@jomres jomres released this Dec 4, 2018

Assets 3
  • Updated upload handler to use new code that fixes unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload library

  • Updated show property room type script to show slideshow images, and room type name and description. Repurposed an old template that had recently been abandoned to show this content.

  • Added room type price ranges to show_property_room_types script and templates.

  • Modified booking engine so that room type list shows room type images.

  • Improved show_property_room_type script to use administrator entered room type title and description if it's an admin created room type

  • Booking form classic rooms list updated to show room type images as well as room images. This helps to address an occasional request that users not be forced to upload so many images (one or more for each room) by allowing them to remove the room image markup altogether from the booking_form_classic_roomslist.html and booking_form_classic_roomslist_selected.html templates and showing just the room type image instead.

  • Updated cron job tab to show schedule and last ran time of job.

  • Modified room class table to allow more content in room type description.

  • Modified rating functionality to allow the scores to be more fine-grained.

  • Disabled a GDPR related decision as the info stored is not PII, and the optin option doesn't appear until much later.

  • Added paths to backtrace of patTemplate to see which script is being run (could be a customised version, which the older code would not reveal)

  • Resolved an issue where when generating multiple rooms, the last room number was re-used incorrectly.

  • Fixed an issue with pagination and SEF (sh404SEF) urls

  • Added booking number and booking number text to script that displays invoices.

@jomres jomres released this Oct 31, 2018 · 29 commits to master since this release

Assets 3
  • Added ability for guests to semi-anonymise their reviews.

  • Added review reply feature.

  • Updated show property room type script and show property rooms to receive room type id and filter based on those if required.

  • Updated shortcode information for show property room type script.

  • Modified calendar scripts to render better in small screens

  • Show property header script updated so that the price output uses the same method as the List Properties script, because list properties can take advantage of plugins for calculating prices. Provides consistency in pricing output between the two pages.

  • Minicomponent readme updated with webhook trigger numbers and summary.

  • Added booking form content to $output variable in viewproperty script, and added markup to comments section of the notabs template. {BOOKING_FORM} // Yes, that booking form. show_booking_form_in_property_details setting from Site Config needs to be set to Yes for the form to show.

  • Added css definitions to make the date picker a bit bigger.

  • Re-added converted price details to output price function so that value is shown in both selected and native currencies.

  • Tweaked GDPR functionality so that if GDPR consent policies are not used, then the "given consent" method returns true every time.

  • Tweaked booking engine so that no rooms message is not hidden.

  • Improved a language string so that it makes sense when seen on the control panel.

  • Improved get booking url function to ensure that the = symbol isn't santitised.

  • Fixed an issue due to BS4 related changes where when site is set to BS2 (a rarity nowadays, as BS2 isn't as responsive as BS3) then the fullscreen view would render the Jomres Main Menu vertically instead of horizontally.

  • Resolved an issue with a historic section of a query that's no longer relevant due to GDPR related changes. Thanks Juan.

  • Tweaked how we find the bs version for setting up tabs in property config on older BS2 sites.

  • Fixed an issue that preventing the system from downloading the plugin manager (a free plugin) if the license key wasn't set.

@jomres jomres released this Sep 12, 2018 · 71 commits to master since this release

Assets 3
  • Added functionality to allow guests to login via a modal in the booking form.

  • Added "Edit guest" link to edit booking page.

  • Modified jomres_properties.class.php so that on update, hyphen html entities are converted back to hyphens when saving lat/long.

  • Removed an email check that was causing more problems then it resolved.

  • Added output to admin area script so that if there are no reviews to see, a message is shown.

  • Dobooking extras updated to add commented out extra description.

  • Added a variety of J4 administrator area BS4 changes.

  • Tweaked jr_user class to create a new guest profile record if it doesn't exist, because dashboard widgets need a row in profiles table before they can be saved as a manager's selection.

  • Replaced spaces with tabs. Seriously, what lunatic wants spaces everywhere? Tabs FTW.

  • Tweaked sanity check to not show reviews nag on dobooking or confirmbooking tasks.

  • Added a functions_exists check in one of the filters in case a user somehow manages to include the filter script twice.

  • Added whatsapp link to property header template that will only show on mobile devices.

  • Added a check to jomres_reviews.class.php to ensure that we only attempt to log a contract uid if it's actually set.

