After the previous security update some people commented that we should provide more information about the security leaks. Usually if the problem is within the core files, we follow security by obscurity, which means we do not exactly explain where to find the exploit. But the latest possible sql injection is in fact a matter of the template. So this time we will explain exactly what happened.
VirtueMart in partnership with Stratus5, is pleased to announce VirtueMart2Go a cloud-based E-Commerce Solution that is now available to our customers as a ready-to-use On-demand service. VirtueMart2Go combines the leading content management system, Joomla and our popular VirtueMart eCommerce software as a pre-integrated, customer-ready cloud offering.
VirtueMart2Go, as its name implies- is a ready-to-go solution that you can use to instantly launch and operate your E-Commerce site. You don't need to invest in expensive hardware, software or labor to download, install, implement or maintain a solution. All you need to do is register on our website and start using VirtueMart2Go to launch your E-Commerce website in just minutes!
Certification - What is the idea behind
The idea behind VirtueMart is that a lot people participate in the project. This means that there are a lot 3rd party developers and webagencies using VirtueMart. But the disadvantage of this system compared to a unified trademark policy is that a also not qualified people offer their service. This leads to frustrated customers who often payed high prices for crappy templates (deleting virtuemart standard views completly) or completly misuse of the tax settings and so on. We add more and more documentation on docs.virtuemart.net, help is very welcome, but documentation won't solve the problem.
After more than 5000 downloads of our test releases and approximately 400 participating testers we are proud to announce the Gold version of the vm2.0.x series.
Endless forum threads were read and answered. Many ideas were taken and went into the core. Hundreds of community users helped the team with their feedback, thank you for your participation.
This version 2.0.22 already has many features which were written in autumn 2012 for the next major version 2.2. To keep updating easy, we decided to add as many features as possible from vm2.2 into vm2.0 series without breaking the APi. The next step for vm2.2 will be updating some extensions, caused by the changed API. It is in our interest that templates have a long lifetime.
Powered by PHP-Storm
The VirtueMart project is now powered by Phpstorm, which is for us the best PHP IDE. Using this tool the code has been cleaned up again.
Some hash based caches improve the performance. Split language files reduce the consumed RAM noticeably. This means you can have more users parallel visiting your store.
We are proud to announce the newest certification with Avalara, VirtueMart 2 now has a native solution integrated for a fully automated sales tax compliance for North America and beyond.
AvaTax Calc integrates with Virtuemart to deliver real-time sales tax calculations based on up-to-date sales and use tax rules. This includes sourcing rules, product taxability and jurisdiction assignment. Increased audit activity by taxing authorities demands businesses prove sales tax compliance through accurate calculations and reporting. AvaTax Calc makes compliance simple, with transaction history and on-demand reporting.
Avalara's sales tax rates Software-as-a-Service (SaaS) offering is more than just a calculator for sales tax rates. AvaTax Calc is an easily integrated, dynamic tax decision engine. AvaTax dramatically improves accuracy because at initial calculation, AvaTax Calc:
- Validates and corrects the address—including ZIP code +4
- Identifies product taxability
- Applies the most current, up-to-date tax rules and regulations
- Verifies tax holiday status
- Applies sourcing rules (where taxable)
- Automatically assigns correct jurisdiction
THEN the service provides sales tax calculation for the transaction—all in real-time with no delay or interruption to workflow—and applies it in your billing system.
For the vm2.2 we plan
- joomla 3.x compatible
- native joomla ACL
- enhanced customfields, in special also the plugins
- enhanced shopperfields (for cart)
- enhanced cart helper
a) fixed, that registered could unreveal orders of anonymous shoppers
b) fixed, that unpublished catgories could be accessed via direct link.
- Vm2 two times in the same database with different prefixes should work now
- product->created_on became sometimes 0 =>fixes "New products"
- fixed canonical links
- removed that it takes only 5 products per run in migration
- fixed for neighboured products for some sortings
- Bug fixes for clone products.
a) product prices wasn't clone
b) after cloning the product shopper group was wrong
- pagination settings. Please review after updating your pagination sequences
- various W3C compliance
- error in the calculator and calculation of rules per bill with categories. An index was used in two different foreach loops.
- fixed images of related products
- FE product editing
- various html fixes
- store priceWithoutTax on DB, changes revenue report net price calculation. Be aware that you must execute for this the "migration" task in the revenue view.
- customfield prices use now the currency of the selected price
- Search plugin: query includes the shopper group
- deleting of category let references left
- drag n drop ordering for products by StephanBais
- Added an option to use fancy or facebox.
- configuration for orderstatus and emails to be sent
- order editing, Thanks to Ondrej and Maik
a) address data
- delivery notes creation for orders, Thanks to Reinhold
- configuration of header and footer for invoices, delivery notes, etc, Thanks to Reinhold
- mediahandler, search enhanced and pagination works
- new filter for roles in media view
- changed behaviour of media thumbs, the path/url is not stored unless it is an overwrite
- added resetThumbs to delete all entries and thumbs to adjust to new pattern or changed thumbnail size
- More sorting options
- Help button in every backend view, showing the online information of docs.virtuemart.net
- Product with price= 0 can be added to cart. There is also a new parameter for standard payment to no invoice on order total=0
- Added to paypal refunded
- Paypal email http://forum.virtuemart.net/index.php?topic=114514.0
- Paypal : force UTF-8 encoding
- Shopperfields use default value now, so you can use it for setting the value default on "agree to tos".
