Three very important vulnerabilities have been detected in Prestashop: two of the SQL injection type, one of critical severity and the other of high severity, and another high severity XSS injection vulnerability, which could allow any user with administrator permissions to write, update or drop SQL databases regardless of their permissions.
You can see the statement here.
The critical severity vulnerability is SQL filtering and could allow a user to write, update, and delete to the database, even without having specific administrator permissions.
Of the high severity vulnerabilities, one affects arbitrary file reading, which makes it possible for a user with SQL manager access to arbitrarily read any file in the operating system with a SELECT function. While the other high severity vulnerability consists of a possible XSS injection, which could facilitate the hijacking of HTML elements without the need for user interaction.
Prestashop has released a patch and recommends updating to versions 8.0.4 and 126.96.36.199.
The only current way to apply the patch is to update the version of Prestashop to the indicated ones.
If you have a Prestashop 1.7.X you must update to 188.8.131.52
If you have a Prestashop 8.X you must update to 8.0.4
Reading Time: < 1 minutesDo you have an E-Commerce with PrestaShop and want to configure the Facebook pixel quickly and easily? Then don’t miss this useful guide to integrate Facebook on PrestaShop.
The first thing to do is to log into your PrestaShop panel. Next we will have to distinguish two cases:
If you have just created your E-Commerce site with PrestaShop, know that Facebook is already integrated within it. You can then access it, by going through the forms management.
If you already have a PrestaShop store and the Facebook module is not installed, the process is very similar to before, but with a small difference.
In particular, you will need to:
Alternatively you can also do this second procedure:
Reading Time: 4 minutesThis guide gives you full control over the process. This has been applied by PrestaShop for several major versions and thus can be applied on very old stores.
The first step is to download the latest version at https://www.prestashop.com/ .
The download can also be done from the command line:
wget -O prestashop-upgrade.zip https://www.prestashop.com/download/old/prestashop_184.108.40.206.zip
Once you have the folders like classes /, modules /, themes / , etc. you can go to the next step.
Avoid overwriting production resources (images, conf…) with default data. These folders can be removed from the new version:
All other files in the new version will overwrite the existing files. Any changes made to the original source code will be lost.
Also, rename the “admin” folder to match your store’s admin folder name. This will prevent unwanted duplication of the administration content.
As it may cause unexpected behavior for you and your customers during the upgrade, we strongly recommend that you turn on maintenance mode during the upgrade.
You can do this in your admin panel:
Adding your IP address will allow you to access your store while it is in maintenance mode. This way, you can make sure everything is working properly before allowing your customers to access it again.
In this step, we “update” the PrestaShop files by copying the content of the new version to the existing store.
You may have activated a caching system (e.g. memcache) on your store. If so, be sure to disable it in “ Advanced Settings”> “Performance” . You can enable it again once the update process is finished.
Note on the “Vendor” folder: the previous updates of PrestaShop 1.7 showed that conflicts can occur when merging the new supplier / folder with the old one. To avoid this problem, it is recommended to delete this folder in the existing store before copying the new one.
On Windows, copy the new contents of the folder and paste it into your store folder. You will receive warnings that the files already exist in the destination folder. Choose “overwrite” to continue.
On Linux, the copy can be done in your terminal:
cp -R <path_to_the_new_release>/* <path_to_the_current_shop>/
cp -R ~/Downloads/prestashop/* /var/www/html/
Once the files have been copied, your store database is ready to be updated.
All changes to be applied have been defined in the installation folder, their execution can be performed with a specific PHP script.
When ready, run the install / upgrade / upgrade.php file .
This can be done with a browser, by reaching the address http: // <shop_domain> /install/upgrade/upgrade.php or from the command line of your server:
In both cases an XML log will be displayed. The result can be found in the result of the attribute of the first <action> tag:
When the update script has detected some updates to apply, the executed SQL queries will be listed along with their result.
