AShop Deluxe Shopping Cart Software - Version Notes
AShop Deluxe 4.8 new feature overview
eMerchant Version Notes
Digital Mall Version Notes
Shopping Cart Program New Feature Requests - We welcome new feature suggestions and all new feature requests are considered, however it is not practical for us to add all of the new features that are requested or to add new features for every individual request. Instead, we prioritize development of new features and processes that will benefit
the most users in the greatest way over the longest
time. New features are then developed and tested extensively before releasing new versions. This process ensures that the shopping cart program is consistently stable and reliable.
4.8.1 released 5-6-2008
When images are uploaded in Add Products or Edit Products, the images are resized to the current Thumbnail Image Size setting. Original images that are larger than the thumbnail size will be resized to fit. Original images that are smaller than the thumbnail are not stretched. In cases where the original image size is smaller or a different ratio of width and height than the thumbnail size, there will be blank space around the image. To preserve the aspect ratio the blank space in the resulting image was previously filled with the "Page background color", which is set in Layout > Page Body Colors. This is changed. It will now be filled with the current "Item background color", which is set in Layout > Product Layout and Colors.
Added payment gateway integration for Elavon, which is operated by Nova Info Systems.
Added style class parameters to the admin/login.php script. The table properties may now be edited in the admin/admin.css style sheet.
Removed the mailto: links from the admin panel. The mailto: links previously opened a client-side email program such as Outlook, which was a nuisance for administrators who only use web base email. Now, the customer name links in the admin panel open the customer profile. When eMerchant is installed, there is a link from the customer profile in the AShop admin panel to the customer profile in eMerchant.
Modified the shipping.php script to make it always show the full form if it has been submitted. The short form will only be used when you click the calculate or change shipping links in View Cart and only if you haven't already filled out the full form before. (Previously the Change Shipping button in the View Cart page only opened the short shipping form, which sometimes caused confusion for customers who had already entered the complete shipping address and wanted to double check it.)
The long form shipping information page now uses the AShop secure URL, which is set in Advanced Options. To avoid trouble in AShop installations where the secure URL setting has not been used previously or is set to an invalid URL, the install.php and update.php scripts will validate the secure URL setting by calling a validation script, which will verify that the secure URL is reachable. The validation script will run from our server to avoid trouble with AShop installations where Curl+SSL is missing. The install.php and update.php scripts will call the script and the response will tell the scripts if the secure URL is working or not. If it isn't working then the Secure URL (ashopsurl) will be set with the same URL as the AShop URL (ashopurl) setting. All of this will be automatic and the shop owner will not be bothered with any error messages since there isn't any problem. The Secure URL setting might need to be changed later if/when an SSL cert is installed in the site.
Quantity pricing per product now supports two types of quantity-price calculations. In Edit Catalog for each product, click Qty Pricing. There is now a selector for "Quanity Discount" or "Calculate Levels Separately". The new Quantity Discount method applies the same (quantity tier) price to all quantities. The pre-exising method, which applies each price level to each quantity tier, is now labeled Calculate Levels Separately.
4.7.7 (beta)
Updated PayFlow Pro payment integration to coincide with changes to the PayFlow Pro system.
Added a new script: productfiles.inc.php, which can be used to get either the filetypes or total filesize of a downloadable product. To get the filetypes include this code in the page:
<?php $productid = "10"; $showtype = "true"; include "productfiles.inc.php"; ?>
To get the filesize include this code in the page and replace the "10" with the actual product ID.
<?php $productid = "10"; $showsize = "true"; include "productfiles.inc.php"; ?>
You can now deactivate the filesize and filetypes text in the regular product catalog through a new option "Show product file info" in the Store Configuration > Layout page. There is also a new color setting labeled "Alert color" on that page which controls the text color of all (previously red) messages, like the filesize and filetypes text.
Added support for a purchase order field in the wholesale checkout.php. This makes it possible to save an optional purchase order number with wholesale orders regardless of which payment method is used. If the purchase order field is supplied it will be included in the receipt and admin notice, it will also be included as a mouseover info icon in the sales reports.
The
reactivate.php script will now keep the format of the original receipt even if the sending format of the shop is changed. If is was
originally sent in html format it will be kept that way when resent, even if the receipt format setting for the shop has been changed to plain text. If the original receipt was plain text and the shop sending mode is changed to html, the receipt will retain the plain text format if resent.
4.7.6 (beta)
Updated PayNova and WorldPay integration per changes in the payment gateways.
eProcessing payment information can now be collected from customers using the local orderform.php page (or the one hosted by the payment gateway). The local orderform.php page requires an SSL (https) connection.
Authorize.Net ARB (automatic recurring billing) can now be created from orders. Recurring billing templates are first created to define the parameters for each ARB. Then each product may be assigned to use a recurring billing template. There is no limit to the number of recurring billing templates that can be created and there is no limit to the number of products that can use each template. When one of these products is ordered, an ARB account is created in Authorize.Net.
4.7.4 (beta)
The catalogue.php script now supports linking to categories by including the category name for the value of the cat parameter in the URL, which will open the first matching category. For example catalogue.php?cat=category_name. Linking by category id is still supported as well. For example catalogue.php?cat=1.
There is now an option on the Store Configuration->Shop Parameters page: Browser Save Dialogue - On/Off. Setting this to Off will open the files directly in the associated software. Html and text files for example will be opened directly in the browser while pdfs will be opened by the Acrobat Reader plugin embedded in the browser.
Single product shopping cart mode is selectable from within Store Configuration > Shop Parameters. When the cart is in this mode, the quantity of each product is limited to 1. If the shopper tries to add another of the same product, a message appears to inform that the product is already in the cart and to try again. The message text is in language/en/buy.inc.php (or language/xx/buy.inc.php where xx is the language abbreviation).
The search.php in ashopdelus will now limit the search to a specific category if the parameter "category" is sent to it with a value equal to a category id. For example: search.php?category=3. Subcategories are not supported for this parameter.
The state/province list in the storewide shipping configuration is now selective for Canada. If the only local handling country in Store Configuration > Shipping is Canada only Canadian provinces appear when customers select the shipping destination.
Fixed bug in Storewide shipping. The shipping.php script was not using the origin country setting for UPS. On the Edit Shipping page for a product only US states appeared for the UPS settings
4.7.3 (beta)
Added support for a redirect parameter in top.js.php so that when the include is used in custom shopping cart pages that use the separate catalog or category includes, the top products will display in a custom page when clicked.
4.7.2 (beta)
Fulfilment options now work with subscription products.
The product ID can be sent with an automation fulfilment option.
Subscription products are no longer required to have a protected directory. Subscription products can be used to trigger a recurring AutoBill (eMerchant feature), which is done through invoice templates.
Added support for Australian currency and sales tax. AShop now fully supports Australian Dollars through several different payment gateways.
Added support for the payment gateway service eWay (Australian only).
4.7.1 (beta)
Modified editcategories.php so that if a product is in more than one category and one of the categories is deleted, the product remains in the other (still existing) categories.
Added support for the new shipping features, which were added to the retail catalog in 4.7.0, to the wholesale catalog.
Added a payment module for Nova's ViaKlix gateway. It requires using the AShop payment form (orderform.php) and the referring URL must be entered into a setting at ViaKlix to make it work. Instructions are in the ViaKlix help topic.
Fixed delivery of product update files (broke in 4.7.0).
Fixed Canada tax settings. The tax configuration page didn't use the right variable for the states and provinces which resulted in only US states being shown even if you set the sales tax to Canadian.
Updated Password Robot integration. A new version 3.1 of PW was recently released, which is not directly compatible with AShop anymore due to major changes in this version of PW. AShop will not work with PW unless PW is modified. Carlos, the author of PW will modify the scripts for AShop customers by request.
Improved the admin/salesadmin.php script to include a link to pay (payment.php) in payment reminder messages for unpaid orders that resulted from paying with a manual (delayed) payment (manual.gw) option. The payment link is only included in the reminder message when there are payment options available that do not use manual.gw. The text is slightly different from the invoice reminder message: "To view invoice details and select another method of payment, please use this link."
Changed per product shipping options so that custom shipping methods are hidden only when FedEx or UPS is chosen as main shipping method AND customer selectable service options is turned on.
// Version 4.7.0, Public Release 2007- 07-09
Store Configuration > Shipping and Taxes is split into two pages for settings.
