Make your own free website on

Welcome to Zen Cart™ ...

The Zen Cart™ software is made available to you for use, additions, changes, modifications, etc. without charge, under the GNU General Public License.

While we do not charge for this software, donations are greatly appreciated each time you download a new version, to help cover the expenses of maintenance, upgrades, updates, the free support forum and the continued development of this software for your online e-commerce store.

Donations can be made at: The Zen Cart™ Team Page

We appreciate your support.
The Zen Cart™ Team

Zen Cart™ is derived from: Copyright 2003 osCommerce
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
and is redistributable under the GNU General Public License

This software is OSI Certified Open Source Software.
OSI Certified is a certification mark of the Open Source Initiative.


If you are using PayPal, you'll need to REMOVE and re-INSTALL the paypal payment module in Admin->Modules->Payment, after upgrading.

If you need a reference for paypal settings, see the Zen Cart + Paypal Setup document in the /docs folder, or refer to the paypal site for technical documentation.

CHANGELOG - List of Changed Files

For a list of files that have been changed since v1.2.6, see the changelog-v1-3-0.html

Whats New ...

The following are the major NEW ADDITIONS to v1.3.0d:

Template System Cleanup

  • All catalog pages are XHTML-Compliant (XHTML Transitional)
  • Template layouts have been redesigned with customer-usability in mind
  • Business Logic has been removed from templates, leaving only display logic where needed.
    This means template files are smaller, tidier, easier to follow, and easier to customize.
    To accomplish this, many components have been refactored as modules.
  • Enhancements
    - breadcrumbs can be enabled/disabled via admin switch
  • New button-set for default/demo templates

Added Features

  • New Unlimited EZ-Pages
    Inspired by sunrom's "Unlimited Information Pages" contribution, EZPages has been integrated into the core code, and enhanced to enable use in header, footer, or even sidebox.
    It's even possible to have more than one sidebox, with a few coding alterations.
    Enabling/disabling placement and sort order is all handled from the admin interface under the "Tools->EZ-Pages" menu.
    You can even group pages into chapters, and also specify a TOC (Table of Contents) for a certain chapter, which also allows a previous/next navigation through that chapter's pages.
    Also allows for SSL mode and "open in new window" mode on a per-page basis.
    Currently only supports a single language.
  • CSS Stylesheet control on a per-page basis
    Inspired by Juxi Joza's contribution, you can now use a different stylesheet for each page of your site, including per-product or per-manufacturer or per-language delineations.
    Also added printer-friendly stylesheet support (css/print*.css files)
    See the readme_css_system.html for more information.
  • PHPMailer
    The email subsystem has been replaced with the popular PHPMailer class. This will work around many limitations to the older legacy email subsystem which resulted in odd email problems with various hosting configurations and various email clients having problems reading contents.
  • PayPal IPN updated
    Added missing code to process e-checks
    Added debug facility
    (NOTE: Requires that you "remove" and re-"install" your Paypal payment module in Admin)
  • Site Map and 404 trapper
    Inspired by NetworkDad's contribution and langer's error404 contribution as well as suggestions/contributions by several others, the Site Map link (now in the Information sidebox) shows a navigable map of all categories and some core static pages. Great "spider food"!
    Enabling the switch to trap for "page not found" and "product not found" errors, also takes customers (and spiders) to the Site Map for alternate choices for finding their intended link.
    Sample .htaccess for "page-not-found" support can be found in the "extras" folder.
  • PHP Minimum Version requirement is now PHP v4.3.2
    We have raised the minimum supported configuration to PHP v4.3.2 due to the number of bugs fixed to that point. Some session-handling features in 4.3.2 function much more smoothly than in versions previous to that. Specifically, Zen Cart's "recreate session" switch only functions on PHP v4.3.2 or higher. Functionally-speaking, Zen Cart "will" still operate on PHP versions as low as 4.1.2, but you run the risk of odd login/security problems and some email issues.
    If you run into problems with Zen Cart and are using a PHP version prior to v4.3.2, we suggest you strongly encourage your host to upgrade, or to move you to a server that 'is' upgraded.
  • Notifier Subsystem
    The notifier subsystem allows you to "hook" into various cart events to alter the normal behaviour of standard activities. One possible use for this is the potential to activate a "buy one get one free" sort of feature during checkout.
    See wiki for detailed explanations and examples.
  • Coding optimization:
    - autoloader system implemented to replace application_top. Now split out into several separate components, found in the "init_includes" folder. Any customizations to these files can be overridden by using the "override" folder.
    - javascript "modules/pages/xxxx/jscript*.js" files now supported for inclusion by reference rather than only as inline javascript sent to the browser (from "jscript*.php" files).
    - More documentation in the wiki
  • Admin Multiple Categories Links Manager navigation enhanced
  • NEW shipping modules
    - freeoptions - offers the ability to have free shipping while any of the other shipping modules are displayed. It can be based on any combination of total, items, or weight. (The older "freeshipper" was free-only, the new freeoptions allows combinations.)
    - perweightunit - allows to charge shipping based strictly on the weight of the entire order. (this could be cloned on a per-currency level if needed, etc)
  • Category Metatags support added
    Now you can configure metatag information specific to individual categories.
  • Attributes System
    - Added textarea option on TEXT attributes, defined in Option Name Manager, allowing multi-line text-input attribute fields.
    - Attribute Controller delete all Option Values to 1 Option Name with confirmation

