IMPORTANT Security Fix for ALL versions of Zen Cart

Article Date(s): 09/18/2012 - 12/31/2035
About an hour ago, an update to Zen Cart was released by the developers. This update is not going to be submitted for PA-DSS Certification as version 1.5.0 was.

The update fixes several bugs that people have discovered as well as adds some new functions. I am listing the improvements below.

Two things that jump out at me as pretty important are:
1. New coding for PHP 5.4x which all servers are eventually going to have to move to, if for no other reason than PCI Compliance
2. CAPTCHA support on contact and create account pages.

There are a little less than 120 files that have been revised in this update. I don't see much of a problem with many of the mods we install on sites daily being affected by this update. The exception would be Fast and Easy Checkout which willl probably need to revise their code and mods that affect the contact us page - like adding a phone number or subject line.

From what I hear there may be one more "planned" version update for the 1.5.X series and then the developers will start focusing on their version 2.0 which has been in development for quite some time.

Here is a list from Zen Cart of the Improvements in this new release:

CHANGE-207 - Add bypass to bandage the performance/caching problem with products_viewed counter on busy sites, inspired by an idea from data-diggers. This step simply splits the logic out into an observer class, and adds a switch to turn it on or off. Doesn't change any schema or any reports. But of course if the switch is set to something other than 'on', then the reports will be useless too unless alternate custom data tracking code is added to the observer class.
CHANGE-208 - Implement data-diggers querycache
CHANGE-220 - Add optional constant 'DOWNLOADS_SKIP_DOT_PREFIX_ON_REDIRECT' to overcome rare problem on some servers which won't allow use of dot-prefixed temporary files. Usage: define('DOWNLOADS_SKIP_DOT_PREFIX_ON_REDIRECT', TRUE); in /includes/extra_configures/ folder.
CHANGE-238 - php 5.4 Updates, mainly for htmlentities() calls
CHANGE-240 - Add form auto-focus on advanced-search results and admin category lookups
CHANGE-265 - Add children support to category-specific stylesheet overrides -- ie: c_XX_XX_children.css
CHANGE-273 - Add css-driven antispam support to contact-us, create-account, and product reviews
CHANGE-282 - Add improved notifier support for the shipping calculate_boxes_weight_and_tare() function to allow for easier intercept by plugins
CHANGE-283 - Add coders the ability to allow for a custom count query in split page results class
CHANGE-284 - Update db schema and various code bits to handle longer lengths for IP addresses, to accommodate IPv6
CHANGE-287 - Add hooks for encryption tools needed by modules such as PPA
CHANGE-297 - Add improvements to notifier support for Downloads script (add all order data to observer resources)
CHANGE-298 - Move debug logging to separate /logs/ folder, as a performance improvement measure, and be more semantically meaningful

All upgrades that are currently on order with us will be done with this latest version.

Shopping Cart

Your cart is empty.

Customer Reviews


Judy your advice and guidance have far surpassed what we could have imagined. You brought our site from a desperate state to a professional...

Worth Every Penny

I took a leap of faith and had my website upgraded to version 1.5.5 as well as a new "Responsive Zen Cart Template". It was worth every penny. My...

Judy the Savior of our business

Judy, Words can not express the gratitude,we at feel. Our website was down due to hackers, we were making no money. We called...

You are so appreciated!

You are, as always, such a gem and so amazingly appreciated. I will be discussing our next steps regarding hookahshisha with my staff so we may...

Zen Cart Guru

After many hours of hard work and frustration with other web developers, we desperately needed to find someone we could rely on. We finally found...

Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart