OpenCart
WooCommerce
Our great sponsors
OpenCart | WooCommerce | |
---|---|---|
25 | 97 | |
7,210 | 9,024 | |
1.1% | 1.3% | |
10.0 | 10.0 | |
6 days ago | 5 days ago | |
PHP | PHP | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OpenCart
-
Open Cart Vulnerability Discussion on GitHub
Either way the PR (https://github.com/opencart/opencart/pull/12949/files) should have been accepte. Clearly the [^a-zA-z0-9_] regex will not do what it appears to be intended to do without the delimiters.
Hah, in one of the replies someone mentions a session hijacking issue https://github.com/opencart/opencart/issues/12939 but the guy's response was:
> what a great hacker! this man should be put on a pedestal for as the worlds greatest hacker for using inspect element and copy and pasting his user_token var from the browser. now if he can only get it to work on a 3rd party who's cookie and user_token he wont know! lets not forget SSL.
It was eventually fixed in another PR, despite the maintainer's lengthy ranting.
https://github.com/opencart/opencart/pull/12951#issuecomment...
The maintainer is apparently infamous for lashing out against people trying to report potential vulnerabilities.
He had a similar attitude all the way back in 2014:
> i'm closing this as its a waste of time.
https://github.com/opencart/opencart/issues/1269#issuecommen...
-
Trying out a medusa webshop
OpenCart
-
onlineshop for internal use.
I like - https://www.opencart.com. Requires bit of configuration initially but has good customisation. Wordpress plugin - https://woocommerce.com
-
Ask HN: Who wants to be hired? (July 2022)
Change to just a summary bullet point like:
* heavy contributed to upstream OpenCart (https://github.com/opencart/opencart) project
-
Asking for a friend: how to start an Instagram business and how much it costs?
Some quick finds: https://github.com/mhmdomer/ecommerce-laravel https://github.com/opencart/opencart
-
Solving Open Source Supply Chain Security for the PHP Ecosystem
> I don't get it, who is going to pay for the time and energy required to audit everything?
Not everything has to be audited. That's why there's different levels of attestations.
In terms of economic incentives: If you're a company bit by one of the recent supply chain issues (colors.js, etc.), you might be able to justify hiring a security vendor to audit the code that your company depends on. This would provide a net-positive benefit to the entire ecosystem, even if it's only a small set of audited code.
Maybe one day, we can even make this an expectation of large players. But that's a discussion for down the road.
On the opposite end of things, you have independent security consultants that want to establish their reputation so they can get paid engagements with software companies.
One avenue available to everyone is review open source software, report vulnerabilities to their maintainers. This can be thankless or even traumatic; i.e. https://github.com/opencart/opencart/pull/1594
Gossamer would open an alternative approach: Hang your shingle out by publishing negative (vote-against) attestations of vulnerable versions of open source software and positive attestations (e.g. code-review) of the versions that mitigated the issues they disclosed. Anti-malware vendors (e.g. WordFence) could even issue weaker positive assertions (spot-check) for WordPress plugin/theme updates after vetting the known-good releases. Security companies depend heavily on their ability to earn trust to thrive, and that's a hard market to break into; this offers another way in.
In short, the economic challenges you're imagining aren't the ones that this project will face. (Although, there will assuredly be challenges.)
Companies acting in their own self-interest can be leveraged to cover the hot paths of the universal dependency graph, and security up-starts can be leveraged to cover their blind spots. Given enough time, the ecosystem will eventually reach some sort of equilibrium, and many new opportunities will be made in the process.
> I presume the big package maintainers already have eyes on their stuff - symfony etc.
Read the discussion on the Symfony Encryption component: https://github.com/symfony/symfony/pull/39344
Just because they have eyes on their stuff doesn't mean that those eyes have the necessary domain-specific expertise to identify problems. If it weren't for Paragon (paragonie-security on Github) and their associates in the security industry, the issues identified in the earlier versions of the module would likely have persisted and been shipped.
WooCommerce
-
Medusa Vs Woocommerce: Comparing Two Open source Online Commerce Platforms
Developers can contribute or report bugs on Woocommerce’s GitHub repository.
Woocommerce is an open source, customizable ecommerce platform built on WordPress. Woocommerce offers features like flexible and secure payment and shipping integration. It is written in PHP which is a universal language that can be used to build complex applications.
-
Top WordPress Plugins to Make Your Site Delightful [FREEMIUM]
Woo-Commerce — Looking to start selling products and services on your website? Yes, there is an eCommerce plugin for that purpose. With WordPress, you can build your online store using WooCommerce, the most popular e-commerce plugin for WordPress. You can do much with this software because of its endless customization. Set currencies, display reviews, sort, and filter, add unlimited images, enable subscriptions and tiered pricing, and much more. WooCommerce offers free core functionality, which is perhaps its best feature. Also, Automattic makes the WordPress CMS, so you know you are running a high-quality, reliable plugin.
-
New theme system is incoming! Basically you can create iOS & Android mobile apps or even Windows & MacOS programs with.. a WordPress Theme!
Adding WooCommerce support ( https://woocommerce.com/ ) so e-commerce..
-
Woocommerce: Cannot make permanent changes to the product layout
Appears to be a known bug: https://github.com/woocommerce/woocommerce/pull/35213
-
The Best Elementor add-on to try in 2022
Elementor is undoubtedly the best page builder. It is fulfilled with various features which are sufficient to make your website fantasies into a reality. You can expand it by using add-ons. Do you need to change the look of your Shop sliders? Or do you need to modify WooCommerce's checkout? Or would you like to design posh store pages for your websites? There is an add-on for it. In this post, I will tell you about CoDesigner, the best Elementor add-on to make your website eye-catching and elegant.
-
The Top 5 Best Ecommerce Website Builders – 2022
Shopify — Best all-around eCommerce website builder Webflow — eCommerce website builder Expert WooCommerce — eCommerce website builder for Online Stores Ecommerce (PHP) — Greate ECommerce Website Builder Wix — Best for fast launching an online store
-
Create a unique single product page
Sure. WP and WC by virtue make extensive use of hooks called actions and filters. Usually you’ll use predefined ones. For example you’ll see many defined in the WC template files. Take line 60 of content-single-product.php you’ll find WC has defined an action called ‘woocommerce_single_product_summary. Note that is the only code inside that div. That’s because other WC functions hook onto that action and those are what actually output the html in there. So woocommerce_template_single_title is a function that loads the title template. Note the priority numbers are given so if you want to put content after the title and before the rating your action would need to have priority between 5 and 10.
Unfortunately, iirc wc does not have a nice way to do this from the front end. What you’d probably want to do is override the single-product.php file and, for example, add some conditional around the wc_get_template_part( 'content', 'single-product' ); call.
What are some alternatives?
Open Classifieds - Yclas Self Hosted is a powerful script that can transform any domain into a fully customizable classifieds site within a few seconds.
Saleor - Saleor Core: the high performance, composable, headless commerce API.
Sylius - Open Source eCommerce Framework on Symfony
django-cms - The easy-to-use and developer-friendly enterprise CMS powered by Django
Bagisto - Free and open source laravel eCommerce platform
Osclass - With Osclass, get your own classifieds site for free. Build your own Osclass installation and start advertising real estate, jobs or whatever you want- in minutes!
Pimcore - Core Framework for the Open Source Data & Experience Management Platform (PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce)
CoreShop - CoreShop - Pimcore eCommerce