Re: 4.1.9 changelog
 

I would be very interested in hearing Qualiteams take on this.

Re: 4.1.9 changelog
 

HAs anyone noticed the the web master mode has changed also.

Re: 4.1.9 changelog
 

Okay, I'm officially terrified of applying this upgrade. Should I wait for a while or what? I'm still new to X-Cart and am still reeeeally new and am trying to learn, but if this creates a bunch of problems it's gonna be a huge issue because I'm not sure how everything works and how one would go about fixing them.

Re: 4.1.9 changelog
 

If the update doesn't have something you have to have then wait until the next update.

Re: 4.1.9 changelog
 

That's pretty much what I did, I went through the diffs and backported only what we needed absolutely, the rest was insignificant as it wasn't used. Besides with how heavily we have ours modded a clean upgrade or even a clean install is not possible.

Re: 4.1.9 changelog
 

A good source of information about how to upgrade smoothly can be found at http://forum.x-cart.com/showthread.php?t=35125

I think you should have a look at it.

Re: 4.1.9 changelog
 

SMV,

If it was me I would wait. Our version was 4.1.3 and it needed the upgrade. I wanted 4.1.8 because it was stable. Well, by the time we got to it, 4.1.8 was no longer available. It took 4 days of countless hours back and forth with my webmaster, qteam and the hosting company to figure out why we had some serious error messages coming from the server relating to memory for the install of the upgrade. After we figured that out, 1 day to upload. There were so many errors we had to close the store, it looked terrible. Wait for qteam response, it takes 6 days and almost 400 manually updated files to complete the job, and there are still issues. I have been waiting for 4 days to hear back from qteam.

In the meantime we lost our page rank of 4 and all our links on Google.

Wait until they fix this one or at least until after the holidays. I wish I could have waited but we were concerned about security issues, so we took the leap.

Best wishes,

Re: 4.1.9 changelog
 

I'm sorry to hear all that :(

We'll def. hold out then!

Re: 4.1.9 changelog
 

anyone curious about mcrypt its something that is used to encrypt the order details etc. If its installed it encrypts things faster and if its not xcart uses its own logic to do it which is much much slower. I ran into problems with a site where it was not installed.

check with your host if its not installed and they will sort it

Re: 4.1.9 changelog
 

Thanks Shan!

For people running their own box, check the "php.ini" configuration file. It is loaded as an extension "extension=php_mcrypt.dll". (As of PHP version 5.2.3)

X-cart Team: Can you please verifiy why some people are getting the "MCRYPT" prompt, while others do not? On my box, I do not have "MCRYPT" enabled and were not prompted.

Thanks
-Tuan

Re: 4.1.9 changelog
 

I am now a MCRYPT server enabled user! Speed diff? Hmm well perhaps a wee bit better.

Re: 4.1.9 changelog
 

As far as the speed difference, are you referring to the store front or back-end admin area? Maybe both?

I am curious though, why would there be any speed difference for the store front, between with MCRYPT and without it? It shouldn't be encrypting anything on the store front, correct? It thought it would only impact the back-end because of the encryption on customer data and order details....Hmmmmm...

Hopefully the X-cart team will jump in and clear up this entire issue.

Thanks
-Tuan

Re: 4.1.9 changelog
 

Its a secret, only divulged to ancient Xcart users who have been able to grab the pebble from the carts hand! :-$

Re: 4.1.9 changelog
 

Certain PHP versions have known defects in processing of bitwise operations that are used during generation of encrypted data using Blowfish encryption method.
X-Cart utilizes bitwise operators emulation on these PHP versions, but this leads to slow generation of encrypted data and can have negative impact on X-Cart performance.

The message is shown only if x-cart installation procedure detected that PHP version installed on a client's hosting server has such bugs with bitwise operations processing. In order to overcome the issue the customer needs to install the latest stable PHP version or install the mcrypt php extension.

Re: 4.1.9 changelog
 

my install horror story! I ran the upgrade script after manually modding about 10 files.. Script processed then I hit continue.. The server kept trying to redirect somewhere.. I blew the .htaccess file out and got SQL errors about the session table not being there and access denied..

went to my backup, and am back on 4.1.8

Re: 4.1.9 changelog
 

you have to run the patch.sql file though phpmyadmin or command line and then there will not be any problems.

Re: 4.1.9 changelog
 

damn.. ok I will try that later..

Re: 4.1.9 changelog
 

Hi everyone,

We conducted research on "why upgrade to 4.1.9 is so hard".

First of all upgrade to 4.1.9 is *not defective* and it is applied properly if it is applied on standard X-Cart and if it is applied according to upgrade instructions.
I advise you to read discussion on this at http://forum.x-cart.com/showthread.php?t=35125).

Also, X-Cart v4.1.9 is a working version which we recommend to use especially if you are concerned about social engineering hacking methods. At the same time you do not have to upgrade to 4.1.9 at all, especially if you feel confident that you will not be swindled and if you are satisfied by how your current X-Cart version works. In this case we recommend you to apply security patch #2007-10-29 (I advise you to monitor discussion at http://forum.x-cart.com/showthread.php?p=192813#post192813 as we are going to release improved version of the patch soon).


:arrow: why upgrade to 4.1.9 is so hard?

In July 2007 we sent a newsletter about potential security issue in X-Cart which contained the following information:

The difference in this upgrade is that 4.1.9 contains that solution, i.e. besides usual number of various bug-fixes and minor changes in "every-day" features core of X-Cart v4.1.9 contains a good deal of completely new code which implements multiple protection schemes against the aforementioned and some other phishing ways to hack your online shop using social engineering methods.

The new code in X-Cart v4.1.9 core affected significant number of X-Cart PHP files in different places thus made upgrade to 4.1.9 harder than usual upgrade between minor versions. E.g. upgrade 4.1.8->4.1.9 affects 708 files and 50757 lines of code while upgrade 4.1.7->4.1.8 affects 391 files and 21313 lines of code and those changes between 4.1.8 and 4.1.9 are not just bug-fixes but portions of new code.

If you want to upgrade your store to v4.1.9 I recommend you to read http://forum.x-cart.com/showthread.php?t=35125 before you start.

Re: 4.1.9 changelog
 

Alexander,

Can you please comment on the new sql serialized array and how we should convert a 4.1.8 database to 4.1.9 (as this is hanging many people up and cauding upgrade errors). ?

Can we expect a pacth to toe sql update to correct this at some point?

Can we get an engineer to discuss why the change, and how we can modify our old code to become comptible.

Since there appears to be a data structure change, do you feel this upgrade would qualify for more than a single increment? Shouldnd't 4.1.9 have become 4.2?

I agree that for the most part, a 4.1.9 upgrade can be applied effortlessly in less than a few minutes -- IF the 4.1.8 store doesn't have many changes -- but if the changes are data fleds, there will be issues. Forget template edits -- let's talk real-world... 4.1.9 is great, agreed - but we need to get our 4.1.8 and earlier stores to 4.1.9 --- the database needs to be patched too. How can we do this?

Thanks,

Jeremy

Re: 4.1.9 changelog
 

I got mine to work.. what I did was apply the patch.sql to the database before updating the rest of the files.. cleared out the template cache and bam! everything worked great..

I only had to manually modify 10-12 files.. nothing too bad.. the only one that took more than a couple minutes was the meta.tpl.. just had to figure out the right spot to put the javascript below my custom code in there.. I use some of the cdseo mods..

Re: 4.1.9 changelog
 

Hi!

Were there any changes to the froogle.php file? Mine was working after the upgrade, now it isn't. I have a copy of the one provided to me by x-desk right before the upgrade. Just wondering if it is the same, since my Hot Rush x-desk ticket assigned tech has the day off and won't be in till tomorrow to help me. Cyber Monday in less than a week and my feed is not working (again). Opened the ticket about 10 days ago...

Thanks,

Re: 4.1.9 changelog
 

I was finally able to do the upgrade from 4.1.8 to 4.1.9

The issue was the many mods I had. And it didn't help by manually patching, either.

So the solution was to upload the unmodified 4.1.8 files, then upload the upgrade, then run it. That did the upgrade fine. Then went through and applied each mod, upload & test, until all were finished. And in the process fixed a couple of mod bugs :-)

Re: 4.1.9 changelog
 

Just noticed this problem after my upgrade. With help from x-cart technical (Sergey Tokarev) discovered that without the ID, USPS won't work.

Well I didn't have the ID written down. But I DID do a backup before upgrading. Opened the SQL backup in Textedit, searched for the password (which is not wiped) and right before it was the Web Tools ID. You can also just search for 'USPS username' and following that is the ID.

Whew!