The free webshop
Yes, there really ARE free webshops. At www.oscommerce.com you can get one. It's made by profesional
developers but it's not clear what that profession actually is.
It doesn't look like they were in the programmer's profession. Or if they were, they were in the candycane
languages (C++, C, Perl, Python, Ruby, PHP, etc). And that's a sure means to build in lots of unintended
security leaks.
I considered OS Commerce. If interested, please first read this fairly unbiased review at wikipedia: http://en.wikipedia.org/wiki/OsCommerce.
Mid May 2009 it was mentioned that osCommerce has some serious weaknesses in their (dutch) payment processors. I am dutch and so will be the majority of my customers, so this rules out me using osComemrce.
Of course this is not the only reason. Read the next section.
The case against osCommerce
Below are some reasons for me for not using osCommerce:
| a | There seem to be problems in the payment sections for dutch banks. Dutch banks rate amongst the most secure banks when it comes to fraud protection. So, if dutch bank transactions can be troublesome, other countries transactions will be as well. |
| b |
The program was written in PHP using mySQL. PHP is a nice scripting tool for making dynamic webpages. MySQL
is a powerful database engine. Yet, this does not make either of them, let alone the combination, suitable
for writing financial software.
Even worse: PHP is known for its weaknesses. It has zillions of loopholes that enable malicious people to ruin websites and webservers. You don't want that to happen with your shop. |
| c | osCommerce runs on the server of your webhost. If you have a cheap webhost, it will run painstakingly slow. If your webhost is not into security as much as mine, your shop will be corrupted sooner or later. |
| d |
osCommerce looks hard to set up. I may be wrong here, but the lot of it didn't give me the feeling that I could do with just some HTML code tweakings. I want to keep away from PHP as much as possible. Also, a good friend of mine, used osCommerce for his website and his site has been under attack from crackers a number of times. And when I look in the log files of my webhost, I see lots and lots of attacks on this site, using PHP as a means to launch the attacks. No thanks. |
Of course there is no reason whatsoever for you to not use it. It's just all too complicated for me to get things straight with this software.
Other truly free webshops
Below is a list of free webshop programs, as published on http://en.wikipedia.org/wiki/List_of_Open_Source_eCommerce_Software , with some remarks added by me. Keep in mind that these remarks mirror my opinion and prejudice.
| Program | Written in | My opinion |
|---|---|---|
| Bots (edi) | Python |
Perl or Python, it doesn't really matter. Both are scripting languages that were originally made for other
purposes. These are no programming languages and lack every aspect that is security related.
They may work fine. Perhaps security was built in by the scripters, but that will have slowed down the by nature already very slow interpreters even more. Perl and Python make a bad choice. Keep away from it. |
| Satchmo | ||
| Interchange | Perl | |
| Interchange | Unknown | Unknown is un-admired. Let's keep it like that. |
| Apache OFBiz | Java | Java is a relatively secure language. And OFBiz is part of Apache. That would make it a serious candidate if I want to extend my current webshop. |
| PrestaShop | Ajax | Ajax is based on Javascript. Javascript runs on the client, so it is fast enough. PrestaShop seems to be the undressed version of osCommerce. |
| CubeCart | PHP | Written with PHP. That's the best reason to keep away from it as far as possible. PHP (Pretty HomePage) is nice for the personal website. But if your income or your taxrecord is depending on it, keep out! |
| Ubercart | ||
| VirtueMart | ||
| Zen Cart |
Page created on 23 May 2009 and
Page equipped with FroogleBuster technology