Mark

Stripe is the most popular payment method in Commerce, allowing communities to take payments by card securely with easy setup. While there's no doubt that credit cards are still the most popular methods of making a payment, digital innovations such as Apple Pay are increasing in popularity. For 4.3 we've deepened our integration to support some of their latest features. Apple Pay & Google Pay Apple Pay allows users to pay quickly with their iPhone, iPad or Mac (with Safari and either a paired iPhone or using the MacBook Pro with Touch ID) using the card details stored on the device, authenticated with Touch ID or Face ID. Apple Pay Google Chrome (on desktop or Android devices) supports a similar feature allowing users to pay with card details stored in their Google account with Google Pay, or stored in Chrome itself. Paying with card details stored in Google Chrome Both of these features are now supported through Stripe in Invision Community 4.3. Setup is simple - for Apple Pay you simply need to verify that you own your domain by uploading a file you obtain from the Stripe dashboard, and nothing special is needed for Google Pay - and then create the payment method in the AdminCP. Stripe does not charge any additional fees for either option. Commerce will automatically hide the option if the user's device does not support either method. 3D Secure Also known as Verified by Visa, Mastercard SecureCode, and other brand names, 3D Secure is a system that is used to verify a customer's identity before purchase is completed and transfers the fraud loss liability from the merchant to the cardholder bank in case of fraudulent disputes. After the user has entered their card details, they are redirected to their bank's website and asked to provide additional verification. Our integration with Stripe in 4.3 now supports this process. A new setting allows you to choose if you want to use 3D Secure just for cards which require it (i.e. cards which would decline the payment if 3D Secure is not completed) or for all cards which optionally support it as well. Amex Express Checkout American Express cardholders can use Amex Express checkout to pay by using their American Express login rather than providing their card information. This is also now supported through Stripe in 4.3. Amex Express Checkout Alipay, Bancontact, Giropay, iDEAL, SOFORT These are popular payment processors internationally (Alipay is popular in China, Bancontact in Belgium, Giropay in Germany, iDEAL in the Netherlands, and SOFORT in several European countries). The checkout experience is similar to PayPal with the user being redirected to the appropriate site, authenticating the payment, and then being redirected back. All of these are also now supported through Stripe in 4.3. Dispute/Chargeback Handling A dispute (also known as a chargeback) occurs when one a cardholder questions your payment with their card issuer, which causes the funds, plus a fee, to immediately be taken from your account until evidence is provided that the transaction was legitimate. Anyone operating an online store knows how frustrating this experience can be. In 4.3, we've made dealing with this situation a little easier. When a dispute is created, Commerce will now mark the transaction as disputed, which will immediately revoke any benefits from the purchase (for example, if it's for a subscription that moves them into a different group, they will be placed back into their original group; if it's a Downloads file, they won't be able to download it any more; if it's for a physical item that hasn't been shipped yet, the shipping order will be placed on hold). Disputed Transaction All transactions with currently open disputes can be accessed quickly from the transaction list. The transaction page will show you the status and reason for the dispute, and links to your Stripe dashboard where you can respond. When the dispute is resolved, the transaction screen will be updated, with either the transaction being marked as refunded if the dispute is lost, or going back to paid if the dispute is won and the funds returned to you. A dispute that was lost A dispute that was won Radar Radar is Stripe's suite of fraud detection tools using machine learning and customisable rules to help detect fraudulent transactions. Stripe will automatically blocks transactions is considers highest risk already. However, for "elevated" risk transactions, while Stripe would alert you of them so you could review them, Commerce would process the transaction normally. In 4.3, Commerce will place any transactions which Radar reports as having an "elevated" risk level on hold for manual review, so you can decide whether to approve or not before the funds have been captured. In addition, the transaction details screen for Stripe transactions now provides some additional information about Stripe's checks on the transaction, including the Radar risk level, if the CVC check passed, and if the billing address provided matches the card's billing address. If a fraudulent transaction does make it through, you will now have the option to indicate this when refunding the transaction to help Stripe's anti-fraud systems learn.