<?xml version="1.0" encoding="UTF-8"?><action result="ok" id=""> <action result="info" id="220.127.116.11"><![CDATA[[OK] PHP 18.104.22.168 : /* PHP:ps_update_tabs(); */]]></action> <action result="info" id="22.214.171.124"><![CDATA[[OK] SQL 126.96.36.199 : ALTER TABLE `ps_currency` MODIFY `name` varchar(64) NOT NULL]]></action> <action result="info" id="188.8.131.52"><![CDATA[[OK] SQL 184.108.40.206 : SET SESSION sql_mode = '']]></action> <action result="info" id="220.127.116.11"><![CDATA[[OK] SQL 18.104.22.168 : SET NAMES 'utf8']]></action> [...]
You can double check that each action is marked “OK”. If not, further details will be shown after the request, which can help you resolve the issue and re-run the request manually on your database. In some cases, you may need to restore the database backup and start over.
You can also see an error code. Each code is related to a message described here:
Before we go any further, we will have to do some cleaning.
The installation folder, used to perform database updates, is no longer needed and can be safely deleted.
When you open your store (in the front or back office) on your browser, you may experience some visual problems. This may be because your old resources are still served by a cache. Reload them by forcibly refreshing the page (press ctrl + R on Windows / Linux or cmd + R on Mac OS) or by clearing your browser cache.
Your module files were updated while the file was copied, however many of them may require additional database changes. Check the module page in your Back Office to see if updates are pending.
Go to your admin panel and log in. You will notice that the version displayed has changed on the login page. Then in the menu, click on the form page to reach your catalog.
On PrestaShop 1.6, this page is located in “Module and services”. Click “Update All” at the top of the page to perform all available updates:
On PrestaShop 1.7, the same functionality can be found on the Enhance >> Modules page, in the “Notifications” tab:
If the manual process seems too tedious, there are other solutions to complete an update.
PrestaShop provides free 1-click upgrade module on the marketplace and admin panel of your store. It automatically carries out the previously mentioned process and is available for almost all versions of PrestaShop.
You can read more about it here.
Reading Time: 3 minutesPrestashop has quite strict security features and one of these is certainly the duration of the session timeout, which is rather short. This ploy is to reduce your application’s exposure to session-based attacks, such as session cookie theft.
However, this can be quite annoying for anyone who is working with the platform. Store admins may be logged out of the admin interface if they are idle for some time. This can be very frustrating.
Today then I’ll show you why it happens and how to fix this error.
This problem usually occurs when one of these conditions occurs:
Let’s see what are the 3 main reasons why the Prestashop admin login problem occurs.
To solve this problem, we mainly use 5 different ways, based on the exact problem the store owner is facing.
But before you get into the details and make any changes to the store, make sure you have the database and website files backed up.
To check this, try to log in from another browser or activate the “Incognito mode”.
The cache files are located in these locations.
Go to these folders and delete all the files in them.
Provide the correct domain name for PS_SHOP_DOMAIN and PS_SHOP_DOMAIN_SSL in the ps_configuration table.
You should only provide the domain name. For example: your shop URL is http://test.com/store/, you should provide values like:
PS_SHOP_DOMAIN = test.com
PS_SHOP_DOMAIN_SSL = test.com
The installation directory should be indicated in the “ /config/setting.inc.php “ file.
Remove the check of the user’s IP address performed by Prestashop.
You can disable it in the “ classes / cookie.php ” file inside the “ isLoggedBack () “ function.
Here, remove or comment on the following condition.
! Configuration :: get (‘PS_COOKIE_CHECKIP’))
The inactivity period is set to 15 minutes by default.
You can increase this value in the “ classes / controller / AdminController.php “ file.
Look for the following code in the file:
if (time $ this-> Context> cookie-> last_activity + 900 <())
Here the inactivity period is set to 900s (15 minutes). You can replace this value in seconds.
Reading Time: 4 minutesPrestaShop is an e-commerce platform developed in France in 2007, free to download and open source. This means that every E-Commerce owner is able to modify the software code to adapt their store to their individual needs.
This platform is perfect for any type of business, be it small, medium or large. You can easily customize your site, manage and choose the payment method you prefer and generally set up your site as you want.
