The following Improvements and bugfixes are included in v1.3.6:
SECURITY UPDATES. Important security updates related to XSS vulnerabilities have been included in this release to prevent exploitation of your site. YOU SHOULD PREPARE TO UPGRADE ASAP
XSS vulnerability fixes included in this release
State/Country pulldown menus work intelligently across browser platforms
Discount coupons can now be restricted to only be usable if the customer's Billing Address matches the selected zone (ie: a 10%-off coupon could be set to apply only to US customers)
Linkpoint/YourPay API payment module now included with Zen Cart. Minor updates to module.
Products-Purchased report enhanced with search, hotlinks, etc
Added: image-size settings can now be configured for top-level category images
Added: centerboxes on Empty Shopping Cart page can now be enabled/disabled/sorted via the admin interface under "Stock" settings
Added: currency-exchange "uplift" calculator added to My Store area, allowing automatic global padding of exchange rates during automated updates
Added: search page now accepts URL parameters, allowing some retention of search history if details supplied by a referring source/link
Added: Subcategories Row switch added to admin for Product Listing page
Added: "zones" shipping module now allows "00" for "All zones". Also no longer case-sensitive
Added: zone-status indicators added to suggest where zone configurations may be incomplete
Added: "upcoming products" can now be excluded from New Products boxes/listings
Added: built-in support for easy_rollovers contribution to be plugged in more simply
Added: new switch for Product Info to disable display of product-model in meta-tags output where custom meta-tags not defined
Added: create-account-success page now shows the customer's address for quick visual verification of their personal data
Enhanced: $this_is_home_page variable can be used to determine whether the displayed page is truly the home page of the site or not. Handy for disabling breadcrumbs or other items for just the home page.
Change: admin - when entering/editing products, now have the option to key in the name of the product image filename to use images already uploaded to server
Change: admin order-status pulldowns now sort by ID instead of name
Change: admin "extras" menu no longer appears if it has no content (ie: can remove the menu file for music items from the extra_boxes folder and the menu option will disappear)
Change: improved calculation of commissionable_amount for affiliate hooks to support credit modules offering discounts
Change: email system change to allow separation between php, sendmail, smtp etc methods of transport instead of only smtp/sendmail
Change: Alternate email-encoding methods available. Default is now 7bit instead of 8bit. Can override via new file in extra_configures folder
Change: image ALT text no longer displays if image not found
Change: "Mixed ON/OFF" text no longer appears if there are no attributes for selected product
Change: removed auto_increment from metatags tables for foreign-key fields
Change: default editor plugins now selectable from Admin->Config->My Store via pulldown
Change: status message added to messageStack if add-to-cart set to return to product
Change: if customer record is deleted during a shopping session, they will now be logged out
PayPal: no longer requires case-sensitivity on email address of PayPal account
PayPal: was encountering an error if ez-pages functions were called in language files (unrelated to PayPal ... only related to customizations affecting PayPal loading)
PayPal: fixed problem where purchase of a GV via PayPal was leaving GV linked to wrong order #
Bugfix: banner bug related to status change ... missing parenthesis found
Bugfix: textarea displays for define-pages area in Opera not displaying properly
Bugfix: line-ending problem in the admin language file for coupon_admin.php
Bugfix: email problems for SMTP mailservers resolved
Bugfix: New Products date fixed to manage "All", "Current Month", and any number of days
Bugfix: download-resets via Admin were not properly considering "unlimited" vs max days
Bugfix: breadcrumb was displaying incompletely/incorrectly when navigating prev/next
Bugfix: zen_redirect function works smarter for SSL pages
Bugfix: USPS/UPS modules were incorrectly adjusting weight in some cases
Bugfix: Manual-Add of Specials/Features product numbers in admin now checks proper ID's
Bugfix: ot modules were not properly handling taxes when "tax in" pricing enabled