Search. Let's be honest, it's not the most exciting feature in the world. You ask to find things, and it shows you what it found. Simple, right? It's a lot more complex than that. After numerous tests, a few surveys and many discussions with customers, we've decided that there is no "right" or "wrong" way to search. Invision Community is used on many diverse communities and each has its own needs. The bigger the community, the more of a headache search can be when you start hitting frustrating technical limitations of the database. Happily, we've addressed all of these issues with Invision Community 4.3 and added a few extra treats. Searchable Products and Pages Products in the Store and custom Pages will now show in search results. Store product in search results More Customisable Search Experience One of the most difficult challenges with search is anticipating the scope of the search. If, for example, you're looking for something you know you've seen before, you want the search to be narrow - matching only the exact terms you provide, probably only matching against the title, in the specific area you know where the content is located. If however, you're just doing a general search about a particular subject, you want the search to be wide - matching any of the terms you enter, anywhere in the community, in both titles and content. For a while, Invision Community has had the option to choose which areas to search, defaulting to the area of the community you're in (for example, if you're in a forum, only that forum will be searched by default). We also provide a number of suggestions on the search result form (in the form of "Didn't find what you were looking for? Try searching for..." followed by a number of options) which adjust the scope of the search. In Invision Community 4.3, we have a new interface for the quick search feature which makes some of these options more visible so you're more likely to find what you're looking for on the first search. New Search UI Along these lines we have also: Changed the default "Search In" selection to "Everywhere", regardless of where the user is. Added a new setting which controls whether the "Any words" or "All words" option is checked by default. Added a new setting which allows you to adjust how much of a boost results receive for a match in the title, versus the content body, when searching both content titles and body. You can set default and/or operator. New Search Settings Elasticsearch In Invision Community 4.3 we are adding native support for Elasticsearch, a third party search engine which offers a number of benefits over searching your MySQL database: Elasticsearch, being designed and indexing data in a way optimised for search rather than data storage, is generally able to match and sort by relevancy with better accuracy than MySQL. Elasticsearch is generally faster. One user performing a search doesn't slow down other users trying to read and make posts at the same time (when searching MySQL, the data has to be "locked" from changes when the search is being performed). It scales very well with very large datasets, and runs very easily on multiple servers. Elasticsearch understands language. If for example, you search for "community", it will also return results which contain the word "communities", understanding that these are the same. Supported languages are Arabic, Armenian, Basque, Brazilian, Bulgarian, Catalan, Chinese, Czech, Danish, Dutch, English, Dinnish, Drench, Galician, German, Greek, Hindi, Hungarian, Indonesian, Irish, Italian, Japanese, Korean, Latvian, Lithuanian, Norwegian, Persian, Portuguese, Romanian, Russian, Sorani, Spanish, Swedish, Turkish, Thai. Elasticsearch supports custom functions on the scoring algorithm. In our initial implementation this has allowed us to add settings to allow you to control the time decay (allowing newer results to show higher) and author boost (allowing content posted by the user to optionally show higher in results). Unlike with MySQL, there is no minimum query length and a very small list of stop words. Elasticsearch Settings When enabled, both searches and activity streams will be retrieved from Elasticsearch. The core_search_index database table in MySQL will no longer be populated, so you will not have to store the data twice. To use Elasticsearch, you can either install it yourself on your own server, or use any of the many excellent hosted Elasticsearch options. The minimum required Elasticsearch version is 5.5. REST API Developers and those looking to integrate Invision Community features into their own sites will be pleased to learn that we've extended the REST API to accommodate searching.

