On Thursday, Aug 1, 2024, we released Matador Jobs 3.8.18 to all our users. This release primarily supports updates to improve user experience issues caused by aggressive caching policies that clashed with data security handling in Matador Jobs Pro.

Caching and Data Security

To protect your site from hackers and spammers, WordPress and, by extension, Matador Jobs Pro, applies various secure coding techniques. One such technique is to send special data with form (application, contact, etc) submissions that verify the data is coming from a valid, recent version of your site and not a spoofed version. This prevents spam form submissions and other forms of misuse.

As search engine providers harp on us to deliver fast loading websites and web hosts charging us more and more to generate web pages from code, our users have naturally begun to use more and more aggressive forms of caching, including those which serve forms with stale security credentials to users. This resulted in some job applicants getting cryptic error messages when attempting to apply to roles.

While this issue is easily fixed by adjusting caching rules for any page that provides a place for a user to share data, including web forms, given our most common customer is the small business without an expert web developer on site, we saw many of our users unable to fix this issue without utilizing significant support resources from within Matador Jobs’s team.

This update includes some automation that will help bypass aggressive caching and refresh stale security credentials in a way that continues to provide secure data processing while eases the burden on our customers to fine-tune caching rules and eases user experience pain points for their job seekers applying to roles when the caching rules are not set up properly.

This update should not replace proper management of caching rules, and we strongly recommend users refer to our help docs on how to properly cache Matador Jobs Pro data to ensure these protections are eventually not needed for their site.

• Change Notes: Added new code to address user experience issues encountered by job seekers served cached web page data that included Matador application forms with cross-site request forgery (CSRF) protections in place that were stale due to caching. This update will aim to prevent those errors and ensure a smooth experience for users without requiring adjustments to the site’s caching settings.

Beta: Preload Form Data

Some form field data can now be served as a pre-load to Matador Application Forms via a new filter. This is being offered as beta feature and will be used in upcoming core and extension features. Developers can give it a spin using the filter matador_jobs_application_form_preload_data.

• Feature: Added a WordPress filter called matador_jobs_application_form_preload_data to add pre-load values to Application Form fields.

Miscellaneous

As always, a few other useful bug fixes were included. Further, with WordPress 6.6 recently released, we made sure to test Matador Jobs Pro on the new WordPress to ensure it still works as expected.

• Feature: Added a WordPress filter called matador_jobs_query_jobs_args to filter the search query arguments after code-based processing is complete. This is used in some advanced extension development and should only be used when the filter for before code-based processing will not work, as code-based query arg processing is designed to protect the user from unintentional issues.
• Bugfix: Fixes a bug that caused the Bullhorn Candidate Work History entries for newly created candidates to be missing the job title.
• Tested up to WordPress 6.6.1.

Update Now!

Matador Jobs 3.8.18 is released for automatic* update to all subscribers as of Thursday, August 1, 2024. If your subscription has expired, renew it on your account page. If you find any issues, please send a support request.

* Please Note: if your current installed version is 3.8.0 to 3.8.4, you need to manually install this update.

On Thursday, March 7, 2024, we released Matador Jobs 3.8.17 to all our users. This release primarily supports updates to the Bullhorn API to provide our users improved performance. Our major feature release, 3.9.0, is coming soon, but we wanted to get these small but very useful updates out to our users ASAP!

Persisting Bullhorn Connection for 5.5 Hours

The most important part of this release is enabling use of the new 5.5 hour Bullhorn connection limit.

Prior to this week, a Bullhorn API connection was valid for 10 minutes, which meant that almost every action performed by Matador Jobs required a renewed login. Logging into Bullhorn is both time and resource intensive, so when we saw an announcement from the Bullhorn team that API logins can now be persisted for up to 5.6 hours, we were ecstatic!

This update leverages the significantly longer Bullhorn connection limit to save resources and and improve performance.

• Persist Bullhorn connection for 5.5 hours. With an announcement made on March 5th, 2024, Bullhorn’s API can now support connections lasting up to 5.6 hours instead of the old default of 10 minutes. Matador is updated to support the full extended connection which will reduce time-consuming and resource-intensive API calls to the Bullhorn Login systems from several times per hour to 4-5 times per day. See announcement for more information from Bullhorn regarding the announcement.

Add “Action” to Notes, “Owner” & “Sending User” to Submissions

With various AI tools and other Bullhorn Marketplace partner software able to be deployed on a user’s Bullhorn account, we are always working hard to provide the most complete, useful synced data as possible. With this release we are improving our data syncs to Notes and Submissions.

