Get a Free Quote
Our Blog

Installing Magento SUPEE-9767 & 9767 v2 : Possible Issues and their Solutions

1,838 total views
Dipak Patil
July 29, 2017

A new Magento patch 9767 and called SUPEE-9767 is released recently. It addresses several security issues. It is important to install this version of the security as soon as possible. Some dangerous remote code execution issues are reported.

This patch closes 15 dangerous remote code execution leaks and vulnerabilities for example in Javascript, cache or logs. It is again one of the main security patches, which needs to be installed quickly. One high risk issue has already known attacks, so time to hurry!

In this below article, we have explained major issues faced with the installation along with solutions of the same.

Read on the whole article to solve your issues!

 Magento Security Patch SUPEE-9767 : Read Before Upgrading

After installing patch package we facing some issue and how to solve it :

  1) Enable Form Key browser issue

  • You must have enabled Form Key validation on checkout YES after successfully installing the patch issue

Goto Admin > System > Configuration > Advanced > Admin > Security > Enable Form Key Validation On Checkout > Yes.

SUPEE 9767

2) Patch installation after Shipping method is not working

If you have been using default one page and using a custom theme, then you will face shipping method issue at checkout page.

You should include from key in your custom theme checkout files.

<?php echo $this->getBlockHtml('formkey') ?>

There are below listed file in you can add form key line after starting <form> tag.

template/checkout/cart/shipping.phtml

template/checkout/multishipping/billing.phtml

template/checkout/multishipping/shipping.phtml

template/checkout/multishipping/addresses.phtml

template/checkout/onepage/billing.phtml

template/checkout/onepage/payment.phtml

template/checkout/onepage/shipping.phtml

template/checkout/onepage/shipping_method.phtml

template/persistent/checkout/onepage/billing.phtml

Example :-

<form action="" id="co-payment-form">

<fieldset>

      <?php echo $this->getChildHtml('methods') ?>

      <?php echo $this->getBlockHtml('formkey') ?> // Include formkey line

</fieldset>

</form>

Magento onepage checkout opcheckout.js error

<form action="" .....>
     <fieldset>
      .......
       <?php echo $this->getBlockHtml('formkey') ?>
     </fieldset>
 </form>

Facing any issues? contact this Magento Development company from USA & get in touch .

3) Magento onepage checkout opcheckout.js error

If you using default onepage checkout and have opcheckout.js
then should check if

(elements[i].name=='payment[method]' || elements[i].name == 'form_key') {is available at opcheckout.js

If not exists then replace

if (elements[i].name=='payment[method]') {

with

if (elements[i].name=='payment[method]' || elements[i].name == 'form_key') {

Customer login when getting error

Invalid method Mage_Core_Model_Session::renewFormKey(Array

(

)

)

Trace:

#0 /app/code/core/Mage/Customer/Model/Session.php(311): Varien_Object->__call('renewFormKey', Array)

#1 app/code/core/Mage/Customer/Model/Session.php(311): Mage_Core_Model_Session->renewFormKey()

#2 app/code/core/Mage/Customer/Model/Session.php(255): Mage_Customer_Model_Session->_logout()

Soltuion :-

There are two possible causes of this error:

1) there are local overrides either in code/local/Mage or in one of extensions that rewrites Mage_Core_Model_Session

To solve it, corresponding override should be patched as well with adding renewFormKey method and OPcode cache should be flushed.

2) if not overwrite any model file in local  that time you go to below file and comment the line:

app/code/core/Mage/Customer/Model/Session.php(311): 

 public function setCustomerAsLoggedIn($customer)

{

     $this->setCustomer($customer);

     $this->renewSession();

     Mage::getSingleton('core/session')->renewFormKey();

     Mage::dispatchEvent('customer_login', array('customer'=>$customer));

     return $this;

}

Above code replace with below code

public function setCustomerAsLoggedIn($customer)

{

     $this->setCustomer($customer);

     $this->renewSession();

         Mage::dispatchEvent('customer_login', array('customer'=>$customer));

     return $this;

}

Hope this article has been helpful to you. Contact us today for any queries!