The best way to convert guests into members is to make the onboarding process as simple as possible. Over the years, we've added special log in methods for Facebook, Google, LinkedIn and Microsoft. We've carefully hand coded these integrations to allow guests to sign up with just a few clicks using services they're already a member of. These services used to use proprietary methods to link with other websites, but a new standard has emerged. OAuth You may not know it, but you're probably familiar with OAuth already. If you have enabled the ability for users of your community to sign in with their Facebook, Twitter, Google, LinkedIn or Microsoft account, you may have noticed that the process for setting up each of these is quite similar. This is because they all use the OAuth protocol. In Invision Community 4.3, we are introducing several exciting new features: In addition to all of the existing social networks above, which retain their "easy setup" status, we have also added Wordpress. Users on your community can now sign in with any Wordpress site you control (you will need to install a Wordpress plugin to enable OAuth capabilities). As well as those "easy setup" options, we have also added the ability for you to allow users on your site to sign in with any OAuth 2.0 based provider. This means, for example, if your community is based in a location where other social networks are popular, if they use OAuth, you can set those up too. While the setup is a little bit more complicated, this doesn't require any custom programming - you'll just need to find out a few more pieces of information from the provider (an example is provided below). Invision Community itself can now also serve as an OAuth 2.0 server so you can set up other sites to be able to facilitate logins using credentials from your community. This works in conjunction with our REST API, allowing you to make API calls as an authenticated member, which will return just the information that user has access to. With the ability for Invision Community to serve as both an OAuth server and client, this now provides standard integration for multiple Invision Communities together, which will now replace the old IPS Connect feature. We have also taken this opportunity to make a few other minor tweaks to login, registration and account management features, especially for communities which rely heavily on non-standard login methods (more details below). Setting Up a Custom OAuth Provider For this example, I'm going to use vk.com, which is a popular social network in Europe. While Invision Community doesn't provide this as one of the "easy setup" options, it is based on OAuth 2.0 so we can use the new functionality in Invision Community 4.3 to set it up. In older versions, the list of login handlers in the AdminCP had all of the providers listed with enable/disable toggles - because now you can add as many custom handlers as you like in 4.3, it's now a list where you can add/delete options: Login Handlers List When clicking the "Create New" button, you'll see all of the different handlers Invision Community supports. Since vk.com isn't in the list, but is still OAuth 2.0-based, I'll choose the "Other OAuth 2.0" option: Choosing a Login Handler You'll now need to use the documentation provided by the site you want to integrate with to fill out this form. While no custom programming is required, the documentation is usually quite technical in nature - but you only need a few key pieces of information. We anticipate that for some of the more popular options, guides will be provided to help you find the information you need. I have created an application in vk.com's developer center and so I will copy and paste my credentials into the form: Inputting vk.com credentials I then need to find the endpoints from vk.com's documentation and input those too. Inputting vk.com endpoints Next I need to find the endpoint where I can access the user's information within their API and the parameters they are returned by. The only required piece of information is an ID, but you can also provide the parameters for accessing the display name, email address and profile photo. If display name/email address isn't available/provided, the user will be asked for this the first time they sign in. vk.com's API doesn't provide access to the email, but I can use the screen name as the display name, and they do provide access to the photo: Inputting vk.com User Information Endpoint and response parameters Finally, provide a logo and a color for the sign in button and some final settings: Inputting vk.com Logo and Button Color And now vk.com login is set up. A button will now show up on the front end which I can use to sign in. I didn't provide a way to access the email address, so on the first sign in, the user will be prompted to provide that, but the screen name and profile photo from vk.com will be used: Signing in with vk.com Using Invision Community as an OAuth Server You can also set up Invision Community itself to be an OAuth Server. This may be useful for two main reasons: If you want to integrate two communities together, or integrate with something else which supports adding custom OAuth clients. If you are a developer and want to use the REST API using OAuth for authentication rather than an API Key. You can either make requests as an authenticated user (by obtaining an access token) or using Client Credentials. The screenshots below show the full capabilities which are quite technical and mostly aimed at developers. If you will just use this feature to link two communities, don't be concerned if it looks too complicated, an easy-to-follow guide will be available to achieve that. You will set up the clients from the AdminCP: Setting up an OAuth Client When creating the OAuth Client, you can control which scopes are available, and which endpoints of the REST API they provide access to: Defining OAuth Client Scopes The login process is then the standard OAuth flow, and users have the ability to view authorisations in the account settings: Authenticating an OAuth Client The REST API has new and updated endpoints to be aware of the authenticated user: A new REST API endpoint which returns details of the currently authenticated user An updated REST API endpoint which, when called using OAuth authentication, will only return data the authenticated user has access to Other Login System Tweaks Users can now choose if they want to change their local display name or email address if it is changed by an external login method (or the administrator can choose this behaviour). If there is an issue with this (for example, it wants to change the email to one that is already taken), or profile photo syncing, this is now better communicated to the user. You can now control per-login-handler if new registrations are allowed using it. This addresses some confusion from previous versions as to if the "Allow New Registrations" setting applies to accounts being created by social network logins. The Standard login handler can be disabled if you rely totally on an alternate login method. To allow this to happen: All areas where a user is prompted to re-enter their password (some areas of the account settings) now allow reauthentication using any login handler. You can disable local registration but still allow accounts to be created by other login handlers, or redirect users to an external URL to register an account. You can also disable or redirect to an external URL for changing email address / password or the Forgot Password tool. You can now create multiple instances of the external MySQL database and LDAP login methods which have also had some other minor tweaks: The external MySQL database handler now has PHP's password_hash() function as an available option for password encryption type, and defining a custom encryption method is now much easier, done entirely in the AdminCP without needing to modify PHP files. You can now choose if changes to the local display name / email address / password is synced back to the external database / LDAP database. You can optionally show these handlers in the Account Settings pages like other login handlers to allow users with an existing account to link their accounts. You can define a Forgot Password URL for the external database which the user will be redirected to if they try to use the Forgot Password tool and that is how their account is authenticated.

