Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Addon Development - Best Practices


Recommended Posts

relevant php info about HTML_entities in different php versions

http://fi2.php.net/manual/en/function.htmlentities.php

An optional argument defining the encoding used when converting characters.

If omitted, the default value of the encoding varies depending on the PHP version in use. In PHP 5.6 and later, the default_charset configuration option is used as the default value. PHP 5.4 and 5.5 will use UTF-8 as the default. Earlier versions of PHP use ISO-8859-1.

Although this argument is technically optional, you are highly encouraged to specify the correct value for your code if you are using PHP 5.5 or earlier, or if your default_charset configuration option may be set incorrectly for the given input.

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

  • Replies 130
  • Created
  • Last Reply

@@burt

The boxes are shown by an array, so you can drop in a new box to add to the array of any existing box.

Take a look at the file: /admin/includes/boxes/tools_security_checks.php for an example.
Also log into an admin of any shop, and check where the link (made in that file) shows...

 

I can see how, if the file: /admin/includes/boxes/tools_security_checks.php is in the correct folder, it will add the new menu choice (and correct link) within the existing box.

 

I can easily add this file, and hence add the menu choice, when a new module is added (added, not installed). *BUT*, how do I remove the file when the module is un-installed. Otherwise, the menu choice is still there for an un-installed module.

 

Malcolm

Link to comment
Share on other sites

@@burt

 

I can see how, if the file: /admin/includes/boxes/tools_security_checks.php is in the correct folder, it will add the new menu choice (and correct link) within the existing box.

 

I can easily add this file, and hence add the menu choice, when a new module is added (added, not installed). *BUT*, how do I remove the file when the module is un-installed. Otherwise, the menu choice is still there for an un-installed module.

 

Malcolm

 

The menu doesn't relate directly to the module, it points to the admin page which is also still there when you uninstall the module - and probably you want it to be. Any other files and edits to core files that were necessary would also still be there. And so is the module file itself!

 

My point is, the menu will still work.

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

@@burt

 

I can see how, if the file: /admin/includes/boxes/tools_security_checks.php is in the correct folder, it will add the new menu choice (and correct link) within the existing box.

 

I can easily add this file, and hence add the menu choice, when a new module is added (added, not installed). *BUT*, how do I remove the file when the module is un-installed. Otherwise, the menu choice is still there for an un-installed module.

 

Malcolm

 

If the user of the addon uninstalls, do you feel that they would be unable to delete the file using FTP or Control Panel.  Yes, things should be easy, but we do not want to take all responsibility away from the user of the software.

Link to comment
Share on other sites

Another best practice point:

Comments, variables, constants should be in English, not French, not German nor Spanish or whatever the developers mother language may be B)

 

and another point:

all (at least language) files utf-8 encoded

Link to comment
Share on other sites

Another best practice point:

Comments, variables, constants should be in English, not French, not German nor Spanish or whatever the developers mother language may be B)

 

If we're going to bring up coding standards, I'd like to refer you to https://github.com/osCommerce/oscommerce2/blob/master/docs/STANDARD

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

If we're going to bring up coding standards, I'd like to refer you to https://github.com/osCommerce/oscommerce2/blob/master/docs/STANDARD

 

referring to this standard document and example on line 290, why the **** are integer values quoted when they are first cast to (int) ?

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

referring to this standard document and example on line 290, why the **** are integer values quoted when they are first cast to (int) ?

 

I hope you didn't think I meant they're right, I was just pointing out they exist... but I think in this example I've seen that held up elsewhere as good practice to ensure that variable type matches database type. I can't speak to whether it's a really a good idea though; perhaps you can find a 10-page thread arguing about it somewhere online

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

I believe the line in question is

  tep_db_perform('table', $sql_data_array, 'update', "id = '" . (int)$id . "'");

The $id is cast to integer as a security measure. If it is previously set by some thing like

$id = $_GET['id'];

then failing to cast it to integer will allow a hacker to put id=1’,’test1’,(select password from mysql.user where user=’root’))-- - and there goes your database.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Back to add-ons. I'm just doing one that adds captions to product images, so it involves replacing the colorbox header tags module with one that loads in a modified photoset-grid plugin as well as changes in the page (or in fact pi module).

 

Anyway, it's clearly a bad idea to overwrite core modules, so there's going to be the opportunity for those who don't read the instructions to get in a mess by having both the original and replacement ht modules active. Is it better to keep things simple and let people make their own mess - or put in some checking to alert them to what they've not done?

