Jelle Siderius jellesiderius
jellesiderius
/ pull-all.sh
Created
February 27, 2023 12:02
Bash script to reset + pull all latest git versions of underlying folders
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Loop through all directories in the current directory | |
| for dir in */; do | |
| # Enter the directory | |
| cd "$dir" | |
| # Check if the directory is a git repository | |
| if [ -d ".git" ]; then | |
| # Reset the repository to the latest version and pull the latest changes |
jellesiderius
/ findAndReplaceEmailVariables.php
Last active
March 1, 2023 12:27
Magento 2: Replace old email variable with new ones (Files and Database) 2.4.3 to higher. https://developer.adobe.com/commerce/frontend-core/guide/templates/email-migration/. Place this file in MAGENTO_ROOT/scripts.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $time_start = microtime(true); | |
| // MAGENTO START | |
| require dirname(__FILE__) . '/../app/bootstrap.php'; | |
| use Magento\Framework\App\Bootstrap; | |
| $bootstrap = Bootstrap::create(BP, $_SERVER); |
jellesiderius
/ TrojanOrders-exploit.patch
Last active
December 9, 2022 15:15
Quick fix for trojan order exploit in 2.4.5-p1 and below
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- a/vendor/magento/module-sales/Model/Order/Email/Sender.php | |
| +++ b/vendor/magento/module-sales/Model/Order/Email/Sender.php | |
| @@ -73,6 +73,20 @@ | |
| */ | |
| protected function checkAndSend(Order $order) | |
| { | |
| + $possibleExploitTags = ['{{', '}}', '()', '.()', 'base64_', 'this.', 'addAfterFilterCallback', '.filter', '.Filter', 'getTemplateFilter']; | |
| + $addressArray = $order->getAddressesCollection()->toArray()['items']; | |
| + $addressStringCombined = ""; | |
| + foreach ($addressArray as $addressArrayItem) { |
jellesiderius
/ removeFishpigVulnerability.php
Last active
September 14, 2022 09:37
Remove Fishpig Vulnerability through CLI script. Put this file in you Magento root "root/scripts" and remove this file after running.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Based on commit: https://github.com/bentideswell/magento2-wordpress-integration/commit/b277b35697ff2c1e9e5dd48c6642a761ddb73a2b | |
| if (php_sapi_name() == 'cli' && empty($_SERVER['REMOTE_ADDR'])) { | |
| require dirname(__FILE__) . '/../app/bootstrap.php'; | |
| $cacheDir = BP . '/var/cache'; | |
| $infectedFiles = []; | |
| $it = 1; | |
| $messages = []; |