Open Source Ecommerce alternatives to Zencart, OSCommerce and Virtuemart

A couple of new open source Ecommerce products out and about that will hopefully see the end of the monstrosity called OSCommerce and it’s less ugly incarnations –

Whilst they have served me well in the past and I may feel tempted to use Virtuemart for a customer who:

a) Will never ever need any customisations done to it
b) Already has a Joomla installation and is very comfortable using Joomla

What’s the issue with Zencart, OSC or Virtuemart you may ask?

The issue is this. First OSCommerce is a mess. Every single module you ever add to it is a hack, making upgrades a pain in the ass. Zencart, being closely related to OSC is not much better. It’s modularity is a bit better laid out and so you can actually create / install modules with very little hacking, if any BUT it’s template system still suffers from it’s OSC origins. It’s an effort to try and template for them..yes, it’s possible but does it really have to be that hard? Joomla’s concept is 1000 times better in regards to templating and Virtuemart excels in this area due to it’s Joomla foundations.

The big problem with them is when you need to make modifications to the core cart to implement a particular feature a customer wants. We have had situations where a small feature for the client required 144 changes in the files of Virtuemart. As soon as a XSS or other security issue comes to light, we have two options

  1. Let it be, cross fingers and hope nothing happens (this really is not an option)
  2. Inform customer, explain risks and give them compelling reasons to update (at their cost)
  3. Our current solution is when we sign contracts with customers, we include a compulsory security updates fee, which means we update their site when new security releases come out. This has worked out best so far but still requires us to explain why we are giving a solution that isn’t inherently secure to begin with. Microsoft has made this easier to explain (daily updates anyone?) and for the most part, we can kill most XSS / SQL Injection attacks using Apache modsec rules but we really want to get beyond NEEDING to upgrade and therefore NEEDING to patch our mods into new releases of Virtuemart etc.

So, without further ado, there looks to be two better alternatives that have come to the rescue recently that look very, very promising though we haven’t done any work with them yet, so I will report on that later.

In PHP land, we have Magento. A very sexy, professional looking Open Source Ecommerce application that’s built upon the Zend MVC framework and claims to be able to develop extensions without touching core code. This, hopefully will fix our templating, modification and upgrade woes in a PHP solution. It has SEF URL’s built-in, google analytics built-in and a mini-CMS of sorts.

In Python land, we have Satchmo an open source ecommerce application built on top of the Django framework, with a reasonable feature set.

As part of my toolbox, my thinking at this point is if we have a customer that needs a standard shop with little to no development work, Magento will be our tool. If the customer has very unique needs, integration with other systems and customisations, we will work with Django.

This is because PHP deployment is so easy, that our only need should be to produce templates in Magento. If development work is needed, deployment and templating become a trivial matter in Satchmo in comparison to the ability to develop in Django & Python.

Would love to hear other’s experiences with any of the above… and of course any horror stories (or otherwise with OSC based development)

Published by salubrium

I am a Systems Administrator based in Sydney, Australia with some hugely varied interests: Topics covered are Virtualization, Web Hosting, Remote Desktop, Security and Backups, PHP, Python, MVC Frameworks, SEO

Join the Conversation


  1. Thanks for the mention of satchmo. I agree that OsCommerce is growing a bit long in the tooth. Django deployment is not quite as simple as PHP but I think the scalability and flexibility are nice. Either way, Magento looks to be a pretty cool system so it’s nice to be mentioned in the same article.

  2. Since that time magento has beaten up all other open source and has become #1 alternative :) Thousands of people use it for those who also want to make the switch – there’s web service called cart2cart.

    It automates migration to magento from other shopping carts. Please check for details.

  3. You’re right and since I wrote this post, I have developed and deployed a number of Magento sites. Thanks for the Cart2Cart migration link. I have been looking for a community plugin to do the same and wasn’t aware of this service. Additionally, it looks well priced also.

  4. osCommerce is good because even a novice programmer can get into it. I am using it for over 5 years now and recently I was able to publish a CMS that relies on the MS2.2 engine called I-Metrics, to further expand the capabilities of the framework into other areas. Extremely simple, light and easy to customize, see the online demo here:
    I-Metrics CMS and its published on SF too.
    Its up to the developer how far he wants to go with a framework but the simpler a package is, the easier for him to get in. The I-Metrics CMS is another proof how simple it is to customize the basic osCommerce framework for any type of website. Perhaps osC code structure seems archaic the first time you see it, but with little effort it can be converted to anything you like.

Leave a comment

Your email address will not be published.