Posted on

Updating To Store Locator Plus 4.4.27? Update Experience Add-On First.

Some users may end up with a white-screen on their admin pages if they update to SLP 4.4.27 and skipped the Experience 4.4.06 or 4.4.07 updates that were released over the past 3 weeks.   If this happens after you upgrade to SLP 4.4.27, remove the ./plugins/slp-experience directory from your WordPress install.    Download the latest Experience .zip file from your account at and install the Experience add-on version 4.4.07 or higher.     All of your settings and location data will be retained.

Posted on

Store Locator Plus Updates 2013-Dec-18

Store Locator Plus Intro

The following updates have been made since the last patch release of Store Locator Plus 4 and the related add-on packs.

Highlights This Week

Improving the Admin interface class to improve map page performance. It may not seem like much, but each add-on pack is adding about 1-5MB of RAM usage and several extra data look-ups every time someone views a page with the SLP map on it.   New base plugin classes will help reduce this load and improve site performance.   Some add-on packs are already using it.

Improved add-on pack version information. Most of the add-on packs now report extended information.  The plugin Info tab can now show you when an update is available even if the WordPress update system is not showing the updates flag.

Enhanced Results + Super Extendo featured listing flags have been fixed.

A number of smaller bugs and CSS styling on the admin panel has been addressed.

Store Locator Plus 4.0.032

A full-featured location management system for your WordPress site. This plugin will add location search and mapping to your site. Place a shortcode on any page to display the search form, map, and location listings. Premium add-ons extend the feature set in an ala-carte fashion. Select only those add-on packs you need to build on the base plugin.

The Store Locator Plus v4.0.032 issue list can be found at BitBucket.

Updates List

  • Enhancement: Admin Info page now has the ability to show installed v. latest release info for add-on packs.
  • Enhancement: Move add on update query builder out of base class, minor performance enhancement on front end UI.
  • Enhancement: Map info bubble can now display HTML in description fields via use of [slp_location description raw] as default info bubble layout.
  • Enhancement: Fix help icon position in Chrome on admin UX tab.
  • Enhancement: Work around WordPress dbDelta bug that generates duplicate indices and max index count warnings on updates.

Contact Extender 4.0.001

Contact Extender adds a dozen new contact specific data fields to the locations. Use them in the admin panel, output them in results, or show them on the Store Pages.

Updates List

  • No changes.

Enhanced Map 4.0.011

The Enhanced Map add-on pack provides more control over the map element of the locator user interface. The goal of Enhanced Map is to provide admin settings that make it easier to change the look and feel of the map enabling a custom user experience with minimal effort.
The Enhanced Map v4.0.011 issue list can be found at BitBucket.

Updates List

  • Enhancement: Register add on for better update and cross add-on communication.
  • Enhancement: Move admin functions into admin class to reduce front end memory and disk I/O.
  • Fix: Hide Immediate Home Marker setting not saving.

Enhanced Results 4.0.013

The Enhanced Results add-on pack provides more control over the location results in the locator user interface. The goal of Enhanced Results is to provide admin settings that make it easier to change the look and feel of the map enabling a custom user experience with minimal effort.

The Enhanced Results v4.0.013 issue list can be found at BitBucket.

Updates List

  • Fix: Featured listings.

Enhanced Search 4.0.015

Enhanced Search provides more control over the search form on the locator user interface. The goal of Enhanced Search is to provide admin settings that make it easier to change the look and feel of the search form, enabling a custom user experience with minimal effort.

The Enhanced Search v4.0.015 issue list can be found at BitBucket.

Updates List

  • * Enhancement: Use improved is_CheckTrue() method from base plugin.

Janitor 4.0.007

The Janitor add-on pack cleans up installation variables from the Store Locator Plus base plugin and add-on packs. This interface allows you to view the raw option values in the WordPress options table for the plugin and optionally delete all the settings. Be careful, this is a destructive process and will reset all your options to blank for the Store Locator Plus plugin. Does not remove locations.

The Janitor v4.0.007 issue list can be found at BitBucket.