Added options for customer selectable FedEx or UPS premium shipping options.
Rearranged shipping settings so that if FedEx or UPS rate lookup is used, the individual product shipping options cannot be set to conflict with Storewide shipping options.
FedEx and UPS account numbers are now editable on the shipping config page so that individualized rates can now be automatically looked up for each account.
// 4.6.6
Added capability to add multiple products to the cart in one form submission using Order-Link. See the example file: multiproductEXAMPLE.html
// 4.6.5
Added canned payment confirmation message feature. It works with payment activation from the link in the emailed admin notice and from the sales report for unpaid orders. When you click the activation link the payment will be applied to the order and then you will be shown a page similar to the reminder message page where you can edit and send a payment confirmation message to the customer. If the order contains downloadable goods or subscriptions then this feature will not be used since the delivery message that is automatically sent already contains the words: "Your payment has been received".
It is now possible to change the order of product files the same way that you can change the order of products or categories.
Added support for a "returntoshop" parameter, which can be used with Order-Link and OrderForm methods. If you add returntoshop=true to the link or as a hidden field the Continue Shopping and Empty Cart buttons will return visitors to catalogue.php instead of the last page viewed.
To accomodate hosting services that run Curl through a proxy server, changed all affected scripts to include a file named admin/curl.inc.php if it exists. Additional Curl settings for GoDaddy can be included in this file, which will then be applied before Curl is run. An example curl.inc.php file for GoDaddy hosting service is provided with the AShop distribution file package. It is named godaddy-curl.inc.php. To use it with GoDaddy hosting service, first verify with GoDaddy tech support that the settings are correct and then rename the file to curl.inc.php
Added text fields to the wholesale signup form for web site URL and business description.
// 4.6.4
Added a third UPS service option for ground shipping services to USA when the origin country is Canada and vice versa.
After a reminder message was been sent from Sales Reports for Unpaid orders or after an unpaid order was deleted, salesadmin.php reloaded with a confirmation message. Instead of salesadmin.php, salesreport.php now reloads with the confirmation message and the same report parameters so that admin can continue down the list of unpaid orders and send more reminder notices if necessary.
Fixed - When a product was deleted only the thumbnail image was deleted from the products folder. The original size image, which is preceded by the letter b was not being deleted automatically.
Fixed - Under certain conditions, text entry attributes that were submitted with null entry would display numbers instead of being blank. This seemed to depend on the browser and only happened when there were multiple text entry attributes. Now, if text boxes are submitted empty the text "unset" appears in the View Cart page and in receipts for the product attribute value.
Fixed - Under certain conditions, the buy confirmation window was fixed at a height that was too short to see all of the attributes and there was no scroll bar. This only happened when there were more than a couple attribute selection boxes.
// 4.6.3
The %description% token will now work in the thank you message for manual payments.
Added language dependent "Incorrect discount code" text to the confirmation message after adding a product with an incorrect code.
Quantity based shipping will now work with products that have attributes. When a product is added to the cart multiple times, but with different attributes, the quantity based shipping still considers it the same product for shipping calculations.
The wholesale catalog will now increase the quantity of a product when it is added more than once instead of adding new lines to the shopping cart.
Added a new feature to the sales report for unpaid orders: sending payment reminders.
Added storewide shipping in wholesale catalog.
Fixed - When a discount code is in uppercase and a customer enters the same characters in lowercase. At the top of the web page the discounted price would appear, but upon check out the discount code disappeared and the discount was not given. Also added validation and an error message if the entered discount code is invalid: CODE it is NOT valid! This text is in the language module buy.inc.php
Also, need validation and error message if they put in the discount code that is not valid: CODE it is NOT valid!
// 4.6.2
Fixed a problem in the update.php script that would set unpaid manual orders to paid.
Updated wholesale tokens used to display order related information for various payment options. In both retail and wholesale the %shippingaddress% token is simply replaced with an empty string when an order only contains non tangible goods. To avoid making the thank you message look like something is missing in these cases order.php replaces the token with "N/A" instead. This text is saved in the language module order.inc.php.
Updated wholesale catalog to combine quantities or same product added to cart.
Fixed %description% token was not working for manual payment options.
In the unpaid sales report, edit mode, you will now find a new icon that can be used to send a payment reminder. It uses the customer messaging but with the right customer selected and a reminder message automatically inserted in the message box. You can use this to remind customers both of overdue manual payments through the shopping cart and of overdue bills in eMerchant. When the invoice is a bill there will be a payment link but this is not included for manual payments since they are already supposed to be paid through some kind of manual means for which the shop owner might already be charging a payment fee. The manual payments reminder will include the order description instead.
// 4.6.1
Fixed - In orderform.php, when a language other than English was selected, the Submit button at the bottom of the payment page read "Submit Secure Order" instead of using the language file text.
// Version 4.6.0, Public Release 2007- 02-22
The "not registered" messages will now contain information about why the software was considered unregistered. The same error messages are shown by the register.php and install.php script. In addition, register.php includes links to buy a license key and to register it with register.php.
Cleaned up and improved sales reports. Added separate filter selectors for retail/wholesale and paid/unpaid/chargebacks. When the sort order is by product, the productid number is now a link to view/edit each product in editcatalogue.php
Improved error reporting for license key registration. If a the license key fails to register with our license server there is now a specific message with the reason for a failed registration. The error reporting works when you register through the install.php script and through the admin/register.php. The register.php error reporting will only work with the latest version of register.php. The install.php script will display the error messages in current and older versions of the install.php script.
Trial license keys now have access to updates and support through the admin/resource.php page.
Changed plugnpay.gw payment URL and added pre-population of billing information in the payment form page with shipping information from the shipping.php page, which eliminates the need for customers to enter the address twice if the billing and shipping address is same. The new plugnpay.gw module works with old Plug N Pay accounts and new ones.
Improved the product file upload menu to check the import product list file and make sure it is correctly formatted. It now checks the file content so that no garbage will be added to the database. An error message is displayed when the file content is not in an acceptable format.
Fixed - When calling catalogue.php with a productid parameter, the thumbnail image did not appear. For example a specific product could be displayed in the catalog by calling catalogue.php?product=123, but the thumbnail image did not appear in this case.
The wholesale catalog is now completely integrated with eMerchant and up to date with recent improvements to the retail catalog.
The wholesaleorders table has now been dropped. Wholesale orders are stored in the orders table with retail orders, but wholesale orders have a value of "1" in the new wholesale field.
Fixed - The wholesale Canada tax calculation used the retail price instead of the wholesale price.
Fixed - The wholesale Canada tax calculation was not done unless the products had a shipping fee.
A redirect parameter may be included in link URLs when selecting a language. Example: language.php?language=jp&redirect=jp.htm. If a redirect parameter is included in the URL, it overrides the redirect that is set in the lang.conf.php file for the selected language. This feature provides a way to create an unlimited number of custom language selectable html or php shopping cart pages. The shopping cart functionality can be included in pages using OrderForm, Order-Link, or the separate category and product listing methods. Language may then be selected from any page and redirected to any other page. Return to shopping links in view cart and checkout pages return back to the originating shopping cart page.
Added support for the language specific categories when the separate category tree and product listing includes are used in custom html or php web pages.
Added database user privileges tests to install.php and update.php, which will show an error message when privileges are too low. Example: database user does not have privileges to modify tables OR database user does not have privileges to add tables.
// 4.5.9
Fixed pages generated by admin/editcategory.php there is a label for "Owner:" when Digital Mall was not activated.
// 4.5.8
Modified the update.php script to automatically activate telesign for all payment options when there is a telesign id in the preferences.
// 4.5.7
Fixed possible security hole. We were alerted that it may be possible to inject javascript code into a few of the AShop pages by including it in the URL. The way these so called XSS vulnerabilities are supposed to work is that you send a link to someone and include the javascript you wish to inject. The injected javascript will then be able to call another server and have privileges to read cookies and other information that only pages from the site running AShop should normally have access to. As far as I can tell this would, in a worst case scenario, let you send the shopping cart cookie to another server that is run by the hacker who can then see what people are buying. To make absolutely sure there isn't any more malicious way to use these "vulnerabilities" the variables are now escaped to prevent injection of javascript code.
Updated PayPal Express Payments method and completed certification with PayPal.
// 4.5.6
Added support for extra fields in manual.gw payment methods.
