Magento database log cleaning

Log tables:

log_customer
log_visitor
log_visitor_info
log_url
log_url_info
log_quote
report_viewed_product_index
report_compared_product_index
report_event
catalog_compare_item

Cleaned by script:

php -f shell/log.php clean

Cleaned by Magento Admin (By default, it is disabled.):

From the Magento Admin Panel, select System > Configuration 
On the left, locate the Advanced menu and click System
From the System panel, click Log, and from the Enable Log Cleaning drop-down list, select Yes
In the Save Log Days field, enter 15 (The value is based on how much the traffics are)
Click Save Config

Clean those tables manually with Mysql client or phpMyAdmin (NOT recommend)

 

Source: https://docs.nexcess.net/article/how-to-perform-magento-database-maintenance.html

Add custom security check for protected resources on Magento

Assume catalog needs be protected for register customer and there is an url ‘/secure/url’ which need be protected too.

  1. Modify templete ‘page/html/head.phtml’ and add following code

    <?php
        //check security contents
        echo $this->getLayout()->createBlock('core/template')->setTemplate('page/html/security.phtml')->toHtml();
    ?>
  2. Create a new file ‘page/html/security.phtml’ with the following contents

    <?php
        // check security content
        if (("catalog" === Mage::app()->getRequest()->getModuleName()) || (0 === strpos(Mage::app()->getRequest()->getRequestUri(), '/secure/url'))) {
            if (!($this->helper('customer')->isLoggedIn())){
    ?>
                <script type="text/javascript">
                      window.location.href = "<?php echo $this->getUrl('customer/account/login')?>";
                </script>
    <?php
                die();
            }
        }
    ?>

Get request information for test purpose:

<?php
    echo Mage::app()->getRequest()->getModuleName();
    echo "<br />";
    echo Mage::app()->getRequest()->getControllerName();
    echo "<br />";
    echo Mage::app()->getRequest()->getActionName();
    echo "<br />";
    echo Mage::app()->getRequest()->getRequestUri();
    echo "<br />";
?>

reference:

http://stackoverflow.com/questions/16691546/want-to-call-one-phtml-file-in-another-phtml-file-using-anchor-tag

http://stackoverflow.com/questions/8235282/magento-display-request-url