This article describes the changes and resolved issues for this version of the product. This release incorporates essential modifications to the NetForum application to meet the requirements of PCI 4.0 Security Standards.
What's New Overview
Enhancements & Updates
-
Ideas Portal Feature
eWeb Payment Failure Lockout Functionality: In this release, a new feature has been included in eWeb that allows for the automatic logout and locking of an eWeb user's account after a certain number of payment failures or payment declines occurred within a set time frame. Refer to the eWeb Payment Failure Lockout Functionality Overview article for more details on setting up and managing the feature.
-
iWeb Login Page Update
NetForum has a new login page! Take advantage of these resources right when you log in. Contact the Help Desk, learn what was recently released in NetForum, or visit the Marketplace with one click.
-
eWeb Real-Time Display of Shopping Cart Item Count
The eWeb Shopping Cart icon (displayed in the top right corner of the eWeb site) has been updated to dynamically display the number of items currently contained in the eWeb Shopping Cart. As items are added to or removed from the eWeb Shopping Cart, the Cart icon updates, displaying the count in brackets next to the Cart icon. The count in the cart will always be visible, regardless of the page the eWeb user is on within the eWeb site.
Note: The count reflects the total number of unique items in the Cart, even if multiple quantities of the same item are added.
On clicking the Cart icon, a pop-up will display a list of items added to the Cart with following information:
- Thumbnail image (if available)
- Item: Product name
- Qty: Quantity of this product in the cart
- Price: Price of product
Note: If the product does not have an image, then the system will show a default image for the product listed in the Shopping Cart pop-up.
The Shopping Cart pop-up allows you to perform following actions:- On clicking the item link, you will be redirected to the product profile.
- On clicking the Continue Shopping button, you will be redirected to the Online Store page.
- On clicking the View Cart button, you will be redirected to the Shopping Cart | View page.
-
iWeb About netFORUM Form Enhancement
The About netFORUM form (Help icon > About netFORUM link) has been updated in this release to include a new section named 'Features Present'. When expanded, the Features Present section displays the following listed features along with their status in iWeb. This enhancement will allow an admin user to easily see if the following listed features are enabled in the database and active in the application, without the need to check the fw_feature_flag table in the database.
The Features Present section currently displays feature’s status information for following features: OptimizedDeferrals, EWebSavedCreditCards, EventRegistration Logging, DelegateTaskHandling, and SMSMessaging.
Note: The display of feature status information is limited to users who have access to the Admin module or who have the superuser flag checked.
This section contains the following three fields:
- Name: Displays the name of feature.
- Enabled: Displays whether the feature is enabled in the database.
- Active: Displays whether the feature is active in the application.
-
xWeb Updates
- xWeb Activity Logging Update: A new System Option "LogxWebActivityDestination" is available to direct xWeb logging to either the SQL Server ws_activity_log table and/or Log4net output. This update will provide an alternative option for logging the xWeb activity. If Log4net output is selected, additional setup is required in the <log4net> section of the xWeb web.config file. For more information, refer to the LogxWebActivityDestination system option article.
- xWeb Payment Processing Update: NetForum has been updated to allow the use of a Credit Card or ACH token for making xWeb purchases. This will allow customers to build custom websites for their members to make purchases using, for example, the CardPointe Hosted Tokenizer Form to obtain a token, and then xWeb calls to process the purchase. This will allow a payment to be processed with a vault token instead of either cpi_key or raw account number information. Previously, xWeb purchases would only work by specifying either the actual payment info (credit card number, expiry, CVV, ACH routing and account number), or specifying the cpi_key of an existing stored payment.
-
Security Updates
-
Deprecated functionality: Fundraising > Gift > Add Batch Gift import
The following group item links have been eliminated from the Gifts group item within the Fundraising module to align with PCI 4.0 security requirements.- Add Batch Gift Import
- List My Batch Gift Imports
- List All Batch Gift Imports
- List Batch Gift Import Tasks
-
Deprecated ability to configure payment processor settings in ECommerce section of web.config/app.config
Support for configuring a payment gateway in web.config files with System Option "PaymentProcessingModel" = "Single Provider (Legacy)" has been discontinued. Before updating to this release, any sites currently using System Option "PaymentProcessingModel" = "Single Provider (Legacy)", must work with NetForum Support to convert their legacy gateway configuration to the standard multiple provider Gateway/Merchant Account configuration. This must be done before the updating to NetForum Fall (34). After the update payments will no longer work with the old setup approach.
