Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PATCH_SUPEE-6482_CE_1.9.2.0-1.9.2.1_v2-UPDATE.sh
#!/bin/bash
# Patch apllying tool template
#
# THIS PATCH IS A TEMP FIX FOR THE SUPEE-6482 RELEASE [CURRENT PATCH WAS NOT UP TO DATE, MISSING DATA]
#
# DO NOT CHANGE ANY LINE IN THIS FILE.
# 1. Check required system tools
_check_installed_tools() {
local missed=""
until [ -z "$1" ]; do
type -t $1 >/dev/null 2>/dev/null
if (( $? != 0 )); then
missed="$missed $1"
fi
shift
done
echo $missed
}
REQUIRED_UTILS='sed patch'
MISSED_REQUIRED_TOOLS=`_check_installed_tools $REQUIRED_UTILS`
if (( `echo $MISSED_REQUIRED_TOOLS | wc -w` > 0 ));
then
echo -e "Error! Some required system tools, that are utilized in this sh script, are not installed:\nTool(s) \"$MISSED_REQUIRED_TOOLS\" is(are) missed, please install it(them)."
exit 1
fi
# 2. Determine bin path for system tools
CAT_BIN=`which cat`
PATCH_BIN=`which patch`
SED_BIN=`which sed`
PWD_BIN=`which pwd`
BASENAME_BIN=`which basename`
BASE_NAME=`$BASENAME_BIN "$0"`
# 3. Help menu
if [ "$1" = "-?" -o "$1" = "-h" -o "$1" = "--help" ]
then
$CAT_BIN << EOFH
Usage: sh $BASE_NAME [--help] [-R|--revert] [--list]
Apply embedded patch.
-R, --revert Revert previously applied embedded patch
--list Show list of applied patches
--help Show this help message
EOFH
exit 0
fi
# 4. Get "revert" flag and "list applied patches" flag
REVERT_FLAG=
SHOW_APPLIED_LIST=0
if [ "$1" = "-R" -o "$1" = "--revert" ]
then
REVERT_FLAG=-R
fi
if [ "$1" = "--list" ]
then
SHOW_APPLIED_LIST=1
fi
# 5. File pathes
CURRENT_DIR=`$PWD_BIN`/
APP_ETC_DIR=`echo "$CURRENT_DIR""app/etc/"`
APPLIED_PATCHES_LIST_FILE=`echo "$APP_ETC_DIR""applied.patches.list"`
# 6. Show applied patches list if requested
if [ "$SHOW_APPLIED_LIST" -eq 1 ] ; then
echo -e "Applied/reverted patches list:"
if [ -e "$APPLIED_PATCHES_LIST_FILE" ]
then
if [ ! -r "$APPLIED_PATCHES_LIST_FILE" ]
then
echo "ERROR: \"$APPLIED_PATCHES_LIST_FILE\" must be readable so applied patches list can be shown."
exit 1
else
$SED_BIN -n "/SUP-\|SUPEE-/p" $APPLIED_PATCHES_LIST_FILE
fi
else
echo "<empty>"
fi
exit 0
fi
# 7. Check applied patches track file and its directory
_check_files() {
if [ ! -e "$APP_ETC_DIR" ]
then
echo "ERROR: \"$APP_ETC_DIR\" must exist for proper tool work."
exit 1
fi
if [ ! -w "$APP_ETC_DIR" ]
then
echo "ERROR: \"$APP_ETC_DIR\" must be writeable for proper tool work."
exit 1
fi
if [ -e "$APPLIED_PATCHES_LIST_FILE" ]
then
if [ ! -w "$APPLIED_PATCHES_LIST_FILE" ]
then
echo "ERROR: \"$APPLIED_PATCHES_LIST_FILE\" must be writeable for proper tool work."
exit 1
fi
fi
}
_check_files
# 8. Apply/revert patch
# Note: there is no need to check files permissions for files to be patched.
# "patch" tool will not modify any file if there is not enough permissions for all files to be modified.
# Get start points for additional information and patch data
SKIP_LINES=$((`$SED_BIN -n "/^__PATCHFILE_FOLLOWS__$/=" "$CURRENT_DIR""$BASE_NAME"` + 1))
ADDITIONAL_INFO_LINE=$(($SKIP_LINES - 3))p
_apply_revert_patch() {
DRY_RUN_FLAG=
if [ "$1" = "dry-run" ]
then
DRY_RUN_FLAG=" --dry-run"
echo "Checking if patch can be applied/reverted successfully..."
fi
PATCH_APPLY_REVERT_RESULT=`$SED_BIN -e '1,/^__PATCHFILE_FOLLOWS__$/d' "$CURRENT_DIR""$BASE_NAME" | $PATCH_BIN $DRY_RUN_FLAG $REVERT_FLAG -p0`
PATCH_APPLY_REVERT_STATUS=$?
if [ $PATCH_APPLY_REVERT_STATUS -eq 1 ] ; then
echo -e "ERROR: Patch can't be applied/reverted successfully.\n\n$PATCH_APPLY_REVERT_RESULT"
exit 1
fi
if [ $PATCH_APPLY_REVERT_STATUS -eq 2 ] ; then
echo -e "ERROR: Patch can't be applied/reverted successfully."
exit 2
fi
}
REVERTED_PATCH_MARK=
if [ -n "$REVERT_FLAG" ]
then
REVERTED_PATCH_MARK=" | REVERTED"
fi
_apply_revert_patch dry-run
_apply_revert_patch
# 9. Track patch applying result
echo "Patch was applied/reverted successfully."
