|
Patching ZenCart the Right WayI'll show you what I believe is the proper and safest way to perform a patch on a ZenCart installation. For the purposes of this example, I take the Admin Security Patch that was released on June 30, 2007 and will be patching release 1.3.7. To get email notifications of when releases and patches comes out, subscribe to the Zen-Cart forum thread linked here. 1. Do a full backup of your ZenCart Shop (see details). 2. Close your store to online visitors (see details). 3. Download the patch from Source Forge, you have to find the right patch for the release of ZenCart that you have installed. For example, If you have ZenCart 1.3.6, your patch will be different from my patch that is for release 1.3.7. For our example, we are patching an existing 1.3.7 release, so the correct link is the first one shown here...
4. After downloading and unzipping the patch, read the readme.txt for instructions and see what files have changed.
In our case the two affected files are login.php and sessions.php. Please note the directory paths of these files, as there can be files of the same name in different directories. Remember that the "admin" directory is often renamed to another name on your server as a dictated by best security practice. 5. The zip file will contain the two files that contain that correct code that we want on our servers. 6. However, we can not just blindly replace the files on our server with the ones in the zip package because the files on our server might have customized code that your web developer had put in while customizing your ZenCart shop or template. We do not want to wipe out those changes, otherwise it can break the functionality of your shop. Therefore, we must determine if the two affected files on your server contain "custom code". To do that we need to download the original 1.3.7 release. (Find SourceForge link shown above). Then compare line-by-line the file on your server with the file of the original 1.3.7 release. I would recommend using WinMerge for this comparison because doing comparision by eye is prone to errors. If there are no difference, that means that there is no custom code in the file that's on your server. You are ready to copy the patched file up to the server. However, you might just want to do an additional diff (difference check) between the patched file in the zip package with the original 1.3.7 release just to see how the patched file has been patched. I always like to know what code changes go up to the server. You can skip to step 8. 7. If there are code differences between your server file and the 1.3.7 release, you need to make note of those custom code that was made on your server file. Because you will want to put in that same custom code into the patched file contained in the zip package. This is known as a "code merge". Do this now before proceeding to step 8. It might help to perform an additional diff (difference check) between the patched file in the zip package with the original 1.3.7 release just to see how the patched file has been patched. 8. Now copy the patched (and possibly altered) file up to your server in the right location. Peform this process on each of the affected files of the patch. 9. Once you are done, log into the admin control panel to check if everything is okay. Turn on the store. Check your store. 10. You are done. It is good to make an additional backup this patched version of your shop now. So you have two backup copies of your store: the pre-patched backup and the post-patched backup. We keep the pre-patched backup in case we discover anything wrong later. Next Lesson:
|
 |
 |
| Roadmap | Lessons | Tutorials | Videos | Books | Links | About |
|
|