 

Second question - is it better to have a single content module that loads footer scripts as well as content if the two things are interdependent? Or is that short-sighted and a potential for clashes between modules that might want to use the same footer script?

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

@@BrockleyJohn

As a shop owner, I would say its better to add a simple alert to let us know we have done something wrong. We are not all intellegent and at times need a bit of a prod to let us know we are doing something that we shouldnt.We also dont always read instructions and if we do we may not understand what we are being asked or told.

 

On your second point I would like to see sererate modules for seperate things. Saying that, if one module can only be used with the other why not make it an option that can or cannot be used by a simple activation/deactivation change in admin. That would give people the option to use it if they wanted it, or to use just one part if they didnt want the second. It does also sound as if it would also keep things simple.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

Anyway, it's clearly a bad idea to overwrite core modules, so there's going to be the opportunity for those who don't read the instructions to get in a mess by having both the original and replacement ht modules active. Is it better to keep things simple and let people make their own mess - or put in some checking to alert them to what they've not done?

 

I would say .. Do both .. Give an alert message and an option.

 

Second question - is it better to have a single content module that loads footer scripts as well as content if the two things are interdependent? Or is that short-sighted and a potential for clashes between modules that might want to use the same footer script?

 

I would say the rule of thumb is / should be : If a footer script (or header script) is ONLY used in the CM than put it in the CM ... Keep your code together and don't create Spaghetti-code ...

 

Potential clashes between Modules is probably always possible .. You never know what someone else will do creating a module in the future ... So at best you can only check for backward-compatibility .. The task of checking for clashes therefore should be limited to core-code / modules ...

 

But ... good points and should be discussed in depth!

Link to comment
Share on other sites

 

 

Keep your code together and don't create Spaghetti-code ...

OSCommerce is the definition of spaghetti code, and that is why it is so hard to conceive of any practical method of writing and installing add-ons for OSCommerce that doesn't affect the 'core code'.  Look at the index.php for the latest download of 2.3.4. It contains queries, html, queries with html, php where variables are defined, etc, etc. What part of that is 'core code'. All of it?

 

1. Get the html and php separated first. There is a well known and widely used method for doing this, the MVC model. In short, the V stands for 'view' and are template files with the html and maybe so some basic 'if then' php statements to help display the html options. The M and C, model and controller files have all the rest. (Javascript, CSS and language are separate files)

 

2. Do step 1. above and you can create an extension installer like word press and some other open-sourced shopping carts  use. 

 

Take the example of a current popular open sourced shopping cart, which has 8 letters in the name first letter o last letter t. in the current version of their cart, you can install modules by uploading an xml file through the admin. This file is stored in a separate section of the cart structure and contains all the html and php needed to run the extension. It will 'overide' core code of the shop, as well as upload new files needed for the extension. Kinda of like you can override a css selector by duplicating that selector lower down the same CSS file, and making changes on the duplicated selector. Delete your duplicate selector and the CSS functioning is back the original.

 

In this cart, you delete the xml file, and you are back to unchanged original core code. (Deleting that files also initiates instructions to delete any new tables or fields it created in the database).

 

To write an extension, you write all your programming, no matter where in the core code it needs to function,  on a single xml file, (and in new files if any needed)

 

The bonus of using xml files, is that you can list the xml files you are using in the admin, and look at a tidy list of all the extensions you installed. And not just a list, you have a separate folder, the folder containing the xml files, that has all of your add-on programming archived.  

 

Unravel OSCommerce's spaghetti code first.

Oscommerce site:

 

 

OSC to CSS, http://addons.oscommerce.com/info/7263 -Mail Manager, http://addons.oscommerce.com/info/8120

Link to comment
Share on other sites

That is correct, you have to have php to output html.

 

However, I believe much of the 'spaghetti-ness' of OSCommerce could be unraveled without fundamentally changing it's existing structure. I was able a few years ago to produce for the community a version of OSCommerce that utilizes the 360 grid div's instead of the tables, tr and td's, and in doing that could see how much easier that task would have been if much of the php could be moved back someplace,  for example,  into application.top or to the includes folder.

