cancel
Showing results for 
Search instead for 
Did you mean: 

Security.php already exists - Patch 7405

SOLVED

Security.php already exists - Patch 7405

Having a small issue with the new Patch 7405. 

This is on a store running CE 1.9.2.2 trying to apply the PATCH_SUPEE-7405_CE_1.9.2.2_v1-2016-01-20-04-35-33.sh through putty. 

 

Checking if patch can be applied/reverted successfully...
ERROR: Patch can't be applied/reverted successfully.
patching file app/code/core/Mage/Admin/Model/Observer.php
patching file app/code/core/Mage/Admin/Model/Redirectpolicy.php
patching file app/code/core/Mage/Admin/Model/Resource/User.php
patching file app/code/core/Mage/Admin/Model/User.php
patching file app/code/core/Mage/Adminhtml/Block/Sales/Order/View/Tab/History.ph p
patching file app/code/core/Mage/Adminhtml/Block/Widget/Grid.php
patching file app/code/core/Mage/Adminhtml/Helper/Catalog/Product/Edit/Action/At tribute.php
patching file app/code/core/Mage/Adminhtml/Helper/Sales.php
patching file app/code/core/Mage/Adminhtml/Model/System/Config/Backend/File.php
patching file app/code/core/Mage/Adminhtml/Model/System/Config/Backend/Image.php
patching file app/code/core/Mage/Adminhtml/Model/System/Config/Backend/Image/Fav icon.php
patching file app/code/core/Mage/Adminhtml/controllers/IndexController.php
patching file app/code/core/Mage/Authorizenet/Helper/Admin.php
patching file app/code/core/Mage/Authorizenet/Helper/Data.php
patching file app/code/core/Mage/Authorizenet/controllers/Adminhtml/Authorizenet /Directpost/PaymentController.php
patching file app/code/core/Mage/Captcha/etc/config.xml
patching file app/code/core/Mage/Catalog/Block/Product/View/Options/Type/Select. php
patching file app/code/core/Mage/Catalog/Model/Category/Attribute/Backend/Image. php
patching file app/code/core/Mage/Catalog/Model/Resource/Product/Attribute/Backen d/Image.php
patching file app/code/core/Mage/CatalogIndex/etc/config.xml
patching file app/code/core/Mage/CatalogInventory/Helper/Minsaleqty.php
patching file app/code/core/Mage/Checkout/Block/Cart/Item/Renderer.php
patching file app/code/core/Mage/Checkout/controllers/CartController.php
patching file app/code/core/Mage/Checkout/controllers/OnepageController.php
patching file app/code/core/Mage/Core/Helper/Data.php
patching file app/code/core/Mage/Core/Model/App.php
patching file app/code/core/Mage/Core/Model/Config.php
patching file app/code/core/Mage/Core/Model/Email/Queue.php
patching file app/code/core/Mage/Core/Model/Email/Template/Filter.php
patching file app/code/core/Mage/Core/Model/File/Validator/Image.php
patching file app/code/core/Mage/Core/Model/Input/Filter/MaliciousCode.php
patching file app/code/core/Mage/Core/Model/Session.php
patching file app/code/core/Mage/Customer/controllers/AccountController.php
patching file app/code/core/Mage/Dataflow/Model/Convert/Parser/Csv.php
patching file app/code/core/Mage/Downloadable/controllers/CustomerController.php
patching file app/code/core/Mage/ImportExport/Model/Export/Adapter/Abstract.php
patching file app/code/core/Mage/ImportExport/Model/Export/Adapter/Csv.php
patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Abstract.php
patching file app/code/core/Mage/ImportExport/etc/config.xml
patching file app/code/core/Mage/ImportExport/etc/system.xml
patching file app/code/core/Mage/Newsletter/Model/Observer.php
patching file app/code/core/Mage/Newsletter/Model/Queue.php
patching file app/code/core/Mage/Page/etc/system.xml
patching file app/code/core/Mage/Paypal/controllers/PayflowController.php
patching file app/code/core/Mage/Paypal/controllers/PayflowadvancedController.ph p
patching file app/code/core/Mage/Paypal/etc/config.xml
patching file app/code/core/Mage/Persistent/etc/config.xml
patching file app/code/core/Mage/Review/controllers/ProductController.php
patching file app/code/core/Mage/Rss/Block/Catalog/Salesrule.php
patching file app/code/core/Mage/Rss/Helper/Order.php
patching file app/code/core/Mage/Sales/Helper/Guest.php
patching file app/code/core/Mage/Sales/Model/Quote/Address.php
patching file app/code/core/Mage/Sales/Model/Quote/Item.php
The next patch would create the file app/code/core/Zend/Xml/Security.php,
which already exists! Assume -R? [n]
Apply anyway? [n]
Skipping patch.
1 out of 1 hunk ignored
patching file app/design/adminhtml/default/default/template/authorizenet/directp ost/iframe.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/creditm emo/create/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/creditm emo/view/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/invoice /create/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/invoice /view/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/order/v iew/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/shipmen t/create/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/bundle/sales/shipmen t/view/items/renderer.phtml
patching file app/design/adminhtml/default/default/template/catalog/product/comp osite/fieldset/options/type/file.phtml
patching file app/design/adminhtml/default/default/template/downloadable/sales/i tems/column/downloadable/creditmemo/name.phtml
patching file app/design/adminhtml/default/default/template/downloadable/sales/i tems/column/downloadable/invoice/name.phtml
patching file app/design/adminhtml/default/default/template/downloadable/sales/i tems/column/downloadable/name.phtml
patching file app/design/adminhtml/default/default/template/sales/items/column/n ame.phtml
patching file app/design/adminhtml/default/default/template/sales/items/renderer /default.phtml
patching file app/design/adminhtml/default/default/template/sales/order/totals/d iscount.phtml
patching file app/design/adminhtml/default/default/template/sales/order/view/inf o.phtml
patching file app/design/frontend/base/default/template/catalog/product/view/opt ions/type/file.phtml
patching file app/design/frontend/base/default/template/rss/order/details.phtml
patching file lib/Varien/File/Uploader.php
patching file lib/Varien/Io/File.php

