Jump to content

Mark

Clients
  • Posts

    36,220
  • Joined

  • Last visited

  • Days Won

    114

 Content Type 

Downloads

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Development Blog

Deprecation Tracker

Providers Directory

Projects

Release Notes v5

Invision Community 5 Bug Tracker

Forums

Events

Store

Gallery

Everything posted by Mark

  1. You can link two (or more) Invision Community installations together to allow users to sign into one community using their credentials from another. All communities that you want to link will need to be running Invision Community 4.3 or higher. Server and Client You will need to decide which community is the "Server" (sometimes called the "master") which is the one whose credentials will be used for the login. All the other communities will be the "Clients" (sometimes called the "slaves"). Step One: Set up the Server On the community which will be the Server, go to AdminCP -> System -> REST & OAuth, and click the "Create New" button to create a new OAuth client. For the client type, choose "Another Invision Community". Setting up the Server After saving this form, you will see a Client Identifier and Client Secret. You will use these two values to fill out the form on the Client community. Getting the Client Identifier and Client Secret Step Two: Set up the Client Now on the community which will be the Client(s) go to AdminCP -> System -> Login & Registration, click "Create New" and choose the "Another Invision Community". You will need the Client Identifier and Client Secret from Step One. Setting up the Client Once you have saved this form, set up is complete and should be able to log in! Need more communities? If you are setting up more than two communities, run through this process for each of the Client communities.
  2. Viewing and editing a member is probably one of the most frequently used features of the AdminCP. With the design unchanged for many years, and the tabbed interface starting to grow unwieldy, it was due for some love. We have not only dramatically improved the design but added many new features. New AdminCP Member Page Let's look at some of the improvements: Easy Toggle between Member and Customer View If you have Commerce installed, you can now toggle between "Member View" (which shows the screen above) and "Customer View" (which shows the current customer page in Commerce with the user's purchases, invoices, etc.). This makes it much easier to view all of a member's information in one place. If you don't have Commerce installed, the top tab bar will not show. Basic Information The pane in the top-left shows the member's basic information like name, email address and photos. You can now reposition a member's cover photo and crop the profile photo (functions previously not available in the AdminCP). To change the display name or email address, you just click and hold on the information and a textbox appears. The buttons below allow you to merge, delete, sign in as, and edit the preferences or password for the member. Basic Member Information Pane In addition, this pane lists any social networks the user is logged in with. It shows you the member's profile photo and profile name on that network (for example in this screenshot, it is showing my Facebook profile's photo and name) and for many networks you can click on this to be taken directly to their Facebook/Twitter/etc profile. You can also edit the syncing options for the method and unlink the accounts, features which weren't available previously. If you have Commerce installed, there is also an indicator if the user has an active subscription. A member with an active subscription Alerts If a member is validating, banned, flagged as a spammer, or locked, a large banner will display drawing your attention to this. For validating and banned, it will explain exactly what the status is (for example, if they haven't responded to the validation email yet versus they are awaiting admin approval, or if they have been banned manually versus are in a group without permission to access anything). A member that has been locked Other possible alerts Locations & Devices This pane shows you, on a map, all of the locations the user has been when using the community (based on their IP address) as well as the IP address they used to register and most recently. IP Address Locations While the devices tab shows the most recently used devices. Recently Used Devices Content Statistics Right in the middle of the profile you can see some statistics about the member's activity. This includes: A sparkline graph of their recent content. Their content count and reputation count (with tools to manually change or rebuild). A breakdown of the amount of content they have made across all applications. A visual indication of how much of their messenger and attachment storage they have used. If Gallery and Downloads are installed, the existing statistics overview provided by these apps are also available here. Content Statistics Warnings & Restrictions This block shows recent warnings on the account, and also highlights if any restrictions (i.e. content moderation, restricted from posting, or application-level restrictions) are being applied, which previously was difficult to see at a glance. Warnings & Restrictions Block for an account which has content moderation in effect Account Activity On the right is a pane which shows all of the latest account activity. While this was available in previous versions (called "Member History") we have made some significant improvements: The number of things that get logged has been significantly expanded. We now log photo changes, group changes, when a new device is used to login, if an account is locked (by failed logins or failed two factor authentication attempts) or unlocked, password/email/display name changes, when a user links or unlinks a social network login method, initial registration and validation, merges, being flagged/unflagged as a spammer, receiving/acknowledging/revoking a warning, restrictions being applied, two factor authentication being enabled/disabled/changed, an OAuth token being issued if Invision Community is being used as an OAuth Server, enabling/disabling receiving bulk mails, and accepting the privacy policy / terms and conditions, as well as all of the Commerce-related information that is already logged. Much more information is now shown such as who made the change (i.e. an admin, the user themselves, or if it was changed by the REST API or syncing with a social network) and how the change was made (for example, for a password change - if the user used the "Forgot Password" tool or changed it in their Account Settings) and what the data was before and after. This includes being aware of if the change was made by an admin after using the "Sign in as User" tool. You can now filter what information you are seeing to quickly find what you are looking for. Recent Account Activity Extensibility The new profile has been designed with extensibility in mind. Third party developers can easily add new blocks our even entire new tabs. Any apps/plugins which are currently adding a tab to the "Edit Member" form will retain backwards compatibility with their tab continuing to appear when clicking the "Edit Preferences" button in the basic account information pane.
  3. Mark

