- The default country list has been updated with the current ISO-3166-1 list.
- Redesigned the mechanism used to install, remove, and register modules within a store in order to increase error tolerance and prevent stores from being inadvertently broken by removal of a component module.
- The SEO "Sitemap" page is now deleted when the Sitemap is disabled.
- Duplicate database queries have been eliminated during the checkout process.
- Timeout handling when processing large provisioning files has been improved.
- Attributes for items added to the shopping basket or displayed on an invoice are now displayed using the sort order configured for the product.
- A new page, "NTFD - Not Found" has been added. The software now routes requests for pages, products, or categories that do not exist to this page.
- The uninstall process now properly drops all database tables from MySQL installations.
- The install process now displays a validation error if the target MySQL database already contains a Miva Merchant installation.
- The maximum length allowed for the SEO settings short link custom prefix has been extended from 10 characters to 100.
- Modules implementing multiple "primary" features may now be installed or removed from any of the screens on which they appear.
- When attempting to remove modules that are used by Store Morph items, a message is displayed listing the items and pages which reference the module. The default configuration prevents removal of these modules. A new store setting, "Allow Modules Used by Store Morph Items to be Uninstalled", may be configured to allow the removal of these modules.
- Fixed a bug that would occasionally cause error messages of the form "mysql_stmt_prepare: Table 's01_Products' was not locked with LOCK TABLES" to appear in MySQL installations.
- Fixed a bug introduced in core-17 that caused both the primary and secondary address to be "optional" for newly created stores.
- The Miva Merchant Look & Feel module can now be updated from the "Edit Module" screen and readded to the domain if it was inadvertantly removed.
- The country list is now editable from the "Countries" tab of the "Domain Settings" screen.
- The existing color selector has been replaced with a new and improved version, which is now also available when editing template code.
- New-style numeric sorting controls are now available for Attribute Templates.
- Users may no longer change the code of an existing Store Morph item.
- The administrative login screen now sets the focus to the Username field on load.
- The "Parent Category" field is now properly reset when pressing the "Reset" button on the "Add Category" page.
- The "Order ID" and "Order Amount" fields are no longer displayed for Affiliate "Referral" transactions.
- If a framework is applied and one or more of the pages it contains do not exist, the pages are now automatically created.
- Fixed a bug that caused encrypted order data to be lost when processing orders with an invalid passphrase.
- Non-encrypted order data is now properly updated when editing an order containing locked encrypted data.
- Fixed encoding of the "Invoice Total" column on the "Order Processing" screen, so currency formats that contain special characters are now properly displayed.
- When creating a Store Morph item, the software now verifies that the referenced module implements the "component" feature.
- Module reference counts are now properly maintained when changing the module referenced by a Store Morph item.
- The "Edit Here" button on the "Products" screen now works properly when the product being edited contains special characters in its code.
- For new installations, the maintenance mode warning message is now displayed using the correct body font.
- The missing product attributes page now correctly routes the shopper to a secure or non-secure URL depending on their original destination.
- Fixed a bug that allowed duplicate affiliates with the same login to be created.
- For new installations, invalid color references have been removed from the AFAD and AFED pages.
- The "Account" button in the navigation bar on the INVC page now directs the user to the LOGN screen, instead of an empty account page.
- For new installations, fixed typos in the basket contents template that prevented textarea attribute text from being displayed.
- The fatal error displayed when a shopper attempts to modify a basket that has expired now displays a more descriptive error message.
- Payment Modules have been modified to properly display the payment method name instead of the internal code on the OPAY screen.
- When a shopper's basket expires during the checkout process, the shopper now receives a message stating that their basket is empty, instead of allowing them to complete the checkout process with an empty basket.
- Fixed a bug that prevented shoppers from checking out if the store was configured with a single country and an optional secondary address.
- The checkout process now properly errors if no payment methods are available, instead of previously checking only if one or more payment modules were configured.
- The "Require Shipping" option now prevents checkout if no shipping methods are available, instead of previously checking only if one or more shipping modules were configured.
PA-DSS (These changes do not affect existing installations unless explicitly configured)
- Database passwords in merchdb.dat are now encrypted.
- Administrative user passwords are now encrypted using SHA1 with 16 bytes of random data as a salt. Passwords for existing users will be encrypted with the new mechanism when those users change their password. This change also allows passwords longer than 8 characters to be used.
- The default Administrative Session Timeout is now 15 minutes.
- The default Failed Login Lockout Time is now 30 minutes.
- Options have been added to enforce password strength requirements. The default requirements for new installations are that passwords must be 7 characters or longer, contain at least one letter and one number or punctuation character, and not be the same as any of the prior 4 passwords used.
- Mandatory password changes may now be enforced on a configurable interval. Users are required to change expired passwords when logging into the administrative interface. The default setting for new installations requires a password change every 90 days
- The â€œOrdersâ€ store privilege has been renamed to â€œOrder Processingâ€ to more closely match the user interface elements it affects.
- Store Privileges are now displayed sorted by the privilege name on the â€œAdd/Edit Groupâ€ screen.
- The â€œMarketing Productsâ€ and â€œMarketing Reportsâ€ privileges have been removed.
- Fixed a bug that prevented users with only the "Add Additional Users" privilege from being able to navigate to the "Add User" screen.
- Fixed numerous minor bugs where elements were displayed that did not function due to privilege settings.
- Fixed numerous minor bugs that prevented users with limited privileges from navigating to the area where the privileges are used.
Wizard: Set Up Payment
- The signup process for Innovative Gateway has been streamlined.
- The wizard now resizes itself to fit the content of the PayPal options page, and the alignment of the content on this page has been improved.
- Bolding of "Available Payment Methods" has been made more consistent to indicate whether selection of at least one method is required.
Wizard: Set Up Sales Tax
- An error message is no longer displayed on the first screen of the wizard if the current sales tax module does not support wizard configuration.
Module: Checkout by Amazon
- and fields are now passed as part of the generated cart XML.
- Fixed a bug that caused an error when the same Miva Merchant shipping method was assigned to multiple Amazon shipping service levels.
- Removed debugging code that was creating a file called "amazon_test.dat" in the data directory.
- Shipping and billing names with middle names, initials, prefixes or suffixes are now split into the Miva Merchant first and last name fields without discarding data.
Module: Payflow Link
- The "Password" field was not being used at any point in the module, so it has been removed.
- The "User ID" field has been renamed to "Merchant Login" to more closely match PayPal/Verisign's current terminology.
- The "Host Code" reponse field is now only displayed for Telecheck transactions.
- Fixed confusing CVV2 vs CSC wording in the payment wizard.
- The Miva Merchant order ID is now properly recorded as the invoice number in the Payflow Link control panel.
Module: Payflow Pro
- When configuring the module via the "Set Up Payment" wizard, the validation that at least one payment method be selected is now performed after displaying the available payment methods, instead of before. This fixes a bug that prevented completion of the wizard when reconfiguring the module with no payment methods selected.
Module: First Data Global Gateway
- Fixed confusing CVV2 vs CSC wording in the payment wizard.
- Fixed the destination of the account signup link in the payment wizard.
- Fixed a misspelling of "acquire" in the payment wizard.
- The module now appears in the payment wizard if the (obsolete) Authorize.Net commerce library is not installed.
Module: PayPal Website Payments Pro
- Fixed a bug that caused an error message stating "Unable to authorize payment (-1)" when product names contained ampersands.
Module: Google Checkout
- When used in a domain containing multiple stores, orders are now recorded in the correct store.
- Fixed a bug that caused shoppers to see "Your order has already been processed" when returning from Google Checkout.
- Fixed interaction with the VikingCoders UPS module.
- Leftover TAX Basket Charges are now deleted after calculating sales tax during callbacks.
Module: UPS Domestic Shipping Calculator
- Rates have been updated to reflect UPS 2009 rates
- Next Day Air Early A.M. now calculates correctly (in previous versions it never appeared)
- Air shipments out of Alaska now calculate correctly
- Ground shipments into Hawaii from the lower-48 now calculate correctly
- Support has been added for extended remote residential delivery surcharges, Alaska remote delivery surcharges, and Hawaii remote delivery surcharges.
- The rate table selection controls have been modified to more closely mirror the control layout on UPS' online rate calculator.
- It is now possible to configure rate calculation for shippers that drop their packages off at a retail location, and do not pay an on-call pickup surcharge.
- On-call pickup surcharges are now delivered as part of the rate table download, instead of being built into the module.
- The module will now prompt for a redownload of the rate tables whenever an option is changed that invalidates the currently downloaded data.
Module: FedEx(R) Shipping Cost Estimate
- Improved handling of data from the FedEx server to prevent a fatal error during checkout if an invalid response is returned.
Module: European VAT
- Product settings are now properly validated and saved when adding a new product.
Module: Canadian VAT
- Orders containing multiple PST-exempt products now calculate PST correctly.
Module: Customer Order Confirmation HTML Email
- For new installations, the shipping last name is now included in the default template code.
- Fixed a bug that caused an empty screen, with no Next or Previous button, when configuring the module via the "Set Up Fulfillment" wizard.
Module: Email Merchant Notification
- A message has been added to the configuration screen displaying the list of allowable separator characters for multiple email addresses.
Module: Import Categories from Flat File
- Categories may no longer be imported with blank codes or names.
Module: Import Products from Flat File
- When importing custom fields, an invalid product code no longer causes the custom field values to be assigned to random products.
- A new option has been added to allow custom field deletion when importing empty values.
Module: buySAFE 2.0
- Fixed a bug that caused shoppers to be charged for buySAFE bonding without the bonding being properly recorded at buySAFE.
Module: Microsoft Live Search cashback
- This module is now part of the standard distribution.
- Fixed a bug that caused an empty validation message to be displayed when configuring an alternate product description.
- Default values are now provided for all optional <Store_Create> sub-tags.
- A new module feature, "not_seo", has been added which allows modules to receive notification of changes to the SEO Settings. Modules that implement this feature must provide the following function:
Module_Notify_SEOSettings( module var, seo_settings var )
- Component modules may now throw exceptions during their ComponentModule_Initialize function, by calling the Template Manager function TemplateManager_Throw_Exception( code ). When a component module throws an exception, the rendering of a page will be aborted and the exception will be routed to the current Store UI module for handling. Three new exceptions are now handled by MMUI: page_not_found, product_not_found, and category_not_found.
- A new function has been added to the "vis_order" feature for modules with a reported API version of 5.03 or greater:
Module_Order_Delete_Order( module var, order var )
This function replaces calls to the existing Module_Order_Delete function, but allows modules to more easily determine which order is being deleted.
- Empty function ProductList_Load_Offset_Customer_Category has been removed from lib/dbeng/products.mv.
- Unused FulfillmentModule_xxx functions left over from the 4.x code branch have been removed from meremail.mv.
- If Module_Install_Store fails, modules are no longer left installed in the store.
- When modules with multiple features are installed, all of the features are now registered.
- When modules are uninstalled, all Store Morph Items referencing those modules are automatically deleted.
- Readded functions Attribute_Sort_Swap(), Option_Sort_Swap(), Attribute_Update_DisplayOrder(), and Option_Update_DisplayOrder() that were mistakenly removed in core-17.
- Module_Affiliate_Tabs is now properly called for modules implementing the "vis_affil" feature.
Community forum post http://extranet.mivamerchant.com/forums/showthread.php?t=21489