Al Brookbanks

An important security update is included with this release of CubeCart due to a remote code execution vulnerability found within the 3rd party phpMailer library. The phpMailer library is included in all releases of CubeCart from 5.0.0 and is responsible for the delivery of all store email. How to patch without upgrading to 6.1.2 Please download CubeCart 6.1.2 and extract the archive. Delete your classes/phpMailer folder and replace it with the folder from 6.1.2. This patch will work for any version of CubeCart of 5.0.0 or higher. What else is new? - 70 Closed Issues - Significant optimisations and stability upgrades to the database and file backup/restore tools. - Auto assign of image uploads to products. - Image folder create tool from add/edit product. - Toggle view assigned/all images on product edit page. Important Release Notes From 6.1.2 CubeCart requires ZipArchive which replaces the old PclZip library which hasn't been developed since 2009. Please verify that your PHP configuration has ZipArchive support prior to upgrading. We have attached a PHP script (ziparchive-check.php) which can be used to verify prior to upgrade. Download Link: CubeCart-6.1.2.zip Download Link: CubeCart-6.1.3.zip

Hi Gary, I have forwarded your PM to the helpdesk. I'll get back to you asap.

Hi Gary, this is something we have done many times under our "technical support & management" service. More info here https://www.cubecart.com/technical-support

I'd like to wish everyone a very merry Christmas and happy New Year. Many thanks to all our customers for your business this year and I very much look forward to working with you and getting to know you more in 2017. I'd like to also offer a huge thank you to all those who have contributed their time to help improve CubeCart this year. Christmas Office Hours Sat 24th Dec - Closed Sun 25th Dec - Closed Mon 26th Dec - Closed Tue 27th Dec - Closed Wed 28th Dec - Open (9am - 5:30pm) Thu 29th Dec - Open (9am - 5:30pm) Fri 30th Dec - Open (9am - 5:30pm) Sat 31st Dec - Closed Sun 1st Dec - Closed Mon 2nd Dec - Closed

I can't really see any security concern here. Can you check your subscribers list? Dashboard > Customers > Mailing List

By the time I have gone to the effort of implementing 1259 it would be a no brainer then go the extra 10% and complete the integration into CubeCart as standard. I'm behind on a lot of issues and thin on resources so I'm sorry to say that I don't think this will be done any time soon even though I can see the appeal is great.

Just repeating what the others have said.... https://support.cubecart.com/Knowledgebase/Article/View/215/40/my-store-redirects-to-the-admin-dashboard-when-i-click-save

After its enabled look for the security suite link on the main navigation section.

So to my understanding it boils down to sever config as to what the regex character class "\w" matches. Some servers will only allow [a-zA-Z_0-9] whilst others allow "foreign" characters. A bit more info here... http://php.net/manual/en/regexp.reference.character-classes.php I have more digging to do yet. From my testing on Max OSX the following works well. Thanks Brian. #[^\p{L}\w\.\-\_]#iu

That doesn't work for me. Creating a folder called 動物 returns __

Changing the name of the logo file is probably the easiest way to fix this. If the name has changed the browser won't have cached it and as a result it should request the new content.

Welcome Nivedita! CubeCart is 100% free and open source but you need a web hosting account. More info here: https://www.cubecart.com/hosting-requirements CubeCart has the GNU 3.0 software license. You can read its terms here: https://www.gnu.org/licenses/quick-guide-gplv3.html

Can you restore a backup?

Yes that would be cool.

Only globally via the stores settings for sale mode.

If a product is £100 and you update the price to 10% then it will be £10. To reduce it by 10% use 90 in the field. To increase it by 10% use 110. There is no way to do that other than an SQL query to set the sale price as retail price * 0.9.

A question mark for the start of a query string with anything after it will force a cache clear in most browsers.

Maybe the browser has cached the SSL redirect. https://www.a2hosting.com/kb/getting-started-guide/internet-and-networking/clearing-a-web-browsers-ssl-state Or just try: http://127.0.0.1/cubecart6/index.php?123

Brian is right. SSL is not forced on the admin login. Just change the protocol back to http://, login and correct your settings.

Yes please rename the admin.php file to whatever you want and then reflect these changes in the includes.global.inc.php file. You can use anything so long as it has the .php extension.

I've seen this issue before. It's probably not matching up the domain or protocol right in the auto generated code for the allowed URL.

Hi Varptr!! CubeCart has catalog only mode which switches off the ecommerce aspect.

Hahaha! Love it.

Sorry. You don't need a plugin. Just a little bit of basic JS. e.g. http://stackoverflow.com/questions/5618109/how-to-prevent-right-click-option-using-jquery Don't forget that there are other reasons for your visitors to use right click other than stealing images. e.g. Reload, Back, Translate, Share, Spell check a field Some uses have really distinct browsing habits and turning right click off may frustrate them. Personally it frustrates the hell out of me. None of the big sites like Ebay, Amazon etc disable right click. I think in conclusion you risk upsetting users over a small minority who may use right click to take images.

watermarking is a great idea Alec I never thought of that.