    4.3: Videos

    Videos are everywhere. We shoot them on our smart phones, share them to social media, messengers and more. Up until now, the only way to share a video to Invision Community was to use a service like YouTube or Vimeo. If you uploaded a video file it would be treated like an attachment, and if the user clicked the link it would download it to their computer. In Invision Community 4.3 we've improved this. Now if you upload a video file (mp4/3gp/mov/ogg/ogv/mpg/mpeg/flv/webm/wmv/avi/m4v), it will embed similarly to an image. Uploading a video When viewing an uploaded video, if it is in a format that the user's browser and platform natively supports, it will show an embedded player. This will have all of the features supported by the operating system - for example, almost all browsers support fullscreen, and Safari supports Airplay and picture in picture. An uploaded video If the video is in a format not supported, it displays exactly as it does now - as a download link. An uploaded video in a browser without playback support for that format
  4. We released news of Clubs just under a year ago for Invision Community 4.2 and it has been the best received feature to date. Clubs opens up new ways to run your community by allowing members to create sub-communities away from the central forum area. Since the feature was released, we've collated an immense amount of feedback on the feature. Here's what we're improving for Invision Community 4.3. Paid Club Memberships If you have Commerce installed on your community, 4.3 adds the ability for members to create paid clubs. Users wishing to join the club will be required to pay a membership fee (which can be one off or recurring) which will be paid to the club owner, minus any commission you want to keep for the site. You can choose which groups can create paid clubs. Paid Club Settings If enabled, the club directory will show the price for membership in each club. Club directory with paid clubs The process for joining works a little differently depending on the type of club... For open clubs, the user will immediately be prompted to pay the joining fee. Once they have paid, they are added to the club as normal. For closed clubs, the user will need to request to join as normal. Once they have been accepted to join the club, they will then be able to pay the membership fee, after which they'll be added to the club. For private and read-only (a new type in 4.3, which we'll talk about below) users have to be invited to join the club Public clubs have no membership, and so cannot be paid. Joining a paid club (a closed club in this screenshot) Paid club after request to join has been accepted Paying for club membership Club leaders can also waive the membership fee, allowing certain users to join the club for free. Waiving fee when approving request to join Waiving fee when inviting members Waiving renewal fees on an existing member If a member fails to pay their renewal charge, they are moved into an "expired" state. The club leaders can see the status and renewal date for all members, and use the filter tools to just see active or expired members. Club members management Paying out membership fees works just as it does with paid files in Downloads. Users receive the amount as account credit. If enabled, they can then request a payout of this via PayPal or a manual payout method you want to use. Viewing an invoice in the AdminCP where some payment has been given to a member Viewing account credit with options to withdraw funds Club content throughout the community Currently content in clubs is only visible within the club itself. In 4.3 a new setting allows you to show the content from clubs throughout the community - for example, if a club contains a forum, that forum can show in the main forum list. Club forums showing on main forum list This is a single toggle: if enabled, all content from clubs that each user has joined will show throughout the community, appearing below the normal categories/etc in that application. New Club Type: Read Only In addition to Open, Closed, Private and Public, we have added a new club type in 4.3: read only. In a read only club, everyone can (without joining) view everything in the club, but cannot participate unless they are invited by a club leader. Following Users can now follow a club, and will then receive notifications about all new content in the club - the same as if they followed every content area in the club. List View In addition to the current grid layout of clubs, there is a new list-style. Clubs List View The admin can choose which views are available and what the default should be. AdminCP Approval You can now filter the list of clubs in the AdminCP to clubs requiring approval and approve clubs from within the AdminCP. Approving clubs in AdminCP Deleting Content Areas Club leaders can now delete content areas within their clubs. This can be useful if, for example, the leader added a club feature by mistake. Content areas can only be removed if there is no content within it, or if you have granted club leaders the ability to delete content in their clubs (since they would be able to empty it). Ability to remove features from clubs Other Minor Tweaks You can now set per-group the maximum number of clubs a member in that group can create. A member invited to join a club can now delete the invitation if they do not want to accept it (rather than just ignoring it).
  5. Stripe is the most popular payment method in Commerce, allowing communities to take payments by card securely with easy setup. While there's no doubt that credit cards are still the most popular methods of making a payment, digital innovations such as Apple Pay are increasing in popularity. For 4.3 we've deepened our integration to support some of their latest features. Apple Pay & Google Pay Apple Pay allows users to pay quickly with their iPhone, iPad or Mac (with Safari and either a paired iPhone or using the MacBook Pro with Touch ID) using the card details stored on the device, authenticated with Touch ID or Face ID. Apple Pay Google Chrome (on desktop or Android devices) supports a similar feature allowing users to pay with card details stored in their Google account with Google Pay, or stored in Chrome itself. Paying with card details stored in Google Chrome Both of these features are now supported through Stripe in Invision Community 4.3. Setup is simple - for Apple Pay you simply need to verify that you own your domain by uploading a file you obtain from the Stripe dashboard, and nothing special is needed for Google Pay - and then create the payment method in the AdminCP. Stripe does not charge any additional fees for either option. Commerce will automatically hide the option if the user's device does not support either method. 