S
Sarah Tanembaum
Is there any good(secure) Ruby shopping cart program example? Thanks
A
Aredridel
I'd put $100 up for anyone who would code and release under liberal license:
* A shopping cart
* that takes all data in from a post or URL
* that requires no database at all, session storage excepted.
* that runs as a CGI or FastCGI
* that can use an XHTML file or a few as a template for output.
* that has few dependencies, and can be deployed with no special
configuration beyond making generic CGI or FastCGI go on
$user[:webserverofchoice]
* that would link to paypal at least for payment processing.
Ari
J
James Britt
Aredridel said:
Are there any security considerations, and what might they be?
James
S
Sarah Tanembaum
Is it because Ruby a) can't handle such application, b) not ready forAredridel said:
that type of apps because of performance and/or security, c) too hard to
implement(perhaps PHP is better for this type of apps), d) no one is
willing to share the scripts , e) or any that I can't think of.
Thanks
M
Michael Neumann
Sarah said:
It's for sure NOT a) NOT b) and NOT c).
I've written a simple Online-Shop example in the Ruby Developers Guide
book, using different toolkits (plain CGI, FastCGI, mod_ruby, Iowa) etc.
with no other dependencies than Ruby IIRC.... no wait, I believe I used
a database as backend, but it's even easier to leave the DB out.
Have a look at Borges. It comes with SushiNet, as simple online-store.
Regards,
Michael
A
Aredridel
Should be reasonably secure, but I'd love something I can offer my
mom-and-pop customers. Something simple, something that can be made to
look just like the rest of their site, something where orders are not
shipped automatically, and so can be hand-verified for sanity. If the
payment can't be faked, and there's a clear list of what was ordered and
by whom, Good Enough.
Keeping it simple would be the security needed. SSL's also cheap enough
now that one can not worry about eavesdropping if that makes things
easier.
A
Aredridel
None of the above. Just hasn't been done in anything but a one-off sort
of way that I've seen.
So ... d). Sorta.
G
gabriele renzi
Aredridel ha scritto:
ah, bounties, cool
I wonder if this things should go through RubyCentral.
Anyway: why just paypal for payment?
ah, bounties, cool
I wonder if this things should go through RubyCentral.
Anyway: why just paypal for payment?
K
Kaspar Schiess
Hello Sarah,
I somehow do get the feeling that you have been biased negativly towards
Ruby by something that happend to you. Is it the lack of documentation
in some parts ? Or the lack of support ?
Ruby is in some ways more of a 'real language' than PHP, where support
for a lot of common tasks is compiled in the language. Ruby must include
these in the form of libraries, and that in turn implies some
difficulties when installing, although projects like RPA and rubygems do
facilitate that process enormously.
More to the subject, I believe such an application does not exist
because it is too easy to build your own version of it. Integrating a
third party shopping cart with a Rails application is probably bound to
be more difficult than just coding it up yourself. A shopping cart has
many dependencies to the web application framework and thus it is not
completely trivial to program a framework-less version of a shopping
cart as the first post asks for.
I would need to see a few (html) screenshots of such an application to
completely understand what is asked for here.
yours,
kaspar
hand manufactured code - www.tua.ch/ruby
I somehow do get the feeling that you have been biased negativly towards
Ruby by something that happend to you. Is it the lack of documentation
in some parts ? Or the lack of support ?
Ruby is in some ways more of a 'real language' than PHP, where support
for a lot of common tasks is compiled in the language. Ruby must include
these in the form of libraries, and that in turn implies some
difficulties when installing, although projects like RPA and rubygems do
facilitate that process enormously.
More to the subject, I believe such an application does not exist
because it is too easy to build your own version of it. Integrating a
third party shopping cart with a Rails application is probably bound to
be more difficult than just coding it up yourself. A shopping cart has
many dependencies to the web application framework and thus it is not
completely trivial to program a framework-less version of a shopping
cart as the first post asks for.
I would need to see a few (html) screenshots of such an application to
completely understand what is asked for here.
yours,
kaspar
hand manufactured code - www.tua.ch/ruby
F
Florian Gross
Aredridel said:
Not that I'm likely going to take part, but still, how would it receive
the product data? Having information about the wanted interface would be
nifty. Even niftier if you can come up with test cases.
A
Alan Garrison
A likely even more offtopic question... (total Ruby noob and list
lurker here) I've been hacking PHP for years now (and it's dulling my
mind, hence my interest in Ruby) and have been coding stuff for the
Horde project (www.horde.org). Horde is an open source general web
application framework in PHP and has drop-in applications for email,
sieve rule editor, time tracking, a ticket system, a calendar app w/
appointments, a wiki, a half-assed shopping cart app, etc... The Horde
core app(s) handles user authentication, user administration, ACLs, a
HTML template engine, etc. Given my basic understanding of Rails I'm
thinking that writing drop-in apps may be difficult, but then again I'm
still wrapping my brain around the MVC concept. With Horde to add a new
app, you just make a subdirectory from the base Horde directory, fiddle
with a few things, and your app is now part of the whole site.