But, despite being free, how much does it cost to create an E-Commerce with PrestaShop? Are we sure it’s completely free?
In this article we will look at just that.
If you want to start your business in the right direction and create a functional E-Commerce, you will need a professional team of developers, with knowledge and experience. In addition, it is essential to hire people who are responsible for the visual aspect of the store, as this is certainly a fundamental aspect to improve sales.
The hourly rate of qualified professionals may vary depending on the country.
So let’s see an overview of the cost of development services for PrestaShop, as far as professionals are concerned.
The hourly rate of the agencies, on the other hand, is higher and this is because they have a more professional approach and are more reliable.
These prices, of course, can vary depending on the scale and difficulty of the client’s projects. The hourly rate of the agencies will be different in each region. So, in case you need a highly skilled job, choose a reputable development company.
A large variety of modules and templates can be found in the PrestaShop marketplace . You will see that the navigation is quite simple and thanks to a menu and the sidebar of the filter, you can immediately find what you are looking for.
The official PrestaShop marketplace – PrestaShop Addons – offers more than 5,000 modules and themes that help you customize your online store.
This way, you can increase traffic, improve conversion rates and build customer loyalty. In fact, there are many possibilities that PrestaShop with its modules can offer you.
The modules are divided into 10 categories. Examples of categories are:
The design of your store is a fundamental aspect for your customers, because it gives professionalism to your store.
There are more than 1300 free and paid PrestaShop themes. To choose the one that best suits your business, you can use the useful filters by category, color, rating, extended functionality, style and version of the platform.
The main categories for the themes are:
Prices vary and the cheapest cost between 45-60 €. The more complex ones, on the other hand, can even reach up to € 300.
Clearly if you decide to use PrestaShop, you will also have to choose a hosting where to stay your site. The prices for hosting vary depending on the characteristics of the latter.
Prices can start from a minimum of € 25 and up, it all depends on the type of plan.
If you want information about our hosting plans for PrestaShop, contact us!
PrestaShop offers several support plans for open source at additional costs. Plus, you have access to useful resources like PrestaShop forum, community, documentation, FAQ, YouTube tutorials.
We describe the main assistance plans and discover the main features:
So, is PrestaShop actually the right solution for you? Does it have more advantages or disadvantages? Can it make your business profitable? Let’s talk about the pros and cons.
All in all, PrestaShop is a good solution with a lot of advantages if you need to create an online store with a lot of customization options. But there are some drawbacks, such as the additional costs. if you are looking for an all-in-one solution, PrestaShop is not for you.
Reading Time: 4 minutesIf you are also wondering “What is PrestaShop and why you should use it for your E-Commerce”, you have come to the right place!
When deciding to embark on a path related to online sales, the main question is: which platform do I use?
In this article we will go to the discovery of Prestashop, seeing in detail what it is and why it is chosen by many to sell online.
The creation of an online store can in fact be scary at first, especially when you are not very familiar with the available platforms and their level of functionality.
But what you need to understand is that all eCommerce platforms have their own set of features, ease of use, and level of flexibility. You just need to choose the one that comes closest to your needs. The choice, however, must be aware, since it is not possible to switch so easily to switch from one E-Commerce platform to another.
This is the reason for these guides of ours. We will try to help you in the conscious choice of the right platform. In the specific case today we will talk about PrestaShop, so that you can understand if it is good for your needs or not.
PrestaShop is a freely accessible open source E-Commerce platform . It boasts many ready-to-use features, which still make it really appealing to all E-merchants. It works on PHP and from a merchant’s point of view it’s pretty straightforward and you can build complete E-Commerce websites along with great features.
There are many stores created with this platform and just as many are the realities that work there. In fact, thanks to its incredibly intuitive interface, it has certainly conquered a good slice of the market. Not to mention that the offer linked to modules and extensions, to expand functionality, is certainly very wide.
Some amazing features of PrestaShop such as advanced backup schemes, high reliability and easy accessibility allow users to have an optimal capacity site.