3D Secure Also known as Verified by Visa, Mastercard SecureCode, and other brand names, 3D Secure is a system that is used to verify a customer's identity before purchase is completed and transfers the fraud loss liability from the merchant to the cardholder bank in case of fraudulent disputes. After the user has entered their card details, they are redirected to their bank's website and asked to provide additional verification. Our integration with Stripe in 4.3 now supports this process. A new setting allows you to choose if you want to use 3D Secure just for cards which require it (i.e. cards which would decline the payment if 3D Secure is not completed) or for all cards which optionally support it as well. Amex Express Checkout American Express cardholders can use Amex Express checkout to pay by using their American Express login rather than providing their card information. This is also now supported through Stripe in 4.3. Amex Express Checkout Alipay, Bancontact, Giropay, iDEAL, SOFORT These are popular payment processors internationally (Alipay is popular in China, Bancontact in Belgium, Giropay in Germany, iDEAL in the Netherlands, and SOFORT in several European countries). The checkout experience is similar to PayPal with the user being redirected to the appropriate site, authenticating the payment, and then being redirected back. All of these are also now supported through Stripe in 4.3. Dispute/Chargeback Handling A dispute (also known as a chargeback) occurs when one a cardholder questions your payment with their card issuer, which causes the funds, plus a fee, to immediately be taken from your account until evidence is provided that the transaction was legitimate. Anyone operating an online store knows how frustrating this experience can be. In 4.3, we've made dealing with this situation a little easier. When a dispute is created, Commerce will now mark the transaction as disputed, which will immediately revoke any benefits from the purchase (for example, if it's for a subscription that moves them into a different group, they will be placed back into their original group; if it's a Downloads file, they won't be able to download it any more; if it's for a physical item that hasn't been shipped yet, the shipping order will be placed on hold). Disputed Transaction All transactions with currently open disputes can be accessed quickly from the transaction list. The transaction page will show you the status and reason for the dispute, and links to your Stripe dashboard where you can respond. When the dispute is resolved, the transaction screen will be updated, with either the transaction being marked as refunded if the dispute is lost, or going back to paid if the dispute is won and the funds returned to you. A dispute that was lost A dispute that was won Radar Radar is Stripe's suite of fraud detection tools using machine learning and customisable rules to help detect fraudulent transactions. Stripe will automatically blocks transactions is considers highest risk already. However, for "elevated" risk transactions, while Stripe would alert you of them so you could review them, Commerce would process the transaction normally. In 4.3, Commerce will place any transactions which Radar reports as having an "elevated" risk level on hold for manual review, so you can decide whether to approve or not before the funds have been captured. In addition, the transaction details screen for Stripe transactions now provides some additional information about Stripe's checks on the transaction, including the Radar risk level, if the CVC check passed, and if the billing address provided matches the card's billing address. If a fraudulent transaction does make it through, you will now have the option to indicate this when refunding the transaction to help Stripe's anti-fraud systems learn.
  6. Search. Let's be honest, it's not the most exciting feature in the world. You ask to find things, and it shows you what it found. Simple, right? It's a lot more complex than that. After numerous tests, a few surveys and many discussions with customers, we've decided that there is no "right" or "wrong" way to search. Invision Community is used on many diverse communities and each has its own needs. The bigger the community, the more of a headache search can be when you start hitting frustrating technical limitations of the database. Happily, we've addressed all of these issues with Invision Community 4.3 and added a few extra treats. Searchable Products and Pages Products in the Store and custom Pages will now show in search results. Store product in search results More Customisable Search Experience One of the most difficult challenges with search is anticipating the scope of the search. If, for example, you're looking for something you know you've seen before, you want the search to be narrow - matching only the exact terms you provide, probably only matching against the title, in the specific area you know where the content is located. If however, you're just doing a general search about a particular subject, you want the search to be wide - matching any of the terms you enter, anywhere in the community, in both titles and content. For a while, Invision Community has had the option to choose which areas to search, defaulting to the area of the community you're in (for example, if you're in a forum, only that forum will be searched by default). We also provide a number of suggestions on the search result form (in the form of "Didn't find what you were looking for? Try searching for..." followed by a number of options) which adjust the scope of the search. In Invision Community 4.3, we have a new interface for the quick search feature which makes some of these options more visible so you're more likely to find what you're looking for on the first search. New Search UI Along these lines we have also: Changed the default "Search In" selection to "Everywhere", regardless of where the user is. Added a new setting which controls whether the "Any words" or "All words" option is checked by default. Added a new setting which allows you to adjust how much of a boost results receive for a match in the