I'm not selling anything, not yet as least.

From the carts I've seen, and fought my way through,
I'd be tempted to try the same thing.
What worries me is security. I would be a babe in the
woods in that department. -Larry

I built my own - and very glad I did. No security worries as we hand over to secure page at our card processor for final payment.

I built my own because I couldn't find any that allowed users to customise their purchase (add dimensions, extra features, etc.). For technical reasons some of the goods we sell can only be used in certain countries, so I'm in the process of adding a procedure which will decline sales on a geograhic basis.

However, I do worry about the security of my cart. I'm not a internet security expert, if I didn't need the above features, I would choose an off-the-self solution.

if there's a suitable solution out there, use it - spend your time building / optimising / marketing your site instead of reinventing the wheel

if there's not a suitable solution, either modify an existing cart or hire a developer to do it

if you don't have the skills / knowledge to secure a cart, hire a developer - you can sometimes get away with dodgy HTML or with other code that throws up the odd error, but ecommerce security is essential - don't take chances on security

It would be like building a toaster when you can buy a dozen models, why?

There is absolutely no need to build one from scratch.
It is always easier to modify an existing product.

Just pick up one written in a language you are relatively experienced with (or just PHP). Modify design a bit, then launch your shop. Then add features and modifications you need, if you want -- you may do it endless, but your shop will already function.

Launch earlier, even if your project does not have all the bells and whistles yet. It is everything about time in the web!

dont make. dont buy .

use open source shopping carts ..

i like oscommerce that way.

My experience is that a lot of the low end shopping carts are extremely inflexible. Zen Cart, which was supposed to be better than oscommerce, had a really restrictive fundamental design. However, maybe that has all changed in the last year. My point is that if you want your site/cart to do anything that is not plain vanilla you may want to consider rolling your own. Otherwise, I would go with a nice open source cart.

oscommerce? <shudders> why? why?

oscommerce? <shudders> why? why?

LOL while nodding in agreement - you are to funny

I use osCommerce.

osCommerce is really #*$!ty in terms of its internal design, security and flexibility.

However, it gives you a quick-jump into e-commerce world. After tons of modifications, it might be... something almost workable. Better than nothing, especially taking into account its price. It is primarily for people who want to experiment with e-commerce, learn PHP or just have more time than money :)

It is primarily for people who want to experiment with e-commerce, learn PHP or just have more time than money :)

True perhaps. That explains 100 of the bazillion sites I see using it.

What features exactly are cart home-brewers looking for that aren't available cheaply off-the-shelf?

Why re-invent the wheel? Try zen cart or drupal with the ecommerce mod.

(oscommerce is) Better than nothing, especially taking into account its price. It is primarily for people who want to experiment with e-commerce, learn PHP or just have more time than money :)

True perhaps. That explains 100 of the bazillion sites I see using it.

people choose oscommerce because its free or because others blindly recommend oscommerce for everything because it's free.
there are lots of free carts out there much easier to set up and modify than oscommerce ..........

>> It would be like building a toaster when you can buy a dozen models, why?

The primary reason I'd consider going with a roll-your-own cart is the flexibility. Yes, most any cart out there can be customized but you'll need to work with someone else's code and they may not have been all that adept. Building your own means you can build in whatever you want and you can make the app clean and efficient.

Look at osCommerce for example. It's written for modularity. You could remove about 1/2 of the code by combining some files and getting rid of others and the hundreds of if/then/else statements that look for the various settings you can control within the Admin area. True of most packaged carts. It's written for mass appeal.

It may be nice to be able to turn off some functionality simply by setting a checkbox in the admin area but the downside is the performance hit the cart takes on the public side when it has to evaluate the code to determine if the function is on or off. And the more of these switches there are the slower the cart will be - even if only a few microseconds.

Another reason to roll-your-own is that the footprint of the cart isn't documented. By footprint I mean the URLs, dir structure, filenames, etc... Any hacker can simply go to the cart authors website and download a copy to play with and learn where the weaknesses are and how to hack it. Yes, you can modify the footprint of any cart you work with to suit your needs and throw someone off but in order to make it unrecognizable, you'll need to do some serious modifications.

Just my 2¢

Here is the route that we took:

1. bigstep.com hosting
2. Yahoo Store
3. Miva Merchant
4. Rolled Our Own cart

As the company grew, we were able to step up to the next level. Each one offered more functionality and cost over the other. Since we were seeing an increase in sales with each upgrade, we continued to add new funtionality.