Bugfix: maximum address book entries restriction was allowing one too many
Bugfix: added missing switch to configuration menu for Page Not Found "define page"
Bugfix: sidebox "id" duplicates removed
Bugfix: stylesheet fixes
Bugfix: Discount Quantity would occasionally vanish when editing by product price manager
Bugfix: preg was breaking when testing template override files in template_func.php
Bugfix: admin footer now properly shows version details
Bugfix: admin coupon editor was incompletely handling multiple languages
Bugfix: Coupon Zone notice in popup and lookup pages added
Bugfix: Search page MySQL errors due to version-specific query problem
Bugfix: tax calculations fixed for order total modules where include tax/shipping flags selected
Bugfix: shopping cart was holding on to old quantity during some adjustment requests
Bugfix: admin categories-metatags editor not handling language properly and giving SQL errors
Bugfix: UPS shipping module changed to retrieve Fuel Surcharge rate if exists
Bugfix: remove ereg_replace errors on additional-image-popup window (now uses str_replace)
Bugfix: fixed occasional DOB errors when format changed or null data supplied
Bugfix: coupon "amounts" now allowed 15,4 precision instead of 11
Bugfix: product-listing quantity boxes are now similar on advanced-search results
Bugfix: sales/specials/features were not accurately expiring once-per-session
Bugfix: apostrophes were causing problems when sending mail from admin
Bugfix: admin menu pulldown borders were inconsistently displaying in FF
Bugfix: admin banner manager page-selection occasionally lost
Bugfix: remove hard-coded "Store Pickup" text from admin orders screen
Bugfix: CURL proxy support consistency tidied
Bugfix: currency-updater was timing out if more than 6 currencies had to be processed
Bugfix: some MySQL5 strict_trans issues resolved
Bugfix: shipping estimator was showing blank if all shipping modules were restricted by zones and the customer wasn't logged in
Bugfix: remove stray NAVBAR_TITLE constant name from showing in metatags in popups etc
Bugfix: $lng object consistency between catalog and admin fixed
Bugfix: order of parameters in some URL's tidied (ie: mfg selection etc)
Bugfix: media manager was including recursive cat/prod listings in pulldown
Bugfix: status messages fixed where uploads failed when adding product to cart
Bugfix: zone-definitions page wasn't retaining pointers properly for sidebox during navigation
[Quelle: http://www.zen-cart.com/forum/showthread.php?t=49948]
SECURITY UPDATES. Important security updates related to XSS vulnerabilities have been included in this release to prevent exploitation of your site. YOU SHOULD PREPARE TO UPGRADE ASAP
XSS vulnerability fixes included in this release
State/Country pulldown menus work intelligently across browser platforms
Discount coupons can now be restricted to only be usable if the customer's Billing Address matches the selected zone (ie: a 10%-off coupon could be set to apply only to US customers)
Linkpoint/YourPay API payment module now included with Zen Cart. Minor updates to module.
Products-Purchased report enhanced with search, hotlinks, etc
Added: image-size settings can now be configured for top-level category images
Added: centerboxes on Empty Shopping Cart page can now be enabled/disabled/sorted via the admin interface under "Stock" settings
Added: currency-exchange "uplift" calculator added to My Store area, allowing automatic global padding of exchange rates during automated updates
Added: search page now accepts URL parameters, allowing some retention of search history if details supplied by a referring source/link
Added: Subcategories Row switch added to admin for Product Listing page
Added: "zones" shipping module now allows "00" for "All zones". Also no longer case-sensitive
Added: zone-status indicators added to suggest where zone configurations may be incomplete
Added: "upcoming products" can now be excluded from New Products boxes/listings
Added: built-in support for easy_rollovers contribution to be plugged in more simply
Added: new switch for Product Info to disable display of product-model in meta-tags output where custom meta-tags not defined
Added: create-account-success page now shows the customer's address for quick visual verification of their personal data
Enhanced: $this_is_home_page variable can be used to determine whether the displayed page is truly the home page of the site or not. Handy for disabling breadcrumbs or other items for just the home page.
Change: admin - when entering/editing products, now have the option to key in the name of the product image filename to use images already uploaded to server
Change: admin order-status pulldowns now sort by ID instead of name
Change: admin "extras" menu no longer appears if it has no content (ie: can remove the menu file for music items from the extra_boxes folder and the menu option will disappear)
Change: improved calculation of commissionable_amount for affiliate hooks to support credit modules offering discounts
Change: email system change to allow separation between php, sendmail, smtp etc methods of transport instead of only smtp/sendmail
Change: Alternate email-encoding methods available. Default is now 7bit instead of 8bit. Can override via new file in extra_configures folder
Change: image ALT text no longer displays if image not found
Change: "Mixed ON/OFF" text no longer appears if there are no attributes for selected product
Change: removed auto_increment from metatags tables for foreign-key fields
Change: default editor plugins now selectable from Admin->Config->My Store via pulldown
Change: status message added to messageStack if add-to-cart set to return to product
Change: if customer record is deleted during a shopping session, they will now be logged out
PayPal: no longer requires case-sensitivity on email address of PayPal account
PayPal: was encountering an error if ez-pages functions were called in language files (unrelated to PayPal ... only related to customizations affecting PayPal loading)
PayPal: fixed problem where purchase of a GV via PayPal was leaving GV linked to wrong order #
Bugfix: banner bug related to status change ... missing parenthesis found
Bugfix: textarea displays for define-pages area in Opera not displaying properly
Bugfix: line-ending problem in the admin language file for coupon_admin.php
Bugfix: email problems for SMTP mailservers resolved
Bugfix: New Products date fixed to manage "All", "Current Month", and any number of days
Bugfix: download-resets via Admin were not properly considering "unlimited" vs max days
Bugfix: breadcrumb was displaying incompletely/incorrectly when navigating prev/next
Bugfix: zen_redirect function works smarter for SSL pages
Bugfix: USPS/UPS modules were incorrectly adjusting weight in some cases
Bugfix: Manual-Add of Specials/Features product numbers in admin now checks proper ID's
Bugfix: ot modules were not properly handling taxes when "tax in" pricing enabled
Bugfix: maximum address book entries restriction was allowing one too many
Bugfix: added missing switch to configuration menu for Page Not Found "define page"
Bugfix: sidebox "id" duplicates removed
Bugfix: stylesheet fixes
Bugfix: Discount Quantity would occasionally vanish when editing by product price manager
Bugfix: preg was breaking when testing template override files in template_func.php
Bugfix: admin footer now properly shows version details
Bugfix: admin coupon editor was incompletely handling multiple languages
Bugfix: Coupon Zone notice in popup and lookup pages added
Bugfix: Search page MySQL errors due to version-specific query problem
Bugfix: tax calculations fixed for order total modules where include tax/shipping flags selected
Bugfix: shopping cart was holding on to old quantity during some adjustment requests
Bugfix: admin categories-metatags editor not handling language properly and giving SQL errors
Bugfix: UPS shipping module changed to retrieve Fuel Surcharge rate if exists
Bugfix: remove ereg_replace errors on additional-image-popup window (now uses str_replace)
Bugfix: fixed occasional DOB errors when format changed or null data supplied
Bugfix: coupon "amounts" now allowed 15,4 precision instead of 11
Bugfix: product-listing quantity boxes are now similar on advanced-search results
Bugfix: sales/specials/features were not accurately expiring once-per-session
Bugfix: apostrophes were causing problems when sending mail from admin
Bugfix: admin menu pulldown borders were inconsistently displaying in FF
Bugfix: admin banner manager page-selection occasionally lost
Bugfix: remove hard-coded "Store Pickup" text from admin orders screen
Bugfix: CURL proxy support consistency tidied
Bugfix: currency-updater was timing out if more than 6 currencies had to be processed
Bugfix: some MySQL5 strict_trans issues resolved
Bugfix: shipping estimator was showing blank if all shipping modules were restricted by zones and the customer wasn't logged in
Bugfix: remove stray NAVBAR_TITLE constant name from showing in metatags in popups etc
Bugfix: $lng object consistency between catalog and admin fixed
Bugfix: order of parameters in some URL's tidied (ie: mfg selection etc)
Bugfix: media manager was including recursive cat/prod listings in pulldown
Bugfix: status messages fixed where uploads failed when adding product to cart
Bugfix: zone-definitions page wasn't retaining pointers properly for sidebox during navigation
[Quelle: http://www.zen-cart.com/forum/showthread.php?t=49948]
Kommentar