title, versus the content body, when searching both content titles and body. You can set default and/or operator. New Search Settings Elasticsearch In Invision Community 4.3 we are adding native support for Elasticsearch, a third party search engine which offers a number of benefits over searching your MySQL database: Elasticsearch, being designed and indexing data in a way optimised for search rather than data storage, is generally able to match and sort by relevancy with better accuracy than MySQL. Elasticsearch is generally faster. One user performing a search doesn't slow down other users trying to read and make posts at the same time (when searching MySQL, the data has to be "locked" from changes when the search is being performed). It scales very well with very large datasets, and runs very easily on multiple servers. Elasticsearch understands language. If for example, you search for "community", it will also return results which contain the word "communities", understanding that these are the same. Supported languages are Arabic, Armenian, Basque, Brazilian, Bulgarian, Catalan, Chinese, Czech, Danish, Dutch, English, Dinnish, Drench, Galician, German, Greek, Hindi, Hungarian, Indonesian, Irish, Italian, Japanese, Korean, Latvian, Lithuanian, Norwegian, Persian, Portuguese, Romanian, Russian, Sorani, Spanish, Swedish, Turkish, Thai. Elasticsearch supports custom functions on the scoring algorithm. In our initial implementation this has allowed us to add settings to allow you to control the time decay (allowing newer results to show higher) and author boost (allowing content posted by the user to optionally show higher in results). Unlike with MySQL, there is no minimum query length and a very small list of stop words. Elasticsearch Settings When enabled, both searches and activity streams will be retrieved from Elasticsearch. The core_search_index database table in MySQL will no longer be populated, so you will not have to store the data twice. To use Elasticsearch, you can either install it yourself on your own server, or use any of the many excellent hosted Elasticsearch options. The minimum required Elasticsearch version is 5.5. REST API Developers and those looking to integrate Invision Community features into their own sites will be pleased to learn that we've extended the REST API to accommodate searching.
  7. The best way to convert guests into members is to make the onboarding process as simple as possible. Over the years, we've added special log in methods for Facebook, Google, LinkedIn and Microsoft. We've carefully hand coded these integrations to allow guests to sign up with just a few clicks using services they're already a member of. These services used to use proprietary methods to link with other websites, but a new standard has emerged. OAuth You may not know it, but you're probably familiar with OAuth already. If you have enabled the ability for users of your community to sign in with their Facebook, Twitter, Google, LinkedIn or Microsoft account, you may have noticed that the process for setting up each of these is quite similar. This is because they all use the OAuth protocol. In Invision Community 4.3, we are introducing several exciting new features: In addition to all of the existing social networks above, which retain their "easy setup" status, we have also added Wordpress. Users on your community can now sign in with any Wordpress site you control (you will need to install a Wordpress plugin to enable OAuth capabilities). As well as those "easy setup" options, we have also added the ability for you to allow users on your site to sign in with any OAuth 2.0 based provider. This means, for example, if your community is based in a location where other social networks are popular, if they use OAuth, you can set those up too. While the setup is a little bit more complicated, this doesn't require any custom programming - you'll just need to find out a few more pieces of information from the provider (an example is provided below). Invision Community itself can now also serve as an OAuth 2.0 server so you can set up other sites to be able to facilitate logins using credentials from your community. This works in conjunction with our REST API, allowing you to make API calls as an authenticated member, which will return just the information that user has access to. With the ability for Invision Community to serve as both an OAuth server and client, this now provides standard integration for multiple Invision Communities together, which will now replace the old IPS Connect feature. We have also taken this opportunity to make a few other minor tweaks to login, registration and account management features, especially for communities which rely heavily on non-standard login methods (more details below). Setting Up a Custom OAuth Provider For this example, I'm going to use vk.com, which is a popular social network in Europe. While Invision Community doesn't provide this as one of the "easy setup" options, it is based on OAuth 2.0 so we can use the new functionality in Invision Community 4.3 to set it up. In older versions, the list of login handlers in the AdminCP had all of the providers listed with enable/disable toggles - because now you can add as many custom handlers as you like in 4.3, it's now a list where you can add/delete options: Login Handlers List When clicking the "Create New" button, you'll see all of the different handlers Invision Community supports. Since vk.com isn't in the list, but is still OAuth 2.0-based, I'll choose the "Other OAuth 2.0" option: Choosing a Login Handler You'll now need to use the documentation provided by the site you want to integrate with to fill out this form. While no custom programming is required, the documentation is usually quite technical in nature - but you only need a few key pieces of information. We anticipate that for some of the more popular options, guides will be provided to help you find the information you need. I have created an application in vk.com's developer center and so I will copy and paste my credentials into the form: Inputting vk.com credentials I then need to find the endpoints from vk.com's documentation and input those too. Inputting vk.com endpoints Next I need to find the endpoint where I can access the user's information within their API and the parameters they are returned by. The only required piece of information is an ID, but you can also provide the parameters for accessing the display name, email