I went into one of our Enterprise installs to check this.
In app/code/core/Enterprise/Pci/Model/Observer.php
there is a function called adminAuthenticate
in the Observer.
public function adminAuthenticate($observer)
{
First, it updates the locking information:
// update locking information regardless whether user locked or not
if ((!$authResult) && ($user->getId())) {
$now = time();
$lockThreshold = $this->getAdminLockThreshold();
$maxFailures = (int)Mage::getStoreConfig('admin/security/lockout_failures');
if (!($lockThreshold && $maxFailures)) {
return;
}
$failuresNum = (int)$user->getFailuresNum() + 1;
if ($firstFailureDate = $user->getFirstFailure()) {
$firstFailureDate = new Zend_Date($firstFailureDate, Varien_Date::DATETIME_INTERNAL_FORMAT);
$firstFailureDate = $firstFailureDate->toValue();
}
Then it determines if the admin account is locked out by checking the lockExpires
field from admin_user
against the current time.
// check whether user is locked
if ($lockExpires = $user->getLockExpires()) {
$lockExpires = new Zend_Date($lockExpires, Varien_Date::DATETIME_INTERNAL_FORMAT);
$lockExpires = $lockExpires->toValue();
if ($lockExpires > time()) {
throw new Mage_Core_Exception(
Mage::helper('enterprise_pci')->__('This account is locked.'),
self::ADMIN_USER_LOCKED
);
}
}
Then it pulls the latest password and checks to see if the admin has to complete a forced password change.
$latestPassword = Mage::getResourceSingleton('enterprise_pci/admin_user')->getLatestPassword($user->getId());
if ($latestPassword) {
if ($this->_isLatestPasswordExpired($latestPassword)) {
if ($this->isPasswordChangeForced()) {
$message = Mage::helper('enterprise_pci')->__('Your password has expired, you must change it now.');
} else {
$myAccountUrl = Mage::getSingleton('adminhtml/url')->getUrl('adminhtml/system_account/');
$message = Mage::helper('enterprise_pci')->__('Your password has expired, please <a href="%s">change it</a>.', $myAccountUrl);
}
Mage::getSingleton('adminhtml/session')->addNotice($message);
if ($message = Mage::getSingleton('adminhtml/session')->getMessages()->getLastAddedMessage()) {
$message->setIdentifier('enterprise_pci_password_expired')->setIsSticky(true);
Mage::getSingleton('admin/session')->setPciAdminUserIsPasswordExpired(true);
}
}
}
If the getPciAdminUserIsPasswordExpired
session variable is set, then it is caught in the forceAdminPasswordChange function in controller_action_predispatch
.
public function forceAdminPasswordChange($observer)
{
if (!$this->isPasswordChangeForced()) {
return;
}
$session = Mage::getSingleton('admin/session');
if (!$session->isLoggedIn()) {
return;
}
$actionList = array('adminhtml_system_account_index', 'adminhtml_system_account_save',
'adminhtml_index_logout');
$controller = $observer->getEvent()->getControllerAction();
if (Mage::getSingleton('admin/session')->getPciAdminUserIsPasswordExpired()) {
if (!in_array($controller->getFullActionName(), $actionList)) {
if (Mage::getSingleton('admin/session')->isAllowed('admin/system/myaccount')) {
$controller->getResponse()->setRedirect(Mage::getSingleton('adminhtml/url')
->getUrl('adminhtml/system_account/'));
$controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true);
$controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_POST_DISPATCH, true);
} else {
/*
* if admin password is expired and access to 'My Account' page is denied
* than we need to do force logout with error message
*/
Mage::getSingleton('admin/session')->unsetAll();
Mage::getSingleton('adminhtml/session')->unsetAll();
Mage::getSingleton('adminhtml/session')->addError(
Mage::helper('enterprise_pci')->__('Your password has expired, please contact administrator.')
);
$controller->getRequest()->setDispatched(false);
}
}
}
If the Admin user has a forced password flag set and is allowed to access My Account then they'll be able to update their password themselves. If not, then they'll be logged out with the message Your password has expired, please contact administrator.
It turned out to be trivial when I looked into it. The $_image
variable is an instance of VarienObject
with a label
property, so it's just a matter of calling $_image->getLabel()
.
Here's an abridged section of the final code
foreach ($this->getGalleryImages() as $_image): ?>
<a href="#" ....>
<img alt="<?=$_image->getLabel()?> ...
Best Answer
Magento uses the file called
view.xml
which is maintained at the theme level of the application.So for example, if you are using the default theme
luma
you should find theview.xml
undervendor/magento/theme-frontend-luma/etc/view.xml
In this file, you would see
<images/>
node inside the<media>
node.The dimension of the images is maintained here under the
<image/>
node.The
id
attribute value of the<image/>
node is referenced in the codebase.For example:
The id value is used in the view file
vendor/magento/module-catalog/view/frontend/templates/product/list/items.phtml
Here the
$image
refers to the value of the image size here:In case the theme does not have a
view.xml
, then it might be using a fallback theme (parent theme) which has theview.xml
file.Here
Magento/blank
is the parent theme.In case of changing/overwriting the values of the
view.xml
file you need to completely copy the entireview.xml
file to your custom theme and change the values.Once the values changes have been done, you will have to run
Update: As of Magento 2.4 this command supports synchronous (default) and asynchronous modes. Asynchronous means that images will not be processed immediately on command execution. Using the Magento queue functionality, these images will be scheduled for resizing and then processed in the background. To enable asynchronous mode, use the -a or --async option.
To speed up the job while in asynchronous mode, you may manually run several instances of a consumer with the command in each instance: