We are currently on version 4.10.4.SP2 with PHP 5.6.40 and our simple site runs fine, no bugs, no issues, and overall happy with CSCart.
Instead of paging through all of the changelogs, could someone comment on :
- with the recent release of 4.12.2 and prior releases, are there significant vulnerabilities or PHP compatibility issues we are at risk of, and should we upgrade? (realizing I would wait a few weeks for 4.12.2)
- I am not sure which exact version caused the stir with simple checkout, but our current version is running step-by-step deprecated...is that same step-by-step deprecated checkout operational by default in 4.12.2?
- does 4.12.2 fix the rumored vulnerabilities reported in the last few days?
Just looking to get the latest stable version and security fixes, but don't necessarily need any more features. Thank you for any thoughts, and thank you for this forum's users!
Thank you for the reply, tbirn. My mistake...I think...cPanel stats show 5.6.40 which I did find strange when I first posted, but when I go into PHP manager it is showing our domain using 7.3. So, yes, definitely need to be on that. I know there was a URL or command I could use to find what we're actually running, so I'll make sure.
[EDIT : did a check, running 7.3.21, thanks again.]
Go to Administration/Logs, click the gear-icon select PHP Info.
That's the surest way to see what version of PHP you're running and how it's configured (actually configured by the time it gets through the layers to your site). cPanel does some strange things sometimes.
If you're going to incrementally upgrade and you do not utilize a dev server, I suggest this process:
1 - close storefront(s)
2 - backup production site
3 - upgrade to 4.11.5
4 - test, test, test
5 - reopen storefront(s).
6 - let run for a week to verify in production capacity
7- close storefront(s)
8 - backup production site
9 - upgrade to 4.12.1
10 - test, test, test
11 - reopen storefronts
Recommend the pause between 4.11.5 and 4.12.1 because of the forced changes to option combinations and some addon incompatibilities I've discovered at my client sites (other developer's addons).
Best to have a written test plan in hand so you can accurately go through the process with repeatability. Add to the plan if/when you discover issues. Save the test plan for the future. It should become a living document.