Emoji: built in to Invision Community 4.3! ? Invision Community has a long history. We remember the early days of forums, back when graphical "emoticons" or "smilies" were added. We have always shipped our products with a basic set of emoticons with the ability to add your own images and has supported emoji from mobile devices. Emoji has become a standard across mobile and desktop devices so it made sense to bring them to Invision Community fully. You can choose from 3 different styles of Emoji: The native style provided by the user's operating system (if you choose this option, users on different platforms will see different styles) Twitter style EmojiOne style Emoji Settings Once you have chosen one of these options, all of the available Emoji will show in the emoticons selector when making a post. Unlike in older versions, the entire list is scrollable (the categories drop down will jump you to the category rather than filter), you can search, and standard Emoji features like skin tone modifiers are fully supported, and of course, you can make them as big as you like. Navigating Emoji Skin Tone Modifier Make Emoji any size Autocompleting Short Codes In addition to using the selector, you can also use optionally enable standard :short_codes:. These will be autocompleted as you type. Autocompleting Short Codes You can also enable more conventional ASCII emoticons to be automatically replaced too: ASCII Short Codes Don't Worry: Custom Emoticons Aren't Going Anywhere! You can use custom emoticons either instead of, or even alongside Emoji. If you give your custom emoticons a text replacement starting and ending with : they will even show in the autocompletion alongside Emoji. Custom Emoticons Technical Details Whichever style you choose, Emoji is stored in the database as the actual Unicode characters, so you can even change the setting and all Emoji, even those in existing posts, will immediately change. If you choose to use the native style (so the Emoji will match the style provided by the operating system), the system will automatically detect which Emojis are supported and the selector will only try to show the ones the platform can render.

4.2.4 is a maintenance release that fixes issues identified in 4.2.3.

4.2.3 is a maintenance release that fixes issues identified in 4.2.2. Please note if you use https in the AdminCP, but not on the front-end, the auto-upgrade process may not work correctly. You should download this update from the client area and upgrade manually.

Version 4.2 is the next large release for Invision Community! We are very excited to introduce all the new features and improvements. Full information on 4.2.0 ... 4.2.1 is a maintenance release to fix minor issues.

All payment methods which support accepting credit card details directly (Stripe, and PayPal when in card mode) allow users to store their card details on file. This offers a number of benefits: When checking out in the future, the user will not have to enter their card details again. If the user purchases something with a renewal charge, that payment will be taken automatically when it is due. This can happen even if the renewal fee changes (for example, the user upgrades their package). Administrators can manually charge an invoice to a stored card. PayPal (in the mode which redirects the user to the PayPal site rather than accepts card payments directly) handles recurring payments differently, using Billing Agreements. With Billing Agreements, rather then your community contacting the payment method when payment is due, PayPal saves the details of the recurring payment on it's end and charges the user automatically. This has some significant downsides: Purchases which are tied to a Billing Agreement cannot be edited in any way. The customer cannot upgrade them, and administrators cannot change the expiry date or renewal terms. To make any changes, the Billing Agreement has to be cancelled, and then the user can create a new Billing Agreement the next time their renewal is due. Because PayPal takes the payments in batches, it will not come exactly when it is expected, and if there is an issue with the payment (for example, the user's card details on their PayPal account are out of date) it may take payment significantly later than the purchase's expiry date and the customer having access to the purchase for longer than they should. If a customer buys two items at the same time which have different renewal terms (for example one renews every month and the other renews every year) a Billing Agreement cannot be created at all. There is no benefit provided to subsequent unrelated purchases. The user will have to create a new Billing Agreement for each purchase. Because of these limitations, we strongly recommend using a payment method which supports storing card details for recurring payments. Learn more about the payment methods Commerce supports

Fixes a security issue related to importing profile photos from URL.

