Skip to content

Instantly share code, notes, and snippets.

View JeroenBoersma's full-sized avatar
🥰

Jeroen Boersma JeroenBoersma

🥰
View GitHub Profile
@JeroenBoersma
JeroenBoersma / Amasty Product Feed - Local File disclosure.md
Last active October 21, 2016 01:05
Amasty Product Feed - Local file disclosure
View Amasty Product Feed - Local File disclosure.md

Amasty Product Feed - Local file disclosure

  • Affects: Amasty (Product-) Feed (Magento 1)
  • Date: 2016-07-20 (updated: 2016-07-26)
  • Author: Jeroen Boersma

Affected versions:

@JeroenBoersma
JeroenBoersma / delete-merge-branches-with-master.sh
Last active December 14, 2016 13:58
Delete merged branches with origing/master
View delete-merge-branches-with-master.sh
#/bin/sh
# Configurable
remote='origin';
master='master';
days=0;
unmerged=0;
eval set -- `getopt -l master: -l remote: -l days: -l help -l unmerged -- 'm:?r:?d:?u?h?' "$@"`;
@JeroenBoersma
JeroenBoersma / 1. README.md
Last active November 4, 2020 16:36
Docker php development aditional scripts
View 1. README.md

Docker php development aditional scripts

For docker I've some local scripts which I occasionaly use for day-to-day jobs. The reason I don't commit them in the repository is because they're so project specific.

Setup

Magento

@JeroenBoersma
JeroenBoersma / aws.sh
Last active November 10, 2020 13:19
Docker AWS (with love)
View aws.sh
#!/bin/bash
CWD=${PWD};
aws() {
docker run --rm -it -v ${HOME}/.aws:/root/.aws -v ${CWD}:/mnt --workdir=/mnt amazon/aws-cli "$@"
return $?;
}
if [ -z "`which jq`" ]; then
@JeroenBoersma
JeroenBoersma / gist:60a4acb8e56498bce41c
Created March 11, 2015 16:32
Magento cleanup unused product images
View gist:60a4acb8e56498bce41c
<?php
/**
* Cleanup images from Magento
*/
require 'app/Mage.php';
if (!Mage::isInstalled()) {
echo "Application is not installed yet, please complete install wizard first.";
exit;
@JeroenBoersma
JeroenBoersma / 1. README.md
Last active May 18, 2021 14:12
Magento 2.3.5-p1 project-community-edtion
View 1. README.md

Magento 2.3.5-p1 update

Magento root plugin doesn't work with the latest Magento 2.3.5-1 so you have to manualy compare the magento/project-communtiy-edtion with your local installation. Added composer.json below.

Update Magento

Head over to your project

# before you start, update all packages
composer update

# Switch Magento version
@JeroenBoersma
JeroenBoersma / Klaviyo read customer quotes.md
Last active February 21, 2022 18:41
Klaviyo - Magento 2 private data leakage
View Klaviyo read customer quotes.md

Klaviyo read customer quotes for guest carts

April 28th I've found a endpoint in a thirth party module Klaviyo Magento 2 which allows to read private customer data from stores. It works by reclaiming any guest-cart as your own and reading the private data for the orders in the Magento API.

Data

@JeroenBoersma
JeroenBoersma / nmap_examples.md
Created July 26, 2022 18:53 — forked from rsperl/nmap_examples.md
nmap examples #snippet
View nmap_examples.md
@JeroenBoersma
JeroenBoersma / Amasty Feed - Local File disclosure-internal.md
Last active April 19, 2023 10:14
Amasty Feed - Local file disclosure (internal)
View Amasty Feed - Local File disclosure-internal.md

Amasty Feed - Local file disclosure

  • Affects: Magento 1 - Amasty Feed
  • Date: 2016-07-20
  • Author: Jeroen Boersma jeroen@srcode.nl

Affected versions(tested):

@JeroenBoersma
JeroenBoersma / NGINX - Magento 2 Static files optimization.md
Last active November 15, 2023 11:27
NGINX - Magento 2 Static files optimization
View NGINX - Magento 2 Static files optimization.md

Introduction

Because Varnish doesn't support SSL, most people choose a setup where Nginx SSL will forward all traffic to Varnish and Varnish will forward will forward the traffic it cannot handle back to nginx. Or worse, bind Varnish on port 80 and direct all traffic into Varnish. This will already degrade performance, because Varnish will purge more because static files are also taking up room in the cache.

Default configuration

Next up, the Nginx configuration of Magento will handle static files.