Subscribe to Syndicate

Responsive Web Pages Released for all Venues

Arts Management has completed and released a set of responsive web page templates. The means that the web pages automatically adjust their size, contents, and orientation depending if your patrons are looking at them on a computer, smart phone (landscape or portrait), tablet or other device.

The responsive web pages are available free to all venues. If you would like to try them out on our test web site, click this link for www2.artsman.com

A number of venues are already using them.

Security Patch Released affecting 10.02.xx through 10.05.xx

Jun 15, 2015 An update was released that all venues should installed immediately. Venues that auto-update already have the change in place.

Background

A way was found to show the name and address of a random patron who was not in your household via the account tab in web sales. No other data could ever be displayed (passwords and PCI information were never at risk). The worst possible outcome is that somebody, if they knew about the issue, could look up a name that they could find in the phonebook.

The issue was identified on Monday morning and a fix was auto-deployed by late afternoon the same day. Versions affected were TM 10.02, 10.03, 10.04, and 10.05 and a separate patch was issued for each version.

Version 10.05 - Pick your own and Web as a service

We've been hard at work improving the web services this past year and have some exiting things planned for future versions. This release notice is an aggregation of the some key things in the past year, most noticeably:
  • The availability of pick your own seats - which venues have been using with abandon since January
  • The Web Sales Module now runs completely as a service, so it starts automatically after machine restarts without attention
  • Auto updates simplify the process of keeping up to date with enhancements with almost no work and minimal impact to users and patrons.
  • And we now offer a hosted private cloud option if you prefer the servers to be at our data centre.
Theatre Manager has always been the most full featured integrated CRM for patron management, ticket sales, donations, financial accuracy and other administration needs. Since our focus is providing choice to a venue while constantly reducing the total cost of ownership, these recent efforts have focused on infrastructure and reducing IT needs (and the key feature we added - pick your own seats).

Watch our release notes and shortly. We have a sample site with responsive pages, with many thanks and contributions from some of our customers. They are being prepared for release to make it easy to update your pages if you want them -- or you can keep using your current pages if you prefer.

If you should have any questions or need assistance installing the latest version, please feel free to contact us -- happy to do it for you.

Version 10.01 - Released with easy Double opt-in mail list e-blasts

The Canadian Anti-Spam Law (CASL) is coming into effect on July 1st and we've spent the past 3 months fine tuning TM to support the law.

Initial support for single opt-in came on April 5, 2014 - essentially a default was changed so that patrons needed to add themselves to the 'send me emails' button. Double opt-in features were added in mid June to version 10.01 in response to inquiries and deeper understanding of the law from seminars, etc. Opinions vary whether a venues needs single opt-in or double opt in. One things is certain, double opt-in where the patron confirms that they wish to receive emails is far stronger process and help ensure accuracy of emails.

Theatre Manager now has an even easier double opt-in process based on mail lists where emails are sent automatically to patrons and mail list status codes are change to confirm the double opt in status automatically - with limited work on the part of the venue.

Apache 2.4.9/Open SSL 1.0.1h released (along with with TM 10.00.12)

We have made both mac and windows installers for apache 2.4.9 with open ssl 1.0.1h to address the latest open ssl vulnerability.

Please follow the update and download instructions in this link. For a quick summary, if you are already at Apache 2.4.9 (which most venues are due to the recent heartbleed issue), the instructions should be as simple as:

  • shut down any classic web listeners
  • save the htdocs and conf folder per the instructions in the update notes
  • download and run the appropriate installer
  • put back the original htdocs folder and conf folder into the correct places (there are no changes inside them)

Apache 2.4.9 servers released to address Heartbleed Vulnerability

A important vulnerability has been identified in OPENSSL version 1.0.x called Heartbleed.

It is very serious and much has been written about it on the web as it potentially affects many many many web sites. The main impact is that your SSL certificates may have been compromised. If somebody has gained access to your sites SSL certificate through this surreptitious mean, it could mean some of your clients passwords have been taken through watching traffic to/from your web site.

