Finding all Magento secure URIs

We recently needed to try and identify all HTTPS URI’s in a customer’s store and had to quickly write a script to scan the `core`, `local` and `community` directories to find any pages that used HTTPS. This is by no means 100% accurate, but will be a good starter indication of finding URL’s that are defined as being secure. cd app/code/core/Mage ( ack-grep “getUrl\(['\"]([^(\"|')]+)['\"],([\s]+)?array\(['\"]_secure['\"]([\s]+)?=>([\s]+)?true\)\)” * –output=’$1′ | while read LINE; do FILE=$(echo “$LINE” | cut -f1 -d”:”) URI=$(echo “$LINE” | cut -f3 -d”:”) echo “$URI” | grep -qF ‘*’ 2>/dev/null if [[ $? -eq 0 ]]; then MODULE=$(echo $FILE | ack-grep “^([^/]+)/” –output=’$1′) CONTROLLER=$(echo $FILE | ack-grep “([^/]+)” –output=’$1′ | tail -n2 | head -n1 | sed ‘s/Controller.php//g’ | tr ‘[A-Z]‘ ‘[a-z]‘) CONFIG_FILE=”$MODULE/etc/config.xml” if [ -f "$CONFIG_FILE" ]; then NAMESPACES=( $(cat $CONFIG_FILE | ack-grep “(.+)?” –output=’$1′) ) if [ ${#NAMESPACES[@]} -gt 0 ]; then for NAMESPACE in ${NAMESPACES[@]}; do echo … Continue reading

Simple Magento performance/load testing with Mage-Perftest

Mage-Perftest is a simple Linux command line tool to test the performance of your Magento store, it can perform a number of clever operations which makes it far more suitable than `siege` or `ab`. Its not a replacement for fully fledged simulation tools (like jMeter), but it is simple to set up and run. **You can use it for a number of different things,** PHP TTFB (time to first byte) performance testing Whole page (including static content & assets) performance testing Load/stress testing Concurrency testing Repeat testing Site cache priming/crawling **It also has the ability to,** Use sessions during crawling Supports keepalives Bypass Varnish cash (to test actual server performance) Read and parse Magento sitemaps (eg. `http://www.example.com` format) Use fixed and random seeds when parsing sitemaps 1. for either completely random tests, or fixed random tests Simulate traffic over a defined period of time (eg. 1000 unique visitors in a … Continue reading

The nolocal theming and packaging methodology

So this will cause ultimate uproar and go against the grain of every Magento developer – but we’ve got a solid process for theming – that does not use local.xml (more on that later). We always work off the base/default template – but zero out the CSS. Even though all designs don’t particularly lend themselves to the structural layout of a vanilla Magento store – we find it good practice to use the default theme as a starting point; we can remove un-used methods/loops/divs etc. as necessary during the templating. When starting a theme For EE We install this extension first, so that we get a level of theme fallback – when we later remove the theme files we copied. The package We first start by creating the package and copying in the entire base/default theme; so for example (say it was our own website, we’d call the package sonassi) … Continue reading

Running Magento in PHP 5.4′s built-in web server

Whilst this isn’t a good idea for a production store, if you want to just experiment or develop locally, this works just fine. Instructions for Debian cat >> /etc/apt/sources.lst <<EOF deb http://packages.dotdeb.org squeeze-php54 all deb-src http://packages.dotdeb.org squeeze-php54 all EOF wget -qO – http://www.dotdeb.org/dotdeb.gpg | apt-key add – apt-get update apt-get install php5-cli php5-mysqlnd php5-mcrypt php5-common php-pear php5-dev php5-mysql php5-curl php5-mcrypt php5-gd php5-cli php5-xsl php5-imagick Then make a simple router, that mimicked the rules in a stock Magento .htaccess. Put this in router.php in your Magento base directory. <?php if (preg_match(‘#^/api/rest#’, $_SERVER["REQUEST_URI"])) { $_SERVER["REQUEST_URI"] = ‘api.php?type=rest’; } elseif (preg_match(‘#^/(media|skin|js)#’, $_SERVER["REQUEST_URI"])) { return false; } elseif (file_exists(“.”.$_SERVER["REQUEST_URI"])) { return false; } else { include_once ‘index.php’; } ?> Then start the PHP server and point it at router.php (the file from above). php -S 127.0.0.1:80 router.php That’s it – now just point your web browser at your new PHP web server.

Deconstructing the cache image path on Magento

The image URL that you’ve given is impossible to have with a Magento store. I’m guessing you wanted it to be obfuscated, but in doing so have made it impossible to answer. So using a real example. Eg /media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/m/e/me-d1_2.jpg De constructing the cache image path /media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/m/e/me-d1_2.jpg |___________________________|_|_____|________________________________|_|_|__________| | | | | | | | Cache Directory | | | | | | Mage/Catalog/Model/Product/Media/Config.php | | | | getBaseMediaPath() | | | | | | | | | | | | | | | | | | Store ID | | | | Mage::app()->getStore()->getId() | | | | | | | | | | | | | Subdirectory | | | | Mage/Catalog/Model/Product/Image.php | | | getDestinationSubdir() | | | | | | | | | | | | MD5 of Image Params | | | See below | | | Mage/Catalog/Model/Product/Image.php Line +324 | | | | | | | … Continue reading