The following system options have been deprecated as a part of this update:
- PaymentProcessingModel
- PaymentAPI_iWeb
- PaymentAPI_eWeb
- PaymentAPI_PayPalExpressCheckout_eWeb
-
Deprecated Non-Vaulted PayFlowProProcessor Payment Gateway
The Non-vaulted PayFlowProProcessor payment gateway with associated references in the web.config file has been removed from the NetForum solution to comply with the latest PCI security requirements. Note that this gateway will be available for existing customers who are currently using it.
-
Third-Party Software Components Updates (NetForum Hosted Solution)
The following third-party software components have been updated to the latest version in the NetForum Hosted solution:
Software Components Previous Version Updated Version Microsoft.ApplicationInsights 2.20.0 2.22.0 Microsoft.ApplicationInsights.DependencyCollector 2.20.0 2.22.0 Microsoft.ApplicationInsights.Log4NetAppender 2.20.0 2.22.0 Microsoft.ApplicationInsights.PerfCounterCollector 2.20.0 2.22.0 Microsoft.ApplicationInsights.Web 2.20.0 2.22.0 Microsoft.ApplicationInsights.WindowsServer 2.20.0 2.22.0 Microsoft.ApplicationInsights.WindowsServer.TelemetryChannel 2.20.0 2.22.0 Microsoft.Data.SqlClient 5.0.1 5.0.2 System.Text.RegularExpressions 4.3.0 4.3.1 Microsoft.IdentityModel.JsonWebTokens 6.31.0 6.35.0 System.IdentityModel.Tokens.Jwt 6.31.0 6.35.0 Azure.Identity 1.10.4 1.11.1 SSH.NET 2016.1.0.0 2024.0.0.0
The following software components have been removed from the NetForum Hosted solution as part of this release:- System.Web.Providers
- Microsoft.CodeAnalysis.FxCopAnalyzers
-
Third-Party Software Components Updates (NetForum Cloud Solution)
The following third-party software components have been updated to the latest version in the NetForum Cloud solution:
Software Components Previous Version Updated Version Microsoft.ApplicationInsights 2.20.0 2.22.0 Microsoft.ApplicationInsights.DependencyCollector 2.20.0 2.22.0 Microsoft.ApplicationInsights.Log4NetAppender 2.20.0 2.22.0 Microsoft.ApplicationInsights.PerfCounterCollector 2.20.0 2.22.0 Microsoft.ApplicationInsights.Web 2.20.0 2.22.0 Microsoft.ApplicationInsights.WindowsServer 2.20.0 2.22.0 Microsoft.ApplicationInsights.WindowsServer.TelemetryChannel 2.20.0 2.22.0 Microsoft.jQuery.Unobtrusive.Validation 3.2.3 4.0.0
The following software component has been removed from the NetForum Cloud solution as part of this release:-
Microsoft.WindowsAzure.ConfigurationManager
-
-
Cryptographic Ciphers and Protocols Update
To update your NetForum application as per PCI security requirements for Cryptographic Ciphers and Protocols, the NF.exe Utility must be run for your NetForum application. This will be done by the NetForum Upgrades Team when your site is updated. If you are premise based, please contact the NetForum Upgrades Team for assistance.
-
-
Performance Updates
- The iWeb code has been optimized; it now calls the "vw_co_customer_credit_balance" view only once to fetch the credits value (cst_credit_available) for an individual when loading an individual profile.
- A new stored procedure 'mb_membership_load_all_invoices.sql' has been added to the NetForum solution to improve the invoices data load performance on the Invoices child form when accessing the Membership profile. This update is especially useful for sites with a substantial dataset.
-
Pricing Control Optimization: As a part of this release, necessary modifications have been made to the following stored procedures in the NetForum baseline application to better manage pricing attributes.
