WP eCommerce 4.0 Beta 1

The 4.o release of WP eCommerce is quickly approaching! We’re now in our beta period, and we’re taking this opportunity to share with you about all of the major changes that are occurring in this release. We’ll likely have 2-3 beta releases and 1-2 release candidates before we launch 4.0. There’s something for everything, and some parts of this release have been in active development for over two years!  It’s the last of our monolithic releases, and it is going to position us to move forward with more regular major releases, which we’re ecstatic about. Without any further adieu, here’s an outline of some of the major changes to this release, along with specific areas to test in each area. New Theme Engine By far the largest, most revolutionary change in the 4.0 release, we finally have an updated, modernized theme engine in WP eCommerce.  It has taken literally thousands of man hours, being in development since 2013, exclusively by core contributors to WordPress – so you know it’s good.  Built on an MVC approach at the development level, filled with helpful actions and filters, and crafted from the ground up according to the best usability research available – there isn’t a better default theme engine in the market today.  We’re incredibly proud of the work done here and can’t wait for you to try it.  With all of that said, our commitment to backwards compatibility is as strong as ever.  This new theme engine is actually only activated if we think it can be activated.  That means if you have any template files from the old (1.0) theme engine in...

WP eCommerce 3.9.4

Today, we released WP eCommerce 3.9.4.  This is a security and maintenance release.  As such, we highly recommend updating your sites.  From our changelog, this release includes the following fixes: Security Fix: Harden several instances of $_POST input that were not sanitized properly. Specifically, PayPal settings and Quick Edit fields for products. Security Fix: Do not return visitor meta if WP eCommerce presumes a user to be a bot. Enhancement: Provide a notice for users to repair their WP eCommerce tables if visitor and visitor meta tables are in need of repair. See #1901. Fix: Notices on stats saving for products. The primary fix here was due to a circumstance whereby user data could be exposed unintentionally.  If your visitor tables somehow became corrupted, our visitor meta API would think that all users were bots. As such, it would save user meta from humans (which, by the way, are not bots) to the same ID.  This would cause exposure of data from one human to another.  This is less than ideal. As part of this update, we’ve added a routine to check if the tables are corrupt and in need of repair.  If so, you should see a notice in your admin dashboard.  However, if that doesn’t show up for any reason, you can define the WP_ALLOW_REPAIR constant in your wp-config.php file – or add “add_filter( ‘wpsc_tables_need_repair’, ‘__return_true’ );” to your functions.php file in your theme. Please update...

Gold Cart 2.9.8 Release and SagePay Info

Gold Cart version 2.9.8 is now available for download on Your Account page if you have an existing account on wpecommerce.org If you don`t have an account yet, use the Account Migration page to move your old Gold Cart API info into a brand new account. Below is the changelog for the 2.9.8 version: * Update: BluePay to send cart items in the comments field. * Update: SagePay gateway updated to protocol 3.00 ( Effective July 31st 2015 ) * Update: eWay now uses Direct Connection and client side encryption of the credit card fields. No need for PCI Compliance * Update: Authorize.net 2.0 now sends the State field...

Important Security Release for ALL WP eCommerce Users

tl; dr: Update your plugins.  All of them.  Including WP eCommerce. Massive thanks to WordPress.org security team, Yoast, and many others. What Happened? Joost de Valk, of Yoast fame, discovered a vulnerability in several of his plugins.  We won’t tell his story here, as he’s done a brilliant job of it on his blog post.  Long story short, he found a vulnerability in his plugins with regards to usage of add_query_arg and remove_query_arg. We’re grateful to those who disclosed the vulnerability responsibly to Joost, Joost for working so closely with with the plugin developer community, Sucuri for running point on security disclosure and the WordPress.org Security team for helping coordinate plugin updates. Stop, Collaborate and Listen This is very possibly among the most coordinated, collaborative upgrade processes in the WordPress community.  I have never personally been part of such an effort, and it has been inspiring to see developers of all backgrounds working together towards a common goal: a more secure WordPress ecosystem.  I’m endlessly impressed by all involved and humbled to be part of such a great community.  You’ll see dozens of plugins with updates today, all coordinating together. None of this would be possible without everyone working together.  Open source FTW! Users: Where’s the Update? If you don’t see the update yet, go to your wp-admin/update-core.php page, under Dashboard → Updates, this will clear the cache for all updates and should then show you the updates for our plugins. Going to this page will also make sure any automatic updates are done a few seconds later too. Be sure to check your plugins page a minute or so later to...

Are you leaving money on the table with FedEx and UPS?

We’re excited to announce an incredible partnership we’ve forged with a fantastic start-up in the US, 71lbs. The premise behind their offering is simple: FedEx and UPS guarantee on-time delivery.  If they fail on this promise, even by one minute, you’re entitled to a full refund.  How many of us ever check the timeliness of these deliveries?  They’re betting very few of us do – and we think they’re right. Through their proprietary automated systems, they’ve made it incredibly easy for those of us shipping physical goods to get the money from UPS and FedEx that they rightly owe us on the 4-6% of shipments that arrive to our customers late.  We couldn’t be more excited to partner with such an innovative and like-minded company.  Like us, they’re working for small businesses – innovating in new and exciting ways to keep more of our money in our pockets. Check them out...

Documentation Migration Complete

We’re proud to announce an all new Docs site. We’re working harder than ever to make sure the info you need is clear, precise and easy to find. We have now finished migrating all of our old documentation from our previous website. These articles may all be found within the “Legacy Docs” category. This is provided as a historical reference for those that may still use an older version of our plugin. In our new, main docs section we are working hard to make sure we provide the most accurate and timely information possible. We welcome our users to review our new docs site http://docs.wpecommerce.org We would love your feedback and to know what more we can do to make sure we are providing everything you need to run a successful online store. Thank you all so much for being patient while things come together! I promise you 2015 is going to be a spectacular year with many happy surprises!...