  • Tweaked where the Store booking details process is triggered during handlereq phase.

  • Tweaked view invoice script so that non-booking invoices can always be viewed by managers.

  • Added Balance payments supported flag as TRUE if it's an admin area configured payments plugin. Not sure how that will impact 3rd party plugins, however.

  • Added functionality that should release requested rooms when a previously unlogged in user logs in.

  • Tweaked cms specific urls in J to adopt the itemId when passed

  • Tweaked a class to adjust to new constant names for property details.

  • Tweaked how admin area review approval works so that the publish/unpublish icon changes correctly.

  • Fixed a couple of notice triggers in roomlocks class.

  • Modified add service to bill functionality to ensure that negative figures are safely added instead of being sanitised, as blunt force trauma to bills isn't nice :(

  • Resolved an issue where widgets cannot be loaded if property manager has not yet saved their account details.

  • Fixed an issue where the wrong table name was used after previous GDPR related changes.

  • Resolved an issue when pulling existing guest data from the database in the booking form.

  • Resolved an issue where guest name filters wouldn't work post GDPR changes.

  • Tweaked functionality that was preventing existing guests from updating their data to the profiles table when creating a new booking.

@jomres jomres released this Jul 2, 2018 · 129 commits to master since this release

Assets 3
  • Added feature to allow property managers to create room types in the frontend. A new setting in Site Config > Misc tab allows managers to enable/disable this setting. Another new setting in the same place allows site administrators to decide if these room types should show in search dropdown fields. This is an oft-requested feature that I am confident will be very popular.

  • Added functionality to easily hook in machine learning plugins to automagically translate Jomres language strings. A new DeepL Jomres plugin will be available in the plugin manager.

  • Modified jomreslanguage class so that arbitrary names can be set and javascript not used.

  • Forced to modify how custom text strings are stored for property name, address and description texts. The older style, without the property uid, caused global strings that would overwrite property names, descriptions etc when machine translation is used.

  • Modified how Advanced tariff names are pulled from the db, fixes an issue where tariff names are not shown in Advanced mode.

  • Added functionality to convert old style property details content text from definitions such as _JOMRES_CUSTOMTEXT_PROPERTY_NAME to the more recent _JOMRES_CUSTOMTEXT_PROPERTY_NAME_X This has been done so that machine translation of strings doesn't force global text strings in the custom text field for property details content.

  • Added a new note to the timeline modal popup regarding re-using email addresses.

  • Removed a reference to a database column that should no longer have existed.

  • Fixed consent form wrapper to improve scrolling of modal in BS2 templates.

  • Tweaked some code because blockui being triggered when gdpr functionality is disabled.

  • Resolved an issue with hyphens being set incorrectly when editing properties and using the default lat/long settings.

@jomres jomres released this Jun 13, 2018 · 160 commits to master since this release

Assets 3
  • Added code to the webhook watcher script to try to find a super property manager's id if we cannot find a normal manager's id for a property.

  • Changed how we find a reviewer's name so that manager created reviews (which personally I dislike, but some users love) also show the correct name. Saves a query too.

  • Use of "secret" in cron tasks removed. It's not necessary and is unreliable.

  • README.md updated with access level notes

  • Added a sanity check for ZipArchive

  • Modified webhook functionality so that it can handle webhooks where no manager id is set.

  • nl-NL.php language file fully updated, thanks Ruud.

  • Added jr_import('jomres_encryption'); to show_property_reviews script

  • Modified media centre handler so that if 'undefined' is passed by a hinky browser, the resource id is set to 0.

  • Resolved a bug with new GDPR related functionality that could cause 500 errors in obscure ways when making bookings.

  • Fixed a bug in new GDPR related functionality that prevented us from building the existing guests dropdown in the booking form.

  • Improved the BS2 modal so that it plays nice with the other elements of the page.

  • Removed port from function that finds the current url.

@jomres jomres released this May 30, 2018 · 177 commits to master since this release

Assets 3
  • Various CSV potential hack hardening tweaks to ensure that the cleaning up of hyphens doesn't bork maps.
  • Improved GDPR confirmation functionality so that it's not so intrusive, it only really raises it's head when you get to the booking form now.

@jomres jomres released this May 21, 2018 · 186 commits to master since this release

Assets 3
  • Jomres updated to be compliant with the GDPR

  • GDPR compliant guest data encryption added

  • System modified so that it always creates new users on booking. This allows us to be GDPR compliant because then they can be traced to a login and their details removed.