This entry is about our IPS Community Suite 4.2 release Top Members For 4.2 we made some improvements to the Top Members section of the Leaderboard. A new overview page tab shows a selection of the top members across different criteria. Top Members Overview Page showing members with Most Reputation and Most Content The filter menu allows you to view more members in any chosen category, and a new AdminCP setting controls which categories should be available. Top Members Categories In the AdminCP you can configure which categories are shown on the overview page, the filter menu, and how many results show for each. Top Members AdminCP Settings Popular Contributors Widget Another small change is the Popular Contributors widget now contains a link to the appropriate section of the Leaderboard. Popular Contributors Widget

This entry is about our IPS Community Suite 4.2 release IPS Community Suite has supported drag and drop uploading to the attachments area at the bottom of the editor since 4.0. In 4.2 we're pleased to add the ability to drag and drop right into the editor, so you can drop your attachment exactly where you want it to show without having to add it afterwards. Drag and drop into editor If your browser and OS supports it you can also copy and paste, either from the desktop or from other content on the web: Copy and Paste Naturally this works for ordinary files as well as images: Drag and drop a file

This entry is about our IPS Community Suite 4.2 release In 4.1.18 we added Two Factor Authentication. Already in 4.2 we have announced a new setting to trigger 2FA when logging in from a new device, and in 4.2 we are also adding Authy as an authentication handler. Authy can send a user a text message, make a phone call, or send a push notification to a smartphone app to authenticate the user. You can enable whichever of these options you like. Set Up To set up Two Factor Authentication with Authy, the user will enter their phone number. To verify their phone number they will then enter a code shown in the Auhy app or have a code sent by text message or phone call. The system will automatically show an appropriate interface based on what options you have enabled - for example, if you don't want to enable the app as an option, it will not reference Authy. Setting up Authy with the app available as an option Setting up Authy with just phone or text message options enabled Verification with Authy When the user needs to verify their account, the system will automatically show an appropriate interface. If you allow verification with the Authy app and either it is the only option you allow, or the system knows that the user has installed the Authy app, the system will prompt them to use the app. This can either be done using Authy's OneTouch option (where the user will receive a push notification to the app, and when they click approve, the screen will automatically refresh) or their SoftToken option (where the user will be instructed to open the Authy app and enter the code they see). If you allow authentication by text message and/or phone call as well, the user will also see options for using those instead. These screenshots show the process for OneTouch authentication: The user is shown a waiting screen Simultaneously they will receive a push notification and when opening it be able to approve Once the user has approved, the waiting screen will automatically refresh with the user authenticated. For SoftToken authentication, the user is prompted to enter the code shown in the Authy app: Authy SoftToken option Phone Verification If you have disabled the Authy app as an option, or the user does not have it installed, they will be prompted to choose from the available options how they want to authenticate. These screenshots show the process for authenticating by text message: The user is asked how they want to authenticate The user receives a text message or phone call with a code The user enters this code to authenticate Management If the user changes their phone number they can reconfigure the system in their account settings. The system automatically shows "Phone Verification" rather then "Authy" if the app is not available as an option. Account Settings showing Authy as Phone Verification

This entry is about our IPS Community Suite 4.2 release Improved Stripe Integration Stripe is a popular payment gateway that supports card payments. In IPS Community Suite 4.2 we have made some improvements to our integration: When viewing a transaction in the AdminCP, it will show the last 4 digits of the card used, and the result of Stripe's risk evaluation. More information is sent to Stripe for easier cross-reference between Stripe's control panel and your AdminCP. This includes the customer's name, billing and shipping addresses, email address, associated transaction/invoice/customer IDs, and the invoice title. Stripe Transaction in the AdminCP showing risk evaluation and card details Transaction in Stripe's control panel showing customer and invoice details Anti-Fraud Improvements Anti-Fraud Rules now have some additional filters: Products being purchases includes... Account was registered more/less than [x days] ago Customer is/isn't in group Customer has previously spent more/less than Time since last purchase is more/less than [x days] ago Custom profile fields (both at member and customer level) IP address is x (exactly, contains or matches regular expression) Customer has previously made transactions that failed (opposed to "were blocked by fraud rules") Email address matches regular expression Some of the new Anti-Fraud Rule options MaxMind per gateway A new setting has been added that allows you to run MaxMind only against transactions using particular payment gateways. New MaxMind gateways setting Transaction Search You can now enter the transaction ID provided by the payment gateway in the AdminCP search box to find a transaction. Looking up a transaction by gateway ID Renewal Savings If you have a product with multiple renewal terms, a new setting allows you to show alongside each option how much is saved. This can be shown either as a monetary value, or as a percentage. Product showing savings for different renewal options

