My Magento on PHP 5.4.x Fixes

I am currently setting a Magento v1.7 ecommerce store on nginx with PHP 5.4. I have been monitoring the Magento store for errors and have been getting a few of them. I wanted to make a list of the errors that I am getting with the fixes. I hope these fixes will help other. And of course, please comment if you have a few to add to the list or if the fix on the post is not correct.

ERR (3): Warning: Illegal string offset 'value'  in /app/code/core/Mage/Adminhtml/Block/System/Config/Form/Field.php on line 111

I have been getting the above error in saving configuration in backend.
Fix:
Replace at line 111:

} elseif ($v['value']==$defText) {
    $defTextArr[] = $v['label'];
    break;
}

To:

} elseif (isset($v['value'])) {
    if ($v['value']==$defText) {
        $defTextArr[] = $v['label'];
        break;
    }
}

If you have problem with Magento not generating PDF form invoice or anything PDF related.
You may need to open up: /lib/Zend/Pdf/FileParserDataSource.php
and comment out:

//abstract public function __construct();
//abstract public function __destruct();

Check out page problems with Log in and quantity updates.
By inserting:

<?php echo $this->getBlockHtml('formkey'); ?>

Right after:

<form id="login-form">

You may need to use grepWin to search for the location with the error, your theme may vary.

Webmaster Essential Free Tools on Microsoft Windows

Notepad++ – Edit your code.

Pageant – Using SSH keys for logins.

PuTTY – SSH on Windows.

PuTTYgen – SSH key generator.

HeidiSQL – Edit your mySQL database right on your Windows platform.

Chrome/Firefox – Browser.

FastStone Image Resizer – Resize your images with one shot.

JPEGmini – Compresses your image for the web without much loss.

GIMP – Editing images like Adobe Photoshop for free.

Webpagestest.org – Test your website speed.

Qualys SSL Labs – Test your website SSL security.

Feel free to comment your favorite tools

Samsung Galaxy Note 3 Release Date: At&t and T-Mobile

Samsung Galaxy Note 3
Samsung Galaxy Note 3

Samsung Galaxy Note 3 had just released their release date. As it turns out that At&t will be taking pre-orders at a price of $299 with 2 year contract and might be releasing the device on Oct 1st, 2013. T-Mobile will set the release date to Oct. 2nd, 2013. I have been waiting very long for this device to be release. This will be my first Note device. I hope it will stand up to its hype.

The spec shown on Samsung website does not show if the US market will be the Octa CPU. We are pretty sure US market will be getting the new CPU from SnapDragon 800 from Qualcomm.

Spec:

Network
– 2.5G (GSM/ GPRS/ EDGE) : 850 / 900 /
1800 / 1900 MHz
– 3G (HSPA+ 42Mbps): 850 / 900 / 1900 /
2100 MHz
– 4G (LTE Cat 4 150/50Mbps) : up to 6 different
band sets(Dependent on market)
Processor
– LTE 2.3 GHz Quad-Core Processor
– 3G Octa Core Processor
(1.9GHz Quad + 1.3GHz Quad)
– The selection of AP will be differed by markets.
Display
– 5.7 inch (144.3mm)
Full HD Super AMOLED (1920 x 1080)
OS
– Android 4.3 (Jelly Bean)
Camera
– Main(Rear) : 13 Mega-pixel BSI Sensor, Auto Focus
camera with Smart Stabilization, LED Flash(High CRI),
and Zero Shutter Lag
– Sub (Front) : 2 Mega-pixel BSI sensor with
Smart Stabilization, Full HD recording @30fps
– Dual Camera : Dual Shot / Dual Recording
/ Dual Video Call
– Recording : UHD 30fps (*may differ by market),
Smooth motion (FHD 60fps), Slow motion (HD 120fps)
– Camera Mode : Drama Shot, Sound & Shot,
Animated Photo, Eraser, Best Photo, Best Face,
Beauty Face, HDR (High Dynamic Range), Panorama,
Sports, Golf, Surround shot, Live effect
Video
– Codec : H.264, MPEG-4, H.263, VC-1, WMV7, WMV8,
Sorenson Spark, MP43, VP8, HEVC
– Recording & Playback: Full HD (1080p), UHD
(*may differ by market)
Audio
– Codec : MP3, AAC/AAC+/eAAC+, WMA, AMR-NB/WB,
Vorbis, FLAC(*), WAV(*)
(*) Ultra High Quality Audio (~192KHz, 24 bit) support
S Pen Optimized Features
– Air Command, Action Memo, Scrapbook,
S Finder, Pen Window, Multi Window,
Direct Pen Input
Additional Features
– Group Play: Share Music, Share Picture,
Share Video, Share Document, Play Games
– Story Album, S Translator
– Samsung Smart Scroll, Samsung Smart Pause,
Air Gesture, Air View
– Samsung Apps, Samsung Hub, ChatON (Voice/Video Call,
Share screen, 3-way calling), Samsung WatchON
– S Voice™ Hands Free, S Health
– Samsung Adapt Display, Samsung Adapt Sound
Auto adjust touch sensitivity (Glove friendly)
– Samsung Link, Screen Mirroring
– Safety Assistance, Samsung KNOX
Google Mobile Services
– Chrome, Search, Gmail, Google+, Maps, Play Books
Play Movies, Play Music, Play Store, Hangouts
Voice Search, YouTube, Google Settings,
Play Games, Messenger
Connectivity
– WiFi 802.11 a/ b/ g/ n/ ac (HT80)
– GPS / GLONASS
– NFC, Bluetooth® v 4.0 (LE)
– IR LED (Remote Control), MHL 2.0
Sensor
– Gesture, Accelerometer, Geo-magnetic,
Gyroscope, RGB
– Proximity, Barometer, Temperature & Humidity,
Hall Sensor
Memory
– 32/ 64 GB User memory + microSD slot (up to 64GB)
– 3GB RAM
Dimension
– 151.2 x 79.2 x 8.3mm, 168g
Battery
– Standard battery, Li-ion 3,200 mAh

