tradeit ecommerce platform update 8.0.0
We are delighted to announce tradeit version 8.0.0 along with accompanying Accelerator websites 8.0.0a which support Windows and SQL Server 2022. A summary of some of the latest platform and Accelerator functionality is listed below.
Product Segments NEW
Much like the existing concept of User Segments, Product Segments are a great way of automatically defining groups of products through their attributes.
This is an easy way of segmenting products for use with many of the tools in tradeit, such as conditional components, offers, emails, product categories and discounts. As a basic example, and a great way to save time, you could automatically define products as new and assign them to a 'NEW' category in the navigation, and ensure they appear as new in any product filtering, sort options, or merchandising based on the date they are added to your site.
Top X In Metric Rule NEW
Product segments can also be populated using the top N products in a metric.
User Segments NEW
A triggered email can now be automatically fired when a user is added to a segment.
Generated Redirects NEW
Redirects will be automatically generated when the following changes occur:
- A product is made not live - A temporary redirect will be created from the old path to the parent category.
- A product is deleted - A permanent redirect will be created from the old path to the parent category.
- A product navigation name is changed - A temporary redirect will be created from the old path to the new path.
- Verification Code Characters - A list of characters that can be used to generate the verification code. Defaults to 0123456789.
- A child category is made not live - A temporary redirect will be created from the old path to the parent category.
- A child category is deleted - A permanent redirect will be created from the old path to the parent category.
- A child category navigation name is changed - A temporary wild-card redirect will be created from the old path to the new path, all assigned products, categories and pages are covered by the wild-card.
- A top level category is made not live - A temporary redirect will be created from the old path to the homepage.
- A top level category is deleted - A permanent redirect will be created from the old path to the homepage.
- A top level category navigation name is changed - A temporary wild-card redirect will be created from the old path to the new path, all assigned products, categories and pages are covered by the wild-card.
Clone Components NEW
The ability to now clone an existing component has now been added to in-site editing. This enables users to copy a completely populated component including all content, rules and configuration within the zone, at the touch of a button. Once copied, the duplicate component can be edited and moved to another zone or component as normal.
Hide/Show Components NEW
We've introduced the ability to now hide or show any component from public view on a published page. This can be controlled from the component toolbar or on the Edit Zone page and enables Merchants to display something, turn it off without having to delete it, and then be able to turn it on again. Perfect for quick changes without having to configure conditions, or to test out different styles or designs of the same piece of content to see which looks best.
Eye icon within the toolbar enables Merchants to hide or show components on published pages.
Content Editing NEW
When logged in as an administrator the component toolbar interface is now displayed even if the rules on that component are not valid, although the content of the component is still hidden. This helps Merchants manage any conditional content more easily.
Publish Content UPDATED
We've made a small tweak to the publish content dialog, which has been redesigned so that all content can be published or discarded simultaneously. However, the existing functionality to publish scope individually has been maintained, and can still be accessed by expanding the scope to publish or discard.
Conditional Components UPDATED
Conditional component rules that reference users now work when a user is logged in. The following rules have been updated with a flag that indicates if persistent users should be included in the rule.
- When the logged in user belongs to the company...
- When the logged in user is...
- When the logged in user is in the group...
- When there is no user logged in
- When any user is logged in
The "Include Persistent User" flag on these rules should only be visible if Persistent Users are enabled in the application settings.
Localised Currency Formatting UPDATED
We've introduced a simple new method of supporting multiple currencies on a single set of templates and components. Previously this was hard-coded but is now automatically driven based on the language of the current session.
Category Suggestions by Rank UPDATED
Traditionally category suggestions are sorted alphabetically, however they can now be configured to sort by rank. If a category matches exactly then it will redirect straight to that category which can be enabled via an application setting.
When using attributes as your primary sort field for a sort option, you can now select a second sort field alongside it.
Order Rules UPDATED
We made some further updates to order rules including a number of velocity checks.
Rules can be specified against delivery address fields, so orders where the delivery address matches the conditions will be flagged for review.
The number of recent payment attempts from an IP Address
Calculates the number of orders placed in a time frame by the current IP address and flags the order if the number exceeds the value entered on the order rule. An application setting allows us to whitelist IP addresses so that ones that you don't want to flag, aren't flagged.*
The number of recent payment attempts from an email address
Calculates the number of orders placed in a time frame by the current email address and flags the order if the number exceeds the value entered on the order rule. An application setting allows us to whitelist any email addresses you want so that nothing is flagged incorrectly or unnecessarily. For example, @redtechnology.com which might be used for testing or development is whitelisted by default.
The number of recent payment attempts from payment name
Calculates the number of orders placed in a time frame by the payment address first and last name and flags the order if the number exceeds the value entered on the order rule.
The number of recent payment attempts from payment postcode
Calculates the number of orders placed in a time frame by the payment address postcode and flags the order if the number exceeds the value entered on the order rule.
The number of recent payment attempts from a session
Calculates the number of orders placed in a time frame by the session id and flags the order if the number exceeds the value entered on the order rule.
Security & Encryption
The tradeit platform now uses the PBKDF2 hashing algorithm for storing passwords even more securely. There are 3 configuration options available for the PBKDF2 hash algorithm, the default configuration matches the OWASP recommendation at the time of release. Changing the configuration will only apply to new passwords. Existing password hashes will not be changed until the user changes their password. Existing hashed passwords will still be authenticated correctly.
