This article describes the changes and resolved issues for this version of the product.
What's New Overview
- What's New Inside Spring Release – 28 Webinar
- Enhancements & Updates
- UI Conversions
- Resolved Issues
- Patch Releases (28.1, 28.2, 28.3, 28.4, & 28.5)
Enhancements & Updates
-
Nucleus Analytics is now integrated directly into NetForum! For more information, refer to the Nucleus Integration Overview topic.
- The Abandoned Shopping Cart Notification functionality now allows Association Staff to schedule the sending of an Email to any individual who has an abandoned Shopping Cart. For more information on setup and usage, refer to the Abandoned Shopping Cart Notification functionality topic.
- Support for Azure Application Insights: Release 27 of NetForum includes support for Azure Application Insights monitoring service. This release extends the support for client-side monitoring in Azure with Application Insights for iWeb and eWeb applications. To configure Azure Application Insights for your web application, please contact your NetForum Support Representative.
- NetForum users can now apply a discount to an existing proforma invoice through iWeb. Please see the Applying a Discount to an existing Proforma Invoice topic for more information.
-
NetForum has updated the message displayed on Invoice Detail profiles to provide more specific details about what happened to the invoice. Previously, the system showed a generic statement ('This item has been cancelled or voided') on an Invoice Detail profile irrespective of whether the invoice line item was voided, voided with adjustment, cancelled, or returned. The system now displays one of the following statements based on what happened to the invoice line item on an Invoice Detail profile:
- This line item has been Voided
- This line item has been Voided with Adjustment
- This line item has been Cancelled or partially Cancelled
- This line item has been Returned or partially Returned
-
The authorization amount for American Express and Discover credit cards when adding a new credit card record to the Stored Payment Information child form using the Bluepay payment gateway has been changed from $1 to $0. Previously, $0 authorization was not supported by American Express and Discover.
Note: There are two types of $0 authorization through BluePay, Default and Real. Default validates the format of the card number but does not send it to the card issuer to verify that the card is valid. Real does the same format validation and in addition sends the card number to the card issuer to check that it is valid. Default is free, while Real has a transaction fee. Check with your BluePay Account Representative to determine which setting is enabled on your account.
- NetForum (xWeb) now supports the custom xWeb class for JSON Over xWeb calls. To use a custom xWeb class for JSON Over xWeb calls, you must update the CustomXWebAssemblyAndClass system option with the custom xWeb class details. For more information, refer to the CustomXWebAssemblyAndClass system option page.
- xWeb Update: A new xWeb Method RenewMembership has been added in this release. This method provides an easy way to process simple membership renewals.
-
A help topic for the xWeb method WEBCentralizedShoppingCartOpenInvoiceGetList has been documented with this release.
Note: This xWeb method was already a part of the xWeb application; the update is to documentation only.
-
Security Enhancement: Improvements to HTTP security.
-
Implemented Strict-Transport-Security (HSTS) per specification.
- Notes: NetForum already supports variation of HSTS, existing implementation has been improved to comply with browser specification. Enabled by default.
- Reference: Strict-Transport-Security - HTTP | MDN (mozilla.org)
-
Implemented X-Content-Type-Options.
- Notes: Enabled by default.
- Reference: X-Content-Type-Options - HTTP | MDN (mozilla.org)
-
Improved X-Frame-Options.
- Notes: Enabled by default. Clients who embed or use NetForum in iframes should consult.
- Reference: X-Frame-Options - HTTP | MDN (mozilla.org)
- Removed HTTP headers that help identify server and application architecture.
- NetForum cookies will only be sent back over a connection using SSL/TLS. The default is true.
-
Implemented Strict-Transport-Security (HSTS) per specification.
- For security purposes, NetForum (eWeb) now includes the ability to control which domains may be redirected to from the NetForum application. A new system option RedirectWhitelist has been added to allow users to store a list of desired domains they wish to use for redirects. For more information, refer to the RedirectWhitelist system option topic.
- eWeb Security Update: A potential vulnerability with eWeb has been discovered and fixed.
-
Framework Update: NetForum has removed the System.Web.SessionState dependencies from FacadeClass/Components classes. References to System.Web.SessionState.HttpSessionState class have been replaced by the newly implemented NfeHttpSessionState class defined in a new assembly CommunityBrands.netForum.NfeHttpClasses. Similar changes were made replacing HttpContext references with NfeHttpContext. These changes were also made in related classes in other assemblies such as Data and Common.
