osCommerce News
Recent posts
post item
Managing Cities
December 04, 2023
Managing Cities ...
post item
Managing Geo Zones
December 01, 2023
Managing Geo Zones ...
post item
Managing Counties and States
November 30, 2023
Managing Counties and States ...
post item
Managing Countries
November 29, 2023
Managing Countries ...
post item
Managing Filters
November 28, 2023
Managing Filters ...
post item
Managing Cache Control
November 27, 2023
Managing Cache Control ...
post item
Managing Cross Sell Type
November 24, 2023
Managing Cross Sell Type ...
post item
Managing Stock Delivery Terms
November 23, 2023
Managing Stock Delivery Terms ...
post item
Managing Notify Me when in Stock
November 22, 2023
Managing Notify Me when in Stock  ...
post item
Managing Stock Indication
November 21, 2023
Managing Stock Indication ...









osCommerce 4.x

shopping cart



New PayPal Module (Latest API 2.0)

osCommerce 2.2

osCommerce 2.3

Shopping cart customizations


PayPal Express

APM (Alternative Payment Method)

Standard Variant

Advanced Variant



Front End

Install osCommerce for Me

Let me install myself

Multiple sales channels

Single active sales channel

Installation on your own server

Assigning theme to sales channel

Deleting sales channel


App Shop

Adding Free Module

Admin Area

Adding Paid Module

Installing Module

Opayo Pi Module

Development Mode

Email Verification Before Registration

Managing Languages

Managing phpMussel

Managing Orders

oscommerce.com account

Creating Manual Orders

Managing Customers

Managing Customer Groups

Managing Brands

Managing Categories

Managing Filters on Categories

Managing Products

Managing Stock

Assigning Products and Categories to Front Ends

Assigning and Moving Products to Categories

Managing Default Sort Order on Product Listing and Category

Managing Cross-Sell and UPSell

Managing Reviews

Managing Attributes

Managing Product Groups

Managing Properties

Managing Suppliers

Managing Warehouses

Managing Sales Statistics and Purchase Report

Managing Stocktaking Costs

Managing Deleted Orders

Managing Coupons

Managing Virtual Gift Cards

Managing Sales Price

Managing Giveaways

Managing Featured Products

Managing SEO

Managing Meta Tags

Managing XML Sitemap

Settings of E-commerce Tracking for Google Tag Manager

Setting up GA4

Managing Pages

Managing Menus

Assigning Theme to Sales Channels

Deleting Sales Channels

Managing Translations

Managing Email Templates

Managing Catalog Pages

Managing Shipping Modules

Managing Payment Modules

Managing Order Structure

Managing Socials

Managing Extensions

Managing Managers

Managing Access Levels

Managing Back End Menu

Managing Configuration

Mail Sending via SMTP

Setting up SMTP

Status Groups

Order Statuses

Comment Templates

Stock Indication

Notify Me when in Stock

Stock Delivery Terms

Cross Sell Type

Cache Control


Managing Countries

Managing Counties and States

Geo Zones

Managing Cities

city settings

Issue #13: November 4, 2002

By Harald Ponce de Leon

November 4, 2002

New Checkout Procedure Proposal Realized
New cartID Protection Against False Orders
New Zone Concept For Payment And Shipping Modules
Company Field Now Attached To The Address
Credit Card Validation Logic Replaced
New Copyright Announcement For The Administration Tool
Removal Of The FedEx Shipping Module
New Security Layer For The HTTP Output Functions
Images Assigned To Multiple Categories Or Products No Longer Removed

New Checkout Procedure Proposal Realized

The new checkout procedure that was proposed two months ago was just commited in the CVS repository over the weekend, which brings in a great user interface to the procedure with optimizations made in the php logic.

Shipping modules are now able to return and display multiple rates, which can be best seen with the provided UPS and USPS shipping modules.

The optimizations to the shipping and payment modules unfortunately make contributed modules incompatible to use - contributed modules need to be updated to the optimized structure of the payment and shipping modules if they are to be used with the new checkout procedure.

It is now possible for the customer to select different shipping and billing addresses to use for the order, where entries are shown from their address book.

Some minor changes to the new checkout procedure are still being worked on, the major change being when no shipping or payment modules are enabled, that part of the checkout procedure will not be shown to the customer. This is most useful for virtual, or downloadable, products that do not need a shipping address.

New cartID Protection Against False Orders

Everytime a product is added, updated, or removed from the customers shopping cart, a cart ID is generated and saved in the session. This ID is checked upon throughout the checkout procedure to minimize the occurance of customers adding products to their cart while keeping the same shipping fees assigned to the order.

New Zone Concept For Payment And Shipping Modules

A new concept currently under review by the development team is the assignment of Zones to payment and shipping modules which, when used, enable the modules only when the destination zones match the assigned Zone to the module.

An example of use is the Cash on Delivery payment module. By assigning it a Zone with just the country of the store, this payment method will only be enabled when the order is being sent to that country. International and oversears customers would then not see this method of payment as it would be disabled real-time.

The Zones structure it utilitizes is already in the codebase which is being used for the Tax Zones.

Company Field Now Attached To The Address

The company field is now attached to the address, and is only displayed when the value is not empty.

The company field parameter in application_top.php (soon to be moved to the database so it can be set via the Administration Tool -> Configuration section) is now enabled by default.

Credit Card Validation Logic Replaced

The credit card validation script used was not compatible with the GPL license, and has been replaced with a php class that now takes care of the validation routines.

Permission was requested to the authors but a definite answer was not provided. Instead of playing the waiting game, the logic was simply replaced.

New Copyright Announcement For The Administration Tool

The copyright announcement shown on the Administration Tool frontend was updated to be in compliance with section 2c of the GPL license.

This means the copyright announcement shown on the Administration Tool can not be removed, or can only be appropriately modified.

This decision was taken after discussing the issue both internally and publicly in the forums, and is for the best interest of the project for the future.

A frequently asked questions entry has been provided which better explains the issue:


Removal Of The FedEx Shipping Module

FedEx updated their RateFinder service which broke the FedEx shipping module used in the project. The updated service requires two requests to be made in order to return shipping rates for an order - this is unacceptable for an e-commerce solution which led to the removal of the modules in the standard package.

A representative from FedEx has informed a team developer that a new XML based service will be offered early next year.

New Security Layer For The HTTP Output Functions

A new security layer was added to the http output functions, specifically the functions that take care of the form field elements.

Due to the double-quotes used in the tags which the http output functions return, the string values passed as parameters are being parsed where double-quotes are returned as special characters.

This means for the following example tag, which would otherwise be broken due to the double-quote existing inside the tag:

<input type="text" name="parameter" value="my"value">

would be replaced with:

<input type="text" name="parameter" value="my"e;value">

We decided to parse only the double-quote character which is considered to be safe, and not use the php function htmlspecialchars() as htmlspecialchars() also parses the ampersand (&) character, which would break html special characters passed as parameters to the html output functions. For example, the value "my&nbsp;value" would be parsed as "my&amp;nbsp;value" breaking the &nbsp; (space) character.

Images Assigned To Multiple Categories or Products No Longer Removed

The Administration Tool now checks to see if images assigned to categories or products being deleted are used elsewhere to prevent the removal of the images which would otherwise leave the categories or products using the same image with a broken image display.


You can further discuss it on our Forum