Problem description
Some blocks are not shown on CMS pages, home page, category pages, landing pages in your Magento installation after installing SUPEE-6788 patch, page layout is broken. Some transactional emails, order notification emails are broken, incomplete or have some data missing after installing SUPEE-6788 patch.Cause
SUPEE-6788 patch introduced new permissions for usage of blocks and core variables on CMS pages and inside templates or extensions. By default, only two blocks (core/template and catalog/product_new) are allowed for inclusion. All other blocks should be whitelisted in blocks permission table.
Solution
- in Backend navigate to CMS > Pages or CMS > Static Blocks or System > Transactional Emails and check the page or block or transactional email affected
- when checking page or template content make sure to Hide Editor to see it in a plain code
- check for elements similar to
{{block type="cms/block"}}or{{var custom.variable}}and record all used entries - navigate to System > Permissions > Blocks and add all blocks collected at previous step:
Adding new block to permission table after SUPEE-6788 - the following blocks are used often:
- cms/block
- catalog/product_list
- catalog/navigation
- featuredproducts/listing
- repeat the same steps for variables at System > Permissions > Variables
- Flush Magento cache
Posted in: Troubleshooting