Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Clarification On Versions... Rate Topic   - - - - -

 
  • wwgreen
  • Senior Member
  • Members
  • Join Date: 20-Nov 06
  • 420 posts

Posted 27 January 2021 - 05:42 PM #1

...hi all,

 

We are currently on version 4.10.4.SP2 with PHP 5.6.40 and our simple site runs fine, no bugs, no issues, and overall happy with CSCart.

 

Instead of paging through all of the changelogs, could someone comment on :

 

- with the recent release of 4.12.2 and prior releases, are there significant vulnerabilities or PHP compatibility issues we are at risk of, and should we upgrade? (realizing I would wait a few weeks for 4.12.2)

 

- I am not sure which exact version caused the stir with simple checkout, but our current version is running step-by-step deprecated...is that same step-by-step deprecated checkout operational by default in 4.12.2?

 

- does 4.12.2 fix the rumored vulnerabilities reported in the last few days?

 

 

Just looking to get the latest stable version and security fixes, but don't necessarily need any more features. Thank you for any thoughts, and thank you for this forum's users!


v4.11.3


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12076 posts

Posted 27 January 2021 - 08:16 PM #2

I don't think you will see any functional change going from 4.10.4 to 4.12.1 (can't speak to .2 yet).

However, I'd strongly recommend you upgrade your PHP to 7.3 or so.  5.6 is no longer supported and has known vulnerabilities.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • wwgreen
  • Senior Member
  • Members
  • Join Date: 20-Nov 06
  • 420 posts

Posted 27 January 2021 - 09:02 PM #3

Thank you for the reply, tbirn. My mistake...I think...cPanel stats show 5.6.40 which I did find strange when I first posted, but when I go into PHP manager it is showing our domain using 7.3. So, yes, definitely need to be on that. I know there was a URL or command I could use to find what we're actually running, so I'll make sure.

 

[EDIT : did a check, running 7.3.21, thanks again.]

 

Thanks again!


v4.11.3


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12076 posts

Posted 28 January 2021 - 12:24 AM #4

Go to Administration/Logs, click the gear-icon select PHP Info.

That's the surest way to see what version of PHP you're running and how it's configured (actually configured by the time it gets through the layers to your site).  cPanel does some strange things sometimes.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 22011 posts

Posted 28 January 2021 - 05:19 AM #5

We do not recommend to make upgrade up to 4.12.2 now. Wait for some time to make sure that this version is quite stable


GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • ikoshkin
  • Tech Writer
  • CS-Cart Architects
  • Join Date: 25-Nov 15
  • 506 posts

Posted 28 January 2021 - 09:01 AM #6

Just looking to get the latest stable version and security fixes, but don't necessarily need any more features. Thank you for any thoughts, and thank you for this forum's users!


This part caught my attention, so I thought I could chime in.

If we discover a major security vulnerability in CS-Cart code, we usually announce it and provide a way to fix it even in older versions. Here is an example of how we do it.

 
  • wwgreen
  • Senior Member
  • Members
  • Join Date: 20-Nov 06
  • 420 posts

Posted 28 January 2021 - 02:25 PM #7

tbirnseth - I checked by calling up the php file through url, but yes, forgot it was also hidden away in Logs. Thank you, running 7.3.21.

 

ecomlabs - yes, I don't usually go for the most recent version unless there is significant need, thank you for the advice.

 

ikoshkin - correct and thank you, appreciated that there are patches for older versions provided, have done that a few times.

 

 

Thank you again for the feedback, I will incrementally upgrade, but can do so with a bit more confidence now. Have a great rest of your week all!


v4.11.3


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 12076 posts

Posted 28 January 2021 - 05:32 PM #8

If you're going to incrementally upgrade and you do not utilize a dev server, I suggest this process:

1 - close storefront(s)

2 - backup production site

3 - upgrade to 4.11.5

4 - test, test, test

5 - reopen storefront(s).

6 - let run for a week to verify in production capacity

7- close storefront(s)

8 - backup production site

9 - upgrade to 4.12.1

10 - test, test, test

11 - reopen storefronts

 

Recommend the pause between 4.11.5 and 4.12.1 because of the forced  changes to option combinations and some addon incompatibilities I've discovered at my client sites (other developer's addons).

 

Best to have a written test plan in hand so you can accurately go through the process with repeatability.  Add to the plan if/when you discover issues.  Save the test plan for the future.  It should become a living document.


EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • wwgreen
  • Senior Member
  • Members
  • Join Date: 20-Nov 06
  • 420 posts

Posted 29 January 2021 - 03:59 PM #9

Thanks again, said doc has been living since 1.3.x days. :grin:


v4.11.3