damienwebdev

⏰ Magento v2.4.8 "Feature" #2 — allCustomerGroups ⏰

In Magento v2.4.8, the names of all customer groups are publicly accessible via a single GraphQL query — no authentication required.

Yep, even if your store only shows special pricing, payment options, or products to certain customer groups (like Wholesale, VIP, B2B Tier 3, Retail EU, etc.), the entire list of those groups is out in the open by default.

Here's all it takes:

damienwebdev

❗ Magento v2.4.8 "Feature" ❗

In Magento v2.4.8, the names of all Cart Rule and Catalog Rule promotions are public and enumerable by default via a single network request (per type).

Are you a customer of a store that uses Magento? Guess what — all promotions that store has configured are now publicly accessible. Just pick a URL and fire away:

curl --location 'https://www.yourmagentostore.com/graphql' \
--header 'Content-Type: application/json' \
--data '{"query":"query {\n allCartRules {\n name\n }\n}","variables":{}}'

damienwebdev

diff --git a/Model/Indexer/Category/Product/AbstractAction.php b/Model/Indexer/Category/Product/AbstractAction.php
index 020c195..955be66 100644
--- a/Model/Indexer/Category/Product/AbstractAction.php
+++ b/Model/Indexer/Category/Product/AbstractAction.php
@@ -169,7 +169,7 @@ abstract class AbstractAction
      */
     protected function reindex()
     {
-        foreach ($this->storeManager->getStores() as $store) {
+        foreach ($this->storeManager->getStores(true) as $store) {

damienwebdev

    Array.prototype.slice.call(document.querySelectorAll('*')).reduce(
        (acc, el) => { 
            let listeners = getEventListeners(el);
            if(Object.keys(listeners).length) { 
                acc[el.nodeName + el.className] = (acc[el.nodeName + el.className] ?? 0) + Object.keys(listeners).length
            }; 
            return acc;
            }, 
        {}
    );

damienwebdev

const PAGE_1 = document.querySelector('YOUR_SELECTOR');
const PAGE_2 = document.querySelector('YOUR_OTHER_SELECTOR');

let count = 0;

const memleakInterval = setInterval(() => {
  count % 2 === 0 ? PAGE_1.click() : PAGE_2.click();
  count++;
  console.log(count);
}, 1000);

damienwebdev

helm ls -a

NAME                    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                           APP VERSION
nfs-media-server        default         1               2020-07-08 15:21:46.0611715 -0400 EDT   deployed        nfs-server-provisioner-1.1.1    2.3.0 

helm history nfs-media-server

REVISION        UPDATED                         STATUS          CHART                           APP VERSION     DESCRIPTION     
1               Wed Jul  8 15:21:46 2020        deployed        nfs-server-provisioner-1.1.1    2.3.0           Install complete

damienwebdev

<?php
class Mage_Widget_Helper_Data extends Mage_Core_Helper_Abstract
{
    /**
     * Further refine escaped HTML.
     */
    public function escapeHtml($data, $allowedTags = null)
    {
        $parent = parent::escapeHtml($data, $allowedTags);

damienwebdev

<?php
class Mage_Core_Model_Layout_Update {
    public function fetchDbLayoutUpdates($handle)
    {
        $_profilerKey = 'layout/db_update: '.$handle;
        Varien_Profiler::start($_profilerKey);
        $updateStr = $this->_getUpdateString($handle);
        if (!$updateStr) {
            return false;
        }

damienwebdev

<?php
use MyModel;
class ExampleClass {
   public static function sumMyData(){
       $sum = 0;
       $myIdsArray = []; 
       $myIdsArray = MyModel::getMyListOfIdsFromDb();
       $collection = MyModel::getCollection($myIdsArray);
       foreach($object in $collection){
           $sum = sum + $object->value;

damienwebdev

public interface A{
  public boolean method(Base B);
}

public class Parent{

}

public class Child extends Parent{