Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz -...

15

Click here to load reader

Transcript of Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz -...

Page 1: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Analyzing an existing Magento Shop

Code Quality, Security, Performance, Updatability

Andreas von Studnitz - Analyzing an existing Magento Shop 1 9/18/2013

Page 2: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Overview

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 2

• Introduction

• Approach

– Code Quality

– Security

– Performance

– Updatability

• Discussion

Page 3: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

About me

• Andreas von Studnitz

• Living and working in Aachen, Germany

• Magento Development since 2008

• Freelancer since 2009

• Co-Founder of integer_net GmbH in 2012

• Active member of the German Magento Community

• Magento Frontend/Backend Development, Magento Training, Magento Consulting

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 3

Page 4: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Introduction

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 4

Why should I do a shop analysis?

• Taking over an existing project

• Value the work of a former agency / developer

• An agency wants to know how well they are doing

Page 5: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Approach

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 5

What you need: • Complete code base • Database dump

What you have to do: • Install local copy, all warnings on • Get an overview • Analyze code • Analyze log files

Page 6: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Approach (2)

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 6

How to get an overview?

• How many non-core modules are there?

• You have to know what every module is doing

• See each module’s config.xml for that

• Have a look into the central classes for that

Page 7: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Approach (3)

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 7

Structure your analysis:

Quality Security Performance Updatability

Base Magento ? ?

Template ? ? ? ?

External Modules ? ? ? ?

Individual Modules ? ? ? ?

Configuration ? ? ?

Page 8: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Code Quality (1)

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 8

• How are classes, methods and variables named?

• Does the code contain comments?

• How long are methods and classes?

• Is there commented code?

• Is everything at the place where it belongs to? (MVC)

Page 9: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Code Quality (2)

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 9

• Does the code use Magento Coding Standards?

• Are there obvious warnings in the IDE? (i.e. non-initialized or non-used variables, unreachable code blocks etc.)

• Are there automated tests?

• Use testing tools (for PHP, HTML, …)

• Keep your eyes open

Page 10: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Security

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 10

Look at:

• Magento Version

• Unfixed Security Issue in Zend Framework (July 2012)

• Accessible files (Database dumps, PHP scripts, Export files, …)

• SQL in PHP or template files

• Third party extensions

• (Server)

Page 11: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Performance

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 11

Look at:

• Configuration (Caching, Flat Catalog, JS/CSS merging)

• Use of built-in caching (use AoE_TemplateHints)

• $product->load() or $category->load() in Collections

• $product->save()

• (Server)

Page 12: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Updatability

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 12

Look for:

• Changes in core files

• Files in app/code/local/Mage

• Too many rewrites of central classes

• SQL in PHP or template files

• Copy of layout files instead of using local.xml

• Copy of whole template folders

• Use git • Create a new branch • Overwrite with raw Magento • Check for changes

Page 13: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Tips

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 13

• Do a full text search for “product->load(” and “category->load(” outside the core files

• For templates, have a look at catalog/product/view.phtml

Page 14: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Report

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 14

• Can be a bullet list or a text

• Should include:

– An overview of the analyzed shop

– Structured results with weighting

– Summary

– Recommendations

Page 15: Analyzing an existing Magento Shop - integer-net.de · PDF fileAndreas von Studnitz - Analyzing an existing Magento Shop 9/18/2013 9 ... •Use testing tools (for PHP, HTML, ) •Keep

Thank you

9/18/2013 Andreas von Studnitz - Analyzing an existing Magento Shop 15

Contact me:

[email protected]

– twitter/GitHub/IRC: @avstudnitz