Updates List

  • Enhancement: Add Tagalong settings to reset list.
  • Enhancement: Isolate the admin code to admin sub-class, improves memory performance of SLP on UI pages.
  • Enhancement: Improved security with check_admin_referer() on _wpnonce.
  • Enhancement: Added tools to re-code descriptions from encoded HTML (&lt;) to proper HTML (<) as required by recent SLP bug fix.

Store Pages 4.0.012

Store Pages creates custom SEO friendly web pages based on your location content. Modify the base page template and build new pages or modify existing pages in seconds.

Updates List

  • No change.

Pro Pack 4.0.018

Pro Pack extends the basic feature set of the Store Locator Plus 4 plugin adding location management tools for websites that provide location search for dozens to thousands of locations. From bulk import and export tools to location search reports, the Pro Pack turns the basic Store Locator Plus WordPress Plugin into a enterprise location management tool.

The Pro Pack v4.0.018 issue list can be found at BitBucket.

Updates List

  • No change.

Super Extendo 4.1.001

The Super Extendo add-on pack allows other add-on packs to extend the location data without bloating the core location data table. The only feature at the moment is extending the Enhanced Results add-on pack to add the featured and rank settings for locations.

The Super Extendo v4.1.001 issue list can be found at BitBucket.

Updates List

The primary updates were made to support the new Contact Extender add-on pack.   Multiple performance improvements and significantly reduced disk I/O are part of this upadte.

  • No change.

Tagalong 4.0.017

Tagalong adds managed categories to the Store Locator Plus locations. The managed categories allow for custom per-category map markers and icons which can be enabled on the map interface and in the search results for your locations.

The Tagalong v4.0.017 issue list can be found at BitBucket.

Updates List

  • Fix: Add upgrade system metadata property back into base plugin.


Third Party Add-On Packs

The add-on packs listed below are managed by third party developers.   Bug fixes and patch releases are the responsibility of the developer.   Charleston Software Associates works with the developer to market the add-on pack and to communicate issues but has limited control over the development schedule.

Widget Pack 4.0.004

Put a find locations widget in your sidebar where users can enter a zip code or address and be directed to a SLP map page.

The Widget Pack Issue List can be found at BitBucket.

Posted on

Upgrading Store Locator Plus version 3 to 4

SLP4 Banner

Upgrading From Previous Versions?

If you are upgrading from a previous version of Store Locator Plus and are using add-on packs please take note:

Store Locator Plus 4 is NOT COMPATIBLE with the Store Locator Plus 3 add-on packs.

You must follow this procedure to upgrade to Store Locator Plus 4:

  • Login to your Charleston Software Associates account.
  • Purchase the SLP4 compatible version of your add-on packs.
  • Download the SLP4 add-on pack zip files.
  • Login to your website’s WordPress admin panel.
  • Deactivate and delete all of your SLP premium add-on packs.
  • Upgrade Store Locator Plus to SLP version 4.x.
  • Install your newly downloaded SLP4 add-on pack zip files.
  • Active the newly installed add-on packs.
Posted on

Store Locator Plus 3.11.12

store locator plus banner

Another patch was released on Store Locator Plus yesterday as work continues on the 4.0 major update I am trying to get out this month.

The latest patch fixes the “check all” feature on Manage Locations, ensuring only the location check boxes are marked not the Tagalong or any other check boxes that may come up.   The change also uses a more efficient jQuery call to check the boxes.

The Philippines has been added as a new country on the Google Maps selection.

A defunct call to a long-gone PHP script for the search form rendering was removed.  That will save a disk request and shave a micro-second or two off the page request every time someone visits the locator page on a site.

In the meantime work continues on the add-on packs, a lot of admin interface changes, and some more code clean  up as I wrap up a customization job for a customer and put a lot of new features in the Store Locator Plus 4.0 and related add-on packs.    Once that job is done I will focus on getting the beta release of SLP 4.0 and the add-on packs out there and start the next customization job.

Store Locator Plus 4.0 / Paid Add-On Pack Upgrades

For those of you who’ve been on the fence about ordering add-on packs, now is the time.   When Store Locator Plus 4.0 comes out ALL add-on packs will require an upgrade to work with the new version.    Those upgrades will be PAID upgrades for all customers.     I am planning on putting out a discount code for recent customers.   I’ve not yet decided how that will work, but I’m leaning towards something like this:

  • Purchased the add-on pack since January 1st 2013: new version of the same add-on pack is free
  • Purchased up to 1 year ago (August 1st 2012+) : 50% off
  • Older purchases will need to re-purchase the new add-on packs.