Does a Ruby based Horde-ish architecture all ready exist? I'd imagine
that if something like this were developed, writing drop-in apps may be
a better approach for things like shopping carts as opposed to writing
ad hoc apps that just handle the basics but have similar needs
(authentication, session handling, templates, etc).
Just my $0.02 (adjust for inflation)
lurker here) I've been hacking PHP for years now (and it's dulling my
mind, hence my interest in Ruby) and have been coding stuff for the
Horde project (www.horde.org). Horde is an open source general web
application framework in PHP and has drop-in applications for email,
sieve rule editor, time tracking, a ticket system, a calendar app w/
appointments, a wiki, a half-assed shopping cart app, etc... The Horde
core app(s) handles user authentication, user administration, ACLs, a
HTML template engine, etc. Given my basic understanding of Rails I'm
thinking that writing drop-in apps may be difficult, but then again I'm
still wrapping my brain around the MVC concept. With Horde to add a new
app, you just make a subdirectory from the base Horde directory, fiddle
with a few things, and your app is now part of the whole site.
Does a Ruby based Horde-ish architecture all ready exist? I'd imagine
that if something like this were developed, writing drop-in apps may be
a better approach for things like shopping carts as opposed to writing
ad hoc apps that just handle the basics but have similar needs
(authentication, session handling, templates, etc).
Just my $0.02 (adjust for inflation)
C
Carl Youngblood
Sarah said:
This could easily be done in Ruby. He's just offering a bounty because
he would rather pay money for it than develop it himself.
Carl
A
Aredridel
ah, bounties, cool
It's easy and available to everyone. Other systems would be nice, but
paypal is something that's got a really low barrier to entry.
I myself use authorize.net for a payment gateway, but others will
vary ...
Ari
It's easy and available to everyone. Other systems would be nice, but
paypal is something that's got a really low barrier to entry.
I myself use authorize.net for a payment gateway, but others will
vary ...
Ari
S
Sarah Tanembaum
Just to rephrase it, since Web Application such as shopping cart hasKaspar said:
many dependencies, Ruby is not ready for such application. Unlike PHP,
Ruby lack many dependencies to build a descent web/graphical
application. Is correct statement?
M
Michael Neumann
Sarah said:
Wrong! It's only that you have to install the libraries, as they are not
bundled with Ruby. There are many good libraries with which it is easy
to write such an shopping cart. But it's not "that" easy to build such
an application without using an existing framework like RubyOnRails
(www.rubyonrails.com). You can hack up a trivial online shop in a few
hours using the right tool ;-)
Regards,
Michael
P
pat eyler
No, this is not really a correct statement. Ruby has strong core
libraries, as well as a number of external libraries that would make
building shopping carts (and much more difficult web based
applications) fairly easy. Easier than integrating a third party
shopping cart in fact, which is why no one's bothered to build and
distribute one.
-pate
K
khaines
On Fri, 7 Jan 2005 01:03:32 +0900, Alan Garrison wrote
My familiarity with Horde is not much deeper than what you just summarized,
so I'm not going to draw any direct comparisons.
However, IOWA provides _some_ of the things that you mention. If I want to
add, say, a modified blogging app for tracking project status to a site that
is already running under IOWA, all I do is drop it into a subdirectory and
twiddle a config file, and voila! It is accessible.
Kirk Haines
My familiarity with Horde is not much deeper than what you just summarized,
so I'm not going to draw any direct comparisons.
However, IOWA provides _some_ of the things that you mention. If I want to
add, say, a modified blogging app for tracking project status to a site that
is already running under IOWA, all I do is drop it into a subdirectory and
twiddle a config file, and voila! It is accessible.
Kirk Haines
A
Aredridel
Sounds familiar; A good example of right, or at least close, is Paypal's
own shopping cart system.
Here's a conversation in #IOWA about what I'd love to see (And would
happily shell out $100 for a working version of without even flinching.
I wonder how many other people out in Rubyland would do the same, to get
a small project like this off the ground.)