This is a maintenance release to fix minor issues. As we prepare our 4.2 release we will continue to provide small maintenance updates to 4.1.

This is a maintenance release to fix minor issues.

This entry is about our IPS Community Suite 4.2 release. One of our more technically-oriented features for 4.2, we have added more detailed logs of user logins, and the devices and IP addresses used. This brings several new features: Notification of a new device sign in If enabled, users can receive an email notification when a new device is used to log into their account: Email sent when a login from a new device is detected When a user signs in for the first time, a special key is set to recognise the browser on subsequent logins. This mean the notification email does not trigger on a new IP address, which would be annoying when travelling or if using a network where the IP address changes regularly. Instead, the notification is only triggered if someone signs into your account from a new physical device or web browser. UserCP Device Management If enabled, a new page will show in the user's settings page showing all the devices which have been used to log into their within the last 90 days (which is recent enough that could still be logged in if "Remember Me" was checked). Recently Used Devices Users can see the device, browser, physical location (obtained by a GeoIP lookup) and if applicable, how the login was processed (for example, if the sign in was with Facebook or Twitter, this will show). If they chose "Remember Me" when logging in, they can undo that (handy if you realise you accidentally left yourself signed in on a public computer). If they see anything they don't recognise, a page to walk them through the necessary steps to re-secure their account is available. Secure Account Information New Two-Factor Authentication Setting "Logging into the front-end" is one of the options of when to prompt for Two Factor Authentication. In 4.2, this has been separated into two distinct settings: Logging into the front-end from a new device Logging into the front-end from a known device If you enable the former, but not the latter, and the user has previously logged in devices, the system will automatically show an explanation to users alongside the other available recovery option. This can be useful especially if you do not want to offer other recovery options. AdminCP Device Management In the AdminCP, administrators can see all the device and IPs a member has used. They can also disable automatic login for any device. Edit member page shows most recently used device and IP address Viewing a device's details The system can also detect if another user is using the same device and will show this in the list of devices. Users sharing the same device

This release focuses on bug fixes and performance. You should see speed improvements. New features include: A new moderator setting to restrict users from ignoring moderators. A new group setting to allow members to lock their own content. A new group setting to hide a group from filters in search. When moving content moderators are now prompted for where you want to be redirected after the action. Activity Streams can be created with condensed view as default. An email is now sent when an account is locked for too many bad login attempts. When editing a member in the AdminCP, it will now show how much of their messenger storage quota is being used.

Fixes the following issues: SQL error when adding Commerce package or customer field. SQL error when setting up topic archiving. The ‘show reply’ button in notification popup reloads the page instead of loading content inline. Opting out of security questions may not work. Word filters not applying correctly. Reordering custom profile fields may not work properly. Draft or future blog entries may be included in the sitemap. Rounding issue with half-percentage tax rates in Commerce. Adds a "More Colors" option to the color dropdown in the editor.

Fixes upgrade issues in some server configurations (already silently patched). Fixes some AdminCP settings showing the wrong value selected, especially in Spam Service settings/ Fixes an error when trying to split a topic. Fixes missing images when setting up Google Authenticator, and an issue which may setup to fail. Fixes broken links on the new Two-Factor Authentication setup page. Fixes missing language string in AdminCP Dashboard warning when site is offline and in image sharer settings. Fixes errors for some communities that have previously converted from other software. Fixes an issue with grid layout on some pages.

This is a maintenance release to fix minor issues.

