News

URL Location Selector Patch and WordPress Listing Update

Posted by lcleveland in Google Maps, Map Software, Store Locator, Store Locator Plus, WPSLP

Store Locator Plus® was updated today with a patch that ensures the location selection via URL remains functional.   The location selection via URL allows you to build links on your site that load up a page that hosts the Store Locator Plus® map and auto-select a specific location.      Changes in the JavaScript standard impacted the way this feature works, causing inconsistent behavior in different browser.   The patch that was put online today for our SaaS users eliminates the inconsistency and re-enables this feature for all browsers.

Users of our self-managed WordPress plugins will need to download the latest Store Locator Plus® release from our website.    Normally this would be available directly from the WordPress plugin directory, however the WordPress plugin team has yet to approve our latest updates.  Until they approve the updates and re-enable free downloads, the only option for WordPress plugin users to get the latest release is to purchase the base plugin from our WordPress store.

Tired of waiting for the WordPress plugin team to re-activate the plugin and provide quick-and-easy automated updates?   Switch over to the Store Locator Plus® SaaS release and you never have to deal with updating your locator plugin stack again.    We handle all those details for you.   Prices start as low as $5/month.

More JavaScript and Security Improvements for Store Locator Plus®

Posted by lcleveland in Map Software

Store Locator Plus® was updated today to bring additional JavaScript and security improvements to the map and locator application.

The security improvements are based on feedback from the user community and are not related to direct reports of security threats.  The security concerns only impact users of the self-managed WordPress plugins.  The vast majority of the work was done on administrative access and sanitizing of input values.   SaaS users are not impacted by these issues.

The JavaScript improvements include a new order-of-precedence system that eliminates some redundancy when processing JavaScript files, especially with the Professional and Enterprise level SaaS accounts.   The improvement means slightly faster script loading times.     WordPress plugin users are also impacted by this performance issue, and should update the entire Store Locator Plus® plugin stack to the latest release.

Bug Fixes

Along with the JavaScript improvements, a few bug fixes are included:

  • Enterprise clients using cluster map markers may have experience map outages , this is resolved.
  • Enterprise clients using the location loading indicator set to ‘circle’ had issues with the map not displaying, this is resolved.
  • Improvements have been made for users entering invalid JSON settings for the Google Map Style. Invalid JSON would prevent the JavaScript engine from loading.  Invalid values are now ignored. This issue impacted our Professional level subscribers.

Updating Your Location Software

The Software as a Service version of the application was updated overnight.  Users of the SaaS platform do not need to take any action to receive the latest features and patches.

The above issues also impacted all WordPress plugin users and require updating to the latest release.  The folks at WordPress.com have yet to approve our latest updates and re-list the main plugin.  You’ll need to manually uninstall and re-install the main Store Locator Plus® plugin, which can be purchased from our WordPress plugin store.

 

Update On WordPress Directory Listing

Posted by lcleveland in Google Maps, Map Software, Store Locator, Store Locator Plus, WPSLP

Store Locator Plus® 5.9 was released last week as a security update for the WordPress plugin community.   The plugin was reviewed by the WordPress Directory staff.    They chose to keep the plugin closed for what they deemed “potential future issues” with the plugin as well as requests for several changes to follow what they deem “best practices”.   Of note in this review is that they did not cite any of the publicly reported vulnerabilities that closed the plugin in the first place as remaining open.

In other words, all reported vulnerabilities were apparently addressed to their satisfaction.

However, they have opted to keep the plugin closed until we can update our coding style.   While we are willing to work toward their new “best design practices” for coding style, this is going to take some time.  For example, the latest 5.10.1 release of the Store Locator Plus® plugin has replaced the PHP standard <?= shorthand with the longer <?php echo syntax per the WordPress Plugin Directory Team’s request.   Not a security issue, but something they requested we change before being re-listed.    This requires that we run a full internal test if the updated code before it can be released to the general public.

While we wait for the WordPress Plugin Directory Team to approve re-listing, our self-managed WordPress plugin users can only receive updates to the Store Locator Plus® plugin.  You can find this in the WordPress plugin store.   You can learn more about the update process in our 5.9 Security Update Released news post.

While we hope that the folks over at WordPress.com deem our plugin worthy of being re-listed in the near future, we have no control over what they will come back with during each review.   It could be weeks or months before the plugin is available again in the standard directory with one-click updates being available.

This is one of the biggest advantages to being on the SaaS offering, no need to manually update your locator software.  EVER.