NOTE: if you are still using a version of apache with openSSL 0.9.x, you are not vulnerable to this issue.

The suggested course of action is

  1. Upgrade Apache to 2.4.9 using the process to Upgrade Apache.
    • This contains OpenSSL 1.0.1g to address the specific 'Heartbleed' problem.
    • It removes the vulnerability completely from this point forward
    • This means that you should do it right away and then move on to step 2
  2. Get a revised SSL certificate from GEOTRUST.
    • Artsman will contact GEOTRUST on your behalf and working on a process to get a replacement SSL certificate reissued.
    • This will occur in conjunction with us updating your server or on the near future.
  3. Given the nature of the vulnerability, it has been suggested on some web sites that you inform your patrons about the issue. The reason is simple:
    • Many people use the same password on may sites like facebook, amazon, their bank web site, theatre manager, etc.
    • If *ANOTHER* web site like their bank is compromised by this vulnerability, they represent a high value target.
    • If the *Bad Guys* get a password from a high value site, then they may assume its valid at other places your patron may visit
    • Hence why even if there has not been a compromise at your web site, it could be another web site that leads your patrons to have issues, and safety is of utmost importance.

This vulnerability has been in existence for over a year -- and has only recently been exposed. In other words, nobody knew it existed or could be exploited. This is why it is important to close it up as soon as possible.

Note: If you are still using Apache 2.2.x as part of your Theatre Manager setup, you DO NOT HAVE THIS VULNERABILITY. Unfortunately, you would not be PCI compliant and we'd suggest updating anyway.

Theatre Manager 9.25 Released

TM Scanner - Arts Management Systems Ltd. Theatre Manager Version 9.25 contains significant functionality enhancements as part of our twice a year plan to deliver major features and other improvements garnered from users. The major focus on this particular version has been requested improvements to the internet sales process and reduction of IT support time.

This means:

  • More features are available online (gift certificate/pass redemption, recurring payments, viewing volunteer/staff activities, promoting events not yet on sale online, etc)
  • A number of web pages were tweaked (particularly template files) to support the new web features
  • Implemented a far better 'forgotten password scheme' where the user actually resets their password instead of having the actual password emailed.
  • Addition of IOS based bar code scanners that can scan linear and QR barcodes. Depending on the IOS device you pick, it is possible to scan tickets in the middle of a field.
  • The eblast process now tracks when a customer has opened the eblast and records the open date within Theatre Manager - providing an improved life cycle history of the communication with the patron. TM has always supported recording how a customer purchased online and this augments the overall process by tracking complete life cycle from the delivery of marketing material prior to the purchase decision.
  • The classic listener and second generation listener have been redesigned to self update. This is an exciting new approach to help eliminate as much time as possible to do an update - it will just happen.
  • And much more...

Theatre Manager 9.22 Released

Theatre Manager Version 9.22 has been released. Since 9.15, there has been a concentrated effort on performance improvement of the web services and e-blast capabilities as well as feature enhancements. The suggestion is to upgrade at some convenient point in your current season - it doesn't have to occur right away.

The key list of changes since Version 9.15 are:

  • The second generation server is working very well at venues that are using it. It has addressed the vast majority of issues with email servers - (which have been changing rapidly recently in an attempt to combat spam and viruses). It has also improved performance of the web server significantly.
  • Dynamic pricing and changing of Venue Maps on the fly is now possible.

Year End Rollover and Extended Break Settlements

Fiscal Year End Roll Over
If your offices will be closed during the time of your Fiscal Year End (such as over December 31, for example), you may want to make Year End Roll Over (YERO) preparations before you close for the season that need to occur prior to transacting any business in the new fiscal year.

Theatre Manager 9.15.00 Released

Theatre Manager Version 9.15 has been released containing mostly feature enhancements. The suggestion is to upgrade at some convenient point in your current season - it doesn't have to occur right away.

The key list of changes are:

Pages

Subscribe to Arts Management Systems RSS