/** * @return void */ public function execute() { $resource = Mage::getSingleton('core/resource'); $db = $resource->getConnection('core_read'); $cmsBlockTable = $resource->getTableName('cms/block'); $cmsPageTable = $resource->getTableName('cms/page'); $emailTemplate = $resource->getTableName('core/email_template'); $sql = "SELECT %s FROM %s WHERE %s LIKE '%%{{config %%' OR %s LIKE '%%{{block %%'"; $list = array('block' => array(), 'variable' => array()); $cmsCheck = sprintf($sql, 'content, concat("cms_block=",identifier) as id', $cmsBlockTable, 'content', 'content'); $result = $db->fetchAll($cmsCheck); $this->check($result, 'content', $list); $cmsCheck = sprintf($sql, 'content, concat("cms_page=",identifier) as id', $cmsPageTable, 'content', 'content'); $result = $db->fetchAll($cmsCheck); $this->check($result, 'content', $list); $emailCheck = sprintf($sql, 'template_text, concat("core_email_template=",template_code) as id', $emailTemplate, 'template_text', 'template_text'); $result = $db->fetchAll($emailCheck); $this->check($result, 'template_text', $list); $localeDir = Mage::getBaseDir('locale'); $scan = scandir($localeDir); $this->walkDir($scan, $localeDir, $list); if (count($list['block']) > 0) { Mage_Shell_PatchClass::log('Blocks that are not whitelisted:'); foreach ($list['block'] as $key => $blockName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $blockName, substr($key, 0, -1 * strlen($blockName)))); } } if (count($list['variable']) > 0) { Mage_Shell_PatchClass::log('Config variables that are not whitelisted:'); foreach ($list['variable'] as $key => $varName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $varName, substr($key, 0, -1 * strlen($varName)))); } } }
/** * @return void */ public function execute($dryRun = true) { $cmsBlockTable = $this->_resource->getTableName('cms/block'); $cmsPageTable = $this->_resource->getTableName('cms/page'); $emailTemplate = $this->_resource->getTableName('core/email_template'); $configTable = $this->_resource->getTableName('core/config_data'); $sql = "SELECT %s FROM %s WHERE %s LIKE '%%{{config %%' OR %s LIKE '%%{{block %%'"; $list = array('block' => array(), 'variable' => array()); $cmsCheck = sprintf($sql, 'content, concat("cms_block=",identifier) as id', $cmsBlockTable, 'content', 'content'); $result = $this->_read->fetchAll($cmsCheck); $this->check($result, 'content', $list); $cmsCheck = sprintf($sql, 'content, concat("cms_page=",identifier) as id', $cmsPageTable, 'content', 'content'); $result = $this->_read->fetchAll($cmsCheck); $this->check($result, 'content', $list); $emailCheck = sprintf($sql, 'template_text, concat("core_email_template=",template_code) as id', $emailTemplate, 'template_text', 'template_text'); $result = $this->_read->fetchAll($emailCheck); $this->check($result, 'template_text', $list); $configCheck = sprintf($sql, 'value, concat("path=", path, ", scope=", scope, ", scope_id=", scope_id) as id', $configTable, 'value', 'value'); $result = $this->_read->fetchAll($configCheck); $this->check($result, 'value', $list); $localeDir = Mage::getBaseDir('locale'); $scan = scandir($localeDir); $this->walkDir($scan, $localeDir, $list); if (count($list['block']) > 0) { Mage_Shell_PatchClass::log('Blocks that are not whitelisted:'); $inserts = array(); foreach ($list['block'] as $key => $blockName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $blockName, substr($key, 0, -1 * strlen($blockName)))); $inserts[$blockName] = array('block_name' => $blockName, 'is_allowed' => 1); } if ($dryRun === false && !is_null($this->_blocksTable) && count($inserts) > 0) { $this->_write->insertMultiple($this->_blocksTable, array_values($inserts)); Mage_Shell_PatchClass::log('Added missing entries to the whitelist'); } } if (count($list['variable']) > 0) { Mage_Shell_PatchClass::log('Config variables that are not whitelisted:'); $inserts = array(); foreach ($list['variable'] as $key => $varName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $varName, substr($key, 0, -1 * strlen($varName)))); $inserts[$varName] = array('variable_name' => $varName, 'is_allowed' => 1); } if ($dryRun === false && !is_null($this->_varsTable) && count($inserts) > 0) { $this->_write->insertMultiple($this->_varsTable, array_values($inserts)); Mage_Shell_PatchClass::log('Added missing entries to the whitelist'); } } }
