If I was building a website myself so that I could sell products through it then off the self, selling product is what pays the bills.
If I was engaged by the site owner to build it then I would tend towards a shopping cart but would depend on the precise requirements. I would take care to point out the limitations of any carts recommended and the cost and risk of a bespoke solution.
Context is the key. For a 1-5 products-rarely-changed site, you don't need the overhead of a huge cart with features you'll never use. It's is demanding on resources and file space (most of them are huge) and likely to be slow(er), especially on shared hosting. Any more than that, or frequently changing products requiring modification by the site owner on a regular basis, use an existing solution.
Temper that with budget and experience - if #1, do you have the skills to write a secure script? If the answer is no, or "I can do anything even if it takes me forever to figure it out," there are lightweight solutions you can implement without re-inventing the wheel. Shopify is one good example for a few simple products, but it's a hosted solution.
You could do a hybrid site if by using a service that handles the cart and purchase process for you. Then you could design/build the catalog portion yourself using and hook into their service. This way the security issues including PCI compliance would be out of your hands.
Some great replies
Another alternative is to use an open source CMS such as joomla with either a commercial or non commercial shopping cart extension.
If you do that, make sure your contract includes regular maintenance for BACKUPS and updates.
I am NOT a lawyer, but I think that if you use an available product (Open source or commercial) AND maintian the patches, your liability would be less than if you design something from the ground up.
Similar to the above response, but maybe look into wordpress and some of the shopping cart plugins?
Depends on how many products you stock and how often do you change the prices etc if thats a lot then a pre made cart is required.
If your going to write one, use a very skilled graphic designer for buttons etc, make it diffrent.
I think for online businesses the security aspect should be prioritised; if I were to move on to selling directly, I would have to deal with customer data on things like payments (e.g. credit card details). I would not want to do that myself unless I was a very skilled programmer; it might get you into severe liability issues if things go wrong.
>> (e.g. credit card details). I would not want to do that myself
many companies can process cards for you without you seeing the card details and thus removing liability from you entirely.
if you have the skill, a custom built cart, specifically designed for your products is streets ahead of an off the shelf solution.