[DBTech] DragonByte Shop

xF2 Add-on [DBTech] DragonByte Shop 6.6.3

No permission to download
Update highlights

This version updates the Infinite Scroll library to reduce its size, thus reducing load time for first time visitors. Furthermore, a bug has been resolved with the Infinite Scroll integration where it would not work correctly when the item display style was set to "Grid" in the style properties.

Lastly, an issue has been resolved with the Create Forum item where it had not been updated for the changes in XenForo 2.2.

Complete Change Log

Change:
Update Infinite Scroll library to reduce its file size
Fix: The "Create Forum" item was not fully updated for the changes in XF 2.2
Fix: Infinite Scroll would not work correctly when the item display style was set to Grid

6.4.8

Update highlights


This version resolves a regression from v6.4.6 as well as improving the checkout experience by making it possible to gift the same item during checkout to multiple users simultaneously.

Complete Change Log

Feature:
It is now possible to gift the same item during checkout to multiple users simultaneously
Fix: Fix regression from 6.4.6 that caused issues when purchasing items

6.4.7

Update highlights


This version fixes an XSS issue affecting thread titles and post messages.

Please see this thread for more information: https://www.dragonbyte-tech.com/thr...n-xss-in-dragonbyte-shop-v6-1-0-v6-4-6.25078/

Complete Change Log

Fix:
Fix a security issue affecting thread titles and post messages

Security Notification: XSS in DragonByte Shop v6.1.0 - v6.4.6

Hey all,

An XSS security issue has been discovered affecting all versions of DragonByte Shop from v6.1.0 to v6.4.6. This issue is critical in nature and you should patch your site immediately. This affects XenForo 2.0, 2.1 and 2.2 versions.

All affected versions of DragonByte Shop have been patched, so even if your license has expired or you cannot update for whatever, you can still login and download a fixed version of the version you're currently running.

If you cannot login or download, you can open src/addons/DBTech/Shop/Listener.php and find:
public static function templaterFilterRichThreadTitle(

Replace its contents with:
PHP:
        if (!$thread->thread_id
            || !$thread->User
        ) {
            return $value;
        }

        /** @var \DBTech\Shop\XF\Entity\User $user */
        $user = $thread->User;

        $styleProps = [];

        /** @var \DBTech\Shop\Entity\Purchase[]|ArrayCollection $purchases */
        $purchases = \XF::repository('DBTech\Shop:Purchase')->filterActivePurchasesForUser($user);
        foreach ($purchases as $purchase)
        {
            $handler = $purchase->handler;
            $handler->fire('thread_title_markup', [$thread, &$styleProps], $thread->thread_id);
        }

        if ($styleProps)
        {
            $escape = false;

            // Ensure we only add the span if needed
            return '<span style="' . implode('; ', $styleProps) . '">' . htmlspecialchars($value) . '</span>';
        }

        return $value;
Thanks to @TickTackk for discovering the issue.

6.4.6

Update highlights


This version implements multiple changes to deal with IP logging, in order to prevent the IP log from being "tainted" with incorrect entries.

Furthermore, it includes a few other miscellaneous bugfixes. Thanks to our community for reporting the issues!

Complete Change Log

Change:
Disable IP logging for items created in the AdminCP
Change: Disable IP logging by default for purchases
Fix: Older transactions would sometimes cause a server error
Fix: Prefix quick set in the AdminCP would not work as intended
Fix: Ensure the username style cache doesn't break if the purchase belongs to a deleted user or deleted item
Fix: Creating or editing an item will now associate the IP address log with the visitor, not the assigned owner
Update highlights

This version fixes a regression from 6.4.4 that could cause glitches in configurable items, as well as fixes an issue with copying items.


Complete Change Log

Fix: Copying items would produce a server error in certain circumstances
Fix: Fix an issue where item configuration would be incorrectly cached, leading to glitches in things like user name colours
Update highlights

This version fixes a couple race condition bugs, as well as an issue where old purchases without a purchase handler could generate a server error.


Complete Change Log

Fix: Fix race condition triggering "Cannot delete an entity that has been partially updated" server error
Fix: Fix race condition with deleted users when upgrading from certain older versions
Fix: Fix "Call to a member function setPurchase() on null"
Update highlights

This version adds support for og:image / twitter:image meta tags for item URLs, making your rich embeds in places like Twitter or Discord show the item's icon.