 

For example,  take a look at this section of the current download of index.php:

 require('includes/application_top.php');

// the following cPath references come from application_top.php
  $category_depth = 'top';
  if (isset($cPath) && tep_not_null($cPath)) {
    $categories_products_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where categories_id = '" . (int)$current_category_id . "'");
    $categories_products = tep_db_fetch_array($categories_products_query);
    if ($categories_products['total'] > 0) {
      $category_depth = 'products'; // display products
    } else {
      $category_parent_query = tep_db_query("select count(*) as total from " . TABLE_CATEGORIES . " where parent_id = '" . (int)$current_category_id . "'");
      $category_parent = tep_db_fetch_array($category_parent_query);
      if ($category_parent['total'] > 0) {
        $category_depth = 'nested'; // navigate through the categories
      } else {
        $category_depth = 'products'; // category has no products, but display the 'no products' message
      }
    }
  }

  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_DEFAULT);

  require(DIR_WS_INCLUDES . 'template_top.php');

  if ($category_depth == 'nested') {
    $category_query = tep_db_query("select cd.categories_name, c.categories_image from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.categories_id = '" . (int)$current_category_id . "' and cd.categories_id = '" . (int)$current_category_id . "' and cd.language_id = '" . (int)$languages_id . "'");
    $category = tep_db_fetch_array($category_query);
?>

<h1><?php echo $category['categories_name']; ?></h1>

This could be changed to

require('includes/index.php');
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_DEFAULT);
require(DIR_WS_INCLUDES . 'template_top.php');

<h1><?php echo $category['categories_name']; ?></h1>

'All' you would have to do would be to create a new file, 'index.php',  in the includes folder. This new file would hold the queries that generate $category['categories_name']. Application_top would be referenced from this new file includes/index.php instead of from index.php.

 

This removes core progamming from the original index.php.  You would then make all your html and template changes in index.php, without touching core progamming in your new file includes/index.php. If you needed to update core programming, you could do so without touching your html and template changes.

 

(It is pretty unlikely, the basic php like 'echo' or variable disignations like '$' , which as you note could not be removed from index.php,  are going to be need much updating.  )

 

But that is a simple example, on one page. The current cm_ , the current bm_ , the current ht_ is a start on this. 

Oscommerce site:

 

 

OSC to CSS, http://addons.oscommerce.com/info/7263 -Mail Manager, http://addons.oscommerce.com/info/8120

Link to comment
Share on other sites

Hi - oscMax he used the contribution BTS template which split the html part of the page out to a .tpl.php file in a template folder and left most of the PHP in the 'normal' files - CReLoaded also went with BTS initially (now they do something else I think not sure). The original stuff is still there at http://addons.oscommerce.com/info/1263

 

There were a lot of BTS sites around with RC2.2 as some of the places like TemplateMonster sold a lot of code based around the system - I think since 2.3 BTS is dead and gone pretty much not seen one in a while.

 

Having said that it did shift the PHP and html side of things out like you describe - the main PHP code loads up variables and sessions etc and then in comes the actual HTML file which then just echoes out the variables already manufactured, 'twas a PITA at the time though as few contributions were split out in the same manner so when installing them on a BTS site you had to sieve through the code and pop the correct bits into the correct file.

 

Does mean you can work with the HTML without worrying about breaking the PHP and vice versa

 

As to the spaghetti code - yup, it's there, it's everywhere - a lot of it is inherited/legacy  and is getting removed but nevertheless it is in there and all muddled up - shifting it would require a fundamental change to the osC 2.x series - v 3.0 was doing something like this before it stalled. You only need to look at more modern code carts (Magento? WooCommerce?) to see how different folks have split the display/code side of things but I think that osC 2.3/2.4 has inherited all the 'weird stuff' from the past (MS2 060817 anyone?) and splitting it out now 100% would be a heck of a job.

 

Finally - a lot of contributions/addons/plugins whatever you want to call them HAD to cut into the 'core' code as nothing else existed at the time - CCGV for example required cut and shut in quite a few places so that a store could offer coupons and so on. Once you are used to carving up osCommerce like that it becomes a habit ;-)

 

-------------------------------------------------

 

OK nuff said from me (old b'stard that I am) - it's getting OT a bit - back to addon development.

 

My 2p worth

(1) get a standardised set of 'hooks' in the core code that allows developers to push in functions where needed. (e.g. checkout_process either add in a call to a payment module before_email() function or move the after_process() call to before the email - that allows a payment module developer to perform callbacks etc and abort the email/order if necessary rather than some coding nightmare like the current PayPal Standard

(2) get a roadmap out for 2.4 - I keep reading about new addon 'marketplace' and so on but when? 

