- Lack of attention to detail in everything, from texts (An email with a reset link has been sent your email address) to making things future-proof.
- No product id available on the cart page
- Don't use the amp sign then
- No currency cookie check
- https://forum.opencart.com/viewtopic.php?f=10&t=12043&start=20#p151005 - this was back in 2010 and apparently admins/significant contributors are not very proficient with web security, which takes knowing how vulnerabilities are tested - see qphoria being surprised that simply removing the form from the template won't be enough, since vulnerability scanners generate their own forms (which to me is pretty much obvious). seeing most of the opencart code was contributed/made around that time and was mostly reused without refactoring, that may be an issue.
- 20200619: admin/extension: every type of extension (shipping, theme) has its own listing script, i.e. shipping.php, theme.php - each doing pretty much the same thing, thus duplicating themselves
- https://stackoverflow.com/questions/41746041/check-current-language-of-opencart-on-footer you can get the current language code but not the id
- 20200708 if a multistore has different currencies, when calculating totals it still sums them up as if they're the same currency
- 2021-04-30 Convoluted URL rewrite logic "that really sucks"
- /r/webdev/comments/5hezip/is_opencart_as_bad_as_it_seems/
- Still no proper PDO implementation, more importantly, utilising placeholders aka parameters
- Admin Token. Admin auth is maintained via a Token added to every URL query string, instead of being stored in cookies or seesion. This extra, unnecessary URL component clutters the browser history (and you can't use top hits or url autocomplete), as well as the server logs. You can't bookmark some admin page, or hotlink to it from an external site. Your code is cluttered with
$this->url->link('…', 'token=' . $this->session->data['token']). And more inportantly, this creates frustration when you submit a large form, but since the token has expired, it redirects you to log in (and loses all data), and after logging in you can't go back to re-submit, because your previous submission still has the old token in the URL (while if it was in the cookies, your browser would use whatever the current token is in the cookies, and the server would accept it). - poor admin UX design
- No quick item management tools. If you need to disable a product, category, etc., you have to go to that item edit page, click the Data tab, scroll to the bottom, click to open the Status select box options (of course it's a select box), click the desired option, scroll to the top, click Save. Compare that to just clicking an iOS-like switch in the product list page (and having it save immediately).
- Regarding the UX, the owners say you can buy an extension, and true enough, there are lots of extensions like Quantity Discount Price Bands Manager - OC - 2.X
, which themselves say:
So in order to add these quantity discounts you have manually to go to every single product you are selling and once you edit product, go to DISCOUNT tab and add one by one add discount:) It is a pain and a time killer process to manually add the very same discount tables to every product. Not to mention what if you made a mistake, or your price for X quantity has changed ? After a month? Yes:) once again The PAIN:) and once again manually re-edit every single product and edit the discounts one by one. … So No more Manual edit products, no more wasted time checking and changing each product discount table one by one entry. … So If you value your time, and want to focus on money making instead of wasting the time by doing Quantity discounts tables manually in each product, this extension is a must to have for you.
So the extension's sole purpose is to fix the core software imperfection. So while Opencart itself is free, the cost of just the above is $20. - Editing something that has translations requires you to fill in translations for each language. Say, you have 10 languages in a store and you need to create a draft of an information page in English only. You will have to fill in the title, content, meta title, meta description etc. 10 times (when you need just 1) before it lets you save and leave. Some paid extension are proud to have the "save and leave" feature, which confirms people want it
- 2021-04-30 A declining trend (and rightfully so) and shrinking first-world presence https://trends.google.com/trends/explore?date=all&q=opencart,prestashop
- 2021-05-06 They seem to have no idea about return early e.g. in catalog/controller/extension/feed/google_sitemap.php or catalog/model/checkout/order.php.
- 2021-05-17 make sure SEO URL is globally unique -- isn't it your job as a CMS though? Especially since for a CMS it's a matter of 1 (one) AJAX query vs. me as an admin I'm not even sure how can I check manually, are users expected to know MySQL, or are they expected to remember all the SEO urls they had used over time? Check every product, category or information page manually? Ridiculous
- 2021-05-18 Have I mentioned vQmod?