How to Set SSL Ciphers and update OpenSSL for PCI Compliant (Apache)

SSL Cipher Settings (PCI Compliant)

If you going to use SSL for your site, make sure that you disable low level ciphers.
To do this, simply edit:

#/etc/httpd/conf.d/ssl.conf

SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RCA4+RSA:+HIGH:!LOW:!MEDIUM

#Save the file and restart the apache
service httpd restart

#check to see if the settings are working
openssl s_client -connect localhost:443 -cipher EXP:HIGH

#the below command should throw you an error
openssl s_client -connect localhost:443 -cipher EXP:LOW
openssl s_client -connect localhost:443 -cipher EXP:MEDIUM

By default CentOs comes with openssl version 1.0.0. However openssl has been updated a year ago to 1.0.1 to support high ciphers such as TLS 1.1 and 1.2. Normally, before updating the openssl, I would backup the server first if anything goes wrong. The reason is that openssl is used by many programs within the linux.

To update the openssl, you will need to manually install the package by rpm

#installing openssl 1.0.1e
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/x86_64/ius-release-1.0-10.ius.el6.noarch.rpm

#install yom-plugin-replace
yum install yum-plugin-replace

#replacing openssl 1.0.1e name
yum replace openssl --replace-with openssl10

I have also replaced the above SSLCipherSuite to

SSLCipherSuite 'AESGCM:RC4:SHA384:SHA256:AES !aNULL:!eNULL:!LOW:!MEDIUM:!3DES:!MD5:!EXP:!kEDH:!PSK:!SRP:!kECDH'

You should also disable SSL Compression as it is vulnerable to CRIME attack according to ssllabs.com

# /etc/httpd/conf/httpd.conf
# Disable Module within Apache by using a #
#LoadModule deflate_module modules/mod_deflate.so

and then:

echo >>/etc/sysconfig/httpd export OPENSSL_NO_DEFAULT_ZLIB=1
# Restart Apache Server
service httpd restart

After you had finished the configuration, have your site be tested with http://www.ssllabs.com

How to Remove Apache Header

Removing Apache Header

Some third party scanners gives a warning about having the Apache server name to be public. One of the main reasons to hide this is to give hackers a hard time to guess what web servers you are using. Giving out your Apache version and your OS can let hackers quickly search your server for known vulnerabilities.

edit:

/etc/httpd/conf/httpd.conf

#Change the following
ServerSignature On

#to

ServerSignature Off

Manfrotto 055xprob with 808RC4 head Review

I just got my first semi somewhat touching at the professional level tripod for my Canon XSI. The tripod I got is the Manfrotto 055xprob. My first impression of this tripod is absolutely stunning that I had to start posting for this tripod at midnight of 2:00 AM on Saturday.

The tripod itself only cost a high $200.
Its head (808RC4) along cost $160.

Manfrotto 055XPROF

 

This thing is rock solid.

How to add international languages into settings on Android Samsung Galaxy S4?

