SOOLID blog

Yesterday i have spent some hours getting this done, so here the explanation hoping to save you some time.

Magento version 1.6.0

Modified core files:
/app/code/core/Mage/Catalog/Block/Product/List/Toolbar.php

Modified template files:
/app/design/frontend/mytemplate/default/template/catalog/product/list/toolbar.phtml
/app/design/frontend/mytemplate/default/template/catalog/layer/view.phtml

Translations:
/app/design/frontend/mytemplate/default/locale/it_IT/translate.csv

Life-Saving Threads: where i have found the hints to make this work
http://www.magentocommerce.com/boards/viewthread/20437/
http://www.magentocommerce.com/boards/&/viewthread/4029/P15/

First you have to setup the new order options in Toolbar.php.
Find the function named getAvailableOrders and modify it like this:

/**
* Retrieve available Order fields list
*
* @return array
*/
public function getAvailableOrders()
{
// SLD CUSTOM 13.12.2011
$this->_availableOrder = array(
'position' => $this->__('Popularity'),
'entity_id' => $this->__('Latest arrivals'),
'name' => $this->__('Name'),
'price' => $this->__('Price')
);
// / SLD CUSTOM
return $this->_availableOrder;
}

now we can order our products by position, entity_id, name and price.

Now in our toolbar.phtml we can use those options to modify the “Sort By” drop-down menu. Here we use our new options with getOrderUrl and directions ( ‘asc’/'desc’ ) to get values for our drop-down menu.

example: “order by lowest price first url” is < ?php echo $ob->getOrderUrl(’price’, ‘asc’); ?>


< ?php $ob = new Mage_Catalog_Block_Product_List_Toolbar;?>
<fieldset class="sort-by">
< ?php echo $this->__('Sort By') ?>
<select onchange="setLocation(this.value)">
<option value="< ?php echo $ob->getOrderUrl('position', 'asc') ?>"< ?php if($ob->isOrderCurrent('position') && $ob->getCurrentDirection() == 'asc'): ?> selected="selected"< ?php endif; ?>>
< ?php echo $this->__('Popularity'); ?>

Last.fm è uno dei social preferiti qui in SOOLID, soprattutto per quanto mi riguarda, adoro le funzionalità , adoro lo stile con cui fanno le cose e cerco di sfruttare i servizi che offrono il più possibile per la mia band.

Essendo il nerd del gruppo, mi occupo io di gestire tutto quello che riguarda il web, e mi tocca anche l’ingrato compito di piazzare le date dei concerti su tutti i social principali (myspace, lastfm, facebook) e sul blog. Per iniziare a risolvere questo problema di gestione ho deciso di visualizzare sul blog le date dei concerti già inserite su last.fm , sfruttando le API fornite da last.fm.
Come ho fatto:

Step 1: ottenere un’API account
http://www.last.fm/api/account qui potete ottenere la vostra API key che utilizzerete per collegarvi alle API. Tutto quello che dovete fare è dare qualche informazione su come intendete usare le API.
Read the rest of this entry »

This weekend, one of our server has been turned off because our ISP find on it a Phishing site. After some analisys we find that all problems comes from a domain with imageVue (a flash/php image gallery) installed.

The vulnerability is damn simple: the upload script doesn’t check credentials and doesn’t check file extension so anyone can go to http://urlofscript/admin/upload.php?path=../pathyouwant and upload everything.

Fortunately the system is clean and uncompromized, but the exploiter installed on it a “nice” phishing site for http://banca-bancolombia.com the same damn thing also described on this post.

The vulnerability is well described on securityfocus. So if you run ImageVue on your website make sure it’s a safe version.