- ev_registrant_select_event_fees_with_packages
- ev_registrant_select_session_fees
- ev_registrant_select_substitution_fees
- ev_registrant_select_track_fees
- oe_discount_auto_apply
- oe_discount_list
- oe_group_discount_list
- pc_am_accreditation_appl_fees
- pc_am_accreditation_area_survey_fees
- pc_aw_award_entry_fees
- pc_aw_award_sponsor_fees
- pc_ce_cert_fees
- pc_ce_cert_fee_by_customer
- pc_ce_course_exam_fees
- pc_ce_course_exam_list
- pc_ev_event_sponsor_fees
- pc_ex_exhibit_booth_complements_fee
- pc_ex_exhibit_booth_personnel_fee
- pc_ex_exhibit_cancellation_fees
- pc_mb_membership_dues
- pc_oe_publication_list
- pc_su_subscription_list
- sc_merchandise_list
- sc_shipping_list
-
Azure App Service Update
For clients hosted on Azure Environment, a new system option 'AzureTimeoutCounter' has been added in this release to mitigate the timeout issue that occurs when a report takes more than 4 minutes to complete (Azure App Services enforces a timeout for all calls that run for more than 4 minutes). With the help of this system option, you can extend the timeout duration up to a total of 15 minutes. The value entered in this system option is added to the default value of 4 minutes. Note that the reports run duration cannot be more than 15 minutes (total). Even if you put a value higher than 11 in the Current Setting field of the AzureTimeoutCounter system option, the system will allow reports to run for 15 minutes only before enforcing a timeout. For more information, refer to the AzureTimeoutCounter system option article.
-
Framework Updates
- User IP address logging for sites using LoadBalancers: NetForum has been updated to store the relevant user IP address in the md_page_access database table regardless of whether or not a Load Balancer in being used. Previously, for sites using a Load Balancer, the Load Balancer's IP address was being recorded instead of the user's IP address.
- The FlexSlider .js and .css files have been removed from the NetForum solution in this release.
- As part of this release, obsolete "systemOverrideConfig" baseline logic and associated web.config <appSettings> values have been removed. These relate to configuration options that were long ago moved to System Options.
Resolved Issues
The following list contains issues that were fixed in NetForum Fall Release (34). The TFS/Azure issue number is included for your reference.
TFS/Azure ID | Product Area | Description |
---|---|---|
143286 | Accounting |
Current Deferrals: With the GenerateInterCompanyTransfers system option set to true, if a deferred product is set in one business unit and it is purchased using a batch in another business unit (where both the business units are set to support Multi-Company Account transactions). the system now reflects this deferral transaction under the business unit tied to the deferred product. The revenue recognition is now displayed under the business unit to which the product is associated. In the Revenue Available for Recognition report, the transaction will now be shown in the product business unit i.e., entries will be under the product Business Unit even if the invoice is created in a batch from different Business Unit. |
143894 | Accounting |
When a partially recognized deferred subscription (with a deferred discount and tax applied to it) is returned or cancelled, the system now accurately calculates the amount of tax that needs to be refunded for the discounted partially unrecognized deferred subscription. Note: This fix applies to both legacy and current deferrals. |
143891 | Accounting |
In databases with a large amount of data and numerous extender columns, the system will no longer generate an error message stating "Error occurred in CreateOrUpdateDeferralsOnBatchSaving. Unable to find batch invoices. Cannot create a row of size 8161 which is greater than the allowable maximum row size of 8060." when updating a batch to a future period from the batch profile. |
143895 | Accounting |
When a Recognize Revenue Task finishes with "COMPWITHERROR" or “FAILED” status, you can now see the specific details of the failure in the Details grandchild form below the completed task record on the History child form (located under Admin > Task Scheduler > Recognize Revenue Task Scheduler Profile). Previously, the failure error for a Recognize Revenue Task was only logged in Log4Net. Note: This change applies to both Current (Optimized) Deferrals and Legacy Deferrals. |
143878 | Accounting |
All basic stored procedures and reports that utilize the gla_code column, previously limited to 50 characters, have been revised to accommodate a column length of up to 250 characters. This update has addressed the issue of an error that occurs when closing a batch containing adjustments and when the GL account code and/or name exceed 50 characters. |
143893 | Accounting |
Legacy Deferrals: When performing a one-time revenue deferral transaction, such as event registration, using the proforma or terms type, and then converting the proforma or terms invoice to Installment Payments, and fully paying it, the system will no longer display an error message stating 'The following error occured in WriteEventFeeDeferralRows: Cannot insert duplicate key row in object 'dbo.ac_deferral' with unique index 'UIX_ac_deferral_def_ivd_key_def_prg_key'. The duplicate key value is (11101111-fe11-1x11-11cd-111a083dac05, ). The statement has been terminated.' when closing the associated batch. This applies only to systems with the following system option configuration:
|
133483 | Accounting |
