Page 1 of 1

osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Mon Jul 13, 2009 11:46 am
by jack_indigo
I just want to get the word out that I think F/OSS product catalog is terrible when it does not have a plugin framework, and hopefully something as easy to install or uninstall just like WordPress plugins.

ZenCart is based on osCommerce, so it has the same problem as osCommerce in that the addons are nothing more than "insert this code here and here" kind of instructions. You end up having to do 3-way diff checks in order to apply the addons. The 3 ways are to see:

- your current source, and likely something that is often 2-3 versions behind based on my experience with clients
- the source of the addon you want to apply
- the source of the latest version of osCommerce or ZenCart

You need the last one because sometimes when applying an addon, you have to make a decision whether the source code insertion is part of the addon and necessary, or just part of some future upgrade that you haven't migrated to and not really necessary and worth the hassle to add in from the third diff item, the source of the latest version of osCommerce or ZenCart.

So this creates some really buggy osCommerce and ZenCart installs out there. And I'd hate to base my company on this because with addons and upgrades being so painful, this is why my clients are often like 2 and 3 versions behind the latest version. And if your version is that old, then you're not keeping up with the latest security exploits such as what's listed on Secunia or the product site. That means you can get HACKED, folks. Don't let this be you.

Meanwhile, the way these product catalogs are built are pre-MVC, so they are somewhat spaghetti code. My take? Yeah, leave these projects for the $10/hr guys who claim they can do anything. Don't fall into this trap like I did and take on one of these projects.

It looks like Magento is now the only game in town worth considering. They are also MVC-based. Unfortuantely, however, I have seen first-hand how the product catalog with Magento slows down if you load in hundreds of products, but a couple people tell me that this is fixed now, so I'll have to check that out.

Re: osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Mon Jul 13, 2009 2:35 pm
by Darhazer
Summer Cart is also MVC based... it's not free, but you can get a developer license to play with it... and if you want to base your business on this, you can join the reseller program.

Re: osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Mon Jul 13, 2009 11:06 pm
by jack_indigo
1. A good plugin/addon strategy for product catalog/shopping cart products is one which lets you easily deactivate it in the admin system without harming the code, and lets you usually use it through about 3 upgrades of the catalog/cart products, with some exceptions here or there. If your catalog/cart product choice doesn't let you do that, and if it's not a completely custom job, I advise you strongly not to consider it. It'll be harder to get developers for your needs if you ignored this advice, and easier for bugs to slip in.

2. What I'm seeing is that clients using many catalog/cart products are consistently not upgrading because they've forked the original product so badly with addons that they can't upgrade without breaking their sites completely. And this leads to major security exploits. I'm guessing that perhaps as much as 50% of the osCommerce and ZenCart sites you see out there can be hit with security exploits because of this issue.

So pick your catalog/cart product wisely -- can you easily deactivate your plugins, upgrade your product, and reapply like 50% of your plugins at least? Can you even easily deactivate your plugins from the admin system without needing to use diff tools? If you can't, then you're heading for trouble in a few years if you plan on using plugins/addons.

Re: osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Tue Jul 14, 2009 8:52 am
by alex.barylski
Blueyon has a program called OpenCart. No where near as robust as the big guys, but it's code is clean and easy to follow, you would probably do better off extending this codebase than hacking on a bigger more complicated mess.

Re: osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Thu Jul 16, 2009 3:48 am
by Darhazer
Very good platform indeed (although the queries are written unreadable imho). And the admin interface is really clear and easy to use. Plain PHP templates (with PHP's if-s and foreach-s, but dealing with simple data, unlike the Magento's templates that use objects and calls object methods in the templates). Thank you for sharing this.

Re: osCommerce and ZenCart Rant -- I Don't Recommend These

Posted: Thu Jul 16, 2009 4:35 am
by onion2k
jack_indigo wrote:2. What I'm seeing is that clients using many catalog/cart products are consistently not upgrading because they've forked the original product so badly with addons that they can't upgrade without breaking their sites completely. And this leads to major security exploits. I'm guessing that perhaps as much as 50% of the osCommerce and ZenCart sites you see out there can be hit with security exploits because of this issue.
That will always be the case with an off-the-shelf e-commerce application. The basics (list products, add to cart, checkout) might be common to all online stores but as soon as you start adding in code to handle the way special offers work, different payment systems, stock management, promotions, product specifications, and such like you end up having to modify the base code. It can't really be done with plugins unless the whole store was written as a set of plugins to a completely bare engine that just ran the plugins.