- removed &: from links
- little change in migrator, should help if you have a slow machine and a lot products
- Added two migration scripts from the forum for vm1 product attributes and related products
- Add shipment and payment methods to sample data
- More tooltips, enhanced GUI.
a) Added option to show related products in the "add to cart popup"
b) "add to cart popup" is template able
- Added the nice chosen.js to most FE dropdowns
- emails send in the shoppers language
- splitted language files
a) shopperfield language in FE/xx-YY.com_virtuemart_shoppers.ini
b) order language in FE/xx-YY/en-GB.com_virtuemart_orders.ini
c) => Most shops run with the fallback for english, so it is loading most time at least 2 languages. Cleaning and reducing the size of the language files gave us around 4 MB Ram.
- Please accept tos is directly displayed, less redirects
- added Meta for homepage
- Consistent display of discounted and old prices with line-through on product, homepage, cart, order, email and print view.
- function getProduct and getProductSingle are cached on hash keys based on the parameters
- removed unecessary getProduct function in cart
- neighboured products only loaded, if activated
- some code sniffing stuff. Just removed some warnings, made some functions to static, ...
- replaced, removed $this->loadHelper('image') by if class exists ...
- more JText::_ is used for example for "product availability"
- Fixed country state list for shipto,.. is now usuable two times on the screen (easier cart checkout).
- added quantity to product, so that it can be used easier in the cart popup
- added to the helper VirtueMartCart the functions blockConfirm and setRedirectDisabled for ajax based one page checkouts.
- Added function setCartPricesMerge(), makes it easier to change single prices, without touching the whole array.
Relaunch of VirtueMart Portal
Reading this page, you will notice VirtueMart.net has a new look, new structure and new feel, which we started talking about this 3 years ago, so why has it taken so long? We had to wait until we were able to migrate everything to joomla 2.5 (Livesites, Links, Comments,...), which was a major job we have finally completed. We are proud that we have finally managed to present the new site; the design offers you more active areas, more links to specific information and easier navigation.
So many people added so many useful and helpful enhancements or features
Due the time it has taken us on relaunching the Virtuemart website, we were not able to finish vm2.1 as we would have liked, so we have released a new version of vm2.0, with many of the features we thought would be part of VM2.1. This was done because so many people added useful and helpful enhancements or features (like manufacturer depending rules), so it would have been a waste not to share these features as early as possible.
Slight philosophy step change for VM2.1
We have slightly changed our philosophy for the release of vm2.1, the idea was to release the version with a whole host of new features, but instead we have added some of these enhancements and features to 2.0.
The idea behind this was that we wanted to release it in a way that would allow us to get the newest features to you as quickly as possible, whilst in the background, 3rd party developers can have enough time to play with VM2.1 and adjust their products, which helps to reduce the impact on both the 3rd party extension developers and users alike. In short, VM2.1 plugins and extensions will be fully compatible with VM2.1 when it is released.
The newest release VM2.0 is ready for download, the new website, which we mentioned was a culmination of months of work is now live, and VM2.1 sitting on the edge being tested by the core developers, so all is looking good for the future.
Furthermore, we fixed smaller bugs.
Please read our roadmap
The update should be completely backward compatible, but there is a new setting for the email sender which you should be aware of.
Changes from 2.0.18a - 2.0.18b (14. February)
- Added calculation per category for rules per cart
- Added correct reducing of tax when a discount is used and different VAT taxes are required for the products (Thanks to Maik Künnemann)
- Email subject price displayed in the correct currency
- Fixed - displaying several times payment/shipment methods when a shopper is in several shopper group-
- Moved TOS to top of check in cart, for easier use and visibility.
- Added – when shipment and tax use generic rules, if only one product VAT is used
- Added – Improved step order levels by Székely Dénes (Thank you)
Changes from 2.0.18b - 2.0.18c (1. March)
- Fix - cart rules per category by kkmediaproduction (Maik Künnemann) and Max.
- Added ordering for child products
- Added manufacturer for rules per product, thanks to <mediaDESIGN> St.Kraft, please be aware, this won’t work for rules per bill despite the categories.
- RSS feed for homepage and categories
- Bug fix – when admin changed some addresses of users, the bug caused (on some occasions) the loss of the logged in admins own address, if the user was not a VM user already.
- Taxes for shipment selection in view.html.php
- Fixed - step_order_level by Székely Dénes was not working with old overwrites, compatibility enhanced
- New option for Avalara, option to disable taxes if it is not the cart.
- Avalara caching
- Aavalara added purchase order number
Changes from 2.0.18c - 2.0.20a (13. March)
- added unified way of tcpdf , thanks Reinhold Kainhofer
- updated tcpdf
- removed fixed width in emails
- fix for unknown mathop
- RSS feed topten
- Multilingual images (different images for each language)
- added use vendor email address to the shopconfig, so you can activate the stan fix or not
- jquery.validationEngine-xx.js loaded by language
- increased size of userfield names to avoid problems with tooo long language keys
- fixed the problem that childs using price of parent had no prices in the cart
- Added checks if invoice folder is writeable
More information please visit http://forum.virtuemart.net/index.php?topic=113785.0