OXID eShop version 4.3.0

General hints for this package

  • Aside from many new features and fixed bugs there are also fixed some security issues. Thus we recommend strongly to update as soon as possible. Find an overview over fixed security issues at http://wiki.oxidforge.org/Category:Security_bulletins
  • Since OXID eShop 4.3.0: Cumulative packages to jump over multiple releases using only one package. As the GUI is still in work, please expect it to be released the next few days on this page.
  • Now newsletter subscription link will be generated automatically in function _getNewsSubsLink() in oxemail.php.For more convenient handling you can replace this link in CMS pages from:
[{$oViewConf->getSelfLink()}]cl=newsletter&fnc=addme&uid=[{ $user->oxuser__oxid->value}]


  • As there is no Zend Optimizer available for PHP 5.3.0 we strongly recommend to not yet update to PHP 5.3.0. However, the Community Edition shall work properly.
  • oxEmail support for SSL and TLS with different ports is added:
For SSL or TLS encryption, use SMTP Server 
(Admin tool -> Master Settings -> Core Settings -> Main) 
definition in the following form:

> ssl://smtp.gmail.com:465
> tls://smtp.gmail.com:587

Note: please check your SMTP server's protocol (eith SSL or TLS) 
and enter correct protocol/port combination.

e.g. Google Mail has both services active on different ports 
Port for TLS/STARTTLS: 587
Port for SSL: 465
  • In Roadmap for OXID eShop 4.3.0 we announced to implement a feature called “Put more than one product from the product list view into the basket with a single click”. This feature will be realized as a module and will be available soon.


See http://www.oxid-esales.com/en/resources/help-faq/faq/how-update-one-release-another

Since this present version 4.3.0 we provide the Cumulative Update feature. Entering your present revision number to a form – no matter if you run a 4.2.0 or an older version of OXID eShop 4 – you will get the complete Cumulative Update or patch and thus can update with one step from e.g. 4.1.1 to 4.3.0.

We still work on the user interface for it and appreciate your patience for some days. Once the GUI for the Cumulative Update feature is finished, you will find it on this page.


Template changes have been made in this major release. For detailed information, see /templ_docu/index.html.

Please remember the Template Override System we introduced with version 4.2.0. This system will help you saving a lot of time and work while updating your system.

Fixed Bugs

  • 0001544: [Setup] Check also for mysqlnd driver during system requirements check.
  • 0001459: [Setup] Check for Zend Optimizer fails on Zend Server.
  • 0001386: [Admin area] problem with account data with special characters.
  • 0000968: [Admin area] wrong net price on order overview (admin).
  • 0001686: [Caching] AOL proxy caches the cookies.
  • 0001571: [Discounts] discount on categories isn’t calculated correctly.
  • 0001465: [Exceptions] Shop is redirected to “offline.html” without logging the reason for the exception.
  • 0001589: [Import & Export] number_format cannot have first argument as string with PHP 5.3.1.
  • 0001660: [Manufacturers] Heavy load from oxUtilsCount::getManufacturerArticleCount() because of Manufacturers with no articles.
  • 0001433: [Order processing] Adding to basket takes very long.
  • 0001456: [Order processing] Discount validity is wrong if article in basket has Scale Prices.
  • 0001546: [Admin area] PHP 5.3.0: Function split() is deprecated.
  • 0001434: [VAT] VAT recalculation in admin (pdf) is wrong.
  • 0001463: [Attributes] Attribute not displayed in English.

You may find the complete list of bugfixes in our bugtracking system: https://bugs.oxid-esales.com/changelog_page.php.

New Features

Many features of OXID eShop 4.3.0 were requested by community using OXID’s voting tool. Furthermore we have implemented many more useful new properties. For detailed information see the Roadmap.

  • States/provinces for countries where needed
  • Voucher Exclusion Feature
  • Switches for several components in frontend
    Hint: In the present version, these components are turned off. If you want to use them, please activate in Master Settings => Core Settings => Settings => Shop frontend. From version 4.3.1 on, these options will be switched on by default.
  • Manufacturer’s Article Number
  • FACT-Finder Update and search result optimization
  • Configurable Product:
    By clicking this box in tab Admin -> Administer Products -> Products -> Extended customers are allowed to enter individual product parameter when they put product to basket.
  • Multiword Tags Feature
    Now the tag lists is comma separated so you can enter multiword tags. For existing shops this feature is turned off after the update. Please see dev notes on how to turn it on.
  • Automatic Language Detection
    If browser’s language is known by OXID eShop, then it comes up in that language. Otherwhise, default language is displayed.
  • Improved Setup
    • Checks if standard shop paths (image folders, config file) are readable and writable for php
    • Updates .htaccess files by writing correct RewriteBase path value
    • For security reasons and for a properly working password reminder functionality for admins administrator password must be entered during install.
  • Added a switch for VAT calculation. Now choosable if VAT is calculated by billing or delivery country.
  • Upload Master Picture
    Changed handling of articles pictures. Now there is no need to upload pictures separately for icon, thumbnail and zoom picture. Customer uploads one master picture with highest resolution and all article pictures (icon, thumbnail, main picture and zoom picture) will be generated from this master picture. Article main icon and thumbnail are generated from first master picture. Also there is possibility to upload custom main icon and thumbnail. In this case custom icon and thumbnail will override icon and thumbnail generated from first master picture. All pictures are generated on demand.
  • Last not least we published OXID eShop’s Unit Tests and enable many developers to implement and certify their modules much more easy as it was before. For more detailed information see certificatin procedure at

Important information for developers

  • oxException::debugOut() method parameter is deprecated
New methods:

oxArticle::getBaseSeoLink()       - returns product seo URL, no possible dynamic parameters added
oxCategory::getBaseSeoLink()      - returns category seo URL, no possible dynamic parameters added
oxContent::getBaseSeoLink()       - returns content seo URL, no possible dynamic parameters added
oxManufacturer::getBaseSeoLink()  - returns manufacturer seo URL, no possible dynamic parameters added
oxRecommList::getBaseSeoLink()    - returns recommendation list seo URL, no possible dynamic parameters added
oxSimplaVariant::getBaseSeoLink() - returns variant seo URL, no possible dynamic parameters added
oxVendor::getBaseSeoLink()        - returns vendor seo URL, no possible dynamic parameters added
oxArticle::getBaseStdLink()       - returns product dynamic URL, no additional dynamic parameters added
oxCategory::getBaseStdLink()      - returns category dynamic URL, no additional dynamic parameters added
oxContent::getBaseStdLink()       - returns content dynamic URL, no additional dynamic parameters added
oxManufacturer::getBaseStdLink()  - returns manufacturer dynamic URL, no additional dynamic parameters added
oxRecommList::getBaseStdLink()    - returns recommendation list dynamic URL, no additional dynamic parameters added
oxVendor::getBaseStdLink()        - returns vendor dynamic URL, no additional dynamic parameters added
oxArticle::appendStdLink()        - appends standard URLs with given parameters

Deprecated functions:

oxSeoEncoder::_getAddParams(), should be used oxUtilsUrl::getAddUrlParams();
oxSeoEncoder::_getAddParamsFnc(), should be used oxUtilsUrl::getAddUrlParams();
oxUtils::prepareUrlForNoSession(), should be used oxUtilsUrl::prepareUrlForNoSession().


oxSeoEncoder::_getFullUrl()does not append URLs with dynamic parameters, such as shop id and currency id.

“remoteaccess” parameter support was removed at all. Introduced “aTrustedIPs” config parameter (see config.inc.php), where shop owner defines IP addresses, for which session + cookie id match and user agent change checks are off.

  • due to new feature “configurable product”, removed needless details_persparam.tpl template.
  • Multiword tags feature.

Now the tag lists is comma separated so you can enter multiword tags. For existing shops this feature is turned off after the update. In order to turn them on first you need to enable a configuration flag responsible for multiword tag handling. You can do that by an SQL statement:

SELECT md5(CONCAT( 'rand123', oxshops.OXID)), oxshops.OXID, 'sTagSeparator', 'str', 0xC9 FROM oxshops;

Next you should convert existing tags to comma separated lists, like this:
update oxartextends set oxtags = replace(oxtags, ' ', ',');
update oxartextends set oxtags_1 = replace(oxtags_1, ' ', ',');
update oxartextends set oxtags_2 = replace(oxtags_2, ' ', ',');
update oxartextends set oxtags_3 = replace(oxtags_3, ' ', ',');

And finally don't forget to instruct your customers to enter new comma separated values, you can write the instructions in templates.
  • New possiblity to override admin AJAX classes
  • New version has improved Apache “mod_rewrite” module check. When updating please do not forget to update .htaccess file:
RewriteRule admin/test\.php$ admin/test.php?mod_rewrite=1

should be changed to:

RewriteCond %{QUERY_STRING} mod_rewrite_module_is=off
RewriteRule oxseo\.php$ oxseo.php?mod_rewrite_module_is=on [L]
  • Added new (experimental) caching methods oxUtils::toPhpFileCache, oxUtils::fromPhpFileCache. The methods are responsible for caching array contents to php files. The advantage of such methods is speed. Instead of parsing and deserializing contents from txt file, we can just include php file.
  • in the new eShop version 4.3.0, the internal links in admin tool are changed from [{$shop->selflink}]?[{ $editurl }] to [{$shop->selflink}]&[{ $editurl }]. This allows to add parameters to the selflink not only in templates, but also in the admin php classes. Also, this may affect some modules, which uses admin interface templates with custom [{$shop->selflink}]?[{ $editurl }] urls for e.g. frameset definitions. The ‘?’ character in these urls should be replaced by the ‘&’.