If an error occurs while processing a Return/Cancel with Auto Refund for a paid invoice, the system will roll back the refund and send the void transaction request to the Payment Processor. The void transaction entry is properly logged in the Payment Processor site. |
144012 | Centralized Order Entry |
When the Select a default batch field is left empty on the User Preferences form in iWeb, and a discount program is applied during event registration for a deferred event, the system will no longer show an error message stating "Invalid attempt to read when no data is present." Similarly, on eWeb, while registering for a deferred event, if the eWeb user attempts to apply a discount program during the registration process, the system will no longer generate an error message "Invalid attempt to read when no data is present." This applies only to systems with the following system option configuration:
|
143418 | CRM |
Current UI Fix: When you add or update the On Hold From date field on the Edit Name & Address form (Individual or Organization profile > Edit menu > Name & Address link) for an individual or organization record, the system will once again allow you to save the On Hold From date for the record without first clicking outside of the On Hold From field. |
116945 | CRM |
When adding an individual through iWeb, if you select the Force User To Change Password checkbox under the Access Information section on the Add Individual form, the system will properly update the co_customer.cst_web_force_password_change flag in the database to '1'. When the newly added user logs into eWeb for the first time, they will be prompted to change their password (via a redirect to the Change Password form). The user must update their password to continue. |
143216 | eWeb |
Digital Wallet: When a customer chooses the PayPal Express payment processing option while making a purchase on eWeb, if they cancel the transaction on the PayPal payment processing form and then try to complete the transaction again using the same option, the system will no longer show an error message saying "Declined: 10410 invalid token." |
140502 | eWeb |
The performance issue with the view vw_pricing_control_pcc that causes timeout while applying discount on eWeb and xWeb has been addressed in this release. This fix also addressed the performance issue pertaining to the discount application via running the xWeb method WEBCentralizedShoppingCartApplyDiscountCode. |
143780 | eWeb |
When a customer registers for a free event ("Free Event" = true) via eWeb, and the event has a confirmation template defined, the system will now send a confirmation email for the event registration. Previously, customers only received confirmation emails for free events when registered through iWeb. |
137025 | eWeb |
If a package or bundle product contains optional and non-optional components, when purchasing the package or bundle product via eWeb or iWeb, and attempting to remove a non-optional component from the cart, the system will now remove the whole package or bundle from the cart. When you remove optional components from the cart, it will only remove those optional parts and not the entire package or bundle. This applies only to systems with the following system option configuration:
|
143806 | eWeb |
When purchasing a product on eWeb, if the eWeb user applies a source code in the Source Code field under the Discounts section on the Shopping Cart | View page, and that Source Code is associated with an auto apply discount, the system now properly applies the discount and updates the Line Item's price. This applies only to the following configuration:
Note: This fix applies to eWeb only; the iWeb functionality was already working correctly. |
143231 | Events |
The Event Waiver text displayed in the Event Waiver section on the Event Registration | Register for Event form when registering for a Waiver Required event through eWeb is now shown correctly if an event includes a lengthy waiver agreement text (words are no longer split across lines). |
143970 | General |
The xWeb security update implemented in Release 31 to mask all sensitive payment-related data in the WS_Activity_log table, aligning with PCI Compliance standards, has been updated to address the following issues:
Note that the WS_Activity_log table is populated with records only when the LogAllxWebActivity and LogxWebActivityXML system options are enabled. Also, make sure to adjust the LogxWebActivityUserList and LogxWebActivityMethodList system options accordingly if the logs are not populated or if some logs are missing (based on the system option configuration) in the WS_Activity_log table. |
143440 | General |
Performance Update: As part of this release, the cm_group_item_link_getNavByUser stored procedure has been refactored to optimize its execution time. |
142168 | General |
The iWeb issue related to the Web.Config systemOverrideConfig setting and the debugMode setting has been addressed through the Framework updates made as part of this release. Refer to the Framework Updates section of the Release Notes for more details. |
143975 | Marketing |
Current UI Fix: The Email fields in Marketing templates (Marketing > Templates > Add and Edit Template form) have been updated to restore support for the From name and Email address format (From Name <from@name.com>) in the Email fields. For example: John Smith <John.smith@sample.com> ABC Company <support@abccompany.com> |
141749 & 125913 | Payment Processing |
The gateway transaction log entries for BluePay and CardPointe transactions were not being logged in the ac_gateway_transaction_log certain scenarios. This issue has been addressed. |
143439 | Toolkit |
