Blog
Enterprise_PageCache is Borked In 1.14.3.X
Published: January 20, 2017
If you are thinking about installing or upgrading to Magento Enterprise 1.14.3.X read this post right now. Enterprise_PageCache is completely borked in both 1.14.3.0 and 1.14.3.1. The repro steps for the bug are not only dead simple, but also extremely common user behavior…
Steps To Reproduce
- Ensure that full page cache is turned on
- Navigate to a category page
- Apply any layered navigation filter
- Remove the filter you just applied
Expected result
Unfiltered category page is displayed
Actual result
Filtered category page continues to display
What’s worse, the cache for the unfiltered category page is now poisoned for any user who visits that page!
The good news it that there’s a patch available, SUPEE-9465. If that’s all you’re looking for I’ve posted it here.
However, because it’s interesting, let’s take at what went wrong starting in 1.14.3.0.
Help! I Can't Set A Catalog Product Collection's Page Size
Published: January 18, 2017
I ran up against a pretty interesting issue recently. I was looking to render a custom block (descendant of Mage_Catalog_Block_Product_List) in a CMS block. You can do this with template variables…
{{block type="mpchadwick_customproductlist/list" template="mpchadwick/customproductlist/list.phtml"}}
Then, in my custom product list block I was setting up the collection in the constructor.
<?php
class Mpchadwick_CustomProductList_Block_List extends Mage_Catalog_Block_Product_List
{
protected $helper;
protected function _construct()
{
$this->helper = Mage::helper('mpchadwick_customproductlist');
$collection = Mage::getModel('catalog/product')
->getCollection();
$helper->filterCollection($collection);
$this->setCollection($collection);
return parent::_construct();
}
}
One of the things I was looking to do in the filterCollection was set the page size. However, no matter what I did (e.g. setPageSize, setPage, limit on the Varien_Db_Select object) it still wouldn’t work.
Finally, after an hour of pulling out my hair, I figured out why.
Aspell and Curly Quotes
Published: January 13, 2017
aspell really doesn’t like curly quotes…
$ echo "This really shouldn’t fail" | aspell list
shouldn
$
$ echo "This really shouldn't fail" | aspell list
$
I ran up against this issue looking into adding a spell check featured for jekyll-pre-commit.
Understanding How A Magento 1 Module Works
Published: January 11, 2017
As a developer, there’s a good chance you spend more time reading code than you do writing it. In the world of Magento, a lot of that time will be spent reading through the source code of custom and community modules.
In this post, I’ll provide some tips to help you understand how these modules work.
Why Local Profiling Alone Is Insufficient For Performance Optimization
Published: January 3, 2017
When your goal is to make a web site load faster, the first logical step is to hook your local development environment up to a tool like XHProf, or Blackfire. This is definitely a good thing to do to get some sense of how the code is executing and where the bottlenecks are. However, if this is the only thing you do to review performance, there’s a good chance you’re going to miss something. Let me tell you what else is needed and why.
A Level-Headed Assessment Of CVE-2016-10033 And CVE-2016-10045
Published: December 28, 2016
Titles like “Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit” or “PHPMailer Bug Leaves Millions of Websites Open to Attack” are great if you’re looking for clicks. However, when you take a closer look, you’ll see that these aren’t exactly accurate.
Blast radius of phpmailer was greatly hyped by bug author: requires app to use fairly sophisticated mail address validation (or none at all)
— Kenn White (@kennwhite) December 27, 2016
Here, I’ll take a level-headed look at recent vulnerabilities found in PHPMailer, CVE-2016-10033 and CVE-2016-10045.