WP eCommerce 3.9

After a fantastic beta and RC cycle, we’re incredibly pleased to introduce WP eCommerce 3.9! Not only does 3.9 include many fixes and a whole lot of polish, but it also symbolizes our first major update since Justin Sainton agreed to come on board as our new lead developer and partner in our business. Justin brings nearly 8 of years of WordPress development experience and has made dozens of contributions to WordPress core. 3.9 | Under the Hood Shop owners will be pleased with these great new improvements: Free checkout capabilities – WP eCommerce now allows for payment gateways to be bypassed if a cart’s total is zero.  We’ve had countless requests for this and are pleased to be releasing this feature in 3.9. Updated payment gateways – We’ve updated the included PayPal payment gateways, adding new versions of Express Checkout and PayPal Payments Pro, as well as adding PayPal Digital Goods – a fantastic payment gateway for sellers of digital goods. A new extensions marketplace – you can now purchase, download and install all of our premium plugins, right inside WordPress.  Beyond our own plugins, we’re introducing trusted third-party developers into this marketplace.  When you purchase from this marketplace, right inside WordPress, you can be assured that you’re getting rock-solid code that has been fully tested and vetted by our staff.  It’s the most trusted channel for WP eCommerce extensions.  More on this below. Fellow WordPress developers will be pleased to know that 3.9 includes over 70 closed issues and updates including great new developer APIs and a new payment gateway class which already supports several new Paypal certified gateways. If you are a developer interested in our new payment...

WP eCommerce 3.9 RC

It’s finally here – WP eCommerce 3.9 RC.  We intend to launch WP eCommerce 3.9 between Tuesday and Thursday of next week, depending on any issues that crop up during this RC.  We highly recommend testing all your sites on the 3.9 RC – create backups, use staging servers, you know the drill 😉 NOTE: Strings are frozen at this point.  Translators, the .pot file has been updated – we’ll gladly merge PRs for translations between now and 3.9. We had a great initial beta, as well as an awesome beta 2 cycle.  Be sure to check both of those posts out, as well as our changelog (and for developers, a commit history) to check things to test. Changes since Beta 2 Updated .pot file for translators. Added Gruntfile.js and package.json files Made WPSC_Purchase_Log::delete() not-static Fixed long-broken update_product_meta() and delete_product_meta functions.  Parameter containing previous value was never properly passed. wpsc_is_store_admin() is now available outside the admin dashboard. Soft deprecation of wpsc_delete_purchlog(), in favor of WPSC_Purchase_Log::delete() In the coming weeks, we’re looking forward to increased developer communication with regards to the new marketplace and the new APIs we’ve introduced.  Here in the US, we’re celebrating Thanksgiving – what a great opportunity to tell you how grateful we are that you partner with us in the WP eCommerce community.  Cheers! Download WP eCommerce 3.9...

Developers: Join the WP eCommerce Marketplace

WP eCommerce has a marketplace! A place for WordPress developers to create and sell extensions specifically for WP eCommerce.  We aim to be the most authoritative, canonical, trusted source of eCommerce plugins.  Because of amazing developers like you, user and store administrators will know they can trust the premium quality plugins that come from our extensions marketplace. On top of that, we aim to be the most developer-friendly marketplace out there!  When you win, we win. Tell Me More… Happy to! The most important points to note are as follows; Our initial revenue share amount is 50/50; This is on the understanding that we’ll ensure a healthy ecosystem, we’ll maintain the WP eCommerce Plugin and marketplace website, and that you’ll keep your Plugin updated and healthy. We’ll even look after basic customer triage for you and forward to you any serious support requests. As we grow, we’ll work with developers to explore a tiered commission approach that incentivizes developers and is a win-win for everyone.  We may adjust this in the future, but for now, this allows us to learn and grow and develop a better marketplace. Developer friendly; Our marketplace is integrated with Github and Bitbucket. You simply sign up / login with your WordPress account, set yourself up as a vendor and tag your release You get paid! We do payouts for every month at the end of the following month.  This is necessary, as it covers the refund policy window of 30 days. How do I sign up? Glad you asked.  You can apply to be a part of our marketplace right here. Sign...

WP eCommerce Beta 2

It’s been a whirlwind of activity on Github since our first beta release, just over a week ago. Since beta 1, we’ve made the following changes: * Over 70 new commits, covering: * Improved documentation * Fixed bug with marketplace authentication. * Improved marketplace UI (ordering, description length, and modal closing) * Minor CSS improvements to 1.0 theme engine * Minor improvements to product admin UI * On new installs, shipping is enabled by default. * Purchase Log email now defaults to WordPress admin email. * Payment gateways are now ordered alphabetically. * If a 2.0 payment gateway has a 3.0 replacement, and the 2.0 version is not being used, the 2.0 version is not shown. * A fix for percentage-based weight rate shipping * A fix for weight rates of “0”. * A fix for manual payment gateway instructions slashing. * Added an upgrade routine to give Latvia the proper currency, Euros. * Fixed a long-standing bug: when duplicating products, the referenced images were the same as the original product. When deleted on one product, they were deleted on the other. No more. * Fixed notice for already defined constant on user account page. Things to Test Free Checkout – We added the ability to check out on carts that have a value of $0.  This was never possible before, but we received requests for it constantly. Please test it! New Payment Gateways – We’ve added a new payment gateway API, along with updated PayPal gateways for it (and an update Manual Payment Gateway). Extensions Marketplace – We have the most integrated Extensions Marketplace of any plugin we’re...