This is a maintenance release to fix reported issues. In addition to a strong focus on overall stability, this release contains: Official PHP 7 support Major performance improvements to Activity Streams Version 4.1.14.1 / 4.1.14.2: This is a small maintenance update to address issues some clients had with certain URLs. We have also seen clients having issues with many third-party plugins and this update will attempt to better capture those errors. Important This is the last release to officially support PHP 5.5 which is now completely unsupported by PHP. If your web host is still using PHP 5.5 you should contact them to upgrade to either PHP 5.6 or PHP 7.0.

Enabling integration with Google Maps provides autocomplete functionality when a user enters an address (which is particularly useful if you are using the Commerce application) and can display maps when looking at IP addresses and elsewhere. Warning You need to enable three different API services. Make sure you follow all of the following instructions carefully. To enable Google Maps integration: Go to the Google Developers Console and sign in if you are not signed in already. In the top-left corner is the project selector. You may already have a project if you have previously integrated Google login on your community. If you do not have project, click the dropdown and create one. Select "Enable API's and Services" in the top left of the screen Click the "Google Maps JavaScript API" link and then click the "Enable" button. Click "Credentials" from the left menu, and select "Create Credentials". Choose the API Key option. You will be presented with an API key. Please keep hold of this key for the next step. On your community, to AdminCP > System > Community Enhancements > Google Maps. Here you need to select which items you wish to use. Here we have selected "Show Google Maps?" Important: You will see it then shows at the bottom which APIs you need to enable within 'Enable API's and Services' in your Google Developer Console. We just enabled one already in the previous steps, however you will need to enable any others showing. These will be different, depending on your selections Click on Continue, and in the API key given above here, then follow the instructions given on this page to restrict your API key, and create another secret key.

This release fixes a single issue where bulk mails may send duplicates, especially on sites with multiple languages.

This is a minor release to fix a small number of bugs: Broken @mention links. Merging members could cause follow records to be lost. Email digests. Incoming emails to Commerce. Announcements expiring at the wrong time. Error when editing database records or sidebar widget. Error trying to establish external connection to certain servers. Error redirecting from http to https.

This is a maintenance release to fix reported issues and add refinement to existing features. This release also contains a security improvement for older versions of PHP. In a recent change to their API, Google now requires an API Key to access their Maps API. After upgrading to 4.1.13, follow our Google Maps guide to restore this integration. This is especially recommended if you are using Commerce which uses the API for address input autocompletion. In addition to bug fixes and performance improvements, this release also includes following enhancements New per-group setting to highlight posts made by certain groups. 2 theme settings control the color and border, which are editable in the easy theme editor. New setting to make providing a billing address optional for purchases in Commerce. Personal conversation management improvements: Can now filter personal conversations to just read/unread. Can now move multiple personal conversations into a different folder at once. Can search by recipient/sender name. Notifications about Calendar events now include the event date. New setting to control which images sizes should have a watermark applied in Gallery. New setting to control which IP pool to use for SparkPost if you have purchased dedicated IP addresses. Better handling of upgrades if files have been modified. The sidebar widget for showing Downloads files can now show just free or paid files. When searching templates or CSS files in the AdminCP template editor, it will search for templates or CSS files with a name matching the term provided, in addition to searching the content of them. When viewing a log in the AdminCP, it will now show you on which page the log occurred and by which member. When the search index is being rebuilt, a message is now shown on the search results page to indicate why results may not be complete. The "details" modal for applications and plugins now has a tab which shows the hooks associated with that application or plugin. The placeholders that display on date/time inputs (e.g. "HH:MM") can now be translated. Rebuilding the search index, and rebuilding posts after a 3.x upgrade now processes newest posts first for a more user-friendly experience after upgrading. When a file is deleted, a log is created and a new setting controls how to keep these logs for. The following Pages features are also included: HTML pages are now editable via Designer's mode. Ability to rename, or delete a group of Database templates Ability to ensure the Page's title remains in all database generated links (categories, records, forms, etc) Reciprocal linking when using relational fields Date and time fields, and Yes/No fields are now filterable. Filterable custom fields now available when creating a record feed block Ability to make some custom fields unique, so that only one record per database can have the same value. Ability to delete a folder in the media manager Ability to use $record->field_key_name_here programatically to get and set values, instead of relying on $record->field_11 which may change when you export and import databases.