Changes in Product Licensing/Support

As of today, we have implemented a new licensing system. Since the new licensing system has been enabled, old API Keys are no longer compatible with the new licenses. We recognize this is an inconvenience. However, we will do our best to make sure you still have access to past download files and access to our support system.   What Has Changed? The new support system no longer requires what was known as a Support Token and will only validate the license. All new licenses are valid for 1 year from the time of purchase. In that time you get unrestricted access to support and to plugin updates. Old API keys that are expired (over 1 year old since purchase) can no longer be used and for that reason we will offer you a coupon so that you can purchase a new license key at a discounted price. From now on if you require Premium Support you can do that by going to the Your Account page and using the Support tab. You will need to enter your License key when creating a new support request which will be validated. If it fits in the 1 Year free support time frame since the date of purchase then your support request will be sent to us. Also on the user account page you will be able to view all your current licenses and their status and expiration date. Each product (built by WP eCommerce) purchased from our website will receive 1 License key which you will need to post new support requests.   Gold Cart and other plugins Until now we...

Gold Cart 2.9.10

Gold Cart version 2.9.10 is now available for download on Your Account page if you have an existing account. With this version and the introduction of License keys that replace our old API Key system Gold Cart will be “registered” as soon as you activate it and if you do choose to enter your License key on your website under the WPeC Licensing menu it will allow you to receive automatic plugin updates via the Plugins menu as long as the License is not expired and not suspended.   Below is the change log for the 2.9.10 version: = 2.9.10 = * Feature: Automatic plugin updates now available only with License keys. Product License must be registered on your website under Dashobard -> WPeC Licensing menu. * Update: SagePay now supports Authenticate payment type * Update: Compatibility with WordPress 4.3 * Fixed: Some grid view forced styles have been removed * Update: PayFlow Pro Card CVV length now accepts 4 characters * Update: Authorize.net Endpoints and Security Certificate...

WP eCommerce and the latest PayPal SHA 256 Announcement

PayPal announced on it’s developer website, as well as via an email sent to all PayPal business customers who’ve used the PayPal IPN within the last year that it is moving to a new SSL certificate type for all of it’s API endpoints that use a bundled certificate. WP eCommerce, and our official extensions, are 100% compatible with the changes, and will not require an update of any kind. For your information we feel it’s important to provide additional information that may help. By and large this is a server related issue. Here is PayPal’s official documentation on the topic. You can check your SSL by copying and pasting the certificate or CSR file into https://certlogik.com/decoder/ this will give you many details about the security level of your SSL. If your server is running cPanel 11.46 or newer SHA-256 has been the default. Any SSLs you have generatd within the last year or so would be compliant. We strongly urge you to consult your hosting provider for additional...

WP eCommerce 4.0 Beta 1

The 4.o release of WP eCommerce is quickly approaching! We’re now in our beta period, and we’re taking this opportunity to share with you about all of the major changes that are occurring in this release. We’ll likely have 2-3 beta releases and 1-2 release candidates before we launch 4.0. There’s something for everything, and some parts of this release have been in active development for over two years!  It’s the last of our monolithic releases, and it is going to position us to move forward with more regular major releases, which we’re ecstatic about. Without any further adieu, here’s an outline of some of the major changes to this release, along with specific areas to test in each area. New Theme Engine By far the largest, most revolutionary change in the 4.0 release, we finally have an updated, modernized theme engine in WP eCommerce.  It has taken literally thousands of man hours, being in development since 2013, exclusively by core contributors to WordPress – so you know it’s good.  Built on an MVC approach at the development level, filled with helpful actions and filters, and crafted from the ground up according to the best usability research available – there isn’t a better default theme engine in the market today.  We’re incredibly proud of the work done here and can’t wait for you to try it.  With all of that said, our commitment to backwards compatibility is as strong as ever.  This new theme engine is actually only activated if we think it can be activated.  That means if you have any template files from the old (1.0) theme engine in...

WP eCommerce 3.9.4

Today, we released WP eCommerce 3.9.4.  This is a security and maintenance release.  As such, we highly recommend updating your sites.  From our changelog, this release includes the following fixes: Security Fix: Harden several instances of $_POST input that were not sanitized properly. Specifically, PayPal settings and Quick Edit fields for products. Security Fix: Do not return visitor meta if WP eCommerce presumes a user to be a bot. Enhancement: Provide a notice for users to repair their WP eCommerce tables if visitor and visitor meta tables are in need of repair. See #1901. Fix: Notices on stats saving for products. The primary fix here was due to a circumstance whereby user data could be exposed unintentionally.  If your visitor tables somehow became corrupted, our visitor meta API would think that all users were bots. As such, it would save user meta from humans (which, by the way, are not bots) to the same ID.  This would cause exposure of data from one human to another.  This is less than ideal. As part of this update, we’ve added a routine to check if the tables are corrupt and in need of repair.  If so, you should see a notice in your admin dashboard.  However, if that doesn’t show up for any reason, you can define the WP_ALLOW_REPAIR constant in your wp-config.php file – or add “add_filter( ‘wpsc_tables_need_repair’, ‘__return_true’ );” to your functions.php file in your theme. Please update...