  • Functionality updated so that invoice buyers and sellers details are encrypted.

  • System modified so that the "Create new user on booking" feature is automatically set to Yes and cannot be unset. This allows us to unambiguously tie invoices to CMS users, and it ensures that the guests can request that their details be removed by logging in. New tables added so that invoice buyer's and seller's details are captured at the time of the invoice creation so regardless of how their details are changed at a later date, the information required for an invoice is securely and immutably stored and records both the buyer and the seller's details as they were presented at that time.

  • Added scripts to convert existing invoice PII to encoded data using the jrportal_invoices class

  • Added functionality that will convert existing invoices into encoded data during upgrade.

  • Added a cron job to delete booking data archive details over 60 days old to be GDPR compliant

  • GDPR automatic booking and invoice deletion functionality added. Managers can configure how long it is until a booking's rows are deleted from the database, including PII and invoice related rows. Typically a year. Non-booking invoices are treated differently, for example in Germany invoices should be retained for 10 years therefore invoices (such as commission or subscription invoices), which are not related to a booking, can be retained for much longer if required.

  • Added gdpr consent form(s). Added optin table. Renamed cron job so that it's run last. Added gdpr optin consent class. This functionality, among other things, describes the data that is stored in the Jomres section of the website and allows visitors to opt-in or out.

  • Added GDPR compliant consent handling. Blocked users who have not consented from viewing booking form, login, registration and various other pages.

  • Provided a form to give feedback for users who have not given consent and gives them the option to change permissions.

  • Made consent form show in modal on BS3 & BS4

  • Prevented the system from storing IP number and location information when consent not received or consent explicitly forbidden.

  • Added menu option to access consent form

  • Added functionality to allow users to view the GDPR my data page, download said data as JSON, and delete own data.

  • Added functionality to allow site admins to redact/anonymise guest data.

  • Added switch to allow site admins to disable GDPR functionality. When the GDPR functionality is disabled, users are automatically opted-in to their data being collected.

  • Added "empty temp dir" tool to tools area.

  • Added logging to cron jobs so that if secret keys used are incorrect then this will appear in the Core application log. Could be the cause of some people's session tables getting too large.

  • Run legacy db tables updates too when checking db integrity

  • Added nl2br to video tutorial descriptions because some of them benefit from being longer.

  • Modified dobooking.php so that it can accept dates presented with hyphens

  • Improved cms plugin installers to double check if jomres dir is writable.

  • Showplugins updated so that if plugin manager wasn't updated properly and registry rebuilt, we will catch that.

  • Improved Joomla cms plugin installer for J4 compatibility

  • Modified defaults so that conversion feature is off until it is enabled, and prices inclusive option is on by default.

  • Implemented hardening against potential CSV inject attacks ( http://georgemauer.net/2017/10/07/csv-injection.html )

  • Clean temp js files when rebuilding registry on install/upgrade too.

  • Added a safe mode warning to cpanel because.....Rod.

  • Added support to access control feature to control property settings tabs too.

  • Property managers now no longer able to set the Email field to an optional field in the booking form.

  • Modified how secret passed to cron jobs is decoded as strict input filtering is not required ( as it's not stored ) and new CSV protection functionality borks the = symbol during input filtering.

  • Added code to empty the sessions directory if session handler is database in session cleanup script

  • Modified booking engine so that invalid email addresses (e.g. because it has been anonymised ) trigger a redirect to the edit account page, if the user is registered but not a manager.

  • Obsoleted nusoap library, adopted php native soap (for calling VIES to get vat number validity)

  • Tweaked output prices so that if arrival and departure dates are the same, then in property lists the date span is reset to 1 for the purpose of calculating output prices displayed in lists.

  • Tweaked how override contact numbers are parsed before output to refactor sanitised + symbols

  • Modified data available to the show property reviews template, instead of outputting username ( which is now always their email address ) instead we will output their full name.

  • List bookings ajax and list invoices ajax modified to ensure that they do not try to convert prices because the conversion on valid prices results in incorrect prices.

