Shopping cart other than OSCommerce?

Dale Scott dalescott at
Wed Dec 8 04:52:06 UTC 2010

> As for PHP and security, well, when someone ends up getting married to
> three abusive drunks in a row, there is more going on with that then
> chance or even bad luck.

I'll interpret that as saying a large percentage of the PHP apps vying for
your attention are crap, but buyer beware. Just be careful, have a healthy
level of scepticism, and keep your eyes open. I'm amazed at the ease with
which a good looking web app can be created, and with complete and total
disregard for the most basic software development best practices. However,
that doesn't mean all apps are crap, just like there are still guys & gals
out there worth tying your life to.

In my experience (which is probably more than some, but certainly not much
compared to some others), MediaWiki, MantisBT, Moodle, and Drupal are
mature, reliable and generally secure PHP-based applications. They have good
documentation, active communities, and are honest and prompt with security
advisories (and also pretty prompt with security updates). I'm sure there
must be others (e.g., I don't know anything about Facebook other than it's
PHP-based, but I'm sure we'd hear about it being hacked on a regular basis
if it was).


More information about the freebsd-questions mailing list