Gold Cart 2.9.8 Release and SagePay Info

Gold Cart version 2.9.8 is now available for download on Your Account page if you have an existing account on wpecommerce.org If you don`t have an account yet, use the Account Migration page to move your old Gold Cart API info into a brand new account. Below is the changelog for the 2.9.8 version: * Update: BluePay to send cart items in the comments field. * Update: SagePay gateway updated to protocol 3.00 ( Effective July 31st 2015 ) * Update: eWay now uses Direct Connection and client side encryption of the credit card fields. No need for PCI Compliance * Update: Authorize.net 2.0 now sends the State field...

Important Security Release for ALL WP eCommerce Users

tl; dr: Update your plugins.  All of them.  Including WP eCommerce. Massive thanks to WordPress.org security team, Yoast, and many others. What Happened? Joost de Valk, of Yoast fame, discovered a vulnerability in several of his plugins.  We won’t tell his story here, as he’s done a brilliant job of it on his blog post.  Long story short, he found a vulnerability in his plugins with regards to usage of add_query_arg and remove_query_arg. We’re grateful to those who disclosed the vulnerability responsibly to Joost, Joost for working so closely with with the plugin developer community, Sucuri for running point on security disclosure and the WordPress.org Security team for helping coordinate plugin updates. Stop, Collaborate and Listen This is very possibly among the most coordinated, collaborative upgrade processes in the WordPress community.  I have never personally been part of such an effort, and it has been inspiring to see developers of all backgrounds working together towards a common goal: a more secure WordPress ecosystem.  I’m endlessly impressed by all involved and humbled to be part of such a great community.  You’ll see dozens of plugins with updates today, all coordinating together. None of this would be possible without everyone working together.  Open source FTW! Users: Where’s the Update? If you don’t see the update yet, go to your wp-admin/update-core.php page, under Dashboard → Updates, this will clear the cache for all updates and should then show you the updates for our plugins. Going to this page will also make sure any automatic updates are done a few seconds later too. Be sure to check your plugins page a minute or so later to...

Are you leaving money on the table with FedEx and UPS?

We’re excited to announce an incredible partnership we’ve forged with a fantastic start-up in the US, 71lbs. The premise behind their offering is simple: FedEx and UPS guarantee on-time delivery.  If they fail on this promise, even by one minute, you’re entitled to a full refund.  How many of us ever check the timeliness of these deliveries?  They’re betting very few of us do – and we think they’re right. Through their proprietary automated systems, they’ve made it incredibly easy for those of us shipping physical goods to get the money from UPS and FedEx that they rightly owe us on the 4-6% of shipments that arrive to our customers late.  We couldn’t be more excited to partner with such an innovative and like-minded company.  Like us, they’re working for small businesses – innovating in new and exciting ways to keep more of our money in our pockets. Check them out...

Documentation Migration Complete

We’re proud to announce an all new Docs site. We’re working harder than ever to make sure the info you need is clear, precise and easy to find. We have now finished migrating all of our old documentation from our previous website. These articles may all be found within the “Legacy Docs” category. This is provided as a historical reference for those that may still use an older version of our plugin. In our new, main docs section we are working hard to make sure we provide the most accurate and timely information possible. We welcome our users to review our new docs site http://docs.wpecommerce.org We would love your feedback and to know what more we can do to make sure we are providing everything you need to run a successful online store. Thank you all so much for being patient while things come together! I promise you 2015 is going to be a spectacular year with many happy surprises!...

WP eCommerce 3.9

After a fantastic beta and RC cycle, we’re incredibly pleased to introduce WP eCommerce 3.9! Not only does 3.9 include many fixes and a whole lot of polish, but it also symbolizes our first major update since Justin Sainton agreed to come on board as our new lead developer and partner in our business. Justin brings nearly 8 of years of WordPress development experience and has made dozens of contributions to WordPress core. 3.9 | Under the Hood Shop owners will be pleased with these great new improvements: Free checkout capabilities – WP eCommerce now allows for payment gateways to be bypassed if a cart’s total is zero.  We’ve had countless requests for this and are pleased to be releasing this feature in 3.9. Updated payment gateways – We’ve updated the included PayPal payment gateways, adding new versions of Express Checkout and PayPal Payments Pro, as well as adding PayPal Digital Goods – a fantastic payment gateway for sellers of digital goods. A new extensions marketplace – you can now purchase, download and install all of our premium plugins, right inside WordPress.  Beyond our own plugins, we’re introducing trusted third-party developers into this marketplace.  When you purchase from this marketplace, right inside WordPress, you can be assured that you’re getting rock-solid code that has been fully tested and vetted by our staff.  It’s the most trusted channel for WP eCommerce extensions.  More on this below. Fellow WordPress developers will be pleased to know that 3.9 includes over 70 closed issues and updates including great new developer APIs and a new payment gateway class which already supports several new Paypal certified gateways. If you are a developer interested in our new payment...