Zen Cart Hacked!

In the eyes of BlueHost, it seems I rolled out of bed today and decided to go phishing. So they deactivated my other site. No matter that I contacted them yesterday specifically to tell them that I’d just learned from Google that my site had been hacked and was hosting phishing scripts (thank you Google) .

PayPal/eBay nicely, seems to have chosen to approach this from the ‘benefit of the doubt’ POV. I’m definitely more impressed with the proactive eBay approach, than the ‘blame the hacked’ BlueHost approach. Seriously, whose servers are they?

Luckily, it’s not as though the site was setting the e-commerce world on fire, a gap in service might go somewhat unnoticed.

Seems I’m not alone, TG Daily reported on large-scale PHP hack-attacks at Go Daddy, BlueHost and others, back in May.

2010.07.13 | C Rand-Thompson | Tags: , , , | No Comments »

Quest for the Best: E-commerce

What did you do on your vacation? Oh, thanks for asking, I took time to install, configure and compare 4 Open Source E-Commerce programs: AgoraCart, Magento, OpenCart and Zen Cart. 1

My criteria were: Free software only, no paid versions or options, if they exist. Here’s a graphic synopsis of my experience…

Quest_for_the_Best_E-commerce

As far as overall ease of set up, and least expense, I have to say I was impressed with AgoraCart.  It is not the most beautiful or the most feature rich—it is strictly web 1.0, built on CGI and html.  Nonetheless, AgoraCart, probably the oldest of all these programs, performed fabulously with a shared SSL cert and PayPal.  The PayPal checkout is nicely integrated, and flows smoothly, without requiring separate log-ins for the site and PayPal. 

For a serious “Free Programs only” purist, this is a good option.  I’m not sure about the overall security / hackability of CGI, so looks and site security could be an issue.  If I were going to host a store on AgoraCart, I’d set up a URL redirect to send the standard AgoraCart URL, which looks something like this http://www.storeX.com/store-directory/agora.cgi to http://storeX.com, for easier customer access.

After setting up the full configurations of OpenCart and Magento, I found that neither of them could complete a credit card transaction, OpenCart was fine for check purchases without a dedicated IP and SSL cert, but I’d feel creepy sending customers’ info over an unsecure connection, no go with shared SSL certificate for either of these programs.  I ran into a PHP glitch, but I think that was due to a behind the scenes upgrade going on at my host, and not the programs. 

OpenCart is a snap to install  2 and configure, very intuitive and overall a good looking store.  You could get by with CSS and do a decent job of customization. 3  One caveat, it seems that a lot of the modules that are included or free for downloading with other e-commerce programs are sold on a per module basis. I don’t know about you, but I cannot sell without shipping calculations.

osCommerce is in a lot of ways, the lumbering giant that started it all, by which I mean the community developed, free, open-source e-commerce genre.  I was put off, a long time ago now, by the need to edit the PHP code of every mod I downloaded.  That is what spurred my move to Zen Cart.  With Zen Cart, one can build a working store for free, without being fluent in PHP.  I’m sure osCommerce is vastly changed since I checked it out, and I am no doubt missing out on a lot of fun.

To be continued…

Notes:

  1. I didn’t renew my acquaintance with OS Commerce, since that acquaintance drove me to Zen Cart in the first place, circa 2005, due to the constant need to edit the PHP source code directly.
  2. Open Cart was installed using Simple Scripts and CPanel
  3. if you’re not already using Firefox and the Web Developer add-on for editing and testing CSS, read this great article from Lifehacker.com, the add-on instantly changed my life for the better.  You can get it directly from the developer at: Web Developer.
2009.08.16 | C Rand-Thompson | Tags: , , , , , , , | No Comments »