I’ve been asked several times how to run OXID eShop in a subdirectory like https://myluvelydomain.com/shop/. Actually, there are several methods to achieve this goal including the adaption of your apache vhost or via .htaccess forwarding. In this blog post I will describe how to use unix symlinks to resolve the situation as it is a very smart solution that can even be used to roll out and back between several versions of your project without any downtime.
CVE Identifier: CVE-2018-14020: An attacker is able to change the delivery address by bypassing the checkout process when using Paymorrow payment method.
CVE Identifier: CVE-2018-12579: An attacker is able to take over an access to user account.
Two days ago we published three releases, OXID eShop 6.0.1, 6.0.3 and 4.10.8/5.3.8. Please read this blog post for a summary of the changes.
OXID eShop 6.1.0 compilation contains two new modules (GDPR Opt-in + Klarna), monolog implementation, form field configuration, possibility to overwrite Smarty plugins with your own modules and is ready for the Personalization Option (EE). oxchkversion was removed from the admin panel.
This patch update contains bug fixes (incl. security issues 2018-002 as well as 2018-003), GUI changes have been done. Furthermore, the modules Klarna and GDPR Opt-in were added to the compilation. See details in this listing.
No GUI changes, no other bugs fixed but security issues 2018-002 and 2018-003, EoL release of OXID eShop series 4.10.
OXID eShop 6 introduced several improvements to the OXID eShop environment. These changes also have reached the module system, which leads to some new features for developers.
We’ve experienced requests concerning the “Right to data portability” (Art. 20 GDPR) on several channels. The legal text states someat like ” … receive the personal data … in a structured, commonly used and machine-readable format…”. As this is not a clear specification, provide an SQL script for reading out all relevant information from the database. Get the script from this blog post.
The behaviour of the PHP function __isset was changed with PHP version 7.0.6. OXID eShop makes use of this function __isset for lazy loading, and because of these changes lazy loading might behave unexpectedly in OXID eShop. Please read this blog post to avoid this unexpected behaviour in your projects and/or modules.
In order to improve the OXID eShop core code we are going to change some main principles of overwriting classes and methods when changing OXID eShop functionality with modules: methods may now be marked as private. This is not to cut away possibilities; there’ll be other means to catch up with what you want to achieve.
This patch update was extraordinarily pushed up to give you a proper time frame to establish the GDPR compliance with OXID eShop. Additionally, we started to introduce new principles of code writing in order to become more flexible, agile and innovative when changing the core. Anyway, this patch update contains bug fixes as well as loads of pull requests.