For those that do not want to pay for add-on upgrades the best option is to NOT UPGRADE THE BASE PLUGIN.   The other option is to disable the add-on packs as most (all) of the add-on packs will break when 4.0 is released.

Please note that the base plugin upgrade will always be free per the WordPress directory listing rules.    Upgrading from Store Locator Plus 3.X to 4.X  can be done at no-cost.  Just be wary of any add-on packs you’ve purchased as they will not function the same way (or at all) if you only upgrade the base plugin to 4.X without upgrading the main product.

What Happened To Subscriptions?

I have been looking for a good subscription module for WooCommerce or WordPress that works well with product downloads like the add-on packs but there are NONE that work well.  I found several that are nearly 100% manual input, some that do not work with restricting downloads (it is an all-or-none approach) and my own work on a proper WooCommerce download/subscription module was side-lined by the recent customization work.      Thus the “Enterprise Subscription” with a one-time setup fee + small ($10) monthly downloads is not going to be ready on time for the 4.0 release.

I hope to find something by the time the next major upgrade is ready (next summer?) so that customers will have a less expensive option with a steady monthly payment versus one big “upgrade everything fee”.

Maybe if enough customization, support, and premium add-on sales come in future upgrades can remain free.   Right now the only viable way to fund future development is to have paid upgrades when notable improvements are made to the base product and premium add-on packs.

You Backed Up Your Site, Didn’t You?

Now is the perfect time to remind the 50% of you that do not do this:  BACKUP YOUR SITE.    I strongly recommend doing so with a WordPress specific backup solution like VaultPress.     That way when you (or your customer) clicks the “upgrade now” button when 4.0 comes out and all your add-on packs break you can simply restore the site (or just the plugin files themselves) to the version that was installed prior to that momentary lapse of judgement.

For those of you that plan on upgrading the add-on packs, you have less to worry about in that regard.  I know you are already backing up with a WordPress backup solution just in case.

Posted on

WordPress Security Issue: W3 Total Cache / WP Super Cache

A security vulnerability that may allow remote users to execute PHP code on WordPress sites running the W3 Total Cache or WP Super Cache plugins was reported over a month ago.   Both plugins have posted security patches recently.    I know there are at least a handful of users of the Charleston Software Associates WordPress Plugins that use the plugins.

It is recommended you upgrade to the latest version of the W3 Total Cache and WP Super Cache plugins as soon as possible.

You can get the latest version of

WP Super Cache here:

W3 Total Cache here:

This vulnerability can be exploited, much like ANY other plugin with a vulnerability, even if the plugin is installed but not active.  It does not require an active plugin for external sources to access code on your server if they know they install path.


You can read the CloudFlare post about this here: W3TC and WP Super Cache Vulnerability Discovered, We’ve Automatically Patched

Posted on

Running An Old CSA Plugin? Upgrade

If you are running a CSA plugin such as Store Locator Plus or MoneyPress that is more than 6 months old, upgrade. There are two very notable issues that make this important.

Store Locator Plus

For Store Locator Plus there are notable security patches that occurred in Version 3.8.7.  Really you should always try to stay on the latest version for the best support, performance, and feature updates.   However you should ALWAYS upgrade when there is a security concern.    If you are not on 3.8.7 or higher, get on that version.

All The Others

For all other plugins, upgrade to the latest version that is published.   There are no security patches at this point, but there is a notable update that you want to know about.

Performance Concerns

So, one of the main reasons to upgrade is security concerns.  The other?  Performance.

Older versions of the plugins had a notable design flaw that existed while part of the Cyber Sprocket Labs era.    A flaw in the code was causing the ENTIRE support framework for the plugin, including admin page support, to be loaded into memory AT ALL TIMES.    In newer versions released since October 2012, this has been addressed.

In the newer versions of the plugin there will be a significantly lower memory footprint for EVERY PAGE on your site.   Yes, that is EVERY PAGE.  Why?  That flaw caused the entire plugin framework to be loaded on EVERY SITE PAGE regardless of whether or not the plugin features were in use.