Furthermore, some internal code tweaks took place, for improved support for Xon's MultiPrefix.

Lastly, a few bugs discovered by @JoyFreak have been resolved. Thanks!

Note: If you are running Xon's MultiPrefix, please update to v2.8.14.

Complete Change Log

Feature: Add og:image / twitter:image metadata tags for the main item page
Change: Update type hints for Inline Moderation
Fix: The postbit integration would cause a server error on a post by a deleted or guest user
Fix: Setting "Item rating style" to "Circle" would not work due to missing templates
Fix: Compatibility fixes for MultiPrefix
Update highlights

This version resolves a number of bugs reported by the community, as well as improving the UX of the Thread Highlight and Thread Title Style items by correctly flagging them as only working on the user's own threads.


Complete Change Log

Change: Thread Highlight and Thread Title Style items can now only affect threads posted by the user who owns the item
Change: The default category description's link should now be correct
Fix: Fix a server error when adding comments to trade posts
Fix: (Potentially) resolve an error that could occur when viewing older transaction log entries
Fix: Made the "Currency column" field required in the templates to prevent a server error from being logged
Fix: In certain cases, a server error could be generated when running rebuild jobs or merging users
Fix: Manually adding new items via the AdminCP would produce a server error
  • Like
Reactions: springer28
Update highlights

This version contains a couple internal changes, but also fixes an issue that could occur while attempting to read a purchase's configuration.


Complete Change Log

Change: Update bundled Infinite Scroll library
Change: Add a missing property to type hinting
Fix: Fix server error when attempting to obtain purchase configuration
  • Like
Reactions: springer28
Update highlights

!!! THIS VERSION REQUIRES XENFORO 2.2.0 AND PHP 7.2.0 !!!

Coinciding with the release of XenForo 2.2.0, all XenForo 2.2 versions are now Gold ? This is also the last version that will contain the XF 2.2 / PHP 7.2 warning in the release notes.


Complete Change Log

Feature: Implement wildcard search for item names in the Purchase log in the AdminCP
Fix: Delete clean-up services would produce a server error
Update highlights

!!! THIS VERSION REQUIRES XENFORO 2.2.0 AND PHP 7.2.0 !!!

This version fixes an issue where formatted currency values displayed across the site would display 1 instead of the real currency value. No data was lost, it was a display bug only.

This version is flagged as a Beta version as it has not been tested on a live site.


Complete Change Log

Fix: Fix formatted currency values always returning 1
  • Like
Reactions: springer28
Update highlights

!!! THIS VERSION REQUIRES XENFORO 2.2.0 AND PHP 7.2.0 !!!

This version contains coding style updates and changes for XenForo 2.2.0 / PHP 7.2.0. Furthermore, this version features compatibility with the "Live forum statistics" add-on. This integration has not been tested.

Other minor back-end issues have also been resolved.

This version is flagged as a Beta version as it has not been tested on a live site.


Complete Change Log

Feature: Add support for LinkableInterface
Feature: Thread Title Style / Thread Title Background compatibility with "Live forum statistics"
Change: Make various custom fields extendable
Fix: Fix permissions sometimes not rebuilding when upgrading
  • Like
Reactions: springer28
Update highlights

This version adds a few features requested by the community. Administrators have more control than ever over purchases, as the buyer can now be edited when ticking the "Is gifted" box. For users with a lot of purchased items, inline moderation is now available to quickly manage purchases with common actions such as discard, activate / deactivate, and hide / show.

A few issues reported by the community have also been resolved. See the changelog for further details.


Complete Change Log

Feature: Ability to edit a purchase's buyer via the AdminCP
Feature: Item names are now shown in the tooltip in the postbit
Feature: Leverage inline moderation to mass apply inventory actions
Change: Remove IP logging for trading
Fix: Ensure buyer user name is saved correctly when manually assigning a purchase in the AdminCP
Fix: Ensure buyer user ID and buyer user name are correctly updated when they are renamed
Fix: Removed IP logging for discard action when this action was done automatically
  • Like
Reactions: springer28
Top