THIS IS A SECURITY RELEASE AND PER PCI-DSS REQUIREMENTS YOU MUST UPGRADE WITHIN 30 DAYS
Miva Merchant 9.12.00 Release Notes
- New Order Workflow module allows orders to be segregated into queues based on user-configured criteria, and for automatic actions to be performed in response to order creation or modification.
- Feature not_ordr (API version 9.12 or newer):
- New function Module_Notify_Order_TotalChange( module var, original_total, order var )
- New feature fields_box that allows custom fields to be specified for boxes:
- Custom fields may be set through provisioning using the Box_CustomField provisioning tag
- 9.12.00 introduces a new JSON API for building external integrations:
- New functions in g.Module_Feature_PGR_UT may be called from template code to assign and remove price groups from a basket:
- Basket_Assign_Persistent_PriceGroup( basket_id, pricegroup_name )
- Basket_Remove_Persistent_PriceGroup( basket_id, pricegroup_name )
- After upgrade, two-factor is required for all users with the Administrator privilege. Administrator users without two-factor enabled will be prompted to enable two-factor or reduce their privileges on the first login after upgrading.
- Additional activity logging has been added for auditing API, provisioning and administrative user activity.
- PayPal Website Payments Pro and/or Express Checkout now uses the new JSv4 Express Checkout Button API
22337: Shipping/Packaging Rules: Box Max weight or max quantity should be visible in the Boxes batch list
25249: Module: braintree: Pass eciIndicator in Apple Pay requests
26373: Module: paypalpro: Paypalpro, saved address dropdown should be disabled if present when returned to OCST during paypal express checkout.
26432: Module: braintree: Braintree's Kount form searching should have better AUTH action matching
26438: Module: applepay: Apple Pay should validate shopper addresses when processing final payment
26443: Administrative Interface: Invalid response when attempting to view Pages without permissions
26482: Customers: Automated test for CustomerList_Load_Query does not test custom field retrieval
26509: Module: qbms: Authorization Failure "The field IsMobile has an invalid format." when authorizing a card using Intuit Payment module
26519: Price Groups: JSON_PriceGroupProductSubscriptionTermList_Load_Query / JSON_PriceGroupProductSubscriptionTermIndex_Load_ID should attempt to use the sNN_PriceGroupXProductSubscription_1 index
26520: Price Groups: JSON_PriceGroupQualifyingProductSubscriptionTermList_Load_Query / JSON_PriceGroupQualifyingProductSubscriptionTermIndex_Load_ID should attempt to use the sNN_PriceGroupXQualifyingProductSubscription_1 index
26737: Provisioning: Order_Update tag cannot update the shipping / billing addresses if they were previously set
26738: Administrative Interface: Users with edit product permissions only can delete a products shipping dimensions by accident on update.
26941: Module: braintree: Include <customer> object in sale transactions for better Kount functionality
26949: Provisioning: Allow developer licenses to be specified in User_Add and User_Update
26968: Digital Downloads: Uploading a file to the digital download local file path does not populate the fields.
27001: Module: customfields: Multi-text custom fields, formatting gets lost if you update a product without viewing the multi-text custom field.
27005: Administrative Interface: User_TOTPKey_QR image loads leak unencrypted TOTP keys into the web server log
27014: Module: chasepaytech: Update default Chase Paymentech endpoint
27017: Module: mailchimp: MailChimp: Baskets are kept alive via the module even when the module is not configured
27036: Subscriptions: Subscriptions with invalid product_id created at checkout.
27045: Administrative Interface: Allow users to delete themselves
27047: Administrative Interface: Force password change at next login gets cleared if you change the password in admin after setting that flag
27048: Module: marketplaces: Marketplaces: Google Shopping: MP_GoogleShoppingItemSettingsList_Load_Active needs to order by product ID
27053: Template Subsystem: CSSResource_Upload: Upload path is empty in log message
27055: Module: square: Square idempotency keys need a sequential component to prevent reuse
27056: Module: paypalpro: Accelerated boarding does not function in production or sandbox mode
27057: Database Layer: sNN_OrderShipments.ship_date should be converted to a numeric field type
27058: Administrative Interface: FireFox: Hitting the ESC key when prompted to download YubiKey backup tokens causes the page to hang
27060: Module: cmp-cssui-searchfield: searchfield component generates too many product queries while typing
27061: Database Layer: Creating a temporary table could reduce lock contention on the sNN_CachedProductListXProduct table
27063: URI Management: Default .htaccess rules should exclude image extensions
27068: Database Layer: Product list caching has no performance benefit for category and related product lists and should be eliminated
27069: Database Layer: Loading of non-"query" custom fields in Runtime_ProductList_Load forces query results to be stored, increasing memory usage
27076: Module: customfields: Order Custom Field values are not deleted when an order is deleted
27100: Module: endicialabels: Endicia recredit account should be usable by non-admin users with the correct permissions
27121: Discounting Subsystem: sNN_BasketDiscountTotals does not get cleared when deleting baskets
27968: Provisioning: Customer_Add does not encrypt customer passwords provided in plaintext
27969: Provisioning: Customer_Update does not encrypt passwords provided in plaintext
28137: Administrative Interface: All values returned when performing an advanced search by Note Count for Business Accounts Assigned to Availability Group
28143: Module: paypaladv: Customer IP address is not sent for MivaPay requests
28147: Wish Lists: Deleting a customer does not delete the customer's wish lists
28400: Administrative Interface: Add pdf as a default supported image upload type
28756: Administrative Interface: YubiKey 5 and blue Security Key by Yubico do not work in WebAuthn mode
See what's new in version 9.12.00