Added two table size settings to the Store Configuration->Layout page. They are applied through CSS which makes it possible to override them through style sheets and even add more style options. The two table size classes are called "tablesize1" (defaults to 700 pixels) and "tablesize2" (500 pixels). They have been applied in all tables of the catalog and view cart pages.
// 4.5.5
Modified ashoptest.php to check if 3.1 or higher is used. The IonCube test will fail if the loader is an older version. It also tests to see if the IonCube loader is installed in php.ini or not. The IonCube loader needed for our last few releases (since 4.3.1) is at least 3.1. There are no differences between different servers or operating systems. To run a version of Ashop Deluxe that has been encoded since last spring you need at least 3.1, which is because of the Encoder version we have used to make those releases. Older Encoder versions produced files that could be run with older versions of the loader.
Changed the default path for Make HTML pages to include "html" and now include an html directory in future releases.
Fixed - When Japanese language was selected, and a product was added to the cart, there were garbled characters in the add to cart confirmation message, which appears under the view cart and check out buttons in the catalog. The buy.php script wasn't including the CHARSET line in the code that sends the add to cart confirmation message to the main window and closes the popup. This is fixed and the confirmation message is appearing in Japanese now.
// 4.5.4
Began encoding new and modified scripts with IonCube version 6.5, which is supposed to be 100% backwards compatable. It seems to work fine in combination with scripts that are encoded with earlier IonCube encoding and it works with the old IonCube loaders.
Fixed - When adding products in the admin panel, In a category with many products, you can select how many products to display per page. If you were on page > 2, and a new product was added, you return to page one. It would leave out the resultpage value in the URL. This was a nuisance when adding a great number of products. The resultpage variable is now kept for every page.
Modified top.js.php, which displays the top ten most popular and last ten products added. It was displaying inactive products. It will now only display active products. Modified the top sellers code to speed up the search on sites where there have been a great number of orders. It will now only check the last 500 orders, not the entire orders table. To use the new version of top.js.php, admin/ashopfunc.inc.php must also be updated.
// 4.5.3
There is a new HST percent setting for Canada sales tax on the shipping configuration page.
When eSelect is used the "try again" link will now simply lead back to checkout.php, which already generates a new order ID, instead of seeing a duplicate order error.
Added support support for language specific top categories. Added a new configuration file to each of the language modules: lang.cfg.php, which contains the name of the language and a redirect URL. The language.php script will redirect to the URL set in the configuration file for the selected language. Note that when a redirect is not specified, it defaults to catalogue.php. Also, categories that belong to members (not to admin) do not appear in the language specific catalog pages.
Fixed - One case was reported where order.php script processed duplicate orders even though it was supposed to check for duplicate orders before processing. We were not able to duplicate the trouble, but found that there were only two possible ways that this could happen. 1. The gateway/paypal.gw file was modified. 2. PayPal sent multiple payment responses for the same order. This was the most likely cause of the trouble since PayPal had reported system trouble and outages during the same period of time. Possiblity 2 was already prevented in payment optins that use visible order processing (like Authorize.Net SIM). The duplicate order processing prevention was not working for payment options that use server to server processing, like in PayPal's case, due to an incorrect if statement in the code. Now each order will only be processed once, even if the gateway module has been modified or PayPal sends multiple IPNs.
Improved JavaScript in OrderForm code. See orderformEXAMPLE4.html
Fixed bug in buy.php, which caused issues with discounts in OrderForm pages under some conditions.
Added German language set.
// 4.5.2
Added French language set. Updated Italian and Spanish language sets.
Fixed - When PayPal's IPN server sends the order details to AShop the paypal.gw module will try to send a confirmation back to them. If this fails PayPal will consider the order incomplete and resend it again and again until a proper response has been received. This shouldn't be a problem since the order normally wouldn't be processed by AShop until that response has been successfully sent. However, there was a bug in the PayPal payment module that under certain circumstances would make the scripts process the order even though the response back to PayPal failed. This would cause the same order to be processed multiple times and multiple receipts to be sent.
Added alt tags to flag images/links, which display the language module directory name ("en", "sv" etc).
// 4.5.1 2006-11-28
Fixed - When catalogue.php was opened with a product ID parameter and then the product was added to the cart, the page reloaded with the subtotal amount and the confirmation message ok, but the product ID parameter was lost from the URL parameters, which resulted in the first category opening instead of the product that was originally specified.
Expanded UPS rate lookup options to include all of the rate options that are available through the UPS API. For retail customers, changed the UPS calculation to select residential when the Business name field in the shipping information page is left blank by the customer and commercial when it is not. Commercial delivery address is used for all wholesale catalog UPS calculations. Upgraded UPS rate lookup to include Canada origins and destinations.
Fixed - When the shop was set to Canadian Dollars, an error message occurred upon check out with some payment options. Added currency path for Canada Dollars in orderform.php.
Added error message in buy.php when someone forgets to enter his email for a one time discount code. Without the error message he would get a popup window that redirected to the catalogue.php script.
Fixed - When a product had multiple file downloads assigned through attributes, multiple file downloads for one product would not be available in the download page. When the copy file feature was added in version 4.4.0 two different id columns were mixed up in the productfile database which made it impossible to download any of the attribute product files.
Canada sales tax can now be collected from wholesale orders. Previously the wholesale catalog did not calculate sales tax because it was assumed that wholesale resellers would be tax exempt.
Fixed trouble with Canadian provinces not appearing in selections options for sales reports.
// 4.5.0 limited release
Added an active and inactive product count to the index.php page in the admin panel.
There was a problem with ImageMagick (the software that is used to create the thumbnails). When resizing a gif image it would save it in a format that contains an offset value which could only be rendered by certain image viewers such as Firefox and Photoshop. Added a function to remove this offset information from the file. A new version of editfiles.php will resize the images in a way that can be correctly viewed in both IE and Firefox.
The wholesale signup form now has the verification code.
The separate buy buttons and prices are now only available for one attribute
at a time, which is how it was intended.
Added an option on the Store Configuration->Shop Parameters page in the admin panel which lets you select if the contact information form for free products should collect full contact information or just name and email.
Fixed - The picture viewer script for viewing original size images from the enlarge link in the thumbnail image didn't work when register_globals were set to off in PHP.
Added support for ListMessenger Pro as well as Lite and the old 0.9.4 version.
The reactivate script doesn't currently support wholesale orders but there was a bug in the salesreport.php script that made it display the reactivate icon when you clicked a wholesale customer's history. The receipt that was actually resent was the one with a corresponding orderid in the retail orders.
Fixed - The separate category tree feature didn't work with the updated buy.php script. It redirected to catalogue.php instead of the page that included the category tree and product listing.
The form validation message is now displayed at the top of the shipping address form instead of in a popup window.
The country field in the shipping form has been altered to prevent it from being automatically filled by Google AutoFill which would make the onChange event that checks for shipping options fail.
Fixed - When the products within a category contained the same type of downloadable product files, ie. mp3 txt etc., only the top product within a page of listed products displayed the file type name.
There is a bug in the Windows webserver software IIS that makes cookies fail to be set when using the php function header("Location:...") to redirect after setting the cookie. Added a workaround in the buy.php script.
The admin panel login script now checks if the URL used corresponds with the ashopurl setting and redirects if it doesn't. This prevents trouble with invalid cookies when "www" is used or left out of a URL by mistake.
Fixed - The display number of items drop down list on the page Affiliate Stats didn't work in Firefox.
The shipping form now collects a phone number for the shipping contact which is used as the primary phone number for a customer.
When using 4.4.0 or higher with old OrderForm code, if page reload is not desired, the buyitem() javascript function must contain the code: "return false;" to prevent the form from being submitted.
Fixed checksubscr.php was sending the expiration message to customers who had previously had an expired subscription. It now checks if the subscription has already expired.
Watkins ML shipping calculations were added to AShop Deluxe in 2005, but instructions were not given. Here they are. You don't need to have any kind of membership with Watkins ML to use the calculation. You only need to specify the options on the edit shipping page. The freight class must be entered. The National Motor Freight Classification (NMFC) tariff is a publication for motor carriers containing classes, rules, descriptions and ratings of all commodities moving in commerce. There are 18 classes ranging between 50 and 500. Most manufacturers and professional transportation managers are participating members of the NMFC, or are familiar with their products' classifications. If you are not sure of the correct classification for your freight, contact a Watkins Customer Service Representative at (800) 274-9099 or the National Motor Freight Traffic Association at (703) 838-1810."
There seems to be some kind of bug in IE that is causing a lot of trouble when you login using a URL that doesn't match the ashopurl setting for AShop. The cookie gets messed up and finally can't be modified at all, though simply opening another browser window (without closing the old one) surprisingly solves this. Skipping or adding "www" to the ashopurl when logging in to the admin panel causes this trouble. Added code to the admin/login.php script that will check that the right URL is being used and redirect to it if it isn't.
In HTML pages that use OrderForm. There was a problem with the return URL after adding items to the basket if the product name had an ampersand in it. Modified the buy.php script and orderformEXAMPLE.html to make ampersands in the filename work. A small change in the orderform code was required too. The new str_replace("&","|",$url); part in the buyItem function must be included.
A customer phone number is now collected in the shipping.php form. It is labeled "Phone Number" and the label can be modified in the language file shipping.inc.php. Since the customer record is not actually created until after the payment response is received, the phone number is saved in the shipping table of the database. The phone number is then saved in the customer record when the payment response is received. This provides a way to collect a phone number when using PayPal since PayPal does not provide a way to collect it or pass it through the payment response. For payment gateways that support it, phone number is populated into the payment form just like the other information that is collected through the shipping form. If the phone number is then changed in the payment form the shipping phone is stored in the main phone field for the customer and the other number is stored in the alternative phone numbers field.
In HTML pages that use OrderForm. The confirmation message only worked for orderform pages when the popup window was enabled. The <div ID="confirmmsg"></div> tag is used to insert the message from the popup window using javascript but this isn't necessary and doesn't work when the popup window is disabled. In this case the div tag should be replaced with <?php echo $msg; ?>. Modified buy.php to handle this.
In HTML pages that use OrderForm. For products with single quotes in the name. The magic_quotes feature in php escaped the single quotes (\' instead of ') which broke the return URL to reload the page. Added code to check if magic_quotes is enabled and unescape the URL if it is.
The confirmation message after adding to the cart was broken when there were quotes or an ampersand in the product name. To keep special characters, the message is now converted by the buy.php script before it is shown in the catalog or search pages.
For HTML pages that have an old version of OrderForm code. The buy.php script will now execute the javascript that closes the window and updates the orderform page, even if the popup window is disabled in the admin panel. To enable this feature, add the following variable in config.inc.php $oldpopupstyle = "on";. This provides full backwards compatibility with the new scripts. The main difference between the new orderform format and the old is that the buyitem() function is changed. It should be copied from the example files to any existing orderform pages to use the new features. The function has one new parameter which must be added where the function is called (from the onclick method of the add to cart button for example). It used to look like this: buyItem(8,this.form.quantity.value) but should be changed to: buyItem(8,this.form.quantity.value,1). The last parameter should be set to 0 to disable the popup window or 1 to enable it. To use the new (optional) confirmation message you also need to put a div tag with the parameter ID="confirmmsg" somewhere on the page. The message will be shown inside the div tag.
Fixed bug where from OrderForm HTML pages if the returnurl for Continue Shopping had parameters in it, the parameters in the returnurl were lost in some cases.
Fixed error, which appeared on one site. Warning: strtotime() [function.strtotime]: Called with an empty time parameter. in /home/theselfe/public_html/ashop/admin/login.php on line 0The strtotime()". This function is regularly called with an empty value in the login.php script - but this doesn't usually cause any trouble. It seems that there is a certain php configuration that is more sensitive to this. Modified login.php to check for empty values before using the strtotime() function. It will probably not cause any trouble on other sites since it has worked several years but if anyone else reports this problem the new login.php scripts will fix it.
Added timeout Javascript to TeleSign verificiation number entry page during checkout so that a notice appears if an incorrect phone number is entered or the system does not respond for any reason within 60 seconds after submitting the payment informtion. The notice advises the customer to page back and try again or contact the store admin for assistance. The message is kept in the language file orderform.inc.php.
Added checkbox for each payment option in the admin panel to activate or deactivate TeleSign verification for each payment option separately.
Added storewide weight based shipping options. Each product may now have an individual shipping calculation method or storewide. The storewide can be FedEx, UPS, or a flat rate per pound. Total weight for all products in the cart that are set with storewide shipping is used for the lookup or calculation. A maximum weight per package setting limits the total weight for each package and the program adds more packages as needed. Storewide Shipping is set up through the Shipping and Taxes menu in the AShop admin panel. Set the Storewide shipping to use UPS and set a maximum weight per package. Then set the shipping option and weight for each product that is to use Storewide shipping.
Improved FedEx and UPS lookup. Added settings in Shipping & Taxes with settings to specify shipping parameters when sending rate request.
// 4.4.0 2006-08-21
Added functionality to collect customer phone number when using the PayPal payment form. For this to work, the phone number requirement must be set in PayPal.com. Login and select Profile, click Website Payment Preferences, select "Contact Telephone On (Optional Field)" and then click Submit.
Fixed resend receipt options so that admin can send a copy only to admin (and not to customer).
Fixed bug in separate category tree usage. Unlike the way the regular product catalog works the separate category tree feature doesn't use a html file as a template but instead the different parts of the catalog (the category tree and the product list) are included in the html file. This means that for searching to fully support this there must be a separate html file that includes the search.php script instead of catalogue.php. Created such a file and made the necessary changes to catalogue.php, search.php and categories.php. The $pagename variable now has a slightly changed purpose and because of this it renamed it to $catalog. It should contain the name of the html file containing the product list (layoutexample.html for example) while the $search variable should be set to the name of the html file for the search results or "off" to deactivate searching. These variables should typically have the same values in both html files.
OrderForm now supports the buy confirmation message, which appears below the subtotal box after products are added to the cart. The buy.php script has now been modified to accept both the old orderform code and the new. Furthermore, the old trouble where the popup window wouldn't close if you had forgotten to include the subtotal box on the page is also solved. If the amount field is missing the script will simply not try to update it and the window will close anyway.
Fixed bug when using portable category tree. When the product list was split up into separate pages the page links and Next, Previous links at the bottom lead to catalogue.php instead of the page the list was included in. Added a new variable containing the filename of the page, like this: $pagename = "layoutexample.html", which is then used to construct the links at the bottom of the product list.
Fixed bug in affiliate/signupform.php, which caused an error "Security code did not match!" when affiliates signed up. This bug appeared after 4.3.1 when the security code check was added to the affiliate signup form and only affected AShops that have the Store Configuration->Affiliate Program->Require PayPal ID setting activated. An if statement was ended in the wrong place which made the security code hidden whenever the setting to make PayPal ID a required field was activated.
Changed both the update.php and install.php to set category name max characters value to 100. (Was 40 characters max previously, which truncated long category names.)
There is now a setting in Store Configuration->Layout that will let you activate/deactivate the creation of larger image links. Whenever an image is resized with GD or ImageMagick there is now a message about this and there is a message explaining that the original image was kept and linked from the thumbnail. Also changed minimum size difference so that preview image link is created only if the original image is 25% wider or higher than the original.
A way to use the same product files for multiple products has now been implemented. On the Edit Files page you can now enter the product ID of a product that you wish to copy a file from which will display a drop down list of all available files for that product. Just select one of them and click Copy.
Add include counter.php line to orderformEXAMPLE.html
Fixed order activation and digital product delivery bugs in the /wholesale directory, which only affected wholesale transactions.
Fixed bug in the admin/paynova2.php and the paynova2.gw module that made it handle declined payments incorrectly.
Added buy confirmation message, which appears below the subtotal box in catalogue.php and search.php. The buy confirmation message appears after each product is added. The buy confirmation message does not appear if already confirmed using the pop-up attribute selection or license agreement (buy.php) window.
The new buy window bypass feature will now work with a modified orderform code. Added new version of orderformEXAMPLE.html, which has this enabled. The javascript code at the top of the html has been modified but can just be copied to any orderform html page. The buyItem() function has been slightly changed though and takes a new parameter that will enable/disable the popup window. This was added to make it possible to selectively activate the window for products that need it, for attribute selection. The new syntax is: buyItem(productID, quantity, activatepopup) where activatepopup is replaced with a zero to deactivate the window and "1" to activate it.