My wife had brought the new Samsung Galaxy S4. She was really excited about the phone, since she is new to Android. (As you guys guessed it, she was an iPhone user before.) The number one issue that she was complaining about, was the international language available to her. The one she got was the T-Mobile Samsung Galaxy S4, Android version 4.2.2. She was shocked to see that Samsung/T-Mobile or who ever it is, had not included the Chinese written language and many others. The only languages available to her was: Deutsch, English, Espanol, Francais, Italiano, and 한국의. She told me to take a look at it, I never took noticed of the language setting, as I was okay with English. She on the other hand was not. Is Samsung/T-Mobile/even Google being racism now? 🙁

Now, I have searched all over Google and found nothing. I started reading about cooking my own custom ROM. All that was a waste of time. I decided to look into the system files, and found the XML file that had the settings to enable international languages.

Enabling international Languages within Settings for Android Samsung Galaxy S4.

Quick Instructions:
#1: You will need to root your phone.
#2: Download and install “Root Browser” from the Play Store.
#3: Open the app and navigate to “/system/csc”
#4: Delete or rename “language.xml”

Picture Instructions:
#1: Make sure you have custom ROM that are based on the official Samsung ROM.
The ROM in the screenshot that I am using is the Wicked ROM Version 9.1
Wicked ROM Version 9.1 Galaxy S4

#2: You have to install “Root Browser” from the Play Store App.
Screenshot_2014-01-06-20-16-48

#3: Open up “Root Browser” and make sure you download/install all the prerequisites when you first open the app.
Screenshot_2014-01-06-20-18-02

#4: Within the “Root Browser,” navigate to the folder:  /system/csc
Screenshot_2014-01-06-20-18-34

#5: Rename or delete language.xml

#6: Restart your cell phone if needed. Now, you can see all the available languages within the Android system.
Screenshot_2014-01-06-20-19-13

That’s all, now you should be able to see all the international Languages of your choice.

Author: Jason Lin

Backing up VPS Server to Raspberry Module or Home Server

I had a Raspberry Pi laying around and I was wondering if I could put it to use. Lately, my web hosting server had been hit by a unpleasant attack that wiped all the data on the server nodes. I was glad that they had backups elsewhere to restore from the attack. They may have backups at different locations, but you never know what will happen next. Just to be safe, I feel that backing up the VPS Server locally will be a good choice as well.

If you are looking to back up to your computer server, it should work the same.

Setting up the Respberry Pi

Installing the os:

Installing the Raspbian “wheezy” OS is the easiest thing to the world. Simply download the iso here. While you are downloading the iso, you will need specific tools required to format your sd card. All instructions are posted on the eLinux.org website for Raspberry Pi here.

Setting up the iptables:

For the iptables, I recommend going to “Simple Iptables Script Generator” and generate the bash shell script for you. However there are some things to change on the generated code.

Here are slight changes from the generated iptables shell script:

#!/bin/sh

# iptables script generated 2013-07-20
# http://www.mista.nu/iptables

IPT="sudo iptables"

# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain

# Set default policies for all three default chains
$IPT -P INPUT ACCEPT
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT

# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT

# All TCP sessions should begin with SYN
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 192.168.1.0/24 -j DROP

# Accept inbound TCP packets
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT

# Allow inbound access to Samba shares
$IPT -A INPUT -p udp -m udp --dport 137 -s 192.168.1.0/24 -j ACCEPT
$IPT -A INPUT -p udp -m udp --dport 138 -s 192.168.1.0/24 -j ACCEPT
$IPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -s 192.168.1.0/24 -j ACCEPT
$IPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -s 192.168.1.0/24 -j ACCEPT

# Accept inbound ICMP messages
$IPT -A INPUT -p ICMP --icmp-type 8 -s 192.168.1.0/24 -j ACCEPT
$IPT -A INPUT -p ICMP --icmp-type 11 -s 192.168.1.0/24 -j ACCEPT

# Accept outbound packets
$IPT -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT

# Allow output
$IPT -A OUTPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
$IPT -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT

$IPT -A INPUT -j DROP
$IPT -A OUTPUT -j DROP

The above iptables allow SAMBA and SSH access only. You may need to add extra filters for other services. You will also need to change the ip address “192.168.1.0/24” to your local ip as in “x.x.x.0/24”.

And finally you will need to save your iptables, so that it will be loaded again on reboot.

iptables-save

Setting up passwordless log in with sshkey:

Setting up a passwordless ssh log in is very useful for the cron job to automate the process as we will not be required to enter the login password every time we do rsync.

