Page 1 of 1

E-commerce packages?

Posted: Fri Jun 13, 2003 11:50 am
by Guymon
Hi! I'm new here and want to see if I can get some feedback on a couple of things. The company I am working for right now has been trying to get a new version of their e-commerce site up for the past few months. A long time ago (before I was hired) my boss narrowed down his search for a solid PHP/MySQL e-commerce package and now we need to decide between OSCommerce (http://www.oscommerce.com) and X-Cart (http://www.x-cart.com). I've looked pretty closely at OSCommerce since it is a free download. It seems to have pros and cons like anything else, it's main problem being that it's more complex and confusing under the hood than they initially let on. Now I am wondering what's up with X-Cart. Has anyone here actually purchased and used X-Cart successfully? How does it compare to OSCommerce? Any major drawbacks (aside from paying for it). Any security holes or anything like that?

My company's biggest concerns are the ability to quickly and easily customize every aspect of the look and feel, must be search engine friendly, and must be able to seperate the catalog section from the admin/order handling for security purposes (oh yeah -- there's MASSIVE paranoia around here about customer credit card numbers).

Any insight would be very much appreciated! Thanks!!

Posted: Fri Jun 13, 2003 2:34 pm
by Stoker
I don't know x-cart, I've set up osCommerce of the old-style (1.x) before and its a mess to customize, the newer one I dont know much about, never used it as it is still in development-mode (Preview release)..
If I had the choice bewteen those two I would likely go for the X-cart, the price is insignificant for an established e-tails, so heck, just buy it and do some testing with them and compare...

If the retailer has a lot of products that often change such a system is not very beneficial at all, then it is a lot more useful with something that has a local management system that post updates to the website automatically, I don't know about any such system, but I developed one for some clients of mine, this one doesnt really apply to all sorts of retail sales as it is developed specifically for local Cigarette e-tailes and will not be very useful to others that need more variety.. It uses a highly customized version of PHPshop as the store interface, then my software interracts with the data from a local position.. my point is that it doesnt take a whole lot to make something like this for yourself.. ALthough, I would not recommend building it on PHPshop (even if I did), I have found out and fixed a ton of bad code and solutions, the original one wastes way too much resources on way too many queries etc.. basic it in x-cart may be cool, depends a bit on what their license looks like, and how the code has been documented as well..

As far as cc-number storage goes, I would say DON'T....
Any cart system that collects the cc-numbers and keeps it in session-data should NEVER be used in a shared-server-environment.. e.g. a cart system that asks for the cc-number, then goes to another page before actually submitting it does this, it keeps it in session data somehow.. bad bad bad....
Best way is to collect the cc-num/payment info on the "last page", then from the server submit to merchant gateway and if given a green light show a success-page and store the order..
If you really need to store the number, use GPG or similar and do NEVER store the private key on the server, do NOT offer any sort of way of decypting it on the server, nt even with a deidcated box I would do this without some extra protection..

This probably didnt help much :lol: but at least I gave a couple of warnings :)

Posted: Fri Jun 13, 2003 4:04 pm
by Guymon
Thanks for the input! Yeah, OSCommerce is a bit of a mess. Parts of the current version (2.2) are easy to customize, but it took me a good while to pick through the code to figure out why my many of my attempted customizations kept doing wierd stuff (like simply using different link or background colors or removing a useless module). And even in the current version the admin area appears to be limited in several ways unless you want to jump in and do some hardcore modifications in the code. The appealing thing is that so many people are making contributions to it. This appeal also strikes me as a downfall because it increases your chances for a ton of bugs (which I've found in many of the add-on modules).

I hear what you're saying about building one yourself from the ground up. Chances are we will do that here later on down the road. Unfortunately we are approaching a time crunch -- the current commerce app (Perl/CGI based) is taking a huge crap and we're losing customer$ every day now. We have to implement something new within about 2 -3 weeks, and there's no way I'll be tackling a brand new custom system by myself during that kind of time frame... heh, at least not for how little I get paid. :P And I couldn't agree with you more about handling credit cards - that's the exact concern we have... I think X-cart does it on the very last page, and I think I saw something about using PGP to retrieve the numbers.

Anyway, I'm only finding positive stuff so far about X-cart, but it's mostly feedback from company managers and such who only marginally understand what they are doing, not web developers who have gotten their hands dirty with having to customize it, add their own modules, fix bugs, etc. Right now it's looking like we're gonna just cough up the dough so we can start trying it out next week. Regardless, I'd still like to hear from some other developers who may have some insight or experience with X-Cart. Hopefully if it blows, they will stick to their money back guarantee and I'll just force my partially completed OSCommerce system to work somehow.

Thanks again!

Posted: Mon Jun 16, 2003 10:30 am
by JPlush76
uhhh avoid os commerce at ALL costs.

The coding is such a mess, it takes a while to know whats going on with it. It was such a pain I told my company to drop it and I'll just write an ecom package from sractch. They needed A LOT of customizing to thats why it was such a pain.

If you just want the out of the box package and dont want to customize it, that will work I suppose.

Posted: Tue Jun 24, 2003 1:21 pm
by Guymon
Well, in case anyone is curious, I have officially decided that X-Cart rocks! Oh yeah, and OS Commerce does indeed thoroughly suck. X-Cart is insanely easy to modify on almost every level, basically because it uses Smarty Templates. Also, the program logic is much more... well, logical. This makes it easy to customize the user experience. Anyway, it's only drawback was that it had a price, but in my current rapid development situation, it is quickly proving to be worth every penny.