MENU

On October 2, 2023 By In Magento 2

Solution for Magento2.4.5 Session cache limiter cannot be sent after headers have already been sent

I have seen numerous posts on Magento forums and Stackoverflow with a similar topic, where developers are complaining about the same issue.
While issues can occur on any page, the most noticeable is on the front end when the customer tries to add the product to the cart. Instead of the product being added to the cart, the page will reload without any error message, and the cart state will stay the same.

If you check the ‘var/report’ folder, you will find a lot of report files with the same message:
ErrorException: Warning: session_start(): Session cache limiter cannot be sent after headers have already been sent (/magento2/public_html/vendor/laminas/laminas-http/src/PhpEnvironment/Response.php:135)
#32 /magento2/public_html/vendor/laminas/laminas-http/src/PhpEnvironment/SessionManager.php(186): Magento\Framework\Session\SessionManager::start

Unfortunately, I have found the same issue on one of our projects.
My first thought was that there is an output (like echo, print, or something similar) in the template files of a custom theme or maybe some 3rd party module. Switching back to the Luma theme and turning OFF all 3rd party products didn’t help.
As a last resort, we have decided to upgrade Magento from 2.4.5-p1 to 2.4.5-p3, and the issue was gone.
After following the project for a week, there were no new complaints from customers or administrators.
It might sound like a dull solution, but it is worth trying if you can’t fix the issue in any other way.

Read more

On March 10, 2020 By In Magento 2

Quickly Refresh Cache in Magento 2

If you are a developer that works with Magento 2, you surely know-how clearing cache in Magento can be a boring thing. Thanks to built-in full page cache Magento front-end works quite fast, however, in most cases, your changes will not be seen unless you don’t refresh the cache.

Even Magento will remind you to do that through a notification system when you make any significant change in the back-end.

OK, most of the developers will simply use CLI to clear cache, there are few commands that help.

Clean cache: php bin/magento cache:clean

Clean cache short version: php bin/magento c:c

Flush cache: php bin/magento cache:flush

Flush cache short version: php bin/magento c:f

In case you are not comfortable with shell, you might need to refresh the cache from your browser. While it is just a few clicks, it will soon become boring if you have to do that several times within an hour.

But, there is a really nice solution for such a case, a small add-on for Chrome that will allow you to clear cache in just one click.

Add-on can be installed from the link below:

Quick M2 Cache Refresh Tool

Features:

  • New refresh button in Cache Management page.
  • New keyboard shortcuts for the active Cache Management page.
  • All opened Cache Management pages listed in popup.
  • Quick and full refresh buttons available in popup.
  • Always visible number of open Cache Management pages.

Add-on support Magento from version 2.x and Chrome from version 79.x (any way you should always allow Chrome to update itself latest version).

Add-on is made by Nikola Tujković a full-time back-end developer from SMDesign Studio, all kudos go to him. If you like add-on be sure to leave a review and share it with your friends.

Cheers 🙂

Read more

On November 23, 2018 By In Magento

Magento 1 java script malware injection via CMS block

Hello, as Magento 1.x closes to it’s end of life (at least officially) everyone should consider moving to Magento 2.x platform. With every new release Magento gets better and new features are available, also upgrade process is quite simplified and now works really great.

Anyway there are lot of stores that still use Magento 1.x and will not move to 2.x for few more months. Those stores also require maintenance and security check, otherwise they can easily be corrupted by various malware codes and expose important data (like customers addresses or even credit card numbers). Be sure that you update Magento on regular base and apply security patches as soon as they are published.

We noticed recently that malware code can be easily injected into CMS block content, that way it will be loaded on every page that has CMS block included in any part of page. In simple words if you have a CMS block in footer code will be loaded on every page on site, including cart, checkout and success pages.

Simple way to check your site would be to login into Magento back end and open one CMS block to edit, turn off wysiwyg editor to see code and check for any code that include java script.
Code might look like this:
< script src=’https://javascript.host/ >< / script >

In general if you see any code that include scripts that are hosted on domain that is not familiar to you there is reason to suspect that is some kind of malware.
If you have access to PhpMyAdmin you can do search through base and check is there similar code in CMS pages or any other table.
Also if you have MageFence module it will search for those strings when you start security check procedure.

We will name few most common strings that you should check:

  • kinfirighbetted.host
  • atob.host
  • bad.guy
  • siteverification.online
  • jquery-ajax.host

Read more