Don Gilbert

So, I just installed the 10.5.7 update to Leopard, and noticed that Apple is getting “greener!” (Yeah, like that’s even possible!)

They changed the Energy Saver icon in System Preferences to one of those cool energy efficient flourescent light bulbs.

Old

New

Interesting.

I have Googled and searched and wept and screamed, trying to figure out how to display content in two different ways – one way to a logged in user and a different way to a not logged in user. In theory, it is all very simple PHP scripting that would take care of it, and it really is – IF you know how to do it – which I did not.

In my case, I wanted to implement some code that would – through CSS, JS, and HTML – display a link in my Magento header for “Quick Log In.” The BASIC function of this was to get rid of the log in page and thus decrease HTML requests to my server. Also, it seemed a little pointless to load a separate page for logging in when the same functionality could be integrated right into EVERY OTHER Magento page. However, I only wanted this “Quick Log In” link to display to those who were not logged in – for (hopefully) obvious reasons. However, I had added another page to my site that allowed a logged in customer to add products to their cart by simply entering the SKU and the quantity. This is my “Quick Add To Cart” link. I wanted this link to display on the page to logged in users IN PLACE of the “Quick Log In” link. (See images below – top is logged in)

The big question became – HOW? Well, I am familiar with PHP, so I thought that it wouldn’t be too hard. I was a little mistaken, although in the end it really did turn out to be not too hard; it just took a little while to get there. Here’s the break down.

This is what I expected it to be, but of course, didn’t work.

<?php if(Mage::getSingleton(’customer/session’)->isLoggedIn()) {

<code here for logged in users>

} else {

<code here for NOT logged in users>

} ?>

Using the above code, I would always get an error saying something like “unexpected ‘<’ in /home/*******/public_html/magento/app/blah…blah…blah on line 61.” I couldn’t figure it out! Why in the world would it NOT expect code in there. Well, it just wouldn’t work, so I had to bust out a couple hours of Google-Fu. Answer below.

To get Magento to display code to logged in users and different code to not logged in users, implement the following code into your template where you need that functionality.

<?php if(Mage::getSingleton(’customer/session’)->isLoggedIn()): ?>

<place code for logged in users here – can be PHP, HTML, whatever – I used both>

<?php else: ?>

<place code for NOT logged in users here – can be PHP, HTML, whatever>

<?php endif; /* if ($this->isCustomerLoggedIn()): */ ?>

That’s all there is to it. Nothing more, nothing less. Works like a charm – everytime. I am sure that this can be extended to display certain static content to one customer group and show other content to other customer groups. Using Magento PHP like getData() and getAttributeText() with this, you could customize unlimited amounts of blocks and code and whatnot. Remember, your page is about USER FUNCTIONALITY – give them what they want – but also give them what they need. Not everyone is going to need to know that users of a specific group get special pricing. Ok – I’m starting to brainstorm now instead of blog, so I gotta go.

So, I LOVE Magento. I was having a few issues with it at first, but I think that most of the kinks were worked out after switching from Siteground Web Hosting. (Don’t get me wrong, they are a great host, but they just didn’t have the whole Magento Store Front service up to par.) Anyways, most of the issues that I have now are more aesthetic / template issues.

One thing that I have been wanting for a while, and just got around to doing 5 minutes ago is a “Return to Store Front” link on the Admin log in page. I mean, c’mon Magento team, that just makes sense. Well, they haven’t implemented it yet, but it is actually really easy to do. (I’m sure they have more important things to attend to.) Walkthrough below:

Open your favorite FTP client, and navigate to your magento site root. From there, go to app/design/adminhtml/default/default/template/. Download login.phtml, and make the following edits.

Near line 58, you will find the following code:

<div class=”form-buttons”>
<a class=”left” href=”<?php echo Mage::helper(’adminhtml’)->getUrl(’adminhtml/index/forgotpassword’) ?>”><?php echo Mage::helper(’adminhtml’)->
__(’Forgot your password?’) ?></a>
<input type=”submit” class=”form-button” value=”<?php echo Mage::helper(’adminhtml’)->__(’Login’) ?>” title=”<?php echo Mage::helper(’adminhtml’)->__(’Log$
</div>

Add this line of code between the <a> and the <input> on its own line. (About line 61)

<br /><a class=”left” href=”<?php echo $this->getBaseUrl(”) ?>”><?php echo (’Return to Store Front’) ?></a>

Save the file, upload it, and your all set.

Admin Panel Edits

This is for the nerds, and probably goes without saying, but all this can also be completed via an SSH connection to your site as well. (Edited – May 3 – Modified code so that it became straight cut and paste and required no editing. [used php instead of html])

I have had many requests from customers of my web store (http://store.reformu.com) to be able to view the pruduct SKU on the frontend of the store, as many of them have a complete products catalog already, and most of the time order via SKU rather than names of products. Magento offers a way for this to happen, but it was not ideal for me, because it only showed the SKU on the actual product description page, instead of on the description page AND the regular navigation of the site pages.

