Quickly check if Magento core files are modified
It is quite often scenario that clients are running Magento websites and are not aware that their core Magento core files are modified. Desecrating Magento core files is punishable by death. So here is a little tip on how to quickly scan the core and see if someone needs to be hanged publicly or not:
$ diff -urbB default_sacred_core_folder clients_core_folder | lsdiffTo explain the parameters of diff, lets take a look at man pages:
-u, –unified
output NUM (default 3) lines of unified context — required for lsdiff
-r, –recursive
recursively compare any subdirectories found
-b, –ignore-space-change
ignore changes in the amount of white space
-B, –ignore-blank-lines
ignore changes whose lines are all blank
As you can see, output of this command is piped to lsdiff command, in order to get more clear output. Once executed, you should(not?) get output like this:
$ diff -urbB default_sacred_core_folder clients_core_folder | lsdiff
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Config.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Container/Abstract.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Observer.php
/client_core_folder/app/code/core/Enterprise/PageCache/Model/Processor.php
/client_core_folder/app/code/core/Mage/Adminhtml/Block/Dashboard/Graph.php
/client_core_folder/app/code/core/Mage/Adminhtml/controllers/Api/RoleController.php
/client_core_folder/app/code/core/Mage/Adminhtml/controllers/DashboardController.php
...Looks like someone is about to burn at the stake!
Note: If you would like Inchoo to perform a technical audit on your website, please check the details on our Magento Technical Audit Service.
11 comments
Thanks Zdrakvo for the tips.
Really helpful post, a lot easier then some of the alternatives to get a quick over view of what’s changed.
Also a good way to check if all the “patches” applied when Magento issues one of those dreaded “Core Code Pool” disturbers.
Hi Zdravko
Just found this link and is just what I need. As I’m sure core files have been modified on my site by the developers. Can you explain in simple layman terms how to do this check, as I am not a programmer? But want to know what has changed. My developers will not do this for me, as I would like to upgrade my copy of Magento to 1.7 from 1.6.
Really hope you can help.
Thanks in advance
Dion Mack
@Winston if you get “Only in” for client core folder, that means they added something in the wrong place, which usually means they did it the wrong way as well. Another way to look at it is when someone changes/adds/removes stuff from core folder they are not running Magento anymore.
I see in the output “Only in…”. Should the be of concern or only when files differ?
I would assume it’s ok if the “Only in” appears for client folder. But if it appears in the sacred folder, that means the client has removed a file, right?
hi, thx 4 share
im use this:
– app/code/code
– app/design/adminhtml/
– lib
– js
Nice link for magento inline translation and easy to undertand.
I ran something similar to determine what templates had been mangled to produce our website. You do not want to know the code behind our navigation. It’s so not MVC it makes me cry. Thanks for helping flesh out the diff parameters needed to work over core. If you smell a delicious roasting smell headed your way, you’ll know I wasn’t too happy over what I found.
HaHa! This is invaluable …thank you!
noice tut, thanks