Magento themes and extensions

Magento CMS syntax – part2

Posted on August 17th, 2011 | Posted by admin

Every Magento user noticed that there is special {{magentocode}} syntax available in cms pages and static blocks. We traced a bit to find out which params are available and what exactly they do.

Magento CMS syntax – part1
is first part of this series. Please read before this.

Since the part1 article 4 new codes were introduced in newer Magento versions, so now there’s 10 of them total: skin, media, htmlescape, store, block, layout, config, customvar, protocol and widget.

They are currently handled by Mage_Widget_Model_Template_Filter processor class (which extends Mage_Cms_Model_Template_Filter which extends Mage_Core_Model_Email_Template_Filter).

How to create custom attribute source type?

Posted on August 16th, 2011 | Posted by admin

Have you ever need to create custom attribute source type? This is small example which will help you to create custom source type. I hope that it will be helpful.

Let’s go….
First of all you need to create sql setup file which will add attribute to your system with custom source type. Source type is defined in array : ‘source’ => ‘sourcetype/attribute_source_type’.

$installer->addAttribute('catalog_product', 'product_type', array(
'group' => 'Product Options',
'label' => 'Product Type',
'note' => '',
'type' => 'int', //backend_type
'input' => 'select', //frontend_input
'frontend_class' => '',
'source' => 'sourcetype/attribute_source_type',
'backend' => '',
'frontend' => '',

Create language packages for an extension in Magento

Posted on August 16th, 2011 | Posted by admin

Dear my friends, last post I wrote about “How to create a multiple language website in Magento”, now I’ll continue with a related topic “How to create language packages for an extension in Magento”.
In this topic, I’ll use our FAQ extension as a real example.

  • Step 1: Edit config.xm file in : your_module/etc/config.xml
    Find section and add below piece of code:


    You need to change the namespace and module name to suit with your need.

How to add custom PHP code into CMS page in Magento?

Posted on August 10th, 2011 | Posted by admin

Today I saw that there are many topics asked about “How to add custom php code into CMS page on Magento”. Someone uses regular expressions, someone creates a new Module and puts their custom php codes into a block which they called from CMS page. But I don’t think that’s a good way.

I’m thinking about one module that we can create some custom piece of php codes in admin section then use them in any CMS page you want.

The idea is that we’ll create a new module called “customphp” that contains two parts:

1) The frontend part contains a folder called customphp in :

2) The admin part contains a feature to list and edit file content in the folder:

For example there is a file named: demo.phtml

                 echo("This is my custom php code");

In your php code, you just need to put:

          {{block type="core/template" template="customphp/demo.phtml"}}

When I have free time, I’ll create a module to see if it works

Quoting SQL in Magento

Posted on August 9th, 2011 | Posted by admin

Well, most of new Magento developers feel that writing queries again database is quite complicated. And so, they try to use the simplest way to do this:

$data = Mage::getSingleton(‘core/resource’) ->getConnection(‘core_read’)->query($sql);

However, sometimes you may make Mysql injection error by this way. To avoid this, the best way is using quoting sql supported by Zend Db before calling query().

There are 3 kinds of quoting: quote(), quoteInto() and quoteIdentifier(). It’s very important to use these functions before execute query. It helps us to defend against SQL injection issues.

1. quote(): this method is used to turn a string or variable into a quoted SQL string:

$where = $db->quote(“April’s coder”);

$db->query(“Select * from `coders` where `award`=$where”);

In the first command, we will have $where = ‘April\’s coder’; notice that 2 quotes added to the string.

2. quoteInto(): used to substitute a scalar into a SQL expression