What is CubeCart?
Whether you are a retailer looking for an online store or a webmaster seeking an ecommerce solution for a client… CubeCart is a powerful free ecommerce solution enabling thousands of merchants globally to sell digital or physical products online.
"Would reccomend CubeCart to anyone. I've tried others and this is by far the best. We've been able to create an interesting and dynamic e-commerce website with CubeCart. A really easy to use package and very easy to modify with little knowledge about html and css. Thanks CubeCart"Rosco
I thought it appropriate to reach out as we have had a number of disgruntled CubeCart merchants who have had problems with the auto upgrade tool in the admin control panel of CubeCart. I wanted to take the time to explain how this came about as regrettably a number of skeptical users believe it was purposely introduced as a scam to bolster our technical support sales. It's sad but understandable that in todays globalised world it's easy to come to negative assumptions especially if you have had bad experiences elsewhere.
Although it is always possible to manually upgrade I have no doubt that some less technically minded merchants will have had to hire ourselves or other developers to get their store back on track. The long term collateral damage from disgruntled CubeCart merchants massively outweighs any short term boost in our support service sales. I hope that in itself might help you regain a little faith in us and we are genuinely very sorry for any inconvenience caused.
How did these problems come about?
With the introduction of 6.1.0 we added a tool to check extension updates at the same time as new CubeCart releases. This worked great on the stores dashboard but as an oversight, the code in the maintenance section that actually seeks the update was not updated to work with the new data format. This resulted in many stores getting stuck at 6.1.0. On top of this a new security feature was added which renames the admin file and folder to try to divert any unwanted attention from unscrupulous people and bots. Regrettably this too was buggy in some hosting environments. There simply wasn't enough testing.
How can we stop issues like this happening again in the future?
CubeCart is a small organisation with few resources. We do not have the manpower to have every new feature of bug fix pass though quality assurance checks. We need your help. From now on every new release of CubeCart will be pushed to a developer preview branch one week before final release. We hope that with your help we can nip any new issues in the bud prior to final release.
Surely CubeCart is liable for these problems and you should fix my store for me at no cost?
I wish we could but with over 600 new stores a month that's simply impossible. CubeCart is developed under the GPL 3.0 license and comes with absolutely no warranty or guarantee.
Many thanks for taking the time to read this and for all your support.
Permalink | 1st June 2017 09:50
We are pleased to announce the release of 6.1.8. This is just a maintenance release but upgrade is recommended.
- 25 resolved issues
Netsparker Audit Result
Passed with no exploitable security issues found.
Permalink | 22nd May 2017 15:23
This release came quickly off the back of 6.1.6 with a few stability enhancements over the new CSRF features.
Please note that if SSL is enabled the admin login to the store will only work under SSL. Standard HTTP login attempts may fail with a CSRF error. This is due to forced secure cookies if SSL is enabled.
Permalink | 20th April 2017 13:00
We are pleased to announce the immediate availability of 6.1.6. Due to past stability issues with the auto upgrade tool we strongly recommend upgrading manually (see release note 1).
- 52 issues closed
- A number of security patches and enhancements (release note 2).
- Ability to edit order payment gateway name
- File size added to file manager
- Invisible Google reCaptcha with skin compatibility checker (release note 3)
- Resend email from email log
- Improved error reporting in debug mode
- Physical & digital items as one product (release note 4)
- Stability enhancements to auto upgrade tool.
- Public folder added to file manager (release note 5)
- Miscellaneous bug fixes.
1. Manual Upgrade
A bug in a previous release has caused a number of upgrade failures. We are aware of a number of stores running a mixture of code from mismatching versions. These stores may well be "stuck" like this until manually updated.
2. Security Patches and Enhancements
Our friends at Netsparker have identified a number of CSRF, XSS and directory transversal issues. These have all been patched and more. The default Foundation theme now has CSRF protection for all form data. The admin control panel now has CSRF protection on any GET requests that manipulate data such as delete. From now on CubeCart has continual security auditing powered by Netsparker for which we are very grateful.
3. Invisible reCaptcha
The default Foundation skin now supports Google Invisible reCaptcha to keep pesky bots and spammers out. We will be happy to integrate this for any of our merchants who has a custom skin who have an active managed technical support account.
4. Physical & digital items as one product
Many will be pleased to hear that CubeCart now supports the ability to have a digital download with the option of being physical too. It's simple just add a product option with a weight greater than zero. For example it would be possible to have an option group of "Format" with attributes "Digital" and "Physical". Just assigned a weight to the "Physical" attribute.
5. Public folder added to file manager
We get a lot of support requests asking why files added to the file manager can't be loaded directly in a browser. The reason for this is that they are protected with the intent to sell them as digital downloads. For those wanting to upload and link to digital files directly a new public folder exists in the file manager which is not protected.
Permalink | 18th April 2017 12:20
Can you believe that CubeCart has been around since 2003? What started out as a small project has snowballed powering thousands of stores globally.
If you have a success story you would allow us to publish we would be truly very grateful if you could share it with us. We need new merchants to realise the potential they have using CubeCart. This will help contribute to further growth, new features and an all round brighter future for everyone.
Please feel free to email me personally at email@example.com with your company name, store URL and short success story of upto say 300 words.
Many thanks to you all for your support.