Well, after some reading on http://magentoecommerce.com, I have come up with a solution. Add the following line to the tail of your price.phtml, and it will display the SKU right after the price of the product, no matter what page it is on.

<h5>SKU: <?php echo nl2br($_product->getSku()) ?></h5>

The price.phtml file is located (relative to your magento directory) in app/design/frontend/*template*/*view*/template/catalog/product/price.phtml . You can either download it via FTP and then edit and reupload, or refer to another post on here about opening .phtml files directly off your site right in dreamweaver. (I actually log in via SSH and use nano to edit most things like this.)

The reason I chose it to display in h5 is because that fit best size and color wise with my template. You can select any size, although I believe h5 is the best.

By the way – for the curious, to turn on SKU’s for product pages Magento’s way, log in to your Magento Admin panel. Navigate to Cataog->Attributes->Manage Atributes. Search for SKU in the attriute name field, and the select SKU to edit it. Near the bottom of that page is an option that says “Visible on Product View Page on Front-end.” Change that to “yes” and you are all set. However, as I stated before, the downside to this is that it displays the SKU on the product view page only.

Links:

http://www.magentocommerce.com/boards/viewthread/6404/#t24042 <–where I got the idea for what code to display.

So, I was installing some extensions to my Magento store, and had some funny things happen. When I copied the API key from the magentoecommerce.com website for an extension and pasted it into Magento Connect Downloader, it not only installed the desired extension, but it also installed the latest updates to ALL my core files. It acted as though I had told it to install Mage_All_Latest or something! Well, I went to the frontend of my store, and wouldn’t you know it, everything was messed up. For whatever reason, whenever I do a Mage_All_Latest, my themes get messed up. It has something to do with PEAR and files permissions, cuz when I log into my sites file manager, all permissions for all files are set to 755.

This is not what they are supposed to be. All files are supposed to be set to 644 while directories are supposed to be 755. I thought that I was going to have to go in and manually change EVERY SINGLE FILES permissions to what they were meant to be. But, after some quick Google-fu, I came across these nifty little commands.

Here’s the easy way to change the permissions of all directories and files to the right ones:

For directories:

find . -type d -exec chmod 755 {} \;

For files:

find . -type f -exec chmod 644 {} \;

If you have shell access, you can execute the commands very easily. Just navigate to the top directory of the directories that need updated, and run the commands. If you are like many web site owners and don’t even know what shell access is, you can make a php document that runs a “shell exec” command, place it on your server, and navigate to it in your favorite web browser. Example:

I can FTP into my site. I want to update permissions for all the files in the http://my-domain.com/skins/ directory. So I create a file called exec.php and put it in my skins directory. The contents of this file should look like this.

For directories:

<?php
$output = shell_exec(’find . -type d -exec chmod 755 {} \;’);
echo “<pre>$output</pre>”;
?>

For files:

<?php
$output = shell_exec(’find . -type f -exec chmod 644 {} \;’);
echo “<pre>$output</pre>”;
?>

Once the file is on the site and in the skins directory, I would then navigate to http://my-domain.com/skins/exec.php. The output of the command would then appear in my browser, notifying me of all the changes that were made.

It’s as simple as that.

This pretty much sums it all up.

I love Dreamweaver. I use it for all my offline html, php, css, xml, etc, etc editing. When I started working with Magento, I was having to download the files using my favorite FTP client (Cyberduck), open them in Dreamweaver, save and then re-upload the file. Well, that is no more.

I remembered that Dreamweaver supported FTP for downloading/editing directly with Dreamweaver itself. So I though to myself, “Self, don’t you think that you should be able to just download and edit directly in Dreamweaver?” I answered myself, “Well, yes!” So I set out to figure out how to do it. It really wasn’t all that hard, all you have to do is connect to the FTP server within Dreamweaver, navigate to the file you want to edit, double click, and your off and running, editing away.

That’s when it happened. I kept getting an error when I tried to open .phtml files using FTP and Dreamweaver. It kept giving me the following error when it tried to open them, “Can’t find a valid editor for this file extension.” Mind you, I could download the files using my FTP Client, and open them, but I couldn’t open them directly from the Dreamweaver FTP. So, after some research, I was finally able to get it to work. Here’s how to do it.

The error occurs because Dreamweaver does not “natively” support .phtml files. It does not realize that the .phtml file extension is very similar to a .php or .html file. So you need to update some files within the Dreamweaver application support. (For a full breakdown on how to do this, check out this link from Adobe.)