address and profile photo. If display name/email address isn't available/provided, the user will be asked for this the first time they sign in. vk.com's API doesn't provide access to the email, but I can use the screen name as the display name, and they do provide access to the photo: Inputting vk.com User Information Endpoint and response parameters Finally, provide a logo and a color for the sign in button and some final settings: Inputting vk.com Logo and Button Color And now vk.com login is set up. A button will now show up on the front end which I can use to sign in. I didn't provide a way to access the email address, so on the first sign in, the user will be prompted to provide that, but the screen name and profile photo from vk.com will be used: Signing in with vk.com Using Invision Community as an OAuth Server You can also set up Invision Community itself to be an OAuth Server. This may be useful for two main reasons: If you want to integrate two communities together, or integrate with something else which supports adding custom OAuth clients. If you are a developer and want to use the REST API using OAuth for authentication rather than an API Key. You can either make requests as an authenticated user (by obtaining an access token) or using Client Credentials. The screenshots below show the full capabilities which are quite technical and mostly aimed at developers. If you will just use this feature to link two communities, don't be concerned if it looks too complicated, an easy-to-follow guide will be available to achieve that. You will set up the clients from the AdminCP: Setting up an OAuth Client When creating the OAuth Client, you can control which scopes are available, and which endpoints of the REST API they provide access to: Defining OAuth Client Scopes The login process is then the standard OAuth flow, and users have the ability to view authorisations in the account settings: Authenticating an OAuth Client The REST API has new and updated endpoints to be aware of the authenticated user: A new REST API endpoint which returns details of the currently authenticated user An updated REST API endpoint which, when called using OAuth authentication, will only return data the authenticated user has access to Other Login System Tweaks Users can now choose if they want to change their local display name or email address if it is changed by an external login method (or the administrator can choose this behaviour). If there is an issue with this (for example, it wants to change the email to one that is already taken), or profile photo syncing, this is now better communicated to the user. You can now control per-login-handler if new registrations are allowed using it. This addresses some confusion from previous versions as to if the "Allow New Registrations" setting applies to accounts being created by social network logins. The Standard login handler can be disabled if you rely totally on an alternate login method. To allow this to happen: All areas where a user is prompted to re-enter their password (some areas of the account settings) now allow reauthentication using any login handler. You can disable local registration but still allow accounts to be created by other login handlers, or redirect users to an external URL to register an account. You can also disable or redirect to an external URL for changing email address / password or the Forgot Password tool. You can now create multiple instances of the external MySQL database and LDAP login methods which have also had some other minor tweaks: The external MySQL database handler now has PHP's password_hash() function as an available option for password encryption type, and defining a custom encryption method is now much easier, done entirely in the AdminCP without needing to modify PHP files. You can now choose if changes to the local display name / email address / password is synced back to the external database / LDAP database. You can optionally show these handlers in the Account Settings pages like other login handlers to allow users with an existing account to link their accounts. You can define a Forgot Password URL for the external database which the user will be redirected to if they try to use the Forgot Password tool and that is how their account is authenticated.
  8. Emoji: built in to Invision Community 4.3! ? Invision Community has a long history. We remember the early days of forums, back when graphical "emoticons" or "smilies" were added. We have always shipped our products with a basic set of emoticons with the ability to add your own images and has supported emoji from mobile devices. Emoji has become a standard across mobile and desktop devices so it made sense to bring them to Invision Community fully. You can choose from 3 different styles of Emoji: The native style provided by the user's operating system (if you choose this option, users on different platforms will see different styles) Twitter style EmojiOne style Emoji Settings Once you have chosen one of these options, all of the available Emoji will show in the emoticons selector when making a post. Unlike in older versions, the entire list is scrollable (the categories drop down will jump you to the category rather than filter), you can search, and standard Emoji features like skin tone modifiers are fully supported, and of course, you can make them as big as you like. Navigating Emoji Skin Tone Modifier Make Emoji any size Autocompleting Short Codes In addition to using the selector, you can also use optionally enable standard :short_codes:. These will be autocompleted as you type. Autocompleting Short Codes You can also enable more conventional ASCII emoticons to be automatically replaced too: ASCII Short Codes Don't Worry: Custom Emoticons Aren't Going Anywhere! You can use custom emoticons either instead of, or even alongside Emoji. If you give your custom emoticons a text replacement starting and ending with : they will even show in the autocompletion alongside Emoji. Custom Emoticons Technical Details Whichever style you choose, Emoji is stored in the database as the actual Unicode characters, so you can even change the setting and all Emoji, even those in existing posts, will immediately change. If you choose to use the native style (so the Emoji will match the style provided by the operating system), the system will automatically detect which Emojis are supported and the selector will only try to show the ones the platform can render.
  9. Mark

