Monthly Archives: January 2017

Magento 1.9.3.1 / 1.9.2.1 – Abandoned Cart Report Broken

I updated a site to 1.9.3.1 this past week and the Abandoned Cart report just went blank. It turns out to be a bug in the core code that requires a middle initial. 

How to fix the Broken Abandoned Cart Report

You will find the issue in this file:

“app/code/core/Mage/Reports/Model/Resource/Quote/Collection.php”

About line #209 – Change the “->joinInner(” to “->joinLeft(”

->joinInner(
                array('cust_mname' => $attrMiddlenameTableName),
                implode(' AND ', array(
                    'cust_mname.entity_id = main_table.customer_id',
                    $adapter->quoteInto('cust_mname.attribute_id = ?', (int) $attrMiddlenameId),
                )),
                array('middlename' => 'cust_mname.value')
            )

All done. Clear your cache and reload the report. It should populate now.
If the issue pops up again you may need to change the customer table to default to NULL on the middle name row.

-Jon

Yahoo Security Breach – Att.net won’t update passwords

If you have been hearing about the Yahoo.com email account breach and changed your password – great! 

WARNING – If you have an Att.net account and you stepped through the uVerse/att.net account password change your password has NOT been updated at Yahoo.com.

att.yahoo.com Log In

A little Test

To verify your password was changed or not changed follow these steps:

  1. [Log into att.yahoo.com – change your account password (redirected through att.net site)]
  2. [Log out and back into att.yahoo.com – verify that your new password is set and enforced at att.net. Your yahoo/att email is accessed here via new password.]
  3. [Navigate to yahoo.com – log in with old password. Success. You can still access your yahoo email via your old account password. This is not good.]

Yahoo - login

If the password was in fact updated you should not be able to log into yahoo.com directly with your old password.

Use the images above to remind yourself that you are logging into att.net or yahoo.com directly.

What is going on?

Well it appears that the password and account update that att.net should be sending to yahoo.com just isn’t happening. Yahoo.com never gets the message that you now have a new password and goes along letting you continue to log in with your old one.

What is att.net & yahoo.com doing? Will they fix it?

Bug reports were submitted last month. The only response was “we will inform the team.” 

We have yet to see anything change and millions of users could still think they are secure when in fact they are not.

So far it looks like neither company is doing anything.

OK, what Should I Do?

Leave yahoo.com. Simple and straightforward. 

Setup a gmail.com account and use the internal account migration tools to get your data off yahoo.com.

Delete your yahoo account info and close up shop. They have been extremely slow in even acknowledging the initial data breach and I suspect they will be even slower in fixing this issue.

 

-Jon