Previously when the confirm add to cart option was turned off the buy.php popup window would still be opened but immediately closed again once the new product had been added. This could still cause trouble with popup blockers. Modified the scripts to make sure no popup windows are opened if not necessary (for selecting attributes or confirm that you have read the license). Instead the catalogue.php and search.php pages are reloaded to update the subtotal box.
Fixed when are no shipping options setup the shipping address form would still autosubmit itself to check for shipping options when you changed the shipping country. This won't happen now. If there are no shipping options the form won't be submitted unless you click the "Submit" button.
Modified order.php to start output of the page header before processing the order. According to Authorize.Net this is how to solve time-out errors. The time-out errors with Authorize.Net were reported only a few times over the past couple of years and we could not duplicate the symptoms so there is no way to verify that this resolved the issue completely. We'll just have to wait and see if those "General Errors" happen again.
The payment form is now prefilled with values from the shipping form when using any of the gateways that use the orderform.php form and a few more including Authorize Net SIM. This is a first step towards implementing customer profiles. Eventually all payment gateways will be supported this way.
Improved line 36 of admin/config.inc.php. An error occurred on a few servers, which seemed to have something to do with the use of "eval" on line number 36 in admin/config.inc.php with some server configurations. Replaced line 36 with the following.
if (@mysql_num_rows($result)) while ($row = @mysql_fetch_array($result)) $$row["prefname"] = $row["prefvalue"];
To block spamming of the affiliate signup form, if GD is available a security check is added to the signup form. The security check generates an image with random characters, which must be entered in to a text box before submitting the form.
Improved admin/index.php content to include more sales stats and options. Reorganized the layout and made affiliate stats only appear if affiliates exist. Added a reset feature to the visit counter.
The unpaid order sales report will now show a delete icon in edit mode which will let you delete the order from the database.
The payment manipulation message was displayed in a few cases because the payment could not be verified but it isn't possible to know if this was caused by a hacking attempt or by a bug in our software or the payment gateway's software. To avoid causing panic the wording is changed to this: "The payment gateway could not verify that this was a valid payment. This could be caused by a temporary communication problem or by manipulated payment data. If the payment has been successfully received despite this problem you can complete the order manually through the sales report page in your administration panel."
Fixed mail header problem when a comma and a period was used in the shop name. Those characters have special meanings in mail headers which resulted in an incorrect From field. The new ashopfunc.inc.php removes any commas and periods from the shop name before using it in email.
AShop Deluxe key registration will now display a message like this "Your 30 days trial has been registered!" for trial licenses and the old "Registration complete!" for full licenses. This will be shown both by the install.php script and the admin/register.php script.
The resources scripts will now display "30 day trial" after the version number for trial licenses and the support plan will be expired with the message "trial license, no support". This is active now and will affect all current and future trial installations.
The CA certificate issues in Curl seem to always happen with a default Curl installation and is hard to fix (the right ca_bundle.cert file must be installed in the right place and the makers of Curl are reluctant to give exact instructions for this). Added a couple of lines to the AIM module that will make sure that the CA certificate isn't used which makes it slightly less secure, though still secure enough, but avoids problems with Authorize.Net AIM secure connection failure.
Added PayNova 2.0 payment module. There was a support issue concerning the old PayNova module. This one will solve that problem (popup blocking) since it uses an iframe and it also lets you use all the new features that PayNova now supports (extended payment options such as direct credit card payments).
The tokens for inserting variables into the thankyou text of payment options do not work with PayPal and some other payment gateways because those gateways do not support passing of the variables back to the payment confirmation page. For gateways that do not support the tokens, the settings will display text "No variables available for this gateway".
---
A first version of the html page generator has now been completed. There is now a button labeled "Make HTML" for each product and a "Html" link for each category which opens the page generator for either one product at a time or a whole category.
The template setting shows all templates that are available in the directory admin/htmltemplates. I have made one simple template based on our layout templates.
The "Save files in" box is the full filesystem path to the directory where the html files will be saved. The default setting is the ashoppath but it can be modified to save the files in a separate directory if needed. The directory that is used must of course be chmod 777.
The page generator will replace the code %orderlink% with a simple text link to buy the product and %orderhtml% with a form that lets you select attributes and quantity. The "URL to buy button" can be used to select the submit button for the form and the "Buy link text" is the text for the buy link. There are several other codes that can be used in the templates: %ashopname%, %productname%, %productprice%, %productdescription% and %productimage%.
Each generated html file will be named $productid.html. The page generator now has a setting for filename. You can use %productid% or %productname% to set a unique filename for each product page.
---
// 4.3.2 (limited release)
Removed license key check from cart.php. Now there is no license key check in any of the scripts that customers use.
The thumbnail resizing in AShop now supports ImageMagick as well as GD.
Fixed - After searching for products in the admin panel, if there was more than one page of results only the first page was available. The page forward did not work. Also after a product was edited and saved, the page reset to default instead of the previous search results.
Added security feature to prevent multiple logins by the same user. If another user tries to login with the same username he will just see this message: "That user is already logged in!". A second login attempt will log the user out so that you can login with that username.
Added thumbnail image auto resize and pop-up original size image. When you upload a product picture file that is too big it is still resized as usual to the thumbnail dimensions set in the Layout configuration page but the original is also kept and can be viewed in a popup window by clicking the thumbnail image in the product catalog. The popup window will automatically be resized to fit the dimensions of the picture.
Added code to prevent sql injection by hackers through OrderForm code manipulation. A hacker reported that he could inject sql code by modifiying the basket cookie in his browser. After doing a lot of research about sql injection we still haven't found any way that it can be used to do anything harmful in AShop and if magic_quotes is activated on the server the injection won't work at all. Added protection as a precaution.
Fixed form label in addcategory.php between Name and Description, said "Owner" and did not have a text box entry. This is used to assign a category to a Digital Mall member. It shouldn't be displayed if DM is not activated.
Added DAOPay payment gateway option.
Added batch product upload. When you click Edit below a category in the Edit Catalog section of the admin panel you will now find a new form for importing products into the selected category. The products are imported from a pipe separated list. An example file named productimportsample.txt is provided. All thumbnail images must be preuploaded to prodimg and all product files to products. They will be copied to the filenames described in the product list file. They aren't renamed or removed in order to allow the same thumbnail or product file to be used for multiple products.
Fixed security hole with the OrderForm code which was allowing negative quantities to be added to the shopping cart by a hacker. The hacker appeared have knowledge of the AShop open source code, which was cracked in early versions of IonCube. New scripts are also updated to latest IonCube encryption, which has not been cracked (yet:-o).
// 4.3.1 2006-02-24
The admin/resources.php link, which was added in version
4.2.6, is now used to distribute version updates and
patches. One more general update will be provided by
emailed password and download link. After that, all
updates and patches will be distributed through the
AShop Deluxe administration panel by clicking on the
Version icon/link or check for updates text link, which
is in the admin/index page body.
The category tree, which is now generated by categories.php,
is portable. It may
be omitted from, or included separately, in custom HTML
pages.
Added LinkPoint SSL module, which is for the same gateway
as the old LinkPoint module but bypasses the payment
form that is hosted by LinkPoint and instead uses orderform.php
through a secure connection on the local server.
The gateways that use the orderform.php script to collect
credit card information can now also have custom fields
included on the payment form. These can be edited by
clicking the link "Edit List" for the payment
option in the admin panel.
Fixed - When you process an order that only contains
a free gift product there is some code in the checkout.php
script that will force the use of the manual processing
gateway module even if no payment option for it is available.
There was a bug in the 4.3.0 version of checkout.php
that allowed a customer to process a completely empty
order as if it was such a free gift order. It was possible
for a customer to click the Check Out button and fill
out the order form without first adding any products
to the cart. (introduced in 4.3.0)
Fixed bug in wholesale/editcustomer.php where id's
were mixed up between wholesale/retail. (introduced
in version 4.3.0)
There are now two new codes that can be used in the
Thank You message: %password% and %keycodes% which will
be replaced by the download/subscription password and
the unlock keys.
The single quotes didn't work when used in attribute
values and they would cause problems. Modified the scripts
to replace single and double quotes with their corresponding
html entities - just like they are handled in product
names - in both attribute values and customer input
values. Also modified update.php to make this change
to existing attribute values.