Notice: Undefined offset: 15 in /var/www/opencart/vqmod/vqcache/vq2-admin_view_template_catalog_information_form.tpl on line 95
You can tell the error is somewhere in admin/view/template/catalog/information_form.tpl, but the line will be different in the real file from what the one it refers to in the modded file - 2021-05-25 not a true MVC: checkout order validation is done in a controller; if I add custom validation there, the admin edit order won't pick it up, so I now have to duplicate my code; no ability to reuse admin models in catalog and vice versa, leading to even more code duplication or hacky solutions. just copy the functions you need into the right file is not a viable solution at all.
- 2021-08-19 no roadmap, no vision, no mission one man operation https://forum.opencart.com/viewtopic.php?t=222624
- 2021-08-19 related options require a separate paid extension from a guy with heavy russian accent https://www.youtube.com/watch?v=qDZv081O9RM, while prestashop has it out of the box (called combinations)
- 2021-09-29 checkout javascript code is very coupled. Say you need to reuse the form, you won't be able to reuse the validation javascript
- 2021-09-29 controller/api/order::edit is fat, has too much logic, can't be reused granularly
- 2021-10-01 same with https://github.com/opencart/opencart/blob/master/upload/catalog/model/checkout/order.php#L48, which even though it had been brought to look "modern" with namespaces and all, is still the old code, where I can't edit the order address without editing the whole order, even though it's a model and it's supposed to be fat and granular
- 2021-10-04 no reusable order validation in order model - I have to implement all the validations all over the place
- 2021-10-04 no vendor architecture on old versions
- 2021-10-08 duplicated associations: order linked to country using country_id, but the country name is stored separately; when you update the country id you also have to update the name stored next to it, instead of having it retrieved via a join
- 2021-10-26 https://github.com/opencart/opencart/search?q=error_firstname duplicated and hardcoded instead of sprintf
- 2021-11-30 affiliate links e.g. https://github.com/opencart/opencart/blob/2.3.0.2/upload/admin/language/en-gb/extension/payment/pp_express.php#L9
- 2021-12-01 The payment gateway integration architecture. You can't invoke a payment gateway giving it a total and some order info. Instead, you put that into $this->data->session, and all the payment gateways expect to read the data from there. This makes it impossible to pay for an existing order without clearing the cart contents.
- 2021-12-29 Loading a language file inside a reusable controller element (a separate function, basically) loads the language for the whole thing, and it may overwrite the page title for example. I needed a phrase "Order Details" which exists in the account/order language file, and loading it for a reusable banner on the checkout, changed the checkout page title to "Order History". So basically I now have to come up with my own custom translation, in other words, the Opencart architecture keeps encouraging code duplication
- 2022-02-16 The API is poorly documented, with typos and omissions: https://docs.opencart.com/en-gb/system/users/api/. Making a simple API request to have order status updated seems impossible and overcomplicated: you'd have to use your API key to request a token first, and then make requests with that token. However, due to a bug or who knows what, that token doesn't get linked properly (despite Daniel saying it got fixed) to something inside
$this->data->session, so the requests result in a permission error. The advice that's closest to a real fix is to manually copy the session handlers from the latest version. - 2022-02-16 Daniel is an absolute insecure jerk. When someone came up with a bunch of improvement suggestions, the response was:
i think its a case of "i want to add my own little piece of code because i'm going to use it in my projects from now on. so ill make an issue up and hope hes to stupid to check!" wasting my time!
followed by:no not post issues here again! there are no performance issues! your just dumb!
How about duplicate queries resulting in performance issues?
there are no performance issues! your just dumb!
Defensive. Denial. Daniel. - 2022-12-08 UX not a priority. A reasonable suggestion on a quick but significant improvement met with "ffs": https://github.com/opencart/opencart/issues/12001
- 2023-03-06 calling `$this->cart->getTotal()` does not account for coupons; doesn't seem to be a built-in way to just see the actual cart total
What can be improved
- 2021-09-30 09:32 if deleting an order status that has already been used, instead of an error message "Warning: This order status cannot be deleted as it is currently assigned to 1 orders!" let reassign those orders quickly
- 2023-07-28 Refunds and returns. No way to refund the postage/shipping fee out of the box and have it recorded for accounting. No credit notes. Only one product per return.
No comments:
Post a Comment