Form Designer: When adjusting the position of a control on the Form Designer Control (Toolkit > Forms > Find, List, or Query Forms > Dynamic Form profile > UI Tab > Form Designer link) by changing the values of the Left and Top fields on the Properties form and then reverting them back to their original values, the system now repositions the control to its initial location. |
143162 | Toolkit |
Current UI Fix: The Form Designer will no longer trigger the message "Browser zoom level must be set to 100% before save! Use CTRL + 0 to set your browser to 100%" when editing and saving form controls while:
|
Patch Release (34.1)
TFS/Azure ID | Product Area | Description |
---|---|---|
145046 | Accounting |
On a Credit Profile, when trying to process a refund of a credit (Credit Profile > Add profile menu > Refund/writeoff credit link > Refund Credit form), the system once again allows the refund process to complete without error. |
144626 | Accounting |
When an invoice for an installment payments order containing a membership package that includes both a deferred membership and a $0.00 subscription as package components is returned/canceled, the system once again correctly updates the Order Closed status to 'Yes' on the Order profile. |
144625 | Accounting |
Performance Update: A performance issue with the view vw_ac_deferral_summary_info has been addressed in this patch release. The view vw_ac_deferral_summary_info now returns data promptly for systems with large dataset of deferral records. This update is applicable to both legacy and current deferrals. |
143805 | Accounting |
If the Recognize Revenue task for a given period is already scheduled or currently running, then the recognize revenue icon on the Accounting Period profile will be disabled. Note: This fix applies to both Current (Optimized) Deferrals and Legacy Deferrals and for both the Classic and Current UI. |
129093 | Accounting |
When adding an installment payment order and personalizing the payment schedule of the order using COE, the system now correctly reflects the changes on the Net Balance and Net Payment fields on the Confirmation section and the Line Items section of the Centralized Order Entry | Order form. This allows for successful completion of the transaction. This applies only to systems with the following system option configuration:
|
143368 | CMS |
When the HTML editor field on the User Preferences form is set with the CKEditor option, updating and re-saving the eWeb's Website Page Details form using the CKEditor (iWeb > CMS > Website Pages > Find, List, or Query Web Page > Edit Website Page profile > Page Details child form > Edit Website Page Detail form) no longer removes any JavaScript code, style, or tags of the existing website page detail. |
145048 | CRM |
When the Credit Balance (cst_credit_available) virtual field is added to the Customer profile page using the Form Designer, the system will once again properly display the total available credits for the Customer. Note: This fix applies to both the Classic and Current UI. |
145122 | Events |
The Add to Outlook Calendar ICS file (Outlook Invite file) now includes the Event Description value in the invite. When an event registrant adds an event invite to their Outlook calendar, the Outlook calendar invite now displays the short description of the event (if the event record contains a description in iWeb). |
133003 | eWeb |
When an installment order or installment payments order is processed through iWeb and viewed in eWeb, the system now accurately shows the Next Payment Date on the following pages in eWeb (aligning with the next scheduled date in iWeb):
|
142028 | Fundraising |
In prior versions of NetForum, the system was creating incorrect payment schedules if a user applying a payment for a recurring pledge from the Pledge profile chose to pay a different amount using the Pay A Different Amount option on the Order Installment Generation and Scheduling form. This issue has been addressed by eliminating the Payment Choice radio buttons (Pay Next Installment in Full / Pay a Different Amount) on the Order Installment Generation and Scheduling form. You can change the payment amount as needed in the Add Payment wizard, which appears after clicking the Next button on the Order Installment Generation and Scheduling form. As a part of this update, the form heading has been changed from ‘Order Installment Generation and Scheduling | Choose Payment’ to ‘Order Installment Generation and Scheduling’. Earlier: Fundraising / Pledges / Edit Choose Payment Amount Now: Fundraising / Pledges / Edit Order Installment Generation & Scheduling If you wish to pay a different amount for a pledge, complete the following steps after clicking Next:
Note: This fix applies to both the Classic and Current UI. |
144802 | iWeb / eWeb / xWeb |
As a part of this patch release, the debugMode system option has been updated to be applicable only for iWeb. It is still overridable at the user level by the option set in the Display debug messages field (iWeb menu bar > My Profile icon > My Preferences form > System section)). Additionally, two new System Options debugMode_eWeb and debugMode_xWeb are now available to turn on/off debugMode separately for eWeb and xWeb. The implications of having "debug Mode" on/off in each of the sites remain unchanged. Note: If your eWeb and/or xWeb sites have customization dependent on the debugMode system option, you will be required to change that to the debugMode_eWeb and/or debugMode_xWeb system option. |
145006 | xWeb |
Existing xWeb Users were unable to log in using their existing xWeb credentials after their xWeb site was updated to release 34. This issue has been resolved. |