Upgrade from Prestashop 1.6.0.9 to 1.6.1.1

[Ben90]

Hi there,

 

I got an email from Prestashop couple weeks ago related to security issue, 1.6.1.X is recommended. Therefore, the previous Prestashop version should be upgraded to 1.6.1.X.

 

I got a bad experience upgrading prestashop version. Is there anyone here that updated Prestashop from 1.6.0.9 to 1.6.1.1 successfully without any errors?

 

And how significantly important upgrading to the latest version? Is the security is very low that it can be easily hacked which require us to update it to 1.6.1X ? Is it that dangerous to stay in the previous version?

 

Thanks

[Dh42]

The security risk is not severe, but there is still a risk. It can be mitigated by keeping your admin panel url secret and also having a htaccess file to limit access to certain ip addresses or using a htpassword too. 

 

As for upgrading, I have not upgraded those two versions.

[fiar2009]

I have same issued here. I'm also running prestashop 1.6.0.9 and worry to upgrade it and give error to my online store.

Edited August 24, 2015 by fiar2009 (see edit history)

[Ben90]

The security risk is not severe, but there is still a risk. It can be mitigated by keeping your admin panel url secret and also having a htaccess file to limit access to certain ip addresses or using a htpassword too. 

 

As for upgrading, I have not upgraded those two versions.

 

Well, I never tell anyone about the url to BO. But not sure whether any other way to get that url.

 

So, as an additional security, we need to create .htpasswd in order to get double protection to access BO, right?

 

So the admin will need to enter the password 2 times: .htpasswd & BO password. Please correct me if my understanding is wrong.

 

I prefer using this rather than fixing the error after upgrade, since the chance of error by upgrading Prestashop version is high.

[bellini13]

you can always patch your existing store without performing an upgrade.  There were instructions provided and there are also other posts that explain how to do this on earlier versions of Prestashop.

 

I can also offer to patch your current store if that is an option you'd like to explore.  Send me a PM or contact me on my website for more information.

[Ben90]

Wow! This thread got hit over 100 in a few days. If the expert give a proper guidance in this case, that would be great! I believe it's not only me who got this issue (upgrading 1.6.0.9 to 1.6.1.1).

 

you can always patch your existing store without performing an upgrade.  There were instructions provided and there are also other posts that explain how to do this on earlier versions of Prestashop.

 

I can also offer to patch your current store if that is an option you'd like to explore.  Send me a PM or contact me on my website for more information.

 

Thanks for your information & offer. I manually fix that security issue by following this on my localhost: https://github.com/PrestaShop/PrestaShop-1.5/commit/f1ef8aa913ea013c42d9f2d702142caf031b4945?diff=split&w=1

 

Looks like it works well if somehow I don't want to upgrade, but only applying the patch.

 

However, I am still thinking to do an upgrade to 1.6.1.1 if possible. I tried to run an upgrade on localhost & got this error whenever I open a combination inside a product in a BO:

 

 

Fatal error: Call to a member function getIdTaxRulesGroup() on a non-object in C:\wamp\www\marblecorp\cache\smarty\compile\5c\da\15\5cda1516ddd8ab5e54e0a3b5e87ea491469bcfac.file.list.tpl.php on line 44 Call Stack #TimeMemoryFunctionLocation 10.0000261312{main}( )..\index.php:0 20.10409351656DispatcherCore->dispatch( )..\index.php:58 30.157016461800ControllerCore->run( )..\Dispatcher.php:367 40.274023531944AdminProductsControllerCore->initContent( )..\Controller.php:189 50.274023533216AdminControllerCore->initContent( )..\AdminProductsController.php:2517 63.6192169162656AdminProductsControllerCore->renderForm( )..\AdminController.php:2011 73.6242169725128AdminProductsControllerCore->initFormCombinations( )..\AdminProductsController.php:2894 83.6242169726496AdminProductsControllerCore->initFormAttributes( )..\AdminProductsController.php:4299 93.8572171416736AdminProductsControllerCore->renderListAttributes( )..\AdminProductsController.php:4362 103.8702171913184HelperListCore->generateList( )..\AdminProductsController.php:4476 113.9212173443504HelperCore->generate( )..\HelperList.php:159 123.9212173443504Smarty_Custom_Template->fetch( )..\Helper.php:113 133.9212173443840Smarty_Internal_TemplateBase->fetch( )..\SmartyCustom.php:317 143.9232173658784content_55e109ed8cfb78_90534044( )..\smarty_internal_templatebase.php:188

[frank_jarle]

I did not have good luck with my upgrade 1.6.0.9 to 1.6.1.1, for me the horizontal menu broke and some customization i had in there (the custom work i will tlak to my dev about). I am using standard Presta theme so i am surprised it broke, glad i did it on my dev site not the "live". Anyway, have a look at my post here: https://www.prestashop.com/forums/topic/451522-categories-not-showing-in-top-menu-after-upgrade-1609-to-1611-using-1-click-upgrade/?do=findComment&comment=2134293

Edited August 31, 2015 by frank_jarle (see edit history)

[nassry]

I didn't find any errors to upgrade from PS 1.6.0.8 to 1.6.1.0.

However, the module to install the security patch didn't work properly.

In my case I fixed, manually.

Edited September 1, 2015 by nassry (see edit history)