Multiple route errors after installing PATCH_SUPEE-6788_EE

magento.stackexchange https://magento.stackexchange.com//questions/89180

Question

I've recently installed the latest security patch for Enterprise Edition 1.14.2.0.

Some routes get stuck. EG: "add customer" in the admin leads to a blank page (http://local.edressme.com/edressme/index.php/admin/customer/new/key/775e63f4ca795973b527bca8f11ff7e096e4a190d5e34db875cfe95033d5e999/). So does some modules buttons (and register new customer in the frontend).

I've run https://github.com/rhoerr/supee-6788-toolbox, but no success (at least in the items I've identified.)

I'm not looking for a global solution (It would be nice though). A hint on what's the problem and what's need to be done will be greatly appreciated.

Thanks!

Was it helpful?

Solution

It sounds like the toolbox that you referenced above is supposed to handle what I describe below, but best to double-check. I went carefully through the entire patch when I applied it and did everything by hand to my custom theme/extensions after having a few issues.

Make sure all .phtml and .xml files are applied to your custom FE and admin theme

This patch has several changes to front-end and admin.xml files that need to be applied to any custom theme. This patch touches several different parts of the system.

For example, in the customer account creation process, you'll notice that a form_key was added to the registration form, so these changes in app/design/frontend/base/default/template/customer/form/register.phtml also need to be applied to your custom theme. There were numerous other files that changed. Be sure to carefully walk through the patch, noting all .phtml and .xml files that have changed and apply them to your theme.

Similarly, if you have customized any layout or .phtml files in your admin, check those as well.

Check Any Overriden Controllers

Similarly, you'll need to check any extension that may have overriden methods in your Customer Controller (or any other controller touched by the patch for that matter). For example, see:

app/code/core/Mage/Customer/controllers/AccountController.php. I ran into an issue where an extension that I built extended this controller and overrided the createPostAction method - I had to apply the changes denoted in the patch to the controller that I was using. (e.g:

+        $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
+
+        if (!$this->_validateFormKey()) {
+            $this->_redirectError($errUrl);
+            return;
+        }
+

Debugging

Can you check your reports/error logs and report back any errors that you are getting if these steps don't address your problem?

Licensed under: CC-BY-SA with attribution
Not affiliated with magento.stackexchange
scroll top