    4.2.4

    4.2.4 is a maintenance release that fixes issues identified in 4.2.3.
  10. Mark

    4.2.3

    4.2.3 is a maintenance release that fixes issues identified in 4.2.2. Please note if you use https in the AdminCP, but not on the front-end, the auto-upgrade process may not work correctly. You should download this update from the client area and upgrade manually.
  11. Mark

    4.2.1

    Version 4.2 is the next large release for Invision Community! We are very excited to introduce all the new features and improvements. Full information on 4.2.0 ... 4.2.1 is a maintenance release to fix minor issues.
  12. All payment methods which support accepting credit card details directly (Stripe, and PayPal when in card mode) allow users to store their card details on file. This offers a number of benefits: When checking out in the future, the user will not have to enter their card details again. If the user purchases something with a renewal charge, that payment will be taken automatically when it is due. This can happen even if the renewal fee changes (for example, the user upgrades their package). Administrators can manually charge an invoice to a stored card. PayPal (in the mode which redirects the user to the PayPal site rather than accepts card payments directly) handles recurring payments differently, using Billing Agreements. With Billing Agreements, rather then your community contacting the payment method when payment is due, PayPal saves the details of the recurring payment on it's end and charges the user automatically. This has some significant downsides: Purchases which are tied to a Billing Agreement cannot be edited in any way. The customer cannot upgrade them, and administrators cannot change the expiry date or renewal terms. To make any changes, the Billing Agreement has to be cancelled, and then the user can create a new Billing Agreement the next time their renewal is due. Because PayPal takes the payments in batches, it will not come exactly when it is expected, and if there is an issue with the payment (for example, the user's card details on their PayPal account are out of date) it may take payment significantly later than the purchase's expiry date and the customer having access to the purchase for longer than they should. If a customer buys two items at the same time which have different renewal terms (for example one renews every month and the other renews every year) a Billing Agreement cannot be created at all. There is no benefit provided to subsequent unrelated purchases. The user will have to create a new Billing Agreement for each purchase. Because of these limitations, we strongly recommend using a payment method which supports storing card details for recurring payments. Learn more about the payment methods Commerce supports
  13. Mark