[12:21:02] swsch says “I'm intrigued by the postings responding to
Aredridel's BOUNTY offer... all "known" people say that it's easy but
they won't do it .-)â€
[12:23:01] Aredridel says “Hehe.â€
[12:23:08] Aredridel says “That's the thing about shopping carts.â€
[12:23:18] Aredridel says “It requires this firm, say-no-by-default hand
to create a good one.â€
[12:23:24] Aredridel says “It's a surprisingly hard thing to makeâ€
[12:23:40] swsch says “lots of people said "no" already
â€[12:23:56] Aredridel says “Hehe, yeah.â€
[12:26:09] wyhaines says “Yeah, the discussion IS interesting.â€
[12:26:56] swsch says “why wouldn't you use a database? to avoid
expensive hosting packages?â€
[12:28:13] Aredridel says “That's the idea, yes.â€
[12:28:16] Aredridel says “Or moreso, to keep it simple.â€
[12:28:27] Aredridel says “I don't want a product entry screen, I don't
want a product database.â€
[12:28:38] Aredridel says “I'd be quite content to just put that in the
HTML.â€
[12:28:57] Aredridel says “Paypal or CCNow style: Their shopping cart
systems don't know about your product list at all.â€
[12:29:21] Aredridel says “You just refer a client's computer to their
cart with a token containing all the info.â€
[12:29:28] Aredridel says “So your site posts to theirs, that's all.â€
[12:29:50] Aredridel says “Tamperable? sure. I could place an order for
Fooitem for $0.01.â€
[12:29:57] Aredridel says “Problem? No.â€
[12:30:00] Aredridel says “I just don't ship it.â€
[12:30:18] Aredridel says “I call 'em up and say "Something's funny
about your order; that's not the right price."â€
[12:31:58] Aredridel says “And it works if nobody tampers. Big deal.â€
[12:32:35] Aredridel says “All e-commerce engines fall in three
categories: simple and works for small sites, complex but not having the
right features (works for nobody), or high-end, expensive, and works for
those who need it.â€
[12:36:16] wyhaines says “Aredridel, take a look at this:
http://napkinsbydesign.comâ€
[12:36:23] wyhaines says “Then click on, say, Table Runners.â€
[12:36:36] wyhaines says “Is that the sort of "shopping cart" that you
want?â€
[12:37:00] Aredridel says “Close. Not quite.â€
[12:37:10] Aredridel says “That's paypal's cart system — that's the
part I want.â€
[12:37:15] Aredridel says “The product lists I can just do in HTMLâ€
[12:37:25] Aredridel says “I'd love to (this is for Instiki,
actually...)â€
[12:37:36] Aredridel says “I'd love to hack instiki so I can just write
markup like so:â€
[12:37:53] Aredridel says “[[Product: Ruby Slippers; Price: $10]]â€
[12:37:58] wyhaines says “Yeah, it leverages paypal's cart. That's all
user controlled there, though. I don't have to touch it.â€
[12:38:18] wyhaines says “It runs via a web form, but is kind of like
what you describe.â€
[12:38:18] Aredridel says “And have that render as a form that has a
submit button, a quantity field, and two hidden fields: the item, and
the price.â€
[12:39:10] Aredridel says “And have it post to the cart handler, which
would show the cart (basically, the cart is a thin wrapper for a session
database), and then the checkout procedure takes their info, and then
links to the gateway of choice for checkout.â€
[12:39:40] Aredridel says “Basically, I don't want a catalog system at
all. -Just- the cart.â€
[12:40:02] Aredridel says “I want the link between the cart and catalog
to be very weak.â€
[12:40:24] Aredridel says “I want the post data to link one way. I want
the cart to look like the rest of the site only by templating, not by
any integration.â€
[12:41:01] Aredridel says “and if the cart could link back with a
"return to shopping" link that linked to the referer, so much the
better.â€
[12:41:43] Aredridel says “Basically, the only interface between the two
parts of the site would be HTTP. No shared database, no catalog on file,
nothing. The shopping cart just runs in a cgi-bin on some host, and
that's it.â€
[12:41:56] wyhaines says “That does sound pretty easy to do. If my wife
were a little farther along in her Ruby studies, I'd give it to her as
an assignment.â€
[12:42:01] Aredridel grins.
[12:42:12] Aredridel says “The hardest part is keeping the thing
featureless enough.â€
[12:42:40] Aredridel says “Basically, I want SPOT — but not by having
everything generated from the same source, but by editing things
directly.â€
[12:43:42] Aredridel says “... wyhaines, the napkinsbydesign site is
-fast-. Kudos.â€
[12:43:42] swsch says “see? another "no"!â€
[12:44:11] Aredridel says “Can I post this snippet of conversation in
response to that thread?â€
S
Sarah Tanembaum
I thought it would be easier than PHP and perhaps smaller code becauseAredridel said:
Sounds familiar; A good example of right, or at least close, is Paypal's
own shopping cart system.
Here's a conversation in #IOWA about what I'd love to see (And would
happily shell out $100 for a working version of without even flinching.
I wonder how many other people out in Rubyland would do the same, to get
a small project like this off the ground.)