In addition, there are multiple network connections going on as all of the plugins communicate with third party services, such as Amazon or eBay affiliate services, Google maps services, and others.    This is a core element of the plugin design for most of the plugins.   However this same flaw also loads and connects to a number of servers then throws away the data if a plugin shortcode is not rendered or you are not on a plugin admin page.

Again, these flaws have been fixed.  The latest versions of the plugins only load resources as required and on the proper pages.  Things like loading CSS and JavaScript only on the page with a plugin shortcode, or an admin page for the plugin, are noticeable.   However, there is a lot going on you don’t see and with the older versions of the plugins it is doing a TON of extra work for nothing on EVERY PAGE of your site.

Do yourself and your customers a favor and upgrade your plugins and add-on packs.    If not the latest version then I recommend nothing earlier than November 1st, 2012 as a release date.     However, I constantly strive for not only adding functionality or UX improvements but I am very adamant about having code that runs efficiently and lower memory usage, disk I/O, and network I/O at every opportunity.

Upgrade your plugins.   Today.

Servers everywhere will thank you.

BTW, for reference, the current “ping rate” for older plugins is running at about 20+ network connections/second from the 10,000+ sites running an old Cyber Sprocket or Charleston Software Associates plugin that has not been optimized.


Oh… and the article banner?   A sneak peak of the upcoming news panel for Store Locator Plus 3.9.3… still testing…



Posted on

Upgrade Issues from MooTools 1.2.4 to Mootools 1.3.2

This past week we worked on some site updates for Abundatrade.  During the updates we attempted to upgrade Mootools from 1.2.4 to 1.3.2.  Unfortunately this did not go as well as expected.  After 8 hours of trying to get it to work we ended up rolling back to Mootools Core 1.2.4 with Mootools More   Here are some of the pitfalls.

$empty Is Not Defined

The first problem was with the FormCheck library from   The library requires the “old-school” $empty function definition from MooTools.   This has been deprecated in later versions.   It also turns out it is a pain to replicate, though we were able to patch around this by adding a this.$empty function() {} definition to the JavaScript library.    After doing so we ran into more problems with undefined methods so we gave up and ended up loading MooTools Core 1.3.2 with compatibility.  That resolved both the $empty definition problem as well as some other issues we had with failing code.

Unintended Recursion

The bigger problem that forced us back to v1.2.4 was an unintended recursion problem in one of our AJAX calls that queues and consumes requests to/from a back-end server script that feeds JSON back into the main web document. With all versions up to 1.3.X the system works as we expect, you put in a UPC, click “Add Item”, it is sent to the back-end for real time pricing lookups, and a single row is added to an on-page table showing the item and the offer price. With version 1.3.2 the call to the back-end system is now working as a factorial function.  The first time you add an item you get one call to the back-end. The second time you get 2 calls, by the 6th added item you have a table full of duplicates that is growing exponentially. Not good.

We dug around for answers for most of the day yesterday, but nothing obvious was uncovered. The basic culprit is a form submit handler that eventually does something like this:

function MyHandler() {
… this.set(‘send’,func () { do stuff; });

The first time through it works perfectly. Subsequent iterations are looping through the this.set call, as if this is now an array of handler objects.  There must be a way to reset the form handler stack to be a single instance, but damned if we can find it. The problem appears to be triggered by a change in the MooTools library that now handles the anonymous function definition differently as it is no “array aware”.

MooTools 1.2.X Problems

Unfortunately, staying with MooTools 1.2.4 presents another problem.  The spinner class breaks for Internet Explorer 9.  With the spinner class in place the submit form handler fails.   Thus for MooTools 1.2.4 we are stuck with a subset of the UX.

The failing code:'top_content').set('spinner',



There is probably a design flaw in our code, but it is not easy to unwrap and simply turning on MooTools 1.3.2 with compatibility mode is not fixing it.  So much for the easy way out.  For now we’re back to MooTools 1.2.X and moving on.  Other projects await.   If you have any hints on what the issue may be please share.

