We are pleased to announce the immediate availability of 6.1.6. Due to past stability issues with the auto upgrade tool we strongly recommend upgrading manually (see release note 1).
52 issues closed
A number of security patches and enhancements (release note 2).
Ability to edit order payment gateway name
File size added to file manager
Invisible Google reCaptcha with skin compatibility checker (release note 3)
Resend email from email log
Improved error reporting in debug mode
Physical & digital items as one product (release note 4)
Stability enhancements to auto upgrade tool.
Public folder added to file manager (release note 5)
Miscellaneous bug fixes.
1. Manual Upgrade
A bug in a previous release has caused a number of upgrade failures. We are aware of a number of stores running a mixture of code from mismatching versions. These stores may well be "stuck" like this until manually updated.
2. Security Patches and Enhancements
Our friends at Netsparker have identified a number of CSRF, XSS and directory transversal issues. These have all been patched and more. The default Foundation theme now has CSRF protection for all form data. The admin control panel now has CSRF protection on any GET requests that manipulate data such as delete. From now on CubeCart has continual security auditing powered by Netsparker for which we are very grateful.
3. Invisible reCaptcha
The default Foundation skin now supports Google Invisible reCaptcha to keep pesky bots and spammers out. We will be happy to integrate this for any of our merchants who has a custom skin who have an active managed technical support account.
4. Physical & digital items as one product
Many will be pleased to hear that CubeCart now supports the ability to have a digital download with the option of being physical too. It's simple just add a product option with a weight greater than zero. For example it would be possible to have an option group of "Format" with attributes "Digital" and "Physical". Just assigned a weight to the "Physical" attribute.
5. Public folder added to file manager
We get a lot of support requests asking why files added to the file manager can't be loaded directly in a browser. The reason for this is that they are protected with the intent to sell them as digital downloads. For those wanting to upload and link to digital files directly a new public folder exists in the file manager which is not protected.