OXID eShop version 4.10.0 (CE + PE) & 5.3.0 (EE)

General hints for this package

• Beta phase ran from 26th April till 05th July 2016
• OXID’s Marketing Website for 5.3/4.10 (German)
• Product information on our website (German)
• Tested on PHP 5.3, 5.4, 5.5 and 5.6
• Please see this blog post if you run MySQL 5.6 and OXID eShop EE)
• OXID eShop series 4.8 will not be supported any more

Installation

For update instructions please see
http://www.oxid-esales.com/en/support-services/documentation-and-help/oxid-eshop/installation/oxid-eshop-update-installation.html

If you use Roxive theme:

Take care if you’re updating your OXID eShop installation to version 4.10.0 or 5.3.0 when using the Roxive theme by Digidesk. Unfortunately, the updateApp wants to insert oxIDs into the database that might already exist (Roxive/Flow theme options) so you might get an appropriate error message.

Resolution: If you run Roxive already, please remove the file updateApp/updates/sql/4.10.0.sql from the update package.

This bug has already been fixed in our CI (continuous integration) scripts.

Templates

Please expect some very slight template changes with this update.

Improvements

• Avoid path traversal for downloadable files from the admin panel. This way a user with access to the admin panel might gather access to files of the OXID eShop system. Fix: OXID eShop now checks the path of the file, only file names in specific paths like downloads/ can now be altered. Many thanks Tim Herres of LSExperts (https://lsexperts.de/) for pointing us to that place.
• Updated PHPMailer version to 5.2.14.
• Clean up basket after user logs out. (fix for bug 5771)
• Admin panel got a CSS face lift

Fixed Bugs

Bugtrack change log

• https://bugs.oxid-esales.com/changelog_page.php?version_id=320
• https://bugs.oxid-esales.com/changelog_page.php?version_id=315
• https://bugs.oxid-esales.com/changelog_page.php?version_id=314

New Features

• Flow theme: new responsive theme, packaged to the OXID eShop bundle
  Please note that until the release of the OXID eShop 6.0 version, the Flow theme will remain in beta status, because we have not yet ported the automated test to it. We also still have to adapt the theme to be compatible with the demo mode of the shop. Anyway, as the theme has been used in many projects before, it is in a very stable state. Note that the new theme is not included in the update packages, only in the installation packages.
• Visual CMS (available for PE and EE): a module for easy management of CMS content via drag and drop. Please note that the new module is not included in the update packages, only in the installation packages.
• PAYONE module: module for PAYONE payment provider (all editions). Please note that the new module is not included in the update packages, only in the installation packages.

Important information for developers

• Please note that code, marked as deprecated, was removed with this version. Check the source code documentation, e.g. http://docu.oxid-esales.com/CE/sourcecodedocumentation/4.9.9/deprecated.html to find out which classes and methods have been marked as deprecated in the past.
• If the folder application/ was found in a module, OXID eShop expects the folder translation/ here and doesn’t expect any other location for the storefront translation files.

See a comparison to the former version on GitHub