  • Solved a problem with extra names not being translated in contract details

  • Fixed an issue where newly created users who have filled their profile details, their details were not copied to the session

@jomres jomres released this Mar 27, 2018 · 287 commits to master since this release

Assets 3

Jomres 9.10.2 27/03/2018

  • Removed singleton specific code from all classes that don`t need it. There is only one singleton in Jomres, jomres_singleton_abstract class and this is the container for all other classes instances.

  • Deferred tasks modified to use Guzzle.

  • Added setting to change token lifetime.

  • Added database update script to remove old tokens.

  • Added the ability to pre-filter room types in the booking form.

  • Added support for the availability calendar to use the week start day setting.

  • Improved jquery ui availability calendar css.

  • Improved how we check if Jomres is installed. If db tables are created but no properties exist, we`ll consider that Jomres is not properly installed and execute the installation routine.

  • Modified the create multiple room script so that maximum rooms are now 1000 and max guests are 100.

  • Several language files updated to show correct link to email template editing page in manual.

  • Fixed an issue with a couple of dots too many, thanks kopfnuss.

  • Resolved an issue where token not deleted when client deleted.

  • Solved a problem with fixed arrival days in property details jquery ui calendar not showing colours.

  • Fixed a bug that prevented new property features to be created.

  • Solved a problem with redirects on update.

  • Solved a notice in label translations.

@jomres jomres released this Mar 14, 2018 · 321 commits to master since this release

Assets 3

You can not install this file through the Joomla or Wordpress installer features.

Instead we recommend that you visit the Downloads page on our site to see the options available to you.

  • Installation process completely rewritten and modernised.

  • Added a feature where property managers can elect to hide the property street from display to normal users. Users who have created a booking for that property can see the full address details.

  • Added availability calendar modal to SRP properties booking form too

  • Added support for downloading Nightly builds.

  • Modified list properties so that EDIT_LINK could be added to list properties output for managers to quickly edit a property.

  • Updated booking form to honour the "do not show inline calendars" setting from property config > property details tab.

  • Added code to detect that Jomres has been moved to a new server and rebuild the registry.

  • Tweaked frontend nag so that it doesn't show up if is an ajax call.

  • Modified ui availability calendar so that if fixed arrival day setting is used then other days will not be clickable.

  • Both MRP and SRP calendars updated so that bookable dates are highlighted, and other dates disabled, when fixed day of week booking set.

  • Modified date input feature for search modules so that if site is set to a single property installation then the first published property has it's settings used and if fixed arrival day is set to Yes then to set the search module's calendar to disable other days.

  • Extended POA price feature to show in lists.

  • Updated the jquery ui themes path

  • pt-PT datepicker code updated

  • Added jquery chained js back to jomres assets

  • Added an experimental feature to optimize images for the web on upload.

  • Custom flight methods updated to add "exit"s after the response has been sent.

  • Added functionality that allows PUT requests through the API to behave like POST requests.

  • Added functionality to allow downloading of development versions of Jomres thru the CMS in future versions (currently Joomla only)

  • Added detection of Joomla debugging setting, which allows installation of development versions of Jomres onto new installations of Joomla.

  • Removed a script that shows license failures in the frontend. No longer needed now that the plugin manager is ioncube encoded for subscriptions.

  • Added a check for a missing class which can sometimes trip users up when moving installations to a new server.

  • Added translation support for datatables Column Visibility button.

  • Solved a problem with media centre existing images that don`t have thumbnails created.

  • Resolved an issue where reviews would not save in test mode.

  • Solved a problem where personal guest discounts were not reflected on invoices.

  • Added jquery chained js back to jomres assets.

  • Solved a problem with short language codes.

  • Updated the jquery ui themes path.

  • Solved a problem with charts selection when sef enabled.

  • Modified a string in the French language file as the single quote causes problems with booking notes table when a guest is booked out.

  • Modified the core showplugin script to ensure that it passes the php version, without it the wrong encoded version of the plugin manager was being returned.

@jomres jomres released this Jan 24, 2018 · 440 commits to master since this release

Assets 3

You can not install this file through the Joomla or Wordpress installer features.

Instead we recommend that you visit the Downloads page on our site to see the options available to you.

Jomres 9.9.19 24/01/2018

  • Added a new feature to copy booking emails sent to property managers to site admins too. Setting can be found in Site Configuration -> Booking Form tab.

  • Updated dependencies

  • Installer updated to cope with mysql installations that mangle table name cases.

  • Solved a notice in integration.php