#Navigate
cd /~/.ssh

#Generate a public and private SSH key
ssh-keygen

#You should see the following:
############################################
#Generating public/private rsa key pair.
#Enter file in which to save the key (/home/pi/.ssh/id_rsa):

#Enter exactly what they tell you to enter, in this case: /home/pi/.ssh/id_rsa

#Lease the passphrase empty, simply press enter!

#Enter passphrase (empty for no passphrase):
#Enter same passphrase again:

#Your identification has been saved in /home/pi/.ssh/id_rsa.
#Your public key has been saved in /home/pi/.ssh/id_rsa.pub.
#The key fingerprint is:
#97:aa:de:20:40:e7:68:9b:ca:3f:4b:a9:0e:58:4c:7e [email protected]
#The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|  o .            |
| = +       .     |
|  B E   S o      |
|.o =.    o       |
|o oo. . .        |
|o.o. . +         |
|o+.oo.o .        |
+-----------------+

You know should have 2 files in your /~/.ssh.

id_rsa is the private key that you will be required to use when you log into your ssh account. This file is like your password, but in a file format.

id_rsa.pub is the public file that that will be stored within the raspberry pi. In order for the passwordless ssh to work, you will need to rename “id_rsa.pub” to “authorized_keys”.

cat id_rsa.pub > authorized_keys

#Change the permission to 0600 so your user can read it
sudo chmod 0600 authorized_keys

#Now that you had set the authorized_keys, you may remove id_rsa.pub
rm id_rsa.pub

Since we had set the keys for ssh log ins, we will now set ssh to disable password log ins when keys are not provided.

sudo nano /etc/ssh/sshd_config

#Set PasswordAuthentication to no
PasswordAuthentication no

#Ctrl+x and y to save

Installing rsync:

#Simply run
sudo apt-get install rsync

Setting up the external hard drive:

Now you may plugin your external hard drive to the Raspberry Pi.

#Check to see your device location
sudo fdisk -l
#Our device is located on /dev/sda1, but yours might be different

#If you haven't formated your external drive to Ext4, you may do so by:
sudo mkfs.ext4 /dev/sda1 -L untitled

#Mounting the External Hard Drive
sudo mkdir /mnt/usbdrive
sudo mount /dev/sda1 /mnt/usbdrive
sudo chown -R pi:pi /mnt/usbdrive

#Check to see if the drive type and if it is mounted correctly to the directory of your choice
sudo mount -l

#Check to see the drive space and mount directory
df -h

#Now that we had mounted the external drive, we would like it to automatically mount the drive on reboot.
sudo nano /etc/fstab

#Add the following line the config
/dev/sda1  /mnt/usbdrive  ext4  defaults  0  0

Setting up the main server

Installing rsync

#Ubuntu/Debian
sudo apt-get install rsync

#CentOS/RedHat
yum install rsync

Copying Over the private key for the ssh log in we created in the Raspberry Pi

nano /~/raspberrypikey

#you may open up the private key in Raspberry Pi and copy the code to be pasted to your nano editor.

Testing rsync

#Lets just create a test file.
nano /~/testfile

#rsync that testfile to your Raspberry Pi
rsync --progress -avhe "ssh -i /~/raspberrypikey" --delete-after /~/testfile [email protected]:/mnt/usbdrive
#user - is the user id of your raspberry pi, the default is pi
#X.X.X.X - is your ip address

#If things went well, you should able to see the testfile in your Raspberry Pi located at /mnt/usbdrive

 Setting up the cron job

#Setting the cron job to automatically back up your vps server
crontab -u root -e

#This will bring you to vim editor. Press "i" to start editing. Input the following:
0 4 * * 1 rsync --progress -avhe "ssh -i /~/raspberrypikey" --delete-after /home /etc /root /var [email protected]:/mnt/usbdrive/backup

#The first 5 numbers sets the time and dates for the cron job to execute, see the chart bellow:
###############################
# *    *    *    *    *  command to execute
# ┬    ┬    ┬    ┬    ┬
# │    │    │    │    │
# │    │    │    │    │
# │    │    │    │    └───── day of week (0 - 6) (0 to 6 are Sunday to Saturday, or use names)
# │    │    │    └────────── month (1 - 12)
# │    │    └─────────────── day of month (1 - 31)
# │    └──────────────────── hour (0 - 23)
# └───────────────────────── min (0 - 59)

 

**Setting up the mySQL backup script

The above back upp only deals with local files only. It will not back up your databases. For databases, you may want to have a bash script to do updates daily.

I have found twhiting9275 script at the cpanel.net forum very useful.

 

Everything is now set to back up your VPS server to your Raspberry Pi.

Any questions and corrections, feel free to commend below.

Author: Jason Lin