Important: There is an implicit conversion between NfeHttpSessionState/HttpSessionState, and NfeHttpContext/HttpContext, so custom code calling affected baseline methods will not need modifying, but the custom assemblies will need to add a reference to CommunityBrands.netForum.NfeHttpClasses.
- Bundling and Minification of all the NetForum static resources (JavaScript and CSS files) for iWeb and eWeb has been completed as a part of this release. This enhancement improves the page load performance of the application and reduces the potential vulnerability to the security posture of the application.
-
jQuery Upgrade: NetForum has upgraded the jQuery library for its iWeb and eWeb applications to the latest version, 3.6.0, along with the related files (other dependent libraries). Refer to the jQuery Upgrade Details page for a complete list of jQuery library upgrades.
Important: All previous version files of the jQuery library in the bin directory must be deleted based on the jQuery Upgrade Details list. Only the latest version files in the Release 28 package must be available in the bin directory.
- jQuery deprecated functions have been removed from the NetForum project.
UI Conversions
Below is the list of pages converted to the Current UI:
Module | Description |
---|---|
Events | Events > Event Profile > Tracks/ Sessions > Sessions: Edit Events Session |
Inventory |
COE: Add Discount
|
Resolved Issues
The following list contains Classic UI issues that were fixed in NetForum Spring Release (28). The TFS/Azure issue number is included for your reference.
TFS/Azure ID | Product Area | Description |
---|---|---|
135042 | Accounting | When an invoice including a taxable product is paid using both cash and credit as payment options (applied simultaneously), the system no longer displays the tax amount as an open balance amount in the Invoice Balance field on the Invoice profile post payment. Additionally, the Payments child form now includes the Tax payment record. |
139556 | Accounting |
For an invoice set up with an Installment Payment Order, if you void a part of the installment schedule and later attempt to write off the remaining balance on the invoice, the system now allows the write-off. |
134052 | Accounting | When Multicurrency is enabled and there is an Exchange Rate increase/decrease between creation of a credit and application of that credit to partially pay an invoice (realized gain/loss), the system no longer generates an error while pre-processing the batch containing the credit application payment. |
137660 | Accounting | If a customer purchases a National and a Chapter membership with installments as payment type, upon generating all the installments for the order, the system now correctly populates amounts for the final installment on the Order->product grandchild form on the Invoice profile. |
137652 | Accounting | When a partially paid invoice containing multiple deferred and discounted products is returned or cancelled, the system now correctly updates the credit amount on the Return form (Invoice Profile > Add profile menu > Return/ Cancel link). This fix applies to both Optimized Deferrals as well as Regular Deferrals. |
138253 | Accounting | When Multicurrency is enabled, the system no longer generates an exception error while pre-processing a batch containing a deferred membership that has been partially recognized and then returned or cancelled. |
139581
|
Accounting | For installment purchases (both installment billing and installment payments), if you void a payment made to an installment (Invoice Profile > Add profile menu > Void link), the Adjust Installments form (Order Profile > Edit profile menu > Adjust Installment link) will now correctly allow the user to edit the schedule date and amount for that installment. |
138255
|
Accounting | When Multicurrency is enabled and there is an Exchange Rate increase/decrease between creation of a credit and application of that credit to fully pay an invoice (realized gain/loss), the system no longer generates an error while pre-processing the batch containing the credit application payment. |
140223
|
Admin | Any email sent through the NetForum SMTP server now contains a Message-Id field with an unique value. The format of the Message-ID is YYYY-MM-DD-HH-MM-SS. {8 character alphanumeric String}@domainname.com. |
139660 | Baseline Reports/Queries | The Organization Profile Report no longer generates a report processing error if the report contains an event title greater than 150 characters (including special characters). The Event Title ("evt_title") field on the Organization Profile Report can now accommodate up to 200 characters. |
137812 | Centralized Order Entry | The system once again correctly applies taxes to the Sponsor Fee product type when the product is flagged as taxable. |
138237 | CRM | When an address marked as on Hold (Hold status flag is checked) is updated/validated, the system no longer removes the Hold status from the Address. This change applies to both iweb and eweb, and to all addresses (Individual/Organization/Chapter). |
