A new security patch SUPEE-10570 for Magento 1 was released on Feb 27th 2018. It is affecting ~60 files of Magento Open Source (Community Edition) and ~90 of Magento Commerce (Enterprise edition). Let’s review what actual changes and improvements are behind those files.
This post is a short inside-out of the newly released Magento 1 SUPEE-9652 security patch. The patch prohibits an injection of executable code to the Magento email “Reply To” param, if the “Return Path” for emails is enabled. So let’s check what it does.
Recently, we’ve faced a data inconsistency in the Magento sales_flat_order_grid db table. Some of the values in custom columns look like they were shifted. This issue may occur if the order grid has multiple custom fields and when a user archives orders in the Enterprise Edition.
We are going to talk about event system approach in development. The event is a very flexible way to extend application logic. This approach is actual in both Magento 1 and Magento 2. Let’s go ahead and check how it works.