    4.1.19.3

    Fixes a security issue related to importing profile photos from URL.
  14. This entry is about our IPS Community Suite 4.2 release Top Members For 4.2 we made some improvements to the Top Members section of the Leaderboard. A new overview page tab shows a selection of the top members across different criteria. Top Members Overview Page showing members with Most Reputation and Most Content The filter menu allows you to view more members in any chosen category, and a new AdminCP setting controls which categories should be available. Top Members Categories In the AdminCP you can configure which categories are shown on the overview page, the filter menu, and how many results show for each. Top Members AdminCP Settings Popular Contributors Widget Another small change is the Popular Contributors widget now contains a link to the appropriate section of the Leaderboard. Popular Contributors Widget
  15. This entry is about our IPS Community Suite 4.2 release IPS Community Suite has supported drag and drop uploading to the attachments area at the bottom of the editor since 4.0. In 4.2 we're pleased to add the ability to drag and drop right into the editor, so you can drop your attachment exactly where you want it to show without having to add it afterwards. Drag and drop into editor If your browser and OS supports it you can also copy and paste, either from the desktop or from other content on the web: Copy and Paste Naturally this works for ordinary files as well as images: Drag and drop a file
  16. This entry is about our IPS Community Suite 4.2 release In 4.1.18 we added Two Factor Authentication. Already in 4.2 we have announced a new setting to trigger 2FA when logging in from a new device, and in 4.2 we are also adding Authy as an authentication handler. Authy can send a user a text message, make a phone call, or send a push notification to a smartphone app to authenticate the user. You can enable whichever of these options you like. Set Up To set up Two Factor Authentication with Authy, the user will enter their phone number. To verify their phone number they will then enter a code shown in the Auhy app or have a code sent by text message or phone call. The system will automatically show an appropriate interface based on what options you have enabled - for example, if you don't want to enable the app as an option, it will not reference Authy. Setting up Authy with the app available as an option Setting up Authy with just phone or text message options enabled Verification with Authy When the user needs to verify their account, the system will automatically show an appropriate interface. If you allow verification with the Authy app and either it is the only option you allow, or the system knows that the user has installed the Authy app, the system will prompt them to use the app. This can either be done using Authy's OneTouch option (where the user will receive a push notification to the app, and when they click approve, the screen will automatically refresh) or their SoftToken option (where the user will be instructed to open the Authy app and enter the code they see). If you allow authentication by text message and/or phone call as well, the user will also see options for using those instead. These screenshots show the process for OneTouch authentication: The user is shown a waiting screen Simultaneously they will receive a push notification and when opening it be able to approve Once the user has approved, the waiting screen will automatically refresh with the user authenticated. For SoftToken authentication, the user is prompted to enter the code shown in the Authy app: Authy SoftToken option Phone Verification If you have disabled the Authy app as an option, or the user does not have it installed, they will be prompted to choose from the available options how they want to authenticate. These screenshots show the process for authenticating by text message: The user is asked how they want to authenticate The user receives a text message or phone call with a code The user enters this code to authenticate Management If the user changes their phone number they can reconfigure the system in their account settings. The system automatically shows "Phone Verification" rather then "Authy" if the app is not available as an option. Account Settings showing Authy as Phone Verification
  17. This entry is about our IPS Community Suite 4.2 release Improved Stripe Integration Stripe is a popular payment gateway that supports card payments. In IPS Community Suite 4.2 we have made some improvements to our integration: When viewing a transaction in the AdminCP, it will show the last 4 digits of the card used, and the result of Stripe's risk evaluation. More information is sent to Stripe for easier cross-reference between Stripe's control panel and your AdminCP. This includes the customer's name, billing and shipping addresses, email address, associated transaction/invoice/customer IDs, and the invoice title. Stripe Transaction in the AdminCP showing risk evaluation and card details Transaction in Stripe's control panel showing customer and invoice details Anti-Fraud Improvements Anti-Fraud Rules now have some additional filters: Products being purchases includes... Account was registered more/less than [x days] ago Customer is/isn't in group Customer has previously spent more/less than Time since last purchase is more/less than [x days] ago Custom profile fields (both at member and customer level) IP address is x (exactly, contains or matches regular expression) Customer has previously made transactions that failed (opposed to "were blocked by fraud rules") Email address matches regular expression Some of the new Anti-Fraud Rule options MaxMind per gateway A new setting has been added that allows you to run MaxMind only against transactions using particular payment gateways. New MaxMind gateways setting Transaction Search You can now enter the transaction ID provided by the payment gateway in the AdminCP search box to find a transaction. Looking up a transaction by gateway ID Renewal Savings If you have a product with multiple renewal terms, a new setting allows you to show alongside each option how much is saved. This can be shown either as a monetary value, or as a percentage. Product showing savings for different renewal options
  18. Mark

