Magento version 1.9.3.4 include patch SUPEE-9767 V2 which includes security patching for the checkout process.
For your current front-end templates to work with this patch you will need to include a form key value to a number of forms in the checkout process.
<?php echo $this->getBlockHtml('formkey') ?>
Load the templates below from your app/design/frontend/<package>/<theme> directory and add the Form Key code above between the <form> and </form> tags on each.
The basic templates that will need upgraded:
/template/checkout/cart/shipping.phtml/template/checkout/onepage/billing.phtml/template/checkout/onepage/shipping.phtml/template/checkout/onepage/payment.phtml
If persistant checkout is enabled:
/template/checkout/onepage/shipping_method.phtml/template/persistent/checkout/onepage/billing.phtml
If you allow shippinng to multiple addresses:
/template/checkout/multishipping/billing.phtml/template/checkout/multishipping/shipping.phtml
My Magento Expertise
If you are planning a new e‑commerce store, considering a platform upgrade or looking for ongoing Magento support, I can provide the expertise you need. Based in Northern Ireland and working with clients locally and internationally, I deliver solutions that help businesses grow.