As I told you, PrestaShop has over three hundred built-in features that allow you to manage payment methods, shipping, product listing, suppliers and buyers.
You can also customize your site, thanks to the numerous templates available.
The only slightly more technical part of PrestaShop is the installation, which we will see in one of our next guides anyway. Otherwise, the use of this platform is rather easy . It is indeed very intuitive.
For the moment you can see a demo of the platform, to be able to understand the back-end and the front-end and understand a bit how it is structured. PrestaShop is able to provide you with a perfectly responsive online shop, which therefore adapts perfectly to display on all devices, both fixed and mobile.
PrestaShop is a totally free and open source platform . You will be able to create a personalized and customizable E-Commerce, quickly and easily. Basically, PrestaShop makes eCommerce website development much easier and more accessible. This CMS is present in over 65 countries and boasts a beautiful community with over one million active members. Thanks to the Community, many improvements to the platform have been possible.
Clearly, if you have an E-Commerce site, one of the fundamental aspects is certainly that linked to payments . With PrestaShop, you can take advantage of different payment gateways such as PayPal, Amazon Pay, Worldpay, Discover Global Network, First Data and Authorize.Net. Furthermore, there are more than 250 payment service providers as add-ons.
But since an E-Commerce is nothing if it doesn’t have a good marketing strategy, PrestaShop offers you the possibility to add customized features. Among these we find many marketing tools, such as: discount mode, free shipping, special offers, email marketing, affiliate programming, gift wrapping, coupon codes and many others.
In fact, this aspect is fundamental for customer loyalty. A cuddle, which can be a reserved offer, a discount, a gift box, are all strategies that can make the customer come back to buy on our E-Commerce.
As I told you, marketing activities are essential for the success of a site. With PrestaShop, you will be able to take advantage of a large variety of modules, which allow you to implement its features. Among these, we find modules such as:
which can be activated with a single click. These modules can help you customize the site according to your needs.
You will find all modules in the PrestaShop marketplace
SEO is the most important thing for any E-Commerce business, because a site can be beautiful and functional, but if no one finds it, it surely won’t sell.
PrestaShop makes it easy to develop SEO-friendly URLs. If you have a basic understanding of search engine optimization, PrestaShop allows you to easily edit your title tags, meta title, meta description and other SEO related attributes.
If you want to extend your market internationally , you must work to ensure that the customer can read the content on your site in their own language.
PrestaShop supports more than 75 languages worldwide and allows you to edit the site translation. It also allows you to download language packs for different countries to meet the needs of your target audience.
Analysis and statistics play a fundamental role in understanding the progress of your sales activity. Thanks to these, in fact, we can understand where to act and change our strategy.
Prestashop helps to keep track of our website visitors and their conversion point. Thanks to these activities, we can actually modulate our strategy, perhaps offering discounts or personalized offers.
In PrestaShop troverai una dashboard molto utile che include più di 20 formati di report di stato che possono aiutare a decidere una strategia di crescita aziendale. Nel marketplace sono disponibili gratuitamente anche altri addon per analisi e statistiche.
PrestaShop è una piattaforma volta al miglioramento continuo. In questi anni infatti, è cambiato molto, adattandosi a quelle che erano le richieste dei clienti e del mercato.
Se infatti osserviamo il suo percorso, vediamo che la piattaforma si è evoluta molto e continua a rilasciare nuovi aggiornamenti.
PrestaShop ha prestato particolare attenzione al suo marketplace dove troverai molti moduli ed estensioni per migliorare il tuo E-Commerce.
We have seen the general characteristics of PrestaShop and why it is one of the most used platforms.
Its maintenance and prices are much cheaper than other platforms , not to mention that it allows even a non-technical person to work with it and customize it. Then, in case you are looking for custom solutions, you can always hire PrestaShop developers to help you.
PrestaShop is multilingual and multi-currency software that allows you to launch your site internationally. Not to mention that the platform is constantly improving and what’s better than a large community that extends its support in all types of PrestaShop development services.