Other Changes in 1.3.0:

The following are additional changes/fixes in v1.3.0:

  • Various SQL updates implemented for improved MySQL 5 compatibility
  • Paypal module now processes echecks
  • admin/includes/configure.php now contains DIR_FS_DOWNLOAD. Previously it was defined in admin/download_manager.php. It is advised to add this entry to your admin/includes/configure.php during an upgrade, as future releases may not retain the definition in the download_manager file.
  • NEW: Moved meta-tag separators out of modules/meta_tags.php into english/meta_tags.php
  • NEW: If a category contains only one product, clicking on that category now takes you directly to that product's page (can disable this in admin).
  • NEW: "information" sidebox links can be enabled/disabled via admin switches
  • NEW: Added ability to skip sending certain email confirmations by defining EMAIL_MODULES_TO_SKIP
  • NEW: Admin home page now shows visitor history statistics for the last 10 days.
  • NEW: Admin Order-Edit page now allows shopowner to click and mask-out CC/CVV info
  • NEW: Admin Order-Edit page is more printer-friendly
  • NEW: Option to clear Admin Activity Log added to Admin->Tools->Store Manager
  • NEW: Admin Server Information page now shows version-history info
  • NEW: added admin support to prevent menu from appearing behind input boxes in IE
  • NEW: Language overrides for english.php do NOT need to be complete files. Only need "changed" defines in the override file, since the master is loaded after the override.
  • NEW: Customer can remove a discount coupon from their order by entering REMOVE for code
  • NEW: Products can now be free-shipping if virtual OR a combo of virtual plus physical (thus downloads are available AND stock is decreased when the product is ordered)
  • Enhanced logic for attribute pricing based on Customer Store Status and Customer Authorization
  • Enhanced Whos-Online information display. Spiders' info grouped together and more reliable.
  • Changed products_options_values field in database to BLOB format to allow more content
  • docblock headers added to changed files
  • Added "down for maintenance" notice in admin as well as catalog
  • Security enhancements to prevent register_global and xss hacks.
  • Several database index definitions were updated.
  • Demo database contents updated for stronger XHTML compliance
  • Breadcrumb trail in catalog now leaves last entry "not" as a live link. Can turn on again in admin.
  • Admin product/categories breadcrumb trail reversed ... to make it more intuitive.
  • Installer code optimized to better handle version detection and consolidate functions
  • Enhance: zen_db_perform function now accepts upper-case or lower-case parameters
  • Enhance: Split_page_results also accepts upper- and lower-case parameters (thx to forum tips)
  • Unsubscribe URL is now shorter -- shortened parameter to just 'addr'
  • Admin login boxes are now aligned
  • Admin "shopping_cart" class & "validations" functions dropped - now uses catalog version
  • Admin "modules" (pay/ship/ot) now auto enter "edit" mode upon installation
  • SQL errors now explain the full query for easier troubleshooting
  • Session-handling improvements
  • Enhance: email system now checks more aggressively for injection attempts
  • Enhance: email attempts to display currency symbols more accurately
  • extra_main_template_vars overrides improved
  • Bugfix - Rounding problems related to tax-calculations
  • Bugfix to catch more installer error messages ... in some rare cases were being ignored.
  • Bugfix - Product Notification selections on checkout now get stored properly
  • Bugfix - Checkout-Shipping -- calculations were evaluating as cheapest when results were false vs actually cheapest.
  • Bugfix -- product_music_info wasn't loading extra_main_template_vars overrides properly.
  • More detailed error messages now appear when SQL problems occur.
  • Bugfix: Admin coupon-admin page navigates more friendly.
  • Bugfix: Admin specials navigation fixes.
  • Bugfix: Developers Toolkit no longer dies with "permission denied" when searching directories for which it doesn't have read privileges.
  • Bugfix: whos_online was missing a define in admin area.
  • Per-page language files now load both the override file, and then the master file, so that missed definitions are not lost.
  • Bugfix: zen_href_link() now uses DIR_WS_HTTPS_CATALOG path when building SSL links.
  • Bugfix: free-shipping wasn't always being calculated properly when zero-weight=free.
  • Bugfix: gv_send wasn't always trapping for error conditions properly. Timeout extended also.
  • Bugfix: corrected missing error messages in Admin area
  • Bugfix: group pricing and coupons/GV calculations tidied
  • Bugfix: tpl_account_default wasn't properly listening to the admin switches for newsletter-unsubscribe and cust-product-notification-status, and didn't properly disable display of both links if both were set to disabled in admin.
  • Bugfix: fixed proportional image bug where images that are smaller than defined image sizes were proportionally enlarged beyond proper resolution
  • update product-listing templates to use a gif button instead of hard-coded button for Multiple Add To Cart
  • Bugfix: coupon restrictions had conflicts between allowed and disallowed products
  • Bugfix: smarter <noscript> code for multiple product images
  • Breadcrumb "home" link now has 'short' URL
  • Bugfix: when unlinking a product from multiple categories, now keeps connection to current category
  • Bugfix: minor syntax updates to styles in HTML email templates
  • Bugfix: session timeout problem resolved when moving from http to https domains
  • Bugfix: currencies and languages sideboxes were displaying on checkout incorrectly
  • Bugfix: product_music product type was not deleting relational records if product was deleted. Fix included adding override support at the per-product-type level for deletions.
  • Bugfix: cascading deletes for entire category now also handles prod-type-specific content
  • Enhanced: Switch added to downloads manager to allow non-redirected downloads to be streamed in chunks rather than the whole file. Helpful for servers with low PHP memory_limit
  • Some debug-only code has been relocated out of template files and into debug_blocks folder
  • Bugfix: No longer creates a blank phpBB account if no nickname entered during create-account
  • Bugfix: Logoff link no longer shows in header after logging off
  • Bugfix: Admin button-bar items now work better when processing items found via search
  • Bugfix: fixed javascript bug in authorizenet_aim module if CVV wasn't being captured
  • Bugfix: Music Genre editor window image option removed--was extraneous and prevented edits
  • Bugfix: Music Media Manager error if media was mistakenly not added to collection
  • Bugfix: Media Manager wasn't trapping errors during upload of clips if folder not writable
  • Bugfix: Group Pricing "deletes" handle warnings and deletions smarter
  • Bugfix: Newsletters/Products-Notifications now skips ob_flush if irrelevant
  • Bugfix: GV usage is now cleared properly post-checkout
  • messageStack code and dependencies on boxes class changed significantly
  • phpBB code moved out of the "sniffer" class into its own dedicated class
  • Renamed several files in the "docs" folder due to case-sensitivity issues in some browsers
  • Extraneous image files removed from distribution. Several new images added for newer template resources.
  • "empty.txt" files removed except for in sample "classic" override folders
  • blue_strip template removed
  • main_template_vars_images.php is now handled by modules/main_product_image.php & template file
  • main_template_vars_images_additional is now handled by modules/additional_images.php & template file
  • main_template_vars_attributes.php is now handled by modules/attributes.php and template
  • tpl_list_box_content.php is now handled by tpl_columnar_display.php and tpl_tabular_display.php, depending on whether you require tables (tabular) as output.