Navigate to:
Macintosh HD/Applications/Adobe Dreamweaver CS3/configuration/DocumentTypes/MMDocumentTypes.xml and open it with TextEdit. What you are looking for here is . Right after that is where you add .phtml. In the macfileextension area (and the winfileextension area, if you want to) add phtml. It should look like this after you add it.

There is one other file that needs to be updated. It is located in Macintosh HD/Users/[your user name]/Library/Application Support/Adobe/Dreamweaver 9/Configuration/Extensions.txt. On the 2nd (or 3rd) line, the file references many HTML file types. It looks like this. HTM,HTML,HTA,HTC,XHTML:HTML Documents. It should be obvious as to what to do, just add ,PHTML to the end of the string, but before the :HTML Documents. (Be sure to include the comma and to put PHTML in all caps.)

Restart Dreamweaver, and you now have full support, including syntax highlighting, to be able to open .phtml directly from FTP into Dreamweaver.

Alternatively, you can download the files attached (below) and place them in their respective folders as outlined above. Just replace your existing files with these.

By the way, the reason I put this out instead of just referring back to the Magento site is because they explain how to make .phtml behave like .php files instead of .html.

Links:

http://www.magentocommerce.com/wiki/how-to/working_with_phtml_and_dreamwearver

http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_16410

http://cyberduck.ch/

Files:
MMDocumentTypes.xml & Extensions.txt
md5:86ce53961765ffd43e16127f5597cef6

So, I am getting more and more familiar with ways to hack and take down Joomla sites because I have been doing research on how to make my site more secure. One thing that I encountered is what is known as SQL Injection. Basically, SQL injection uses “data input” areas of a site, such as log in pages and comment pages, to execute a SQL query. (google SQL injection for more info.)

You see, SQL injection takes a little bit of luck and genius to work. In order to execute a SQL command successfully with SQL injection, the hacker needs to know or somehow acquire the actual database names within the target site. Sounds pretty difficult? Not really. What makes this easy is that (just about) ALL Joomla installations use the same database (DB) names, so it makes the guessing process just a little bit easier. What Joomla does to combat this is to put a DB prefix in front of all the DB table names.

The thing is, Joomla automatically uses the same DB prefix, jos_, in every default installation, unless you tell it to use something different. So any hacker with a little knowledge of Joomla will already KNOW this information, and your site is no more secure because of it. So what you need to do is change all your DB prefixes to something a little harder to guess while still retaining all your information and not destroying your site.

Well, that is a little harder than it sounds, at least for me, so what I did was use this Joomla Component. It is called DB Admin. It automatically searches your DB and changes all occurrences of “jos_” (or whatever your current DB prefix is) to whatever prefix that you want. It is very easy and self explanatory.

I wanted to protect my Joomla installation from being hacked, so I went ahead and installed the component and implemented its function. Well, it didn’t go as smoothly as planned. I got the following error after running the component.

jtablesession::Store Failed
DB function failed with error number 1146
Table '*****_jo151.jos_session' doesn't exist SQL=INSERT INTO `jos_session` ( `session_id`,`time`,`username`,`gid`,`guest`,`client_id` ) VALUES ( '3uac8rbctofmccr7918tv4jkp6','1232994018','','0','1','0' )

I could not load ANY pages at all. No backend or frontend pages loaded AT ALL. Needless to say, I got a little worried. You see, the component not only searches your DB and makes the proper changes there, it also changes your configuration.php file located in your root Joomla directory. Well, at least it is supposed to. Mine updated, but it forgot to change everything. This is what my configuration.php file looked like after I ran the DB Admin tool.

This is wrong, and will give you the error that I referenced earlier. If you get this error, simply download your configuration.php file and make the following change.

Noticed where it used to say “var $dbprefix = ‘jos_’;” it now says “var $dbprefix = ‘*****_’;” where ***** is the prefix that I used for my DB. Rename your configuration.php to configuration_old.php (for easy restore purposes), re-upload the edited configuration.php file and you should be good to go!

Links:

http://joomla.daveslist.co.nz/demo/set-table-prefix/db-admin-set-table-prefix.php

I hope this solves any problems you may be having with DB Admin, and

Twenty-Five years ago today, Apple released the Macintosh Computer. The greatest computer of its time, the Macintosh has, in these days, held on to that title. The Macintosh (in my opinion) is the most sought after and coveted computers of all time.

What a great day that was.

I am in the process of building an online store using the open source e commerce platform that is Magento. It is frustrating to say the least. I have had so many problems with the store that I can’t stand it. I am supposed to have a launch date of this Thursday, Jan. 15th. It is going to happen, whether it takes a couple all nighters and some energy drinks to do it. Right now I am trying to import customers so that they can all log in on the launch date. I can’t wait to see what problems are going to arise over the next couple of days.