• Added a default “action” argument to the Bullhorn sync routine that adds Notes to a created or modified Candidate entries. We recently learned that to apply Bullhorn Automation routines to the Notes, they must have an “action” set, so moving forward Candidate Notes created by Matador will have an action of “other”.
• Added filters to Bullhorn sync routine that adds Notes to created or modified Candidate entries. The filter matador_bullhorn_candidate_note allows a developer to modify the string of text saved to the note and the filter matador_bullhorn_candidate_note_args allows a developer to modify the other arguments including the “action” value we now set as “other”.
• The Bullhorn sync routine that creates a Submission between a Candidate and JobOrder will now include the value of the Candidate Owner in the sendingUser and owners fields. New Candidates created by Matador will be owned by the preferred owner as set in the setting ‘Preferred New Candidate “Owner”‘, falling back to the the API User if the preferred owner is not found. This feature update will give that same assignment to the Submission, preventing issues where Candidate owners cannot see the Submission.

Miscellaneous

As always, a few other useful bug fixes were included. Further, with WordPress 6.5 will soon be released, we made sure to test Matador Jobs Pro on the new WordPress to ensure it still works as expected.

• Added protections to Bullhorn Candidate Sync for users who enable “allow multiple values” on any of the four phone fields on the Bullhorn Candidate object. In general, we discourage users from enabling “allow multiple values” settings in the Bullhorn field mappings to any default fields.
• Fixed issue causing Admin Notices handling to sometimes throw a PHP warning on PHP > 8.1. Depending on user error reporting, this could’ve resulted in errors printed to screen, logs, or had no impact.
• Various improvements to logging to support plugin development and issue resolution.
• Minimum WordPress version required is 5.5.0… unofficially. Officially we require WordPress 5.8 since January 24th, 2024 and will require 5.9 beginning May 23rd, 2024.
• Tested up to WordPress 6.5.0.

Update Now!

Matador Jobs 3.8.17 is released for automatic* update to all subscribers as of Thursday, March 7, 2024. If your subscription has expired, renew it on your account page. If you find any issues, please send a support request.

* Please Note: if your current installed version is 3.8.0 to 3.8.4, you need to manually install this update.

On Tuesday, January 23, 2024, we released Matador Jobs 3.8.16 to all our users. This release contains an important compatibility update following the release of Yoast SEO 21.9, which removed a function we used as part of our Yoast SEO compatibility, breaking all our users’ sites that also run Yoast SEO.

Yoast SEO 21.9 Support

Today, the Yoast SEO team released their version 21.9 and it removed a function Matador previously relied on to connect the Job Posting Structured Data into the Yoast SEO generated Structured Data Graph. Users who updated to Yoast SEO 21.9 this morning found their Matador Jobs + Yoast SEO sites failing to load on Job Posting pages. We identified the fix and rushed it out to all our users.

Update Now!

Matador Jobs 3.8.16 is released for automatic* update to all subscribers as of Tuesday, January 23, 2024. If your subscription has expired, renew it on your account page. If you find any issues, please send a support request.

* Please Note: if your current installed version is 3.8.0 to 3.8.4, you need to manually install this update.

On Tuesday, November 7, 2023, we released Matador Jobs 3.8.15 to all our users. This release contains an important security update, PHP 8.1 and 8.2 compatibility, a few bug fixes, and some changes to support updates to Matador Extensions. This update also includes the unreleased 3.8.14, which was provided to limited users during beta testing of updated extensions.

Security Update

The most important part of this release is a security related update.

Most web server software have settings allowing a directory’s (folder’s) files to be indexed (listed) for viewing and download when a special file called an index overrides that behavior. While it is a best practice to have directory indexing turned off for web host serving WordPress, most WordPress developers like us at Matador still install empty index.php files in their folders to override and prevent directory indexing (as well as do other things to secure the code when directory indexing is on).

An issue was discovered where a site that had installed Matador Jobs Lite first, and then, while Matador Jobs Lite was still active, installed Matador Jobs Pro second, missed the setup routine that added the index.php files in the folders Matador creates to hold user-submitted content like resumes and other application files.

While investigating this issue, we also determined that, perhaps due to user error and when doing database migrations between environments, if a Matador folder or index.php is deleted or missing, Matador will try to recreate the folder but not recreate the index.php file. In both cases, this could result in a site revealing sensitive data to third parties if directory indexing is turned on at the server level.

With this update, this will not be the case. Moving forward, whenever a new resume or log file is made, Matador will look for a missing index.php file and attempt restore it. If Matador fails to restore the missing index.php file, don’t worry, there are bigger issues, like, your site won’t be able to save any resume files anyway! This change will prevent directory indexing from exposing sensitive data moving forward.

• Security: Fixed an issue that caused upgrades from Matador Jobs Lite to Matador Jobs Pro to not set up folders for log files or resume files with an index.php file to prevent directory indexing.
• Security: Added a routine that double-checks for the presence of an empty index.php file to prevent directory indexing in the resume uploads folder during each candidate file save. This will restore the index.php file if it was missing from a previous bug or user action.
• Security: Added routine that double-checks for presence of the index.php file to prevent directory indexing in the Matador logs folder during the creation of a new log file. This will restore the index.php file if it was missing from a previous bug or user action.