[12:21:02] swsch says “I'm intrigued by the postings responding to
Aredridel's BOUNTY offer... all "known" people say that it's easy but
they won't do it .-)â€
[12:23:01] Aredridel says “Hehe.â€
[12:23:08] Aredridel says “That's the thing about shopping carts.â€
[12:23:18] Aredridel says “It requires this firm, say-no-by-default hand
to create a good one.â€
[12:23:24] Aredridel says “It's a surprisingly hard thing to makeâ€
[12:23:40] swsch says “lots of people said "no" already
[12:23:56] Aredridel says “Hehe, yeah.â€
[12:26:09] wyhaines says “Yeah, the discussion IS interesting.â€
[12:26:56] swsch says “why wouldn't you use a database? to avoid
expensive hosting packages?â€
[12:28:13] Aredridel says “That's the idea, yes.â€
[12:28:16] Aredridel says “Or moreso, to keep it simple.â€
[12:28:27] Aredridel says “I don't want a product entry screen, I don't
want a product database.â€
[12:28:38] Aredridel says “I'd be quite content to just put that in the
HTML.â€
[12:28:57] Aredridel says “Paypal or CCNow style: Their shopping cart
systems don't know about your product list at all.â€
[12:29:21] Aredridel says “You just refer a client's computer to their
cart with a token containing all the info.â€
[12:29:28] Aredridel says “So your site posts to theirs, that's all.â€
[12:29:50] Aredridel says “Tamperable? sure. I could place an order for
Fooitem for $0.01.â€
[12:29:57] Aredridel says “Problem? No.â€
[12:30:00] Aredridel says “I just don't ship it.â€
[12:30:18] Aredridel says “I call 'em up and say "Something's funny
about your order; that's not the right price."â€
[12:31:58] Aredridel says “And it works if nobody tampers. Big deal.â€
[12:32:35] Aredridel says “All e-commerce engines fall in three
categories: simple and works for small sites, complex but not having the
right features (works for nobody), or high-end, expensive, and works for
those who need it.â€
[12:36:16] wyhaines says “Aredridel, take a look at this:
http://napkinsbydesign.comâ€
[12:36:23] wyhaines says “Then click on, say, Table Runners.â€
[12:36:36] wyhaines says “Is that the sort of "shopping cart" that you
want?â€
[12:37:00] Aredridel says “Close. Not quite.â€
[12:37:10] Aredridel says “That's paypal's cart system — that's the
part I want.â€
[12:37:15] Aredridel says “The product lists I can just do in HTMLâ€
[12:37:25] Aredridel says “I'd love to (this is for Instiki,
actually...)â€
[12:37:36] Aredridel says “I'd love to hack instiki so I can just write
markup like so:â€
[12:37:53] Aredridel says “[[Product: Ruby Slippers; Price: $10]]â€
[12:37:58] wyhaines says “Yeah, it leverages paypal's cart. That's all
user controlled there, though. I don't have to touch it.â€
[12:38:18] wyhaines says “It runs via a web form, but is kind of like
what you describe.â€
[12:38:18] Aredridel says “And have that render as a form that has a
submit button, a quantity field, and two hidden fields: the item, and
the price.â€
[12:39:10] Aredridel says “And have it post to the cart handler, which
would show the cart (basically, the cart is a thin wrapper for a session
database), and then the checkout procedure takes their info, and then
links to the gateway of choice for checkout.â€
[12:39:40] Aredridel says “Basically, I don't want a catalog system at
all. -Just- the cart.â€
[12:40:02] Aredridel says “I want the link between the cart and catalog
to be very weak.â€
[12:40:24] Aredridel says “I want the post data to link one way. I want
the cart to look like the rest of the site only by templating, not by
any integration.â€
[12:41:01] Aredridel says “and if the cart could link back with a
"return to shopping" link that linked to the referer, so much the
better.â€
[12:41:43] Aredridel says “Basically, the only interface between the two
parts of the site would be HTTP. No shared database, no catalog on file,
nothing. The shopping cart just runs in a cgi-bin on some host, and
that's it.â€
[12:41:56] wyhaines says “That does sound pretty easy to do. If my wife
were a little farther along in her Ruby studies, I'd give it to her as
an assignment.â€
[12:42:01] Aredridel grins.
[12:42:12] Aredridel says “The hardest part is keeping the thing
featureless enough.â€
[12:42:40] Aredridel says “Basically, I want SPOT — but not by having
everything generated from the same source, but by editing things
directly.â€
[12:43:42] Aredridel says “... wyhaines, the napkinsbydesign site is
-fast-. Kudos.â€
[12:43:42] swsch says “see? another "no"!â€
[12:44:11] Aredridel says “Can I post this snippet of conversation in
response to that thread?â€
of Ruby elegance, why would it takes so much effort? Perhaps Ruby is not
ready for the kind of project we discuss?
C
Carl Youngblood
Sarah said:
Not at all. The reason is, people scratch their own itches. Nobody has
gotten itchy enough yet
Ruby has been used for far more intensetasks than this one.