(3) A store owner will not give two figs about whether we have shifted PHP/HTML apart - all he wants to see is a simple system of uploading / testing / maybe removing a plugin that won't render his shop u/s and require him to pay somebody to fix it - that should be the main priority for 2.4

 

I used to work 100% with osCommerce and its offshoots but nowadays the paid work is pretty much all elsewhere - my feeling is that Burts 2.3.4BS is going a long way to pulling osC back up to date but the 'official' 2.4 needs to be out there in BS form for the public at large to grab a copy?

Link to comment
Share on other sites

CRELoaded, that's what I was thinking of, not OSCMAX. That was my introduction to OSCommerce.

 

I like OSCommerce for the same reason I liked the old VW beatles I used to have back in the 70's:  I could work on them. That is one advantage, at least to me, of the Spaghetti code, you can look at a catalog page and kind of see what is going on.

 

I look at something like Magento, and I am overwhelmed. I also don't work on cars anymore, they are just too complex now, (even though I finally got that perfect set of snap-on wrenches). Cars work much better now, and are far better pieces of machinery than before, but they are just too complex for me.

Oscommerce site:

 

 

OSC to CSS, http://addons.oscommerce.com/info/7263 -Mail Manager, http://addons.oscommerce.com/info/8120

Link to comment
Share on other sites

For sure, a new framework would be better for OSC...one that would never the need to touch core codes...the current modular approach is a step up but it would probably be necessary to abandon everything and start from scratch. Magento folks had the advantage to probably had learned a lot from OSC, I wonder if they had this same conversation before creating Magento?

 

I visited a lot of companies lately, those with code base as old as OSC are in the same pain trying to figure out how to take advantage of OOP, MVC, and framework...you know these are good if you had maintained procedure codes for many years...I abandoned goto statement 16 years ago and never thought of it again...now, let's see if we can forget about if-then-else conditional statement next!?

 

I am willing to help in what ever way to get OSC there...now, would the OSC owner listen and adopt what we came up with? That's the question...

Link to comment
Share on other sites

I would say the rule of thumb is / should be : If a footer script (or header script) is ONLY used in the CM than put it in the CM ... Keep your code together and don't create Spaghetti-code ...

 

@@azpro You can't put in header scripts from a content module - only header_tags and boxes get executed in the template before the page header is built.

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

@@BrockleyJohn

 

John,

 

 

You can't put in header scripts from a content module - only header_tags and boxes get executed in the template before the page header is built.

 

That is probably true - it is hard to debate these points (at least for me)  witout an example.

 

Maybe it is an idea to take e.g.  two add-ons that have allready been coded and uploaded to the add-ons section and evaluate these.

 

If an author will volunteer for evaluation that would be nice. And in that case I like to emphasize comments should always be made in a positive way - not bashing the author! Remember - in coding one might strongly advocate a particular approach but this doesn't mean a different approach is wrong. It might be less flexible or too complicated etc.etc. but not necessarily wrong.

 

But I do think it is a good idea to have a set of guidelines with some explanation why a certain guideline should be follwed!

Link to comment
Share on other sites

Funny as i just was fighting with it.

You can solve that with jQuery via the .clone() function. (in regarding pre-generated php-output/html/css or js)

 

W3C live example

 

@@wHiTeHaT I want to load a stylesheet for a content module and I've a feeling it might give a flash of the appearance without it first. Plus it kinda feels like a hack. Think I'll just have to bite the bullet and do a little ht_module too... and check from the content one that it's enabled.

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

Why not go more simple...link the modules stylesheet in the template file of the created CM_ module ?

 

EG: 

 

<link href="whatever.css" rel="stylesheet">
<div class="col-sm-<?php echo $content_width; ?>">
  <?php echo $some_module; ?>
</div>
It's a good use of the CM_ template file in most cases.
Link to comment
Share on other sites

Yes @@burt - especially as I already had a style overriding it there. Now it's

<style type="text/css"> @[member=import] url("ext/colorbox/colorbox.css"); #cboxTitle{font-weight:bold; font-size:large; color:#000000;}</style>
<div class="col-sm-<?php echo $content_width . ' ' . MODULE_CONTENT_PRODUCT_INFO_GALLERY_CAPTION_CONTENT_ALIGN . ' ' . MODULE_CONTENT_PRODUCT_INFO_GALLERY_CAPTION_CONTENT_VERT_MARGIN . ' ' . MODULE_CONTENT_PRODUCT_INFO_GALLERY_CAPTION_CONTENT_HORIZ_MARGIN; ?> productsimages">
    <?php echo $gallery_output; ?>
</div>
works a treat

post-220375-0-31862600-1431971237_thumb.jpg

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

what version of HTML should be coded for ?

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...