The sendgift.php script can be used to send to people
who aren't already customers and haven't selected their
preferred language so the text cannot use the language
modules. Added a default text to the message which includes
variables that will be replaced by the script. This
text can easily be replaced by the admin with a text
in the language he is writing the message in. Tokens
are used to include download links, passwords, and key
codes for order fulfilment.
Fixed bug when using new agreement.txt feature and
page back from payment from to agreement page was not
working.
Added Reactivate Order button on the sales history
page for each customer. (just like sales reports in
edit mode)
The error message: Warning: set_time_limit() has been
disabled for security reasons in /home/httpd/vhosts/yourdomain.com/httpdocs/store/admin/checkion.inc.php
on line 10 Hosting service provider's response: This
is because the set_time_limit PHP function has been
disabled (this can be used to override our PHP timeout
setting which introduces a big performance hit to the
webserver). Put an "@" before set_time_limit()
in all the scripts where this was used. For most customers
this won't make any difference at all, it will just
prevent this warning message from being displayed in
cases where the function is disabled. The set_time_limit()
function isn't critical to the scripts, it makes sure
that time consuming tasks such as sending bulk email
don't make PHP time out. It will still do this for customers
who have access to the function.
4.3.0 2006-01-07
Some users have expressed concern about having writeable
directories in the publicly accessible document root.
We have been aware of this for some time, but in reality
it won't work any other way for most users since they
don't have write permissions outside their document
root. To satisfy some customers' need for security while
not letting this, mostly theoretical "security
threat", prevent us from including any useful features
in the software, we have added a "Secure File System
Path" setting in Advanced Options, which will default
to the regular ashoppath but can be set outside the
document root. To use the secure path the following
directories must be moved or copied there: products,
updates and all subscription directories. The previews,
prodimg, members and banners directories can't be protected
this way since they are supposed to be accessible from
the document root. The only way to avoid using 777 permissions
on them is to stop using the file upload feature in
Ashop Deluxe for the files that are stored in them and
instead upload the files manually by ftp.
When ordering a product with a license agreement, if
the box is not checked to agree, the user is delivered
the same window with red text above the checkbox highlighting
that they MUST check the box to continue.
Fixed Curl function, which is no longer supported in
PHP since version 5. This only affected sites running
PHP version 5 and using PayPal and gateways that use
the Curl function.
// 4.2.7
Updated LinkPoint Connect payment integration. Note:
Linkpoint no longer supports test mode and security
secret.
Added payment integration for Payso.com. The payment
option setup within AShop is simple, but there is a
change that must be requested from Payso.com before
it will work. To use Payso, first email: support@payso.com
and tell them that you are using AShop Deluxe. Payso
will know how to handle is.
When search.php does not find any matching products,
added a message "No matches were found for the
specified search terms."
Fixed bug in order.php that caused the one-time discounts
to be applied twice which resulted in the incorrect
amount message and failure of the order completion.
// 4.2.6
A client side script of the update distribution is
now completed. It can be reached from a new icon near
the top of the index page in the admin panel and available
updates and other information will be displayed directly
in the admin panel on the customers site. The resources
script fetches its' dynamic content from a script on
ashopsoftware.com/resources and it sends all the information
needed to let this script check if the customer should
have access to updates and which update or patch should
be listed. The server side script can be developed further
without changing the client side script and it can display
any content we want our customers to see. This method
uses an encrypted text string that is unique for each
license key instead of a password, which still should
keep the access to the resources page sufficiently secure.
CAD is now a separate supported currency and there
are a few gateway modules that will work with it in
the gatewayscad directory.
Fixed bug in the buy.php that affected the discounts
(they were being applied twice in the subtotal box on
the catalog page).
// 4.2.5
Fixed bug with the one-time discount. When a customer
used their discount it is added to the subtotal. However,
when the customer went to Check Out or View Cart the
discounted product disappeared.
Fixed - When the phone number was entered with periods
instead of dashes, Telesign did not call.
// 4.2.4
Changed the scripts to allow product files to be used
for subscriptions
Curl with SSL that is used in ashoptest.php was not
compatible with PHP 5. Made a new version that will
perform this test correctly with both PHP 4 and PHP
5.
Checked new version 1.85 Listmail Pro released. There
are no changes in it that affect AShop integration.
You can now display a license agreement between the
payoption selection page and the payment form if you
just put the agreement text in a file named agreement.txt
in the AShop root directory.
The license key registration (install.php and admin/register.php)
will now request the name and email of the shop owner
which is saved or fetched from our customer table for
the root ashopsoftware.com AShop installation and the
key is then tied to the customer. There is also a checkbox
to set the allowemail field.
The automation.ff fulfilment module has been changed
to send key codes when they are included in an order.
// 4.2.3
Recent Internet Explorer updates include a new feature
that regulates acceptance of cookies. The shopping cart
must now send something called P3P to tell the browser
what type of cookies the site is using. Without a P3P
header IE6 will block the cookies unless the security
setting is reduced. Added P3P functionality to all scripts
that use cookies. This will probably solve a lot of
issues that customers are having with blocked cookies.
This should, according to what other PHP coders have
written on php.net, make sure that cookies are accepted
with the default privacy setting in IE. It is hard to
test this though as there seems to be little logic to
the way cookies are blocked in IE and the cookies aren't
blocked on any of our test installations.
The HTTP_REFERER is used to set URL for the continue
shopping button in the view cart and checkout pages.
A small percentage of browsers seem to block the HTTP_REFERER
variable from being sent or read by AShop. This would
cause the continue shopping URL to be catalogue.php.
Alternately a returnurl may be specified in Order-Link
hidden fields or in the get parameters of the Order-Link
URL. The basket.php script already accepted the returnurl
parameter and used it for the Continue Shopping button
when it was provided. The shipping.php script works
this way now also. When the returnurl parameter is specified,
it will be used instead of the HTTP_REFERER variable.
Added attribute and discount field support in basket.php
for Order-Link so that it now supports all of the parameters
that shipping.php supports.
Fixed, for attributes with separate buy buttons and
prices, file type and size was appearing for all of
the files instead of for each alternative.
Fixed bugs in incremental quantity pricing per product.
Changed the editqtypricing.php script to make the >0
level appear automatically. It will default to the price
set for the product in the Edit Product page and it
can't be removed, just updated. Added a button to deactivate
qty pricing for the product. Fixed a bug in the price
calculation in buy.php which always used the quantity
currently selected by the customer rather than the total
quantity of the item in the shopping cart plus the selected
quantity. This bug only affected the "This item"
calculation mode.
The "Shopping cart" checkbox on the Shop
Parameters page is changed to a drop down selection
box labeled "Catalog mode". It includes the
original Shopping cart and Single product alternatives
and a new one called "Single product shopping cart"
which activates the shopping cart to purchase more than
one product, but replaces the quantity field with a
hidden field with the value "1" for music
and other types of downloadable products where only
one of each track or selection is typically ordered.
Modified separate buy buttons for attributes. When
there are 4 or less alternatives with separate buy buttons,
the buttons line up in one row as they did previously.
When there is more than 4 alternatives with separate
buy buttons, each alternative is on a new row.
// 4.2.2
Added returnurl parameter option for Order-Link. The
returnurl is stored in the orders table and used for
the thank you page "Back to (ashopname)" URL
after payment has been processed.
Fixed old, unnoticed before bug in ashopfunc.inc.php
where attributes with separate prices under some conditions
did not keep the attribute alternative price, but instead
reverted to the product's default price in the basket.
The ashop_parseproduct function lets attribute values
without an attribute price be treated as an attribute
price value of "default" which would override
the price selected from another attribute value depending
on the order of the attributes. If an attribute without
separate prices was below the one with a price the price
would always be the default product price. The reason
why this has not been discovered before is probably
because all our customers have placed their attributes
in the right order so far or avoided to combine attributes
with separate prices with other attribtues.
Fixed bug in orderform.php where the secure image link
was broken in the payment page. The ashop_showtemplateheaderssl,
which is used to display the header part of a template
on secure connections, didn't replace the <!-- AShoplogo
--> with the secure logo URL when one was provided.
Added an unsubscribe system in the customer messaging.
Customers with the allowemail flag deactivated will
no longer have a checkbox that allows you to mark them
as recipient of a message and they will not be included
when you send a message using "Send to all".
The customer profiles have a new checkbox that you can
uncheck to unsubscribe a customer from mass emailings.
The sendupdate.php script will also now only send to
customers that have allowemail = "1" in the
database.