Hash Length - The length of the password hash (in bytes) that will be generated. The default value is 32.
Salt Length - The length of the password salt (in bytes) that will be produced. The default value is 8.
PBKDF2 Iteration Count - The iterations performed by the PBKDF2 algorithm when hashing passwords. The default value is 310,000.
Migration of Existing Users
Existing user passwords are hashed using the new algorithm, when a user’s password validates correctly the stored hash will be updated to a pure hash of the original password resulting in a seamless migration between the algorithms.
Two Factor Authentication (2FA) NEW
tradeit now supports Two Factor Authentication (2FA) for admin users when logging into either the storefront or administration systems. 2FA is a process whereby a user authenticates with their username and password, and is then asked to authenticate again using a verification code that is sent to the user by either SMS or Email. When 2FA is enabled Merchants will be asked to setup Two Factor Authentication the first time they log in. If there are multiple 2FA services (SMS, Email) available the administrator will be asked to setup and verify each of the services.
We currently provide support for 2 SMS API's.
- The SMS Works - 2.9p per credit
- Firetext - 4.0p per credit
*We don't currently support Google Authenticator as a provider for verification codes. SMS and Email are more streamlined for the user's experience. We may add Google Authenticator in future but in this initial release only SMS and Email are supported.
- Enable 2FA - An overall flag that indicates whether two factor authentication is enabled or not. Defaults to false.
- Length of Verification Code - The length of the verification code to be generated. Defaults to 6.
- Expiry Period of Verification Code - The period of time before a verification code expires and the user must re-authenticate. Defaults to 1 hour.
- Verification Code Characters - A list of characters that can be used to generate the verification code. Defaults to 0123456789.
- Enable 2FA via Email - Enables email as a method of receiving verification codes.
- Enable 2FA via SMS - Enables SMS as a method of receiving verification codes.
- SMS Verification Content - A text message no longer than 160 characters. Example: "Your verification code is . This code will expire at ."
- Email Verification Content - Example: "Your verification code is . This code will expire at ."
- SMS Service - Drop down of available services.
- Default Method of Receiving Verification Code - Drop list with option SMS and Email. Defaults to SMS.
Environment Indicator NEW
An 'environment indicator' has been added to the top of all screens in the admin system and will display when the environment is not LIVE, i.e. Development, UAT, or Staging. This will help to remind Merchants which environment they are working in and get them accustomed to seeing an environment indicator when they are on a non-live environment. Live environments won't display any type of environment indicator.
Image of DEV environment indicator in tradeit administration system.
Product Surcharges NEW
It's been possible to apply product surcharges to individual products items, but this has now been extended so that surcharges can be applied to groups of products at the same time. Product surcharges can now also be refunded by call centre users when items that included a surcharge are returned.
Alongside the platform updates, we have also released new versions of the Accelerator (8.0.0a) which have been updated with even more standard functionality.
Image Zoom NEW
We’ve built our own in-house image zoom tool, rather than rely on a third party like Magic Zoom. This means Web Vitals performance is better as it's more lightweight, plus it's also now configurable within the admin system.
Multi-format image support NEW
All Accelerator components have been updated to included support for the picture tag HTML element meaning next generation image formats such as WEBP, AVIF and JPEG XL can be used*.
*At the time of writing this is not enabled by default. Speak to your account manager about implementing next generation images on your 800a Accelerator install.
Brand details NEW
The concept of content editions and the ability to be able to duplicate content was introduced in the previous version of tradeit. This means delivering additional sites for new brands or channels (based on any existing site) is much simpler and quicker to deliver for Merchants. This functionality has been rolled out to the Accelerators, meaning it is now standard to any sites built on the 8.0.0a Accelerators. As part of that, a component has been introduced which enables Merchants to manage each brand they deliver in a channel scoped zone. The detail available to manage include:
- Band Name
- Formatted Telephone
- Logo (new image type)
- Mail Logo (use existing image type)
These details are then used in the following places:
- Checkout Footer (brand name used by default in copyright text WYSIWYG
- Checkout Header (logo & phone)
- General Footer (brand name used by default in copyright text WYSIWYG)
- General Header (logo & phone)
- Header With Navigation (logo & phone)
- Mail Footer (brand name used by default in copyright text WYSIWYG)
- Mail Header (logo & phone)
Manageable Content NEW
Previously, some of the content within the headers and footers was hard-coded meaning a developer was required to make changes. This content is now all manageable within in-site editing enabling Merchants to update, add or delete it as they wish. That manageable content includes:
- The logo in the header and footer
- The copyright notice
- The brand name
- The Merchant's address
- The Merchant's VAT number
- The sign-up to newsletter text and link
- The Follow Us text and links
The Google shop feed is now configured when installing the Accelerator.
Localised Currency Formatting NEW
All price output in the Accelerator has been updated to use the new platform functionality for displaying prices based on the currency and language of the current session.
Web Application Errors NEW
The diagnostics menu in System Manager has been expanded to include "Web Application Errors" and displays the last 100 errors, the most frequent errors for the last X days, all of the errors for a particular day, the error stack trace and related information. It also allows you to search the description and error ID.