Bugfix in version 4.460, work I did to make tabs optionally hidden for select job stuffs up tabs in places where tabs cover multiple lines, such as the main setup screen. Some tabs a missing when the cover multiple lines. Now fixed.

Unit line items : permit non dutyable line items to be based on formula. So things like stamp duty costs can be setup as either on road costs or as non duty invoice items. Whichever suits.

• Import Generic price file. Support importing CSV files which are semi-colon delimited : i.e. Husky Power Equipment
• New units report : reports on tax invoice line items what are not spare parts or inherited from pre-delivery jobs
• Main workshop screen : include option to hide tabs in order to better utilise screen real-estate and not have tabs clogged up with search options never used.  Hiding is memorised on a per terminal basis

Updating java while c9 is running is sometimes problematic.  C9 holds onto files java wants to update, stopping those files from updating causing java to be half-updated, and sometimes broken.

Problem is really java's fault, it should detect that it is trying to install while it is already running and ask you to kill c9 first.

If for example you update to java 8 while c9 is running on java 7, after restart you might see something like this:

To fix this, you need to uninstall java in the control panel. Uninstall all running copies of java.

Then goto http://java.com/ and install java fresh.

Another bugfix : recent changes to enforce minqty to be >= ecordqty are actually incorrect as previously the system would round up minqty re-orders instead of rounding down : meaning minqty<ecordqty is functionally meaningful and system needs to allow users to key in such things.

In english:  If ecordqty= 10,  and you key in minqty of 2, the moment your stock goes down below 2 c9 will re-order 10 more.  So having parts where minqty=2 and ecordqty=10 does something and makes sense.

Bugfixes

• GST Report, would misreport year model. Now fixed
• Export OPEA order: was not memorising export options for 'Alt' export method properly.

• Unit sale bugfixes
  • Could not delete purchased unit off a deal, now fixed
  • deal to sale with deposit : disallow account sale for now (I will revisit this later to convert deposit into payment)
• Workshop Timesheet report : size fonts for smaller blocks and if start=finish then do not print expanded line to fit as many techs onto the page as possible
• Miner : bug fixes with printing address labels via miner : did not work in some circumstances. Also include option to print one or multiple labels per customer. Defaults to one.

Recently added ability to pop reminders in c9 can be constrained based on the login user you login as.

You login as sales:

For a given customer reminder, you can make sure only people logged in as sales, get that reminder, instead of all users, so spares and workshop users are not bothered by reminders relevant to sales side of the business only

To add new login user, Setup -> Other Settings -> Login Users.

For those who need more nagging in their lives, c9 can now nag you relentlessly about things it thinks require doing. Such as:

• Open spares quotes
• Parts that needs to be ordered
• Stock that needs to be re-ordered
• Parts that were ordered but taking a long time to arrive
• Parts that have been waiting for a customer to pickup for a while

For suggestions on more things to add into c9 to monitor/remind please contact us and we will look at adding them into c9

To enable these: goto Setup -> Other Settings -> Notifications/Monitors.

Click on Insert to add a new notification, the system will ask you what type of notification to add. You can then tune things relevant to that type of notification.

Once added, the nag will appear in notification section in top right of c9:

Includes database changes. You will need to log all terminals out after upgrading

• View orders. Relocated view supplier button so it does not cover over search string
• Select any part . Make Add part button hotkeyable (Alt+a and InsertKey)
• Bugfix with view/edit franchise. Could not access archived franchises
• Bugfixes/improvements to receive order to better cope with recently added flexibility of receiving with accessory suppliers where accessory suppliers can be alternative suppliers for parts tracked under a franchise
  • Electronic import can now cope with importing on accessory supplier where parts may not be accessory parts
  • Receive backorder on accessory would not work for parts on backorder that were franchise parts.
  • Display franchise: would display a franchise of one of the parts on the receive list as opposed to the actual supplier.
• Workshop timesheet : allow user to indicate reporting period. Also compress report output a bit to fit more into a single page.
• Workshop estimate : collect and print order number and odo
• Customer reminders : include ability to limit reminders to specific logged in users. By creating a 'unitsales' user for example, you can set things up so only these users receive reminders tagged for unitsales
• Messenger : include ability to disable auto-start of messenger on a terminal, to cope with dodgy terminals auto-starting messenger
• Include new feature : monitor/notifications.  you can configure c9 to now nag you about various things, parts not yet ordered, open spares quotes, parts on order for more than a week, parts on back order for more than a couple of months, etc etc. I will write up a separate post on this shortly.

Unless you've been living under a rock avoiding the news, you've probably heard about shellshock by now.

http://www.abc.net.au/news/2014-09-26/shellshock-bug-leaves-up-to-500-million-computers-at-risk/5770952

The shellshock threat did impact c9 servers, they have now been patched.

The threat to c9 servers and websites hosted on c9 is virtually non-existent though.  It is difficult for me to explain the nature of shellshock to a non technical audience, but I'll try to explain the risks by analogy.

The analogy is this: with a bank. You have the main doors, guards, alarms, security cameras and the vault.  Now someone has figured out how to easily pick the lock on the vault : this is shellshock.  But as long as you have systems in place to ensure no-one gets near the vault you are okay. The risk though is that people forget about the vault, assume it is rock solid, so they design their bank such that they don't mind people walking past it.  Suddenly, it is now a problem.

To the best that I can tell, and the best of my knowledge, shellshock could not be exploited with the systems and services c9 has setup; but there is still a risk that something deep in our website design would do something that would potentially open up a path to shellshock.  So to be sure I've updated our systems anyway, because I'd rather have a solid vault than a vault that can be easily picked, even if it is cordoned off.

The wider implications of this for the IT industry will be interesting to see as it develops.  Shellshock is not straightforward to exploit : you don't just download a magic hacker tool, point it at a heap of websites and hope for the tool to discover an opening. It requires skill, patience and care for a hacker to discover a vulnerability that allows them to get 'close enough to the vault', so to speak.  We may hear over the next few weeks or months news of high profile IT companies and websites being exploited, or maybe the whole thing will blow over and nothing at all happens.

Update: since writing this post, I've been thinking about this more. I generally don't go for sensationalist news stuff, but Shellshock is indeed a very serious security problem and it is actually fairly straightforward for hackers to search for and find systems that are compromised by it.  C9's systems should be secure though, and I am fairly confident that during the time c9 wasn't patched, our systems weren't actually vulnerable anyway.