There seems to be only one thing preventing it from being patched: The file app/code/core/Zend/Xml/Security.php, which says it already exists. I checked and ... it does already exist. Do i need to delete this file so the patch can recreate it?  I'm just a little unsure what to do. 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Security.php already exists - Patch 7405

Hi @JenniferShany & @Ericclay, if you are testing the patch in a dev environment, not in production, (which is strongly recommended), you could try deleting security.php and reapplying the patch. This is not tested, so do not do so in production.

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

View solution in original post

8 REPLIES 8

Re: Security.php already exists - Patch 7405

 

 I'm seeing the same thing..

Re: Security.php already exists - Patch 7405

Hi @JenniferShany & @Ericclay, if you are testing the patch in a dev environment, not in production, (which is strongly recommended), you could try deleting security.php and reapplying the patch. This is not tested, so do not do so in production.

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

Re: Security.php already exists - Patch 7405

Unfortunately, this magento site does not have a dev environment (I have asked if I could make one several times and the answer is always no). What else do you recommend?

Re: Security.php already exists - Patch 7405

Ok, I know (and recommend) that people should do this in a dev environment first, but I took the plunge and just did it.  Hopefully this will help someone in my position. 

 

I went and saved the security.php file and stored it off server. 

I then put my store in maintenance mode (with an IP allowance for my IP).

Then I went in and deleted the old security.php (I guess I could have renamed it instead, but I wasn't thinking about that at the time)

I went into putty and applied the 7405 patch using SSH. 

It worked! No errors. Patch applied successfully.

I went back onto my site and tested user interactions that I could think of ( I may have missed a few but to me these are the most important):

Add to cart, remove from cart, apply promo code, remove promo code, use search bar, sign into account, sign out of account, checkout. 

All work fine. 

Took website out of maintenance mode.

Warned my coworkers who deal with customers to tell me of ANY issues (or to just come get me so I could talk to users). 

 

 

This was probably not the best idea (doing it on a production server). So far, however, it seems to have worked out ok for me. I will post back here if I have any issues. 

 

Re: Security.php already exists - Patch 7405

Happy to hear that worked for you @JenniferShany! Keep campaigning for your dev environment. Smiley Happy

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

Re: Security.php already exists - Patch 7405

Make sure you can open order and your images in the backend are not broken. After patch instal, if you upload a product image they show as broken. 

Re: Security.php already exists - Patch 7405

Hi @onlinestore23, please see https://community.magento.com/t5/Security-Patches/after-installing-SUPEE-7405-can-no-longer-add-or-c... about images after patching.

--

Developer Relations, Adobe Experience Cloud
Problem solved? Click Accept as Solution!
Still stuck? Check out our documentation: https://magento.com/resources/technical

Re: Security.php already exists - Patch 7405

 

 I saved the old version and applied the patch then compared the two.  The new version has some new inserted code added Snip below.

 

                       libxml_disable_entity_loader($loadEntities);
                        libxml_use_internal_errors($useInternalXmlErrors);

and it looks like it removed some older checks for old versions of PHP .

 

So in short it looks like that file should be replaced.  I'm not sure why the file wasn't just patched.