Quickly check if Magento core files are modified

inside_the_hadron_collider-wide

It is quite often scenario that clients are running Magento websites and are not aware that their core Magento core files are modified. Desecrating Magento core files is punishable by death. So here is a little tip on how to quickly scan the core and see if someone needs to be hanged publicly or not:

$ diff -urbB default_sacred_core_folder clients_core_folder | lsdiff

To explain the parameters of diff, lets take a look at man pages:

-u, –unified
output NUM (default 3) lines of unified context — required for lsdiff

-r, –recursive
recursively compare any subdirectories found

-b, –ignore-space-change
ignore changes in the amount of white space

-B, –ignore-blank-lines
ignore changes whose lines are all blank

As you can see, output of this command is piped to lsdiff command, in order to get more clear output. Once executed, you should(not?) get output like this:

$ diff -urbB default_sacred_core_folder clients_core_folder | lsdiff
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Config.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Container/Abstract.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Observer.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Processor.php
/client_core_folder/app/code/core/Mage/Adminhtml/Block/Dashboard/Graph.php
/client_core_folder/app/code/core/Mage/Adminhtml/controllers/Api/RoleController.php
/client_core_folder/app/code/core/Mage/Adminhtml/controllers/DashboardController.php
...

Looks like someone is about to burn at the stake!

Note: If you would like Inchoo to perform a technical audit on your website, please check the details on our Magento Technical Audit Service.


11 comments

  1. Also a good way to check if all the “patches” applied when Magento issues one of those dreaded “Core Code Pool” disturbers.

  2. Hi Zdravko

    Just found this link and is just what I need. As I’m sure core files have been modified on my site by the developers. Can you explain in simple layman terms how to do this check, as I am not a programmer? But want to know what has changed. My developers will not do this for me, as I would like to upgrade my copy of Magento to 1.7 from 1.6.

    Really hope you can help.

    Thanks in advance

    Dion Mack

  3. @Winston if you get “Only in” for client core folder, that means they added something in the wrong place, which usually means they did it the wrong way as well. Another way to look at it is when someone changes/adds/removes stuff from core folder they are not running Magento anymore.

  4. I see in the output “Only in…”. Should the be of concern or only when files differ?

    I would assume it’s ok if the “Only in” appears for client folder. But if it appears in the sacred folder, that means the client has removed a file, right?

  5. hi, thx 4 share

    im use this:

    – app/code/code
    – app/design/adminhtml/
    – lib
    – js

    diff -urb magento/app/code/core/ ../clienMagento/app/code/core/ > changes_core.patch
  6. I ran something similar to determine what templates had been mangled to produce our website. You do not want to know the code behind our navigation. It’s so not MVC it makes me cry. Thanks for helping flesh out the diff parameters needed to work over core. If you smell a delicious roasting smell headed your way, you’ll know I wasn’t too happy over what I found.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <blockquote cite=""> <code> <del datetime=""> <em> <s> <strike> <strong>. You may use following syntax for source code: <pre><code>$current = "Inchoo";</code></pre>.