CubeCart version 5.2.9 released – update immediately

CubeCart E-Commerce

CubeCart version 5.2.9 released – a detailed look at the changes.

What has changed in CubeCart V5.2.9 since V5.2.8

  • Important Security Update: Session Fixation Vulnerability & Potential Session Hijack Patch.
  • The use of shared SSL certificates is no longer supported as the session ID is no longer passed in the URL
  • Improved PayPal Pro Direct Payment Error Handling
  • Fixes and improvements to the Checkout By Amazon Plugin
  • New PayVector Payment Gateway Module
  • Canonical Fix for “Sorting” variables
  • Smarty Tags Fixed in Rich Text Editor
  • “RTL” (right to left) language support fix
  • Fix to prevent possible empty order email notifications
  • Fixed hard coded links to admin folder in admin HTML and JS
  • A few miscellaneous bug fixes

CubeCart Version 5.2.9 changes explained in more detail

We have always recommended against using shared SSL certificates on any hosting account and no user on our hosting will be using one of these. However, if any other user has been using these previously, then you will need to temporarily disable the use of the SSL in the Admin Store Settings and then purchase and install a full SSL certificate.

The canonical fix corrects errors in the way the canonical url was constructed when sorting pages of products and was reported by us on behalf of several customers who noticed the issue (you know who you are !)

The changes to the PayPal Pro plugin include enhancements to ensure that it works correctly with PayPal’s Fraud Management Filters and were as a result of this thread

The changes to the Checkout By Amazon plugin fix various issues including an “Invalid Parameter” error message and a problem where product option details were lost after being sent through to the gateway as detailed in this thread

There have been a small number of issues reported recently with blank products sometimes being recorded within order details and also at times being shown within Order Confirmation emails sent out – a fix has been included in this version that is meant to prevent at least the latter of these from happening.

The issue with the smarty tags was to fix a bug introduced in 5.2.8 which allowed smarty tags to be added to homepage documents but caused under certain circumstances a blank homepage screen to be displayed.

The fix to the hard coded admin folder would only affect those customers that had either renamed the admin folder as a security protection or alternatively had created a new admin skin template

CubeCart V5 Upgrade

If you are already running CubeCart V5, then completing this upgrade can often be as simple as clicking on “Upgrade” within the Admin | Maintenance area. However there are some points to note specific to this version upgrade and if you are not comfortable with any of these then we strongly suggest that you order the CubeCart upgrade service from us.

  • Put the store into maintenance mode and then always do a full backup before upgrading
  • Always test the store immediately after the upgrade, before taking the store out of maintenance mode
  • The CubeCart setup folder needs to be manually deleted via FTP
  • If you have made any changes to core files or any of the core skin files then these will be over-written
  • If you are using the 3rd party Vector skin then this requires a small change to one core file. This is still required even though the CubeCart team have now added a new hook but the Vector skin still needs to be upgraded in order to use this

For any customers that are running the Shopdev Vector theme that will be doing their own upgrade, please feel free to Open a Support Ticket if you would like us to make this small code change on your behalf.

Our support team are available to perform this upgrade for any current V5 website whether you are already a customer of Havenswift Hosting or not – if you would like help or advice, then again please Open a Support Ticket or simply order the CubeCart Upgrade service from us.

The following two tabs change content below.
This is the main Havenswift Hosting company account that is used by different members of staff when making blog postings on behalf of the company rather than as individuals

Latest posts by Havenswift Hosting (see all)

Post Your Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright Havenswift Hosting 2007-2018. All rights reserved.