osCommerce version 2.3.2
A new osCommerce version (2.3.2) has been released yesterday, July 18, 2012. Please read the release announcement and download the upgrade package
The osCommerce package of Mini Template System (MTS) is based already on the new version, we are probably one of the first in the industry, if not the first, who offer a templating solution based on the latest osCommerce version
The upgrade is a major security improvement for osCommerce that improves the customer password forgotten routine.
Till now, upon clicking on “password forgotten” on the login page, the system was sending a random password to the customer via email.
Now, in version 2.3.2, the system e-mails a personal link to the customer and gives them 24 hours to change their password. If they do not, they can continue to use their existing password. The personal password reset link is disabled after 24 hours. The generated password is much “stronger” now, to use simple terms. You can check Harald’s personal blog for more information about
New also is, that the whole password reset routine is now protected via a special “action recorder” module. The default settings limit the generation of password reset links to 1 every 5 minutes. Both values are customizable via admin, so you can set it to 1 password reset link every 60 minutes etc
All mini template system stores should perform the upgrade as soon as possible. The upgrade is very easy to do, and does not affect any of the mini template system files. If you don’t have any other addons installed, you can just copy paste the upgrade files to your installation. It won’t take you more than 5 minutes
- Upload the files of the upgrade package to your server. (you need to check and and merge manually in case you have other addons beside MTS installed)
- go to your admin>modules>action recorder and enable the new module that is called “customer password reset”. You can change the default settings if you want
In case you need assistance with the upgrade, please get in touch
This is the best way to demonstrate how important it is to keep the core code-base clean. Since MTS does affect just very few core files, upgrades like this are very easy to do. We rae happy that we took special care of this during development