// 4.2.1
Fixed bug with incremental quantity based pricing when
used with attributes, which have separate prices.
Found that the vars.inc.php script, which is used to
simulate register_globals = On in cases where it is
set to Off in php.ini, needed to be uploaded in unencrypted
form on some servers. Changed distribution of vars.inc.php
to open source.
4.2 (Nov 8, 2005)
Note: an update notice was sent, which listed it as
version 4.3. This was discovered and changed within
24 hours of sending the update notice. If you downloaded
the update right after the notice, the files are correct
for version 4.2. Disregard where it says 4.3.
In receipts, when a product price is based on volume
incentives, the price column now says "QtyBased"
instead of showing the product's regular price, which
may not apply.
The order.php script will now convert to Windows line
breaks before writing the receipt to the file. It was
only saving Unix line breaks before, which was causing
the lines to run together in plain text receipts after
saving and then viewing in a Windows text editor/viewer
that does not support Unix line breaks.
Added tool tips in the per product incremental quantity
based pricing levels page.
Most hosting providers still run PHP 4 but the 5 versions
have been available a while now and sooner or later
it will start to shift towards PHP 5. The first problem
with this was that the old $HTTP_POST_VARS and $HTTP_GET_VARS
variables can now be completely disabled through a configuration
directive since they are supposed to be replaced with
the $_POST and $_GET variables instead. Replaced all
of those variables so that AShop Deluxe should now be
compatible with PHP 5.
Fixed admin text entry for affiliate program affiliate
text (description of affiliate program). Code was supposed
to handle html in the affiliate text in a safe way but
caused trouble with single and double quotes in some
cases where HTML was used in the affiliate text.
The payments to affiliates were being done in US dollar
regardless of the currency used in AShop. Changed this
in the affiliatepay.php script to make it use the currency
setting when sending payments.
Some customers were having trouble with the affiliate
cloaking code since javascript isn't always allowed
or possible to use. To avoid this the cloaking code
is now completely optional, which it wasn't before on
the image links. Removed it from the image/banner links
and made it available only when using the %affiliatecloaklink%
code. To use it on banners you can of course still upload
the banner separately and just use the %affiliatecloaklink%
on an image tag but now you will not be forced to have
javascript in your affiliate link codes.
// 4.1.3
AShop now supports Password Robot which is used in
exactly the same way as the PA+ integration.
Added Italian language set.
Added search tool in editcatalogue.php for admin to
more easily find existing products.
Fixed problem when cookies were deactivated in the
customers browser. The download.php script was sending
the delivery notice even when a download failed due
to deactivated cookies. The download limit was not exceeded
at all. In fact the customer was probably unable to
download the file even once. The code that sends the
message has been moved to download.php and will only
be activated if a download actually occurs.
Fixed delivery message was translated and put in the
language module which meant that the shop admin would
receive the message in the language that the customer
has chosen. Changed this so that the admin delivery
notice is always sent in English.
Fixed bug where editcatalogue.php page was blank under
some conditions.
Active/inactive icons next to each product in editcatalogue.php
are now links that when clicked change the state of
the product from active to inactive or visa versa.
Found out that the permissions were being reset on
the products directory each time a new product file
was uploaded. It turned out to be a bug in the editfiles.php
script. A variable was spelled $uploadfileid at one
place and $uploadedfileid at another which resulted
in the chmod affecting the whole products directory
instead of just the uploaded product file. This has
been fixed now. The reason why we haven't seen this
before is probably because the products directory is
usually owned by the same user that the ftp session
is run under which makes the directory accessible even
if the permissions are too low, but on the trouble site
it was probably been created and owned by a different
user.
There is now a new setting for Selected category text
color in Store Configuration->Layout in the admin
panel.
In basket.php, changed the textcolor to $categorytextcolor
to make it work with the background. The border color
of both the shopping cart and save cart tables is the
same now.
The quantity of several instances of the same product
is now combined for Order-Link. This was fixed for the
dynamic catalog and OrderForm in version 4.1.2 and now
it is also fixed for Order-Link. You will no longer get
"1: Productname1, 2: Productname1, 1: Productname1"
but instead the shopping cart string will be converted
to present the added products as "4: Productname1",
unless the products have different attributes.
The local payment form (orderform.php) page will now
automatically be used when the total amount in the cart
is zero. Order processing will be done using a built
in payment option that uses manual.gw. All orders with
only free products will be treated exactly like paid
orders and the customers' billing info will be stored
in the database. This feature can be used as a signup
form for free membership resources because it collects
customer information, creates and sends subscription
directory password, and enters the customer into the
AShop mailing list. It can also be used to get customer
information before giving a free download or key code.
Added per product incremental pricing, which is based
upon the total quantity of all products in the basket.
In the admin panel you will now find a new button labeled
"Qty Pricing" for each product which will
open a new page where the pricing levels can be set.
Since the price that is displayed in the catalog and
on the shopping cart pages will no longer be valid,
there is also a box where you can enter a description
of the pricing which will be shown instead. The pricing
levels sets the price per item when there are a certain
number of items in the shopping cart. If you set one
level at qty > 0 and one at qty > 3 and add 4
items to the cart, one item will be charged at the qty
> 3 pricing level and the rest will be charged at
the > 0 level. It is quite possible to improve on
this and add other options in the future since all the
scripts use a new function to calculate the subtotal
for each item which means that when the function is
changed it changes the calculation everywhere in AShop.
Fixed bug that only occurs on some servers where can't
set a price over $999.99 for a product. The price field
type needs to be set to at least (6,2). This appears
to work differently on different servers. I could enter
$1500 or a higher value for the price into my local
AShop installation without trouble even though it had
the price field set to float(5,2). Anyway, changed this
in update.php and install.php to make sure that there
are no problems with this in the future.
Save original receipt in text or HTML format for later
resend or print, which can be used to send to customer
or can be used as a packing list. If there is a directory
named "receipts" in the admin directory and
if it is writeable, the receipts will now be saved in
that directory with the name $orderid and they can be
downloaded from the sales history/sales report by clicking
the orderid. The downloaded files will either be named
$orderid.txt or $orderid.html depending on the receipt
format setting. Saving the receipts is optional and
can be deactivated by simply removing the receipts directory.
Categories that do not have at least one product active
for wholesale do not appear in the wholesale catalogue.
The same thing has been added to the retail catalogue.
When there are no retail active products in a category,
the category does not appear in the retail catalogue
at all. This way, the wholesale and retail catalogues
can have unique categories and products.
// 4.1.2
ebay.php script still had the old outdated error message
about deactivating secure IPN. Replaced it with the
same error message that is used in order.php.
Fixed problem with orders paid using LinkPoint Connect
(Basic) where the customer email is missing. The scripts
have been constructed to work under the assumption that
the customer email is never missing since it is in most
cases a required field in payment gateway forms but
with Linkpoint you apparently don't have to enter your
email address to process the payment. Each customer
profile is defined by a unique email address and in
this case several customers would have the same email
- a blank one - which meant that they would overwrite
each others' customer profile every time a new customer
came along and processed an order without entering an
email address. The sales report will treat all of these
customers as one single customer with the name and contact
info of the last one. To avoid this trouble the order.php
script will now generate a unique email address, based
on the domain of the administrator email, whenever a
customer email address is missing. It can look like
this: qskrrty@yourdomain.com. This will make the script
store the rest of the information in a separate customer
profile which can later be edited to add a correct email
address.
Fixed bug where in the admin quick stats (admin/index.php),
the Unpaid Commissions always matched the
Commissions Earned even for commissions that had already
been paid. This bug popped up between 4.0 and
For products with multiple file downloads and attributes
where default file is selected, product file(s) triggered
the download process, but the attribute default setting
was not providing a file. Changed the editalternatives.php
script to set the value back to "all" if it
is blank. The update.php script needs to be run on existing
AShop installations to get rid off this bug.
FrontPage generated _vti_cnf directory in the themes
directory would cause the Layout menu page to not open.
The configure.php script has code that will identify
such directories and handle them correctly, but there
was a bug in that code that didn't fix it in the themes
directory. This is fixed now.
Set text size of attribute alternative names in pop-up
confirmation window with CSS and fixed size so that
customers with browser text size setting of larger or
largest will still see all of the text without wrapping
or running off of the page.