My thinking was - I can use an off the shelf cart and spend ages learning it inside+out then changing it to my needs.. or just start from scratch. I knew I'd be frustrated with a cart I didn't write.

A basic cart isn't rocket science, and you can't beat a tailored solution that grows with your site.

Flexibility is definitely key. The problem with modifying an open source solution extensively is that then you have to redo all of your mods for each upgrade or get stuck with whatever version you originally modded forever. That is just a huge PITA.

My site looks, works, and is structured exactly the way I want it to. You might not think that is important, but it is if you want to grow. Our sales have grown faster than our traffic growth, and that is mostly due to improving our site. There is no way that zen cart would have let us do a lot of what we want to do.

I would add a further step to mattb's process after roll your own which would be going with one of the big ecommerce engines like ATG, Venda, or Demandware.

And from the standpoint of the merchant, what happens if the home brew cart's developer gets "hit by a bus?"

I have been using oscommerce, but soon I will have modified it so much that it is no longer oscommerce, and essentially my own.

2 years ago when I started modifying oscommerce, I knew nothing about PHP, through modifying simple things in it, and writing my own scripts, I learned quite a bit, and now I am at the point I can develop my own.

I am glad I started with oscommerce because it allowed me to start selling right away (well... after 3 months of modifying it)

Do what you feel is right for you

And from the standpoint of the merchant, what happens if the home brew cart's developer gets "hit by a bus?"

Hire another person. It shouldn't be a big deal if they wrote decently commented and well organized code. There is always the risk that the product you are using, open source, in house, or commercial, will become unsupported at some point.

You have to weigh flexibility vs. security - yes, homebrew shopping cart is be definition flexible as it is custom fitted to the website, but what about security?

What if the hash function you use to encrypt something is later found to have security holes? Are you keeping up with the security issues?

At least with bought carts (which can be VERY flexible as well), the chances that the developer/community keeping up with security is much higher.

Ive just started brewing my own shopping cart. I found a really good php class that basically sorts out your shopping basket for you..

Webforce

from this its pretty damn easy to develop your own solution..

Originally my site was using paypal but I have seen that this puts a houge percentage of people off actually going through with there purchases..

"I click buy now and it just takes me to paypal!" was what one of the customers that rang up instead of using the paypal cart..!

[edited by: lorax at 12:56 pm (utc) on June 17, 2005]
[edit reason] removed URL [/edit]

I built my own - I already kenw a fair bit of php - I now have a very professional site in function and design - it's not SSL as payment is handed over to Worldpay for transcation

and as a web developer and designer I can now offer clients a cart specific to their needs - every time I've modified other peoples code it takes as long to figure out how to change as it does to do from scratch

depends on your confidence really - you need very good html and good php skills - and it could take several weeks full time

Look at osCommerce for example. It's written for modularity.

uh.... aside from the shipping, payment, & order total modules/classes, there is nothing even remotely modular about osCommerce.

If it were truly modular, then it would be extremely flexible, because any unneeded features could be removed with a snap by removing that features plugin/module or turning it off (a hard coded switch is not modular and the code remains).

Also because then any custom features you needed, could be easily added by writing a new plugin/module to accomplish what you need.

But you cannot do this in osCommerce or most php eCommerce solutions I have seen. Any system where you have to directly alter the core engine to even accomplish the most basic additional feature beyond what the core engine provides is not modular or flexible. This is exactly why I am writing a PHP eCommerce application, because of the lack of PHP eCommerce apps approaching this level and type of scalability and flexibility.

and it could take several weeks full time

and that is several weeks that you could spend marketing / promoting your site to the masses ........

>> here is nothing even remotely modular about osCommerce

Why don't you think it is? The code is written with reusable objects, there is a system for adding contributions, and there's a common template for presentation of catalog items. Granted it's not the cleanest code in the world (or perhaps I should say the most modular) but it is modular.

hi,
what would you guys think is the best and easiest to learn open source ecommerce solution? im good with php but would not like to spend ages to get into the code.
yesterday i installed os commerce and started to modify it. I find my way around but still the code is huge..
any slimer solutions with good support out there?
would be great if anyone has some recommendations, thx.

If you have to ask, then it's not worth the effort.

When you need a custom built cart, you'll know it, and you'll know just why.