To be clear, again, however, a properly configured WordPress website hosting environment will have directory indexing disabled. If you use a managed WordPress web host, this will true in 99% of environments. If you are running your own web host, for example a “cPanel web hosting” plan, it would be wise to review your server settings to secure your whole site. These changes will only improve and prevent access to Matador’s filesystem, not your other plugins or themes, which could then be exploited and grant a malicious user access to your data.

PHP 8.1 and 8.2 Compatibility

While Matador Jobs Pro and Lite were already fully compatible with PHP 8.1 and 8.2, a handful of Deprecations were introduced to PHP 8.1 and 8.2 that resulted in Matador causing PHP E_NOTICE and E_DEPRECATION error output when PHP debugging for those levels was turned on.

Since developers may debug sites using log files or error output, this meant Matador created a lot of noise when run on PHP 8.1 or PHP 8.2 making the developer’s job more difficult. With this update, all PHP 8.1 and 8.2 Deprecations are handled in this update, either with backward compatible code changes, polyfills, or PHP attributes.

• Compatibility: Changed an argument in a few WordPress core function calls that previously allowed null but in PHP 8.1 and later requires an empty string.
• Compatibility: Added #[ReturnTypeWillChange] PHP attributes to the Cookie Monster class to ensure PHP 8.1 and later compatibility.
• Compatibility: Modified the log delete function to fix an instantiation of the DateTimeImmutable class from a null value, which threw PHP deprecation warnings in 8.1 and later.
• Compatibility: Added a method argument strict typing indicator and modified a function call to prevent an error with PHP’s rtrim() after an accepted argument deprecation was added in PHP 8.2.

Enhancements for Matador Extensions

Matador Jobs Pro is not alone! We have over 15 extensions, and more on the way, to enhance and extend Matador with additional features. We have major updates nearly ready for two popular extensions and to support their updated features, we needed to make a few changes to Matador Jobs.

• Enhancement: Changes to template function visibility to allow extensions to also check for the existence of a Matador template before attempting to call it (the single change in unreleased version 3.8.14).
• Feature: Added filter matador_settings_page_structure to allow developers to change the supported fields “structure” for Matador Settings.
• Feature: Added filter matador_settings_should_skip_field to allow developers to skip an options field on a settings page.

Misc Bug Fixes

As we do with most updates, we scooped up some recent bug fixes into this release as well.

• Bugfix: Added a routine to restore a missing log file folder that may have been deleted or not created properly on install/activation.
• Bugfix: Added check to prevent loading of Matador Application when “Accept Applications” setting is off. A user with the [matador_application] shortcode but that turned off the “Accept Applications” setting would get an application that didn’t process. This “bug” has existed since day one of Matador, and we laugh, because it means no one has ever found it before we randomly ran into it.
• Bugfix: Added a fix to gracefully handle unrecognized dynamic argument values for the [matador_portal] shortcode, which in certain cases resulted in an error.
• Bugfix: Added fix to ensure recently new settings to not be available to the WPJM extension settings.

Miscellaneous

Today, WordPress 6.4 released to the world. Matador Jobs has been tested on the final release candidate of WordPress 6.4 and thus fully supports WordPress 6.4.

• Matador Jobs Lite / Pro tested up to WordPress 6.4

Update Now!

Matador Jobs 3.8.15 is released for automatic* update to all subscribers as of Tuesday, November 7, 2023. If your subscription has expired, renew it on your account page. If you find any issues, please send a support request.

* Please Note: if your current installed version is 3.8.0 to 3.8.4, you need to manually install this update.

On Monday, August 14, 2023, we released Matador Jobs 3.8.13 to all our users. This release contains an improvement and bugfix to assist in connection stability issues with Bullhorn.

Connection Stability

We wrote a post last week that addressed some observed connection stability issues experienced by some of our users with a promise we’d look for areas to improve. We updated the post at the end of week explaining that we observed a new, infrequent, and yet unexplained occurrence during the reconnection loop that would create a false-positive condition when Matador evaluated if it should continue attempting to reconnect to Bullhorn. This patch contains an adjustment to add finesse to this process and minimize false-positives during this test.

• It appears that Bullhorn is currently experiencing some issues with its connection quality and in reviewing our automatic reconnection routine we identified an opportunity to add finesse around a temporary error that was being misinterpreted by Matador as a permanent error, resulting in Matador determining it could no longer connect and send notice to the administrator. We will now retry a reconnection on these temporary errors while continuing to stop attempts to reconnect when the permanent error is encountered.
• Fixed a bug impacting the functionality of the Test Auto Reconnect feature of the Bullhorn Connection Assistant that was introduced with performance improvements in 3.8.7.

Update Now!

Matador Jobs 3.8.13 is released for automatic* update to all subscribers as of Monday, August 7, 2023. If your subscription has expired, renew it on your account page. If you find any issues, please send a support request.

* Please Note: if your current installed version is 3.8.0 to 3.8.4, you need to manually install this update.