/** * @return void */ public function execute($dryRun = true) { $cmsBlockTable = $this->_resource->getTableName('cms/block'); $cmsPageTable = $this->_resource->getTableName('cms/page'); $emailTemplate = $this->_resource->getTableName('core/email_template'); $sql = "SELECT %s FROM %s WHERE %s LIKE '%%{{config %%' OR %s LIKE '%%{{block %%'"; $list = array('block' => array(), 'variable' => array()); $cmsCheck = sprintf($sql, 'content, concat("cms_block=",identifier) as id', $cmsBlockTable, 'content', 'content'); $result = $this->_read->fetchAll($cmsCheck); $this->check($result, 'content', $list); $cmsCheck = sprintf($sql, 'content, concat("cms_page=",identifier) as id', $cmsPageTable, 'content', 'content'); $result = $this->_read->fetchAll($cmsCheck); $this->check($result, 'content', $list); $emailCheck = sprintf($sql, 'template_text, concat("core_email_template=",template_code) as id', $emailTemplate, 'template_text', 'template_text'); $result = $this->_read->fetchAll($emailCheck); $this->check($result, 'template_text', $list); $localeDir = Mage::getBaseDir('locale'); $scan = scandir($localeDir); $this->walkDir($scan, $localeDir, $list); if (count($list['block']) > 0) { $setupScriptVariables = array(); Mage_Shell_PatchClass::log('Blocks that are not whitelisted:'); $inserts = array(); foreach ($list['block'] as $key => $blockName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $blockName, substr($key, 0, -1 * strlen($blockName)))); $inserts[$blockName] = array('block_name' => $blockName, 'is_allowed' => 1); $setupScriptVariables[$blockName] = $blockName; } if ($dryRun === false && !is_null($this->_blocksTable) && count($inserts) > 0) { $this->_write->insertMultiple($this->_blocksTable, array_values($inserts)); Mage_Shell_PatchClass::log('Added missing entries to the whitelist'); } elseif ($setupScriptVariables) { $variableString = var_export(array_values($setupScriptVariables), true); //strip numeric keys 1=> 'value $variableString = preg_replace("/[0-9]+ \\=\\>/i", '', $variableString); $content = '$blocksToAllow = ' . $variableString . ";\n\n"; $content .= <<<scriptContent foreach (\$blocksToAllow as \$blockName) { \t//collection load avoids duplicate creation if setup script is executed multiple times \tMage::getModel('admin/block') ->getCollection() ->addFieldToFilter('block_name',\$blockName) ->getFirstItem() ->setBlockName(\$blockName) ->setIsAllowed(true) ->save(); } scriptContent; Mage_Shell_PatchClass::log("Add following as setup script \n\n" . $content . "\n"); } } if (count($list['variable']) > 0) { Mage_Shell_PatchClass::log('Config variables that are not whitelisted:'); $inserts = array(); $setupScriptVariables = array(); foreach ($list['variable'] as $key => $varName) { Mage_Shell_PatchClass::log(sprintf(' %s in %s', $varName, substr($key, 0, -1 * strlen($varName)))); $inserts[$varName] = array('variable_name' => $varName, 'is_allowed' => 1); $setupScriptVariables[$varName] = $varName; } if ($dryRun === false && !is_null($this->_varsTable) && count($inserts) > 0) { $this->_write->insertMultiple($this->_varsTable, array_values($inserts)); Mage_Shell_PatchClass::log('Added missing entries to the whitelist'); } elseif ($setupScriptVariables) { $variableString = var_export(array_values($setupScriptVariables), true); //strip numeric keys 1=> 'value $variableString = preg_replace("/[0-9]+ \\=\\>/i", '', $variableString); $content = '$variablesToAllow = ' . $variableString . ";\n\n"; Mage::getModel('admin/variable')->load(); $content .= <<<scriptContent foreach (\$variablesToAllow as \$variableName) { \t//collection load avoids duplicate creation if setup script is executed multiple times \tMage::getModel('admin/variable') ->getCollection() ->addFieldToFilter('variable_name',\$variableName) ->getFirstItem() ->setBlockName(\$variableName) ->setIsAllowed(true) ->save(); } scriptContent; Mage_Shell_PatchClass::log("Add following as setup script \n\n" . $content . "\n"); } } }