Posted on

Upgrading Redmine From 0.9.6 to 1.0.0

Much of this post is repeated in the Upgrading Redmine from 0.8 to 0.9.3 post we did a few months back.  Now with Redmine 1.0 RC out, the upgrade process is once again not as simple as doing a subversion update.  If you are downloading tarzips and installing “manually”, we recommend saving some time and learning basic subversion commands.  Subversion checkout and update is much faster and easier once you have the initial installation in place.

These are Cyber Sprocket’s notes from our upgrade. For more information you may want to visit the official documentation site.

Our Environment

The environment we were running before upgrading to Redmine 1.0(RC):

  • Redmine 0.9.6
  • Apache 2.2.7
  • MySQL 4.1.22*

* Note – we have had discussions with the Redmine development team regarding the MySQL version.  We are running MOST features with no problem on MySQL 4.1, however custom fields on the issue table that are anything but character type will break many reporting and sorting features.   According to some of the developers MySQL 5.X has been required since Redmine 0.8.X.   In reality Redmine works for MOST features on MySQL 4.1.22 though you will need to patch around some things if you want to use custom int fields in Redmine.  There are no guarantees as to what other things will creep into Redmine.     Also, it should be noted that on the official Redmine documentation site it states MySQL 4 is acceptable, even though there is some MySQL 5 only code buried deep within Redmine.


The first thing we ALWAYS do before upgrading a system is to store a local copy of the database and the source code. In order to make the archives as small as possible we post a note on the system that Redmine will be offline and at the posted time remove all the session “crud” that has built up. The process includes a mysql data dump, a file removal, and a tarzip.

  • Go to the directory ABOVE the redmine root directory:
    cd /<redmine-root-dir>; cd ..;
  • Dump MySQL Redmine data:
    mysqldump –user=<your-redmine-db-username> -p <your-redmine-databasename> > redmine_backup.sql

    Note: getting an error doing the dump because of LOCK TABLES?   You can add the –lock-tables=false option to your dump command, but be 100% certain nobody else is going to be on your Redmine system when you do this or you will lose data.

  • Remove the session files:
    rm -rf <redmine-directory>/tmp/sessions/*
  • Tarzip:
    tar cvfz redmine-backup.tgz redmine_backup.sql ./<redmine-directory-name>

Setting Up 1.0

The instructions here are based on our installation where the live Redmine site is accessed via Apache and lives (according to apache) in a directory named redmine.

Setting Up Redmine 1.0 Summary

Go to the parent directory ABOVE the one where your current redmine install exists.  The process here is to pull down the new Redmine code, move the old system to an “offline” location, copy over the old version config files, symlink the old directory to the new name, then restart Apache.

cd <redmine parent directory>

# Get the 1.0 Redmine Code
svn co redmine-1.0

# Copy the old config info
cd redmine-1.0/config
cp ../<old_redmine_version_directory>/config/database.yml .

# Upgrade the database

rake db:migrate RAILS_ENV=production

# Upgrade the data structures

cd ..

rake db:migrate RAILS_ENV=production

# Initialize the session store on the new redmine
rake config/initializers/session_store.rb

# Move the old directory

cd ..

rm -f redmine (this was a symlink to redmine-0.9.6)
# Hook up the new redmine

ln -s ./redmine-1.0 redmine
# Restart Apache

service httpd restart

Checking Logs

If you have problems check the log files in your Redmine installation directory, such as ./log/production.log. You may also want to check your Apache log files, assuming you’ve set those up. To log Apache messages you need to have an ErrorLog statement in your httpd.conf file that tells Apache where you want your log file written (normally /usr/local/apache/logs/redmine-error.log).

Our Customization

Once we got the basic 1.0 install in place we had to bring over our custom page headings and other tweaks.  Be sure to leave your old install available in an easily accessible place in case you need to do the same.  Some of the tweaks we need to do on our end:

  • copy over the public/.htaccess file
  • set our default environment to production in ./config/environment.rb
  • copy over the vendor/plugins/redmine-google-analytics-plugin/ plugin
  • copy over the vendor/plugins/redmine_my_menus plugin
  • copy over the public/themes/cyber1 theme
  • update ./config/locales/en.yml to change some menu wording
  • make these patches to get int custom fields working in 0.9X and higher
    • ./app/models/query.rb
    • ./app/models/custom_field.rb

Need Help With Redmine?

If you need help with your upgrade, give us a call.