached data
* BUGSFORUM-1022 - fix problem with PCI false-positive when invalid $_GET['sort'] parameter is injected on URL (PCI patch posted in Nov)
* BUGSFORUM-1034 - Remove security vulnerability from the CURLTEST.PHP script, and removed other dev-use-only files
* CURLTEST.PHP renamed
* BUGSFORUM-514 - Storage of email_html in email_archive table problematic
* Reduce a loop of lookup queries on top-level cat display in admin
* Fix potential XSS vulnerabilities in various admin files
* BUGSFORUM-1041 - fix broken forms which prevented search from working properly in products-purchased admin report
* BUGSFORUM-1036 - prevent ability for 'free_free' to be set by POST contamination on the shipping page
* BUGSFORUM-1027 - state selection incorrect in address book edits when pulldown enabled
* Stop storing CC EXPDATE in orders table for gateway modules, for PA-DSS reasons
* BUGSFORUM-1044 - JPY currency adjustments in EC module
* BUGSFORUM-610 - Incorrect decimal value 'f' when free-shipping selected
* Fix ot_coupon bug on minimum values where comparison is a string and not a value
* Fix broken search in admin product screens where Search is broken as soon as editing is done and search is lost
* Fix admin Add New Product when Search is set, cannot add a new product as no known category is set to assign to new product
* Fix installer to properly ignore commented lines in configure.php files when reading prior settings as part of an upgrade
* Fix admin categories navigation glitches
* Installer update: no longer raises warning-flag if "cgi" version of PHP is in use.
* Admin comments in order status history which are set to -1 will not be shown to customers
* Fix group pricing/discount coupon bug
* BUGSFORUM-1082 - linkpoint_api payment module fixed array vs string error
* Fix bad SQL joins in music_genre filter and record_company filter code
* Fix alpha sort functionality with music_genre and record_company filters
* BUGSFORUM-191 Fix bug preventing address-book-process from properly updating the State field when no zones exist for selected country, caused by not properly validating the $_POST input which is blank when page is first drawn.
* Fix problem of order-confirmation submit button allowing multiple submits/clicks, resulting in duplicate orders
* Fix broken rounding problem when calculating number of boxes for shipping quotes
* Fix banners not activating based on date NULL needed to be 'NULL'
* Fix banners dates for midnight or they do not expire or start on right day
* Fix admin customers report: Report was combining people with same name, changed to customers_id
* Music products - Fix wrong categories_id for copy and fix methods update fields to match formats in product_general
* BUGSFORUM-288 - trim spaces from contact-us email address to prevent being rejected
* BUGSFORUM-904 - Admin product preview screen - Added check to make sure key POST fields actually contain data. If not, do error trapping, instead of saving blanks.
* BUGSFORUM-1156 - fix priced-by-attrib problem with negative values
* "last login" date for customers logging in with new accounts is now set correctly
* Changed default permissions set on uploaded files to 644 from 777
* Fix wrong header response on some pages during down-for-maintenance
* Fix double mention of GV amount in emails
* BUGSFORUM-603 - Salemaker expiry performance problems for sales starting and ending on same day
* admin metatags picks up defines from custom template if set
Zen Cart - 让每个人拥有自己生意的梦想成真
加入Zen Cart地图 | 恕不回复站内短信提问 | QQ: 3171061
头像
Jack
论坛版主
论坛版主
 
帖子: 12265
注册: 2004-12-16 10:04

回到 最新消息



在线用户

正在浏览此版面的用户:没有注册用户 和 1 位游客

cron