Make your own free website on

Welcome to Zen Cart™ ...

The Zen Cart™ software is made available to you for use, additions, changes, modifications, etc. without charge, under the GNU General Public License.

While we do not charge for this software, donations are greatly appreciated each time you download a new version, to help cover the expenses of maintenance, upgrades, updates, the free support forum and the continued development of this software for your online e-commerce store.

Donations can be made at: The Zen Cart™ Team Page

We appreciate your support.
The Zen Cart™ Team

Zen Cart™ is derived from: Copyright 2003 osCommerce
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
and is redistributable under the GNU General Public License

This software is OSI Certified Open Source Software.
OSI Certified is a certification mark of the Open Source Initiative.

Upgrade Instructions from v1.3.5 to 1.3.6

If you are upgrading from Zen Cart v1.3.5, the process is simple:
- compare all the changed files with the files on your own site... and re-apply your customizations to the new files
- upload the new files (with your customizations added) to your site
- upload the zc_install folder to your server, and run zc_install/index.php
... select Database Upgrade from the System Inspection screen. Apply the required updates.

If you are upgrading from a version prior to v1.3.5, please follow the instructions in the "how to upgrade" documentation in the /docs folder.


  • SECURITY: Please be sure to review and apply the Site Security Recommendations to your site prior to taking your shop "live". If you are uncertain about how site security applies to you, talk to your web host to ensure that you have proper measures in place.

  • Stylesheet Changes: There are some important stylesheet additions and a few changes.

    1. Two new styles were added:

      .hiddenField {
        display: none;
      .visibleField {
        display: inline;

    2. There was a conversion from <div class="navMainSearch forward"> to
      <div id="navMainSearch"> in the tpl_header.php file. If you wish to "not" convert that part of your header, you will need to add the following to your stylesheet

      /* backward compatibility, to be removed in 1.4: */
      .navMainSearch {
        float: right;
        margin: 0.5em;

  • PayPal Users: If you are using the PayPal payment module, you will need to Remove and re-Install the PayPal module in Admin->Modules->Payment->PayPal in order to take advantage of the bugfixes in the module. (Write down your settings first, for easier re-configuration!)


Since version 1.2, Zen Cart™ has had a major overhaul of the templating system for v1.3. As such, you have two options:
  • upgrade your existing template by applying the new stylesheet and moving a few lines of code around; or
  • the best way to have almost-tableless and much tidier template code, is to make a new template (based on template_default or the new "green" classic introduced in v1.3.5) and carefully re-apply your own customizations to the new template system.

For further information on template upgrading, see the support-forum discussion on this topic.

CHANGELOG - List of Changed Files

For a list of files that have been changed since v1.3.5, see the changelog-v1-3-6.html

Whats New ...

The following Improvements and bugfixes are included in v1.3.6:

  • SECURITY UPDATES. Important security updates related to XSS vulnerabilities have been included in this release to prevent exploitation of your site.

  • XSS vulnerability fixes included in this release

  • State/Country pulldown menus work intelligently across browser platforms

  • Discount coupons can now be restricted to only be usable if the customer's Billing Address matches the selected zone (ie: a 10%-off coupon could be set to apply only to US customers)

  • Linkpoint/YourPay API payment module now included with Zen Cart. Minor updates to module.

  • Products-Purchased report enhanced with search, hotlinks, etc

  • Added: image-size settings can now be configured for top-level category images
  • Added: centerboxes on Empty Shopping Cart page can now be enabled/disabled/sorted via the admin interface under "Stock" settings
  • Added: currency-exchange "uplift" calculator added to My Store area, allowing automatic global padding of exchange rates during automated updates
  • Added: search page now accepts URL parameters, allowing some retention of search history if details supplied by a referring source/link
  • Added: Subcategories Row switch added to admin for Product Listing page
  • Added: "zones" shipping module now allows "00" for "All zones". Also no longer case-sensitive
  • Added: zone-status indicators added to suggest where zone configurations may be incomplete
  • Added: "upcoming products" can now be excluded from New Products boxes/listings
  • Added: built-in support for easy_rollovers contribution to be plugged in more simply
  • Added: new switch for Product Info to disable display of product-model in meta-tags output where custom meta-tags not defined
  • Added: create-account-success page now shows the customer's address for quick visual verification of their personal data

  • Enhanced: $this_is_home_page variable can be used to determine whether the displayed page is truly the home page of the site or not. Handy for disabling breadcrumbs or other items for just the home page.

  • Change: admin - when entering/editing products, now have the option to key in the name of the product image filename to use images already uploaded to server
  • Change: admin order-status pulldowns now sort by ID instead of name
  • Change: admin "extras" menu no longer appears if it has no content (ie: can remove the menu file for music items from the extra_boxes folder and the menu option will disappear)
  • Change: improved calculation of commissionable_amount for affiliate hooks to support credit modules offering discounts
  • Change: email system change to allