Update 3.4.0: Focus on PCI Security

[Rutabaga]

Modular Merchant version 3.4.0
Released 09/02/2008

---

How do I update my Modular Merchant account?
For clients running version 3.x:
The next time you log in to your store Administration area, this update will automatically be installed.

If you're already logged in to your store's administration area when this update becomes available, then an icon stating "An Update is Available" will be displayed in the upper-right section of your Admin Home page. Click this icon to review the release notes, and then install the update by clicking the "Install this Update" button at the bottom of that page.

For clients running version 2.x:
Refer to this forum article for more information:
http://forums.modularmerchant.com/viewtopic/551/

---

This update includes the following items:

• Credit Card Security Code (CVV2) Treatment
  The retention and display of the credit card security code (CVV2 code) has been removed from the system in all circumstances. The credit card security is neither retained nor displayed, either in full partially, in either plain text or encrypted in the storefront, administration area, database or any other system managed by Modular Merchant.
• Admin Account Password Requirements
  Admin account passwords now require: at least one upper case and lower case letter, at least one number, at least one non-alphanumeric character, must be at least 7 characters in length. If your admin account's password does not meet these requirements, you will be prompted to update your password the next time you log in to the store's administration area.
• Coupon Submit displays Credit Card Error
  Fixed an issue in which submitting a coupon code in the same HTML form on the same page containing credit card fields could result in a "Credit Card Number Invalid" error message being displayed.
• Slashes being added to email contents
  Fixed an issue in the Modular Mailer module that would cause extra slashes to be added to the contents of the HTML email when clicking the "Make Changes" link in the template editor.
• Importing Zone apply
  The System ID (SID) number of each Zone Fee will be displayed on the Zone Fees page in the Groups & Zones section of the store's administration area.
• fopen Error Message When Updating Admin Accounts
  Fixed a bug that would cause "fopen permission denied" errors to be displayed on-screen when saving Admin accounts in certain circumstances. This issue would also cause the avatar image associated with the Admin account to be saved as the text "Array", instead of the actual image file.
• Search Orders: Sort by Number of Products in the Order
  Fixed a bug on the Search Orders page in which sorting by the "Number of products in the Order" column would display an error message when viewing all transactions (instead of a keyword search).
• Product Large Image Popup Window Size
  Fixed a bug that would prevent the "Large Image" popup window on the storefront's product page from opening at the correct size if the store software was installed in the root level of the website.
• Allow links to # character
  Fixed an issue in which URLs that linked to the "#" character would load the storefront home page instead of staying on the current page.
• Searching Orders Containing Zero Products
  The Search Orders page will now list orders that contain zero products when searching for all products. Using the Keyword Search option will still exclude orders with no products.
• CSS Files in Templates
  Fixed a bug that could prevent CSS files that begin with the letter "h", "t", "p", "u", "r" or "l" from loading correctly.
• mailto: Links in Templates
  Fixed an issue that would prevent "mailto:" links from working properly in some templates.
• Customer Editor: Password Requirement
  The password field in the Customer Editor screen is no longer required. This allows "passive" customer accounts to be created for mailing lists, customer groups, etc.
• Best Sellers Report
  The Best Sellers Report was pulling the product's Cost of Goods Sold (COGS) value from the "product" database table. This has been changed to pull the COGS value from the "order_items" database table. This will enable the Best Sellers Report to calculate more accurate COGS and Net Sales figures.
• Customer Details Page: Scheduled Order Editor
  Added options to put a customer's scheduled order on hold, taken off hold or deleted on the Customer Details page.
• Import / Export Preferences
  Further improvements have been made to the way the preferences are saved when either directly saving the preferences or exporting items on the following pages: Export Orders, Export Products, Export Customers, Export Categories and Export Manufacturers.
• {FIELD-PREVIOUS-CC-SECURITY} QuickCode Tag
  Added support for the {FIELD-PREVIOUS-CC-SECURITY} QuickCode Tag. For more details, see its entry in the QuickCode Tag glossary at: http://www.modularmerchant.com/quickcode_details.php?qcid=771
• UPS Shipping Rates
  Improved the support for the "UPS Saver" and "UPS Standard" shipping rates. If active in your store, real-time rates for these shipping methods should be returned more consistently now.
• Admin Account Editor Feedback Messages
  A confirmation message is now displayed when an Admin account is updated successfully. Also improved the warning and error messages displayed if changes need to be made to the Admin account.

_________________
Rutabaga
Keeper of the Development Schedule
Modular Merchant Shopping Cart Software.

[Rutabaga]

Update 3.4.0a has been released, which includes the following additional improvements:

• (3.4.0a) Improved Coupon Submission
  Further improved the coupon submission to fix an issue that could cause the store to reject coupons if the "submit coupon" button was a regular submit button instead of being an image button.
• (3.4.0a) Special characters in Admin Passwords
  Fixed an issue that could prevent admins from being able to log in to the store's administration area if their password included apostrophes or quotation marks.

_________________
Rutabaga
Keeper of the Development Schedule
Modular Merchant Shopping Cart Software.