// 4.1.1
Fixed authorizenetaim.gw The new description field
that was recently added to the Authorize Net AIM module
was messing up the payment processing since it contained
commas when multiple products were ordered and commas
are also used as field separators in the message that
is returned by Authorize Net. Replaced the commas with
line breaks.
Fixed Send Update was sending for orders that had been
charged back. (since version 4.1)
Fixed volume shipping discount bug where the discount
was given for downloadable products that were also set
as taxable, but did not have shipping set for them.
Added same category text color settings improvements
to the wholesale catalog that were added to the retail
catalog prior to 4.0.
4.1 (Sept 11, 2005)
Added link cloaking option for affiliate link generator.
This is now done automatically for the image links.
For text links, added a new token "%affiliatecloaklink%"
that will generate the code in the affiliate text instead
of generating it automatically, which would prevent
the use of custom html code.
The chargeback script will now store the order as a
copy of the original but with negative amounts. The
original order ID is shown in the sales report and the
comment can be viewed by pointing at the new "i"
icon that can be found next to the order description.
The chargeback report is simply a regular report but
with only credit orders. The update.php script will
convert the existing chargebacks in the chargebacks
table to credit orders and remove the chargebacks table.
Added PayPal Web Payments Pro integation.
Added PaySat payment gateway integration.
You can now set an optional title line for an update
which will be shown instead of the old "Your update
for..." message. If you leave it blank the old
text will be used.
The orderform.php script will now ask for the email
address twice and validate it directly in the form,
showing a popup message if the addresses don't match.
Display productid in File Manager page.
Added eMerchant license key registration option. First,
activate the eMerchant addon for the license key. The
admin/checklicense.inc.php script needs to be updated
along with the emerchant directory and a license check
needs to be run, which can be done by logging in to
the admin panel. It will create a file named .emerchant
which is in the emerchant/mail directory since it is
already supposed to be chmod 777.
shipping.php script changed to make the "We only
ship to this country" text bigger.
Added number of customers per page and filter by name
or email address to salesadmin.php and affiliateadmin.php
and affiliatestats.php. Added a checkbox at the top
of the list which will select or deselect all customers/affiliates.
Added alphabetic sort in new payment option drop-down
selection box.
Fixed Authorize.Net AIM module, was not sending the
description to Authorize Net.
Added integration for PSBill.biz payment processor.
Fixed the "Continue Shopping" button on the
orderform.php page redirected to the catalogue.php instead
of the page where the purchase originated from when
using the orderform method.
Added more specific validation error messages in Authorize.Net
AIM payment form.
Added TeleSign telephone verification service option.
The quantity of several instances of the same product
is now combined. You will no longer get "1 Productname,
2 Productname, 1 Productname" but instead the shopping
cart string will be converted to present the added products
as "4 Productname", unless the products have
different attributes.
Fixed bug when products were deleted, the product files
were not being deleted. Also added script to clean up
old files from previously deleted products. admin/cleanfiles.php
We needed to avoid duplicate customer input attributes.
To make this work in a way that can be used for other
customer input attributes as well, added a new filter
feature. There is a new directory called filters in
the admin directory which right now only contains one
single file: subdomain.inc.php. This file can be used
as a template and contains instructions on how to create
your own filters. It will remove things like "www"
and "http://" from subdomains and make sure
that they are lower case. It will also check for duplicates
and display a "Try again" message in the buy.php
popup window if a duplicate is found. The filter files
are used only in the buy.php window and must be named
like this: [attribute caption (lower case)].inc.php,
for instance: domain.inc.php or email.inc.php. We could
provide a set of useful sample filters for things like
domain name, username, email etc and our customers can
create any number of customized filters from this.
Fixed bug in admin/index.php quick stats where affiliate
commissions were not appearing.
The AShop page template functions will now replace
<!-- AShopname --> with the shop name.
Added new Layout font settings to theme.cfg.php files.
Modified catalogue.php, search.php and related language
files to include availability comment in dynamic catalogue
product listings. The comment only appears when the
avail field is not null.
Fixed problems with catalogue.php pagination caused
by a huge amount of products. With too many page numbers
at the bottom of the catalogue or search page, the pages
would become extremely wide. The page selectors at the
bottom of the catalogue.php, search.php and admin/editcatalog.php
pages are now limited to show only 20 at a time.
The referral discount system has been changed to not
set cookies for each discount but only show the right
code in the product catalog. On one site we found at
least 1000 cookies being set by affiliate.php to activate
all discounts, which could not be handled by any browser.
You can set single attributes through a form using
the following type of field: <input type="text"
name="attribute54">. Where "54"
is the attribute ID. Form code is generated by clicking
the link in the Edit Catalogue view (not for each attribute).
The value field must be added to the form code. For
instance <input type="text" name="attribute54"
value="(value)"> where (value) is the text
for comment attributes or the attribute number for selectable
attributes.
Changed the activate.php script to exclude duplicate
subscription directory links in reciepts if the same
subscription is added to the cart twice.
Fixed bug in Sales Reports > Remove old incomplete/failed
orders. Was not removing all old void orders. There
was a problem with the userid parameter. It should not
be used at all in this script as there is no other way
to delete incomplete orders for digital members. Removed
it from the sql query.
Changed ashoptest.php to not time out until a whole
minute has passed. Added to license server communication
test failure to show the error number and description
for the failed connection.
The mailcustomer.php and mailaffiliate.php scripts
now accept some variables that can be used to include
affiliate or customer info in the messages. For the
affiliates they are:
%firstname%, %lastname%, %email%, %affiliateid%, %address%,
%state%, %zip%, %city%, %country%, %url%, %phone%, %referralcode%,
%password%, %username%
For customers these can be used:
%firstname%, %lastname%, %email%, %customerid%, %address%,
%state%, %zip%, %city%, %country%, %phone%
The scripts in the affiliate subdirectory now have language
modules for both English and Swedish just like the shopping
cart pages. All the affiliate language module files
have names that start with "af_".
When a customer places an item in their shopping cart,
the browser used to return to where they were on the
web page rather than taking back to the top of the page.
Modified catalogue.php and search.php so that after
a product is added to the basket, the page refreshes
to the top so that the subtotal box is visible. Also
improved it to make it work with templates. If you include
an anchor named "cart" in your catalogue.html
template it will be used instead of the one that is
automatically generated by the scripts.
Added a delete button in the (customer) saved shopping
cart feature.
The Authorize.net AIM module didn't send the customers
country to Authorize.net. I guess there must be some
way to configure an Authorize.net account to make sure
this isn't required since the module has worked when
we have tested before. Added country field to postings
from Authorize.Net AIM orderform.
Fixed admin/reactivate.php script was sending download
information in receipts when there were no downloads
in the order.
Changed font control from font tags to CSS. Added font
size control to Layout menu.
The counter.php script was using the timezone offset
but the index.php wasn't. The result was that admin/index.php
always showing current online visitors. This was fixed
in admin/index.php
Modified ashopfunc.inc.php so that <!-- AShopname
--> will display the shop name and <!-- AShoplogo
--> will display the logo from the content in first.html,
which is displayed in the catalogue.php page whe first
opened.
Fixed secure logo image link setting for some gateways
that use the local orderform payment page.
4.0 (April 2005)
Modified how preliminary orders are stored in the database.
Prior to 4.0, the checkout.php script would remove preliminary
orders if the Back button was used to back out of the
payment gateway. This was done to prevent the number
of unused preliminary orders in the database from piling
up. But the way the checkout.php script did this assumed
that the order is really a preliminary one. If a customer
backed up all the way from the Thank you page instead
of using the return link, their completed orders would
be deleted. We never imagined that people would do this,
but it appears that people will do just about anything
imaginable. The checkout.php script will now check that
the order hasn't been completed before deleting it.
Fixed license check to keep running for up to two weeks
if license server is not available. Changed license
check variable names.
Fixed bug when accessing credit card information from
offline payment option. When logging into the credit
card info/processing page, was redirecting to the admin/index
page instead of the credit card info page. The login
session variable was set to $sesid instead of the correct
$hash in login.php when redirecting to the process.php
page.
Fixed bug in editsales.php. It didn't set the userid
field (digital mall user) in the chargebacks table,
which caused orders that were charged back to not appear
in chargeback reports.
Click here for pre
4.0 April 2005 version notes.
April 2005
Began numbering major new version releases with 2 digits
and using the third digit fo intermediate, development
versions and patches.
|