    4.1.19.2

    This is a maintenance release to fix minor issues. As we prepare our 4.2 release we will continue to provide small maintenance updates to 4.1.
  19. Mark

    4.1.19.1

    This is a maintenance release to fix minor issues.
  20. This entry is about our IPS Community Suite 4.2 release. One of our more technically-oriented features for 4.2, we have added more detailed logs of user logins, and the devices and IP addresses used. This brings several new features: Notification of a new device sign in If enabled, users can receive an email notification when a new device is used to log into their account: Email sent when a login from a new device is detected When a user signs in for the first time, a special key is set to recognise the browser on subsequent logins. This mean the notification email does not trigger on a new IP address, which would be annoying when travelling or if using a network where the IP address changes regularly. Instead, the notification is only triggered if someone signs into your account from a new physical device or web browser. UserCP Device Management If enabled, a new page will show in the user's settings page showing all the devices which have been used to log into their within the last 90 days (which is recent enough that could still be logged in if "Remember Me" was checked). Recently Used Devices Users can see the device, browser, physical location (obtained by a GeoIP lookup) and if applicable, how the login was processed (for example, if the sign in was with Facebook or Twitter, this will show). If they chose "Remember Me" when logging in, they can undo that (handy if you realise you accidentally left yourself signed in on a public computer). If they see anything they don't recognise, a page to walk them through the necessary steps to re-secure their account is available. Secure Account Information New Two-Factor Authentication Setting "Logging into the front-end" is one of the options of when to prompt for Two Factor Authentication. In 4.2, this has been separated into two distinct settings: Logging into the front-end from a new device Logging into the front-end from a known device If you enable the former, but not the latter, and the user has previously logged in devices, the system will automatically show an explanation to users alongside the other available recovery option. This can be useful especially if you do not want to offer other recovery options. AdminCP Device Management In the AdminCP, administrators can see all the device and IPs a member has used. They can also disable automatic login for any device. Edit member page shows most recently used device and IP address Viewing a device's details The system can also detect if another user is using the same device and will show this in the list of devices. Users sharing the same device
  21. Mark

    4.1.19

    This release focuses on bug fixes and performance. You should see speed improvements. New features include: A new moderator setting to restrict users from ignoring moderators. A new group setting to allow members to lock their own content. A new group setting to hide a group from filters in search. When moving content moderators are now prompted for where you want to be redirected after the action. Activity Streams can be created with condensed view as default. An email is now sent when an account is locked for too many bad login attempts. When editing a member in the AdminCP, it will now show how much of their messenger storage quota is being used.
  22. Mark

    4.1.18.2

    Fixes the following issues: SQL error when adding Commerce package or customer field. SQL error when setting up topic archiving. The ‘show reply’ button in notification popup reloads the page instead of loading content inline. Opting out of security questions may not work. Word filters not applying correctly. Reordering custom profile fields may not work properly. Draft or future blog entries may be included in the sitemap. Rounding issue with half-percentage tax rates in Commerce. Adds a "More Colors" option to the color dropdown in the editor.
  23. Mark

    4.1.18.1

    Fixes upgrade issues in some server configurations (already silently patched). Fixes some AdminCP settings showing the wrong value selected, especially in Spam Service settings/ Fixes an error when trying to split a topic. Fixes missing images when setting up Google Authenticator, and an issue which may setup to fail. Fixes broken links on the new Two-Factor Authentication setup page. Fixes missing language string in AdminCP Dashboard warning when site is offline and in image sharer settings. Fixes errors for some communities that have previously converted from other software. Fixes an issue with grid layout on some pages.
  24. Mark

    4.1.17.1

    This is a maintenance release to fix minor issues.
  25. Mark

    4.1.14.2

    This is a maintenance release to fix reported issues. In addition to a strong focus on overall stability, this release contains: Official PHP 7 support Major performance improvements to Activity Streams Version 4.1.14.1 / 4.1.14.2: This is a small maintenance update to address issues some clients had with certain URLs. We have also seen clients having issues with many third-party plugins and this update will attempt to better capture those errors. Important This is the last release to officially support PHP 5.5 which is now completely unsupported by PHP. If your web host is still using PHP 5.5 you should contact them to upgrade to either PHP 5.6 or PHP 7.0.
×
×
  • Create New...