Magento released a patch, SUPEE-6788, on October 27, 2015. This patch addresses protection against security related issues such as information leaks and remote code execution. A site can be compromised in many ways by these types of threads such as potentially having malware scripts running on your server or having sensitive information stolen. This patch allows Magento store owners to protect against these security compromises. Although, unlike most patches, it can be a little confusing to implement. Before implementing this patch, here are a few things you need to know.
In late January of 2015 the first remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to Magento by Check Point Software Technologies. This bug affects both Magento Enterprise Edition and Magento Community Edition, and it allows attackers to obtain control over a store and its sensitive data, including personal customer information. As of February 9, 2015, Magento released a patch for this issue.
When the order is placed, a sales order is created as a temporary record of the transaction. In the Orders list, sales orders are shown with a status of “Pending,” and can be canceled at any time until the payment is processed. After payment confirmed, the order can be invoiced and shipped. Topics in this section:
- Order Workflow
- Order Status
- Invoice an Order
- Ship an Order
Lets say you have several orders you have recently filled and are now ready to be shipped. Your next step is to yes notify the customer their order is being shipped and then mark the status of that order as completed. The following is a quick walk through on just how you do this.
Setting up Swatches
Swatches provide an alternate way to display the selection of options for configurable products. Rather than choosing an option from a drop-down list, customers can make their selection by clicking a swatch. Configurable swatches can be used on the product page, product list, and in layered navigation. Continue reading Magento Support: Swatches
Using images of consistent quality, size, and proportion gives your product catalog a professional look with commercial appeal. If you have a large catalog with several images per product, you can easily have hundreds, if not thousands of product images to manage. Before you get started, it’s a good idea to establish a naming convention for your image files, and organize them so you can find the originals if you ever need them. Continue reading Magento Support: Images
Product Group Price
Product Group Price enables you to set promotional prices for different customer groups at the product level. Group price can be used with the following product types: Continue reading Magento Support: Product Group Price
Minimum Advertised Price
Merchants are sometimes prohibited from displaying a price that is lower than the manufacturer’s suggested retail price (MSRP). Magento’s Minimum Advertised Price (MAP) gives you the ability to remain in compliance with the manufacturer’s requirements while offering your customers a better price. Because requirements differ from one manufacturer to another, you can configure your store to prevent the display of your actual price on pages where it is not allowed to appear according to the terms of the manufacturer. Continue reading Magento Support: Minimum Advertised Price
Unlike a unit price, a package price refers to multiple items of the same product that are packaged together and sold as a single unit. A six-pack of soft drinks is an example of package pricing.