133934 | E-Marketing | The system now sends a Confirmation Email only when the payment information successfully gets captured in the database. Previously, there were some instances where the confirmation would still be sent even if there was an exception during payment processing and the payment was rolled back by the system. |
138836 | eWeb | When Multicurrency is enabled and an individual has a preferred currency defined, the Shopping Cart will be preset to the preferred currency and the Online Store will be filtered to display only the prices matching the user’s preferred currency. |
131262 | eWeb | When the system option EnableEwebSavedShoppingCart is set to true, the system will now allow a proforma Event Registration invoice created in iWeb to be subsequently added to the Shopping Cart on eWeb for payment by the Customer. Previously, this generated an error and the Shopping Cart was not correctly updated. |
140166 | eWeb |
When the system option EnableEwebSavedShoppingCart is set to true, and a customer has an Individual Event Registration in their abandoned shopping cart, the customer will not be able to complete the Event Registration if the event has:
The system now removes the event registration line item from the shopping cart and displays the following message above the Line Items section: "Your shopping cart has been updated; registration for an event you had in your cart is no longer available online." |
140241 | Membership | If you apply a deferred discount to a deferred, anniversary-based membership while renewing the membership to installment payments, the system now correctly populates the Effective Date and Expire Date on the Membership profile. |
136369 | Outlook Integration | Outlook Integration: The Add Recipients function in the Outlook Add-In pulls all records specific to the search criteria. After selecting a desired Committee and clicking the Select All button, it adds all members to the list of recipients (previously, the system pulled a limited number of recipients). |
140014 | Payment Processing | BluePay Portal now displays the invoice number of purchases made using the Discover and Diners Club credit cards. |
140199 | xWeb |
xWeb Security Update: The xWeb ExecuteMethod parameter protection no longer allow commands to run on the Master Database when the commands contain any of the following prohibited words:
The system will validate SQL parameters for these prohibited words while executing the xWeb ExecuteMethod web service and generates an error message stating, 'The parameter statement or SQL expression contains prohibited content.' |
The following list contains Current UI issue that was fixed in NetForum Spring Release (28). The TFS/Azure issue number is included for your reference.
TFS/Azure ID | Product Area | Description |
---|---|---|
138952 | CRM | When you uncheck the Address On Hold flag on the Edit Name & Address form and save the record, the system clears all the Address On Hold associated fields (On Hold Type/ On Hold From/ On Hold Until) from the record. |
Patch Release (28.1)
TFS/Azure ID | Product Area | Description |
---|---|---|
140719 | Framework | With the WorkFlowEnabled system option set to true, active Workflow Rules triggered by a Scheduled Task processing no longer log the "Object reference not set to an instance of an object." error in the database. Please note this bug was introduced in Release 28 and is resolved with Release 28.1; previous releases do not have this issue. |
Patch Release (28.2)
TFS/Azure ID | Product Area | Description |
---|---|---|
140758 | Framework | The DateTimePicker functionality on Classic UI forms was impacted by the jQuery upgrades in SP 28. The issue has been fixed in this Patch release. |
Patch Release (28.3)
TFS/Azure ID | Product Area | Description |
---|---|---|
139902 | Framework |
While upgrading the jQuery version, the Newtonsoft.Json package degraded to version 5.0.4. The Newtonsoft.Json package has been upgraded to version 11.0.2 as a part of this Patch release. |
Patch Release (28.4)
TFS/Azure ID | Product Area | Description |
---|---|---|
141016 | Framework | Form Designer: Some controls on the Properties window (Toolkit > Forms > Find Forms > New Individual Eweb (TL) form > Classic UI > ClassicUI Designer > Form Designer) were impacted by the latest jQuery upgrades. This issue has been fixed in this Patch release. |
141265 | eWeb |
Release 28 added the RedirectWhitelist system option to control what domain(s) a user can be redirected to from NetForum (eWeb). This Patch release extends the functionality to redirect to subdomains when supplying only the master domain in the system option. For example, subdomain.domain.com will be allowed if the domain.com is listed in the RedirectWhitelist system option. |
Patch Release (28.5)
TFS/Azure ID | Product Area | Description |
---|---|---|
142059 | xWeb |
The xWeb security update implemented in Release 28 will now include a search for potential signatures of prohibited content within the parameters during the execution of the xWeb's ExecuteMethod web service. Previously, the system's scanning process was limited to identifying specific prohibited keywords such as "GRANT, DENY, etc." resulting in the unintentional blocking of safe content such as emails containing "GRANT" as part of a name (for example, grant.test@test.com). |