News

osCommerce Online Merchant v2.3.3.1
27th August 2013 by Harald Ponce de Leon

osCommerce Online Merchant v2.3.3.1 is a security and general maintenance release focusing on improving core features.

This release is in preparation of v2.3.4 containing additional improvements.

Changes

  • Who's Online
    Parse REQUEST_URI with tep_db_prepare_input() before storing the value in the database. Replace REMOTE_ADDR with tep_get_ip_address().
  • Administration Tool -> Catalog -> Categories/Products
    Fix product price gross tax calculations when adding or editing products.
  • Session
    Register a shutdown function to close and write the session data. Also check for and allow , (comma) and - (minus) characters in the session ID.
  • tep_redirect()
    When redirecting from HTTPS -> HTTP and replacing the url with a HTTPS version, also take DIR_WS_HTTPS_CATALOG into consideration which may differ from DIR_WS_HTTP_CATALOG.

Upgrade from v2.3.3 to v2.3.3.1

A detailed upgrade guide is available online at:

http://library.oscommerce.com/Online&en&oscom_2_3&release_notes&v2_3_3_1

Download

Full and Update Packages of osCommerce Online Merchant v2.3.3.1 can be downloaded at:

http://www.oscommerce.com/solutions/downloads

Thank You!

We'd like to thank the community for their feedback on our releases. In addition, we thank the following people who participated in the development of this release.

Bug Reporters

Reference

A full list of source code changes can be seen at:

https://github.com/osCommerce/oscommerce2/compare/v2.3.3...upgrade2331

Acknowledgements

We'd like to thank Chris Wood for bringing a security issue to our attention.

Back to listing