ADDITIONAL_INFO=`$SED_BIN -n ""$ADDITIONAL_INFO_LINE"" "$CURRENT_DIR""$BASE_NAME"`
APPLIED_REVERTED_ON_DATE=`date -u +"%F %T UTC"`
APPLIED_REVERTED_PATCH_INFO=`echo -n "$APPLIED_REVERTED_ON_DATE"" | ""$ADDITIONAL_INFO""$REVERTED_PATCH_MARK"`
echo -e "$APPLIED_REVERTED_PATCH_INFO\n$PATCH_APPLY_REVERT_RESULT\n\n" >> "$APPLIED_PATCHES_LIST_FILE"
exit 0
SUPEE-6482 | CE_1.9.2.0 | v2 | | Wed Aug 5 12:00:00 2015 +0300 | www.supportdesk.nu - Ray Bogman
__PATCHFILE_FOLLOWS__
diff -ru app/code/core/Mage/Api/Model/Server/Adapter/Soap.php app/code/core/Mage/Api/Model/Server/Adapter/Soap.php
--- app/code/core/Mage/Api/Model/Server/Adapter/Soap.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Api/Model/Server/Adapter/Soap.php 2015-08-03 12:35:02.000000000 +0200
@@ -233,9 +233,9 @@
: $urlModel->getUrl('*/*/*');
if ( $withAuth ) {
- $phpAuthUser = $this->getController()->getRequest()->getServer('PHP_AUTH_USER', false);
- $phpAuthPw = $this->getController()->getRequest()->getServer('PHP_AUTH_PW', false);
- $scheme = $this->getController()->getRequest()->getScheme();
+ $phpAuthUser = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_USER', false));
+ $phpAuthPw = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_PW', false));
+ $scheme = rawurlencode($this->getController()->getRequest()->getScheme());
if ($phpAuthUser && $phpAuthPw) {
$wsdlUrl = sprintf("%s://%s:%s@%s", $scheme, $phpAuthUser, $phpAuthPw,
diff -ru app/code/core/Mage/Catalog/etc/api.xml app/code/core/Mage/Catalog/etc/api.xml
--- app/code/core/Mage/Catalog/etc/api.xml 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Catalog/etc/api.xml 2015-08-03 12:35:04.000000000 +0200
@@ -163,7 +163,7 @@
<title>Update product</title>
<acl>catalog/product/update</acl>
</update>
- <multiUpdate translate="title" module="Mage_Catalog">
+ <multiUpdate translate="title" module="catalog">
<title>Multi update product</title>
<acl>catalog/product/update</acl>
</multiUpdate>
diff -ru app/code/core/Mage/Catalog/Helper/Product/Compare.php app/code/core/Mage/Catalog/Helper/Product/Compare.php
--- app/code/core/Mage/Catalog/Helper/Product/Compare.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Catalog/Helper/Product/Compare.php 2015-08-03 12:35:04.000000000 +0200
@@ -161,7 +161,7 @@
*/
public function getAddUrl($product)
{
- if ($this->_logCondition->isVisitorLogEnabled()) {
+ if ($this->_logCondition->isVisitorLogEnabled() || $this->_customerSession->isLoggedIn()) {
return $this->_getUrl('catalog/product_compare/add', $this->_getUrlParams($product));
}
return '';
diff -ru app/code/core/Mage/Catalog/Model/Product/Api/V2.php app/code/core/Mage/Catalog/Model/Product/Api/V2.php
--- app/code/core/Mage/Catalog/Model/Product/Api/V2.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Catalog/Model/Product/Api/V2.php 2015-08-03 12:35:04.000000000 +0200
@@ -108,7 +108,7 @@
*/
public function create($type, $set, $sku, $productData, $store = null)
{
- if (!$type || !$set || !$sku) {
+ if (!$type || !$set || !$sku || !is_object($productData)) {
$this->_fault('data_invalid');
}
@@ -243,6 +243,9 @@
*/
protected function _prepareDataForSave ($product, $productData)
{
+ if (!is_object($productData)) {
+ $this->_fault('data_invalid');
+ }
if (property_exists($productData, 'website_ids') && is_array($productData->website_ids)) {
$product->setWebsiteIds($productData->website_ids);
}
diff -ru app/code/core/Mage/Cms/Block/Block.php app/code/core/Mage/Cms/Block/Block.php
--- app/code/core/Mage/Cms/Block/Block.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Cms/Block/Block.php 2015-08-03 12:35:02.000000000 +0200
@@ -72,4 +72,24 @@
}
return $html;
}
+
+ /**
+ * Retrieve values of properties that unambiguously identify unique content