  • Please be sure to review and apply the Site Security Recommendations to your site prior to taking your shop "live". If you are uncertain about how site security applies to you, talk to your web host to ensure that you have proper measures in place.
  • XHTML Compliance: For true XHTML compliance, you should verify that all your product descriptions are fully XHTML-compliant. Also, any custom pages you have created or modified may need to be reviewed individually for XHTML compliance.
  • You may wish to go to Admin->Email Options->Allow Guest To Tell A Friend and set the option to 'false'. This will prevent non-logged-in customers from using your server to send unwanted email messages. (This is turned off by default on fresh installs. Upgraders should consider turning this off manually.)

Notes for Upgraders ... from v1.2.x to v1.3.0

The following items are things you should pay particular attention to when upgrading your files from v1.2.x to v1.3.0:
  • admin/includes/configure.php
    admin/includes/configure.php now contains DIR_FS_DOWNLOAD for fresh installs. Previously it was defined in admin/download_manager.php. It is advised to add this entry to your admin/includes/configure.php MANUALLY during an upgrade, as future releases may rely on this setting being set as such.
  • meta_tags custom separators
    meta_tags.php: 'PRIMARY_SECTION', 'SECONDARY_SECTION', 'TERTIARY_SECTION' moved from modules/meta_tags.php into languages/english/meta_tags.php
    If your active template is 'classic', then you need to BE CAREFUL to not overwrite your customized files in the /includes/languages/english/html_includes/classic/*.* area.
    NOTE: BEFORE UPGRADING, it is wise to make a backup copy of all the files/folders in: /includes/languages/english/html_includes
  • Tell a friend
    You may wish to go to Admin->Email Options->Allow Guest To Tell A Friend and set the option to 'false'. This will prevent non-logged-in customers from using your server to send unwanted email messages. (This is turned off by default on fresh installs. Upgraders should consider turning this off manually.)


Zen Cart™ has had a major overhaul of the templating system for v1.3.0. As such, you have two options:
  • upgrade your existing template by applying the new stylesheet and moving a few lines of code around; or
  • the best way to have almost-tableless and much tidier template code, is to make a new template and carefully re-apply your own customizations to the new template system.

For further information on template upgrading, see the forum discussion on this topic.