Version 2.8: Printable Invoices and Security Updates

Version 2.8 has been released and includes a nice feature for those who need a nice option for printing invoices. This release also makes some important security upgrades to the file upload process.

Note that if you are using the custom user uploads feature and you have customized your template file you will need to make a change. See below.

Printable Invoices
One thing that FoxyCart doesn’t do very well is print-able invoices. The default styling on the receipt page is pretty poor. Even with lots of tweaking, there’s only so much that can be done. I’ve built a new printable invoice feature from the ground-up that will print multiple invoices out very nicely. And it’s completely customizable. Look for the new template file “foxyshop-receipt.php” if you want to make any updates. There are a few easy configuration options at the top of the page, but you can really make any changes you like. Just set your search parameters on the order management page and click “Print Invoices”. Note that you are currently limited to 50 orders in each search/print batch.

Upload Security Upgrade
To offset any potential security issues, the upload process has been rewritten from the ground up. The changes took place completely behind the scenes, but if you are using the custom user upload feature (where customers can upload a file to the cart) AND you have made customizations to the foxyshop-custom-upload.php template file, you will need to make an update to that file. You can either check the new template file and put the new script block lines in lines 19-50 into your existing template file OR at bare minimim, change the script setting inside the uploadify function to <?php echo get_bloginfo("url") . '/upload-' . $foxyshop_settings['datafeed_url_key'] .'/'; ?>.

Uploads have been limited to the following file types: jpg, jpeg, gif, png, doc, docx, odt, xmls, xlsx, txt, tif, psd, pdf, mp3. If you need to allow a different file type that is not listed above (say mov and avi), put this in your wp-config.php file:
define('FOXYSHOP_ALLOWED_EXTENSIONS','mov,avi');

Editor Role
Users with the editor role can now see the category and product sorting screens.

Other Changes from 2.7.1
A few weeks ago I released a pretty big maintenance release in 2.7.1. Since there weren’t any new features I didn’t bump it up to a new version number, but here’s a run-down on the updates from that release:

  • Removed incorrect 404 headers on some dynamic store pages
  • Added foxyshop class to the body_class function for some styling assistance
  • Bugfix: Products without variations or product code changes weren’t getting inventory updates. Fixed!
  • Upgraded to jQuery 1.6.2
  • Removed pluggable.php early include and subscription array setup on every page load. Only loaded when necessary.
  • You can now set constant FOXYSHOP_PRODUCT_TAGS in wp-config.php to allow tags on products
  • Added security feature to harden custom variation uploads (now a lot better in 2.8)