Categories
Magento PHP

Symlinks cause ‘Not valid template file’ in Magento 1.9.3.4

Keeping Magento shops up to date is important to reduce their vulnerability. Sometimes, security updates introduce breaking changes. The recent Magento update, version 1.9.3.4, includes such a breaking change that can cause blank pages on the front-end and back-end. This is caused by the way in which Magento handles symlinks.  When blank pages occur, take […]

Categories
Magento PHP

Fix Magento 1.9.3 ‘Notice: Undefined index: session_expire_timestamp in … on line 461’

Some days ago the Magento security update SUPEE-8788 was released. This update fixes a number of critical vulnerabilities. To fix an existing shop one could either apply the SUPEE-patch or upgrade the shop to Magento 1.9.3. However, after updating I experienced a little issue when trying to reach the shop again.  A PHP Exception popped […]

Categories
Magento PHP

Form submission CSRF issues in Magento 1.9.2.2

Magento now includes CSRF (Cross-Site Request Forgery) protection on publicly available forms such as the new user registration form. The goal of this is to make it impossible for anyone to POST to an URL without first visiting the corresponding form page. A token is supplied on this page that is sent along with the […]

Categories
Magento

Fix Magento 1.9.2.2 ‘Notice: Undefined variable: block in …/Template/Filter.php line 187’

This problem arose after upgrading to Magento 1.9.2.2. which is a patch release that patches a number of security flaws in Magento. After installation of the patch some parts of the front-end template stayed blank. Review of the exception.log file shows a number of exceptions that seem to occur from the template filter classes of […]

Categories
Magento PHP

Overwrite Magento Core using a Module

The layout of Magento’s information, warning and error messages cannot be easily changed using layout and template files. The HTML generation is done from a Block PHP class (Mage_Core_Block_Messages). It is a very bad idea to overwrite any core element of Magento. Instead we are going to extend this core-block by creating a separate module. My goal was […]