+ *
+ * @return array
+ */
+ public function getCacheKeyInfo()
+ {
+ $blockId = $this->getBlockId();
+ if ($blockId) {
+ $result = array(
+ 'CMS_BLOCK',
+ $blockId,
+ Mage::app()->getStore()->getCode(),
+ );
+ } else {
+ $result = parent::getCacheKeyInfo();
+ }
+ return $result;
+ }
}
diff -ru app/code/core/Mage/Cms/Block/Widget/Block.php app/code/core/Mage/Cms/Block/Widget/Block.php
--- app/code/core/Mage/Cms/Block/Widget/Block.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Cms/Block/Widget/Block.php 2015-08-03 12:35:02.000000000 +0200
@@ -82,10 +82,26 @@
$helper = Mage::helper('cms');
$processor = $helper->getBlockTemplateProcessor();
$this->setText($processor->filter($block->getContent()));
+ $this->addModelTags($block);
}
}
unset(self::$_widgetUsageMap[$blockHash]);
return $this;
}
+
+ /**
+ * Retrieve values of properties that unambiguously identify unique content
+ *
+ * @return array
+ */
+ public function getCacheKeyInfo()
+ {
+ $result = parent::getCacheKeyInfo();
+ $blockId = $this->getBlockId();
+ if ($blockId) {
+ $result[] = $blockId;
+ }
+ return $result;
+ }
}
diff -ru app/code/core/Mage/Core/Controller/Request/Http.php app/code/core/Mage/Core/Controller/Request/Http.php
--- app/code/core/Mage/Core/Controller/Request/Http.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Core/Controller/Request/Http.php 2015-08-03 12:35:04.000000000 +0200
@@ -298,11 +298,19 @@
if (!isset($_SERVER['HTTP_HOST'])) {
return false;
}
+ $host = $_SERVER['HTTP_HOST'];
if ($trimPort) {
- $host = explode(':', $_SERVER['HTTP_HOST']);
- return $host[0];
+ $hostParts = explode(':', $_SERVER['HTTP_HOST']);
+ $host = $hostParts[0];
}
- return $_SERVER['HTTP_HOST'];
+
+ if (strpos($host, ',') !== false || strpos($host, ';') !== false) {
+ $response = new Zend_Controller_Response_Http();
+ $response->setHttpResponseCode(400)->sendHeaders();
+ exit();
+ }
+
+ return $host;
}
/**
diff -ru app/code/core/Mage/Log/Model/Resource/Visitor.php app/code/core/Mage/Log/Model/Resource/Visitor.php
--- app/code/core/Mage/Log/Model/Resource/Visitor.php 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/Log/Model/Resource/Visitor.php 2015-08-03 12:35:04.000000000 +0200
@@ -125,7 +125,7 @@
return $this;
}
if ($visitor->getIsNewVisitor()) {
- if ($this->_urlLoggingCondition->isLogEnabled()) {
+ if ($this->_urlLoggingCondition->isVisitorLogEnabled()) {
$this->_saveVisitorInfo($visitor);
$visitor->setIsNewVisitor(false);
}
diff -ru app/code/core/Mage/PageCache/etc/adminhtml.xml app/code/core/Mage/PageCache/etc/adminhtml.xml
--- app/code/core/Mage/PageCache/etc/adminhtml.xml 2015-06-26 10:53:38.000000000 +0200
+++ app/code/core/Mage/PageCache/etc/adminhtml.xml 2015-08-03 12:35:02.000000000 +0200
@@ -30,7 +30,7 @@
<resources>
<admin>
<children>
- <page_cache translate="title" module="pageCache">
+ <page_cache translate="title" module="pagecache">
<title>External Page Cache</title>
<sort_order>0</sort_order>
</page_cache>
diff -ru app/design/frontend/base/default/template/page/js/cookie.phtml app/design/frontend/base/default/template/page/js/cookie.phtml
--- app/design/frontend/base/default/template/page/js/cookie.phtml 2015-06-26 10:53:38.000000000 +0200
+++ app/design/frontend/base/default/template/page/js/cookie.phtml 2015-08-03 12:35:04.000000000 +0200
@@ -34,7 +34,7 @@
<script type="text/javascript">
//<![CDATA[
-Mage.Cookies.path = '<?php echo $this->getPath()?>';
-Mage.Cookies.domain = '<?php echo $this->getDomain()?>';
+Mage.Cookies.path = '<?php echo Mage::helper('core')->jsQuoteEscape($this->getPath()) ?>';
+Mage.Cookies.domain = '<?php echo Mage::helper('core')->jsQuoteEscape($this->getDomain()) ?>';
//]]>
</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.