Problems running SUPEE-6788 Patch

A new security patch has been released for Magento  in the last few days. I have had to patch a number of sites running different Magneto versions and ran into a couple of common issues.  This might help others having trouble.

“Patch can’t be applied/reverted successfull”

If the patch refuses to install, claiming there to be an issue with the .htaccess file, such as

ERROR: Patch can’t be applied/reverted successfully

patching file .htaccess

Hunk #1 succeeded at….

then you have reached a common issue.  The problem is that the patch is expecting a pretty much unmodified .htaccess file.  Odd considering that this file is one of the most likely files to be modified almost immediately.

The solution is to replace your .htaccess with a clean one from the install zip (or tar) file. Rename your original one first to .htaccess.proper or somesuch.  Plop in the original .htaccess and then run the patch.  If the patch completes run a file compare  and add the new bits to your .htaccess.proper.    The additional lines will probably be at the end of the patched file and relate to cron.php.

Remove the .htaccess file and rename your .htaccess.proper back to .htaccess.

The same thing can happen with a couple of other files/locations including:

  • .htaccess.sample  (why would you have this live? patch needs it though).  Add it, patch it and remove it.
  • For more recent versions of magento there may also be a dev folder which the patch will attempt to, er, patch.  In some places it is recommended to remove this from a live environment.  However, not having this folder can also cause the SUPEE 6788 to fail.  Again, add it, patch it, remove it from live.

Make sure that you check the applied.patches.list  (located in /app/etc/) to make sure that your patch has been applied.

Forms no longer submitting

One additional gotcha to watch out for is any custom forms that you may have on your site.  Following the patch I found the “my account -> create new account” forms would no longer submit.  Forms now need a form_key field to be processed so you will need to make sure that any custom forms you have kicking about, that may not have been patched, now include the hidden form_key field:

 

<input type=”hidden” name=”form_key” value=”<?php echo Mage::getSingleton(‘core/session’)->getFormKey() ?>” />

Existing modules not working

I have found some existing modules have stopped working.  At the moment I don’t have a fix-all solution.  Check for updates in  Magento Connect or contact the module creators.

 

If I find any more things I will let you know.  If you spot any please comment.ジュニアスキーブーツファイナルセール【2017LANGE】RS 90 S.C
マニフレックス シングル エアメッシュ ハットトリック(AIR MESH Hat Trick) 高反発 マットレス 外して洗える側地
ルイヴィトン モノグラム キーポル60 バンドリエール ボストンバッグ M41412 旅行かばん 【中古】 BP
face A型ハンガーラック 60 ■【日本製 アイアン 木製 レトロ ヴィンテージ スチール FRAMES&SONS F&S デザイナーズ オシャレ 足立製作所】
◎《お作り又はお取り寄せ》K18WG/K18YG&PG サークルモチーフロングネックレス大人のロングネックレス
アート 絵画 水彩画 稲田敏良 いなだとしなが 「北浜レトロII」 大阪市北浜 F6 額装サイズ(500x610mm)
丸中ゴム工業 運搬車・作業機用ゴムクローラ 250×72×46(250*72*46) パターン【R】お得な2本セット!≪送料無料!代引不可≫[100309254601]ピッチ72
ダンシングストーン ダイヤモンドネックレス0.3ct Pt900 天然ダイヤモンド 揺れるネックレス ダンシングダイヤ 鑑別書付 保証書付 ギフト プレゼント
【ポイント20倍】ミキモク デスク アビーロード ダーク 100x50cm 引出し付 ASDO-10590 RLB 【2梱包】 ダーク
リンレイ 超耐久プロつやコート1 HG 18L 5箱セット

Facebook Comments

4 thoughts on “Problems running SUPEE-6788 Patch”

  1. Hi Jon,

    Thanks for your article. I need help to fix the forms no longer submitting problem. My magento is 1.9.1.0 and after applied 6788, customer can’t create account from front end. The page reflashes and reload itself. I think you know the problem. But I checked register.phtml, it is patched as you stated in this article. Can’t figure it out. Please help!!

    THanks James

    1. Hi James,
      Thanks for being my first commenter on my new blog.
      The problem might be fairly straight forward to fix. I would imagine that you are actually using a custom form, inside a different module, perhaps a copy of of register.phtml inside your “local” design folder. It is possible that it is called something else. One would have to check your layout xml files to see which template might be in use, or do a search of the local design folder for some HTML that matches on your page (form field name, div class or something).

      Jon

  2. In fact, the register.phtml is the stock file. There isn’t any custom module applied to this file. After the patch, I noticed <input type="hidden" name="form_key" value="getFormKey() ?>” /> was added to the file. Except that, everything else is the same. Really have no idea.

    1. Is the form key field showing in the source of the page on the site? Another possibility could be that processing script is custom (been modified in some way). However I have not had to resolve that problem (yet).

Leave a Reply

Your email address will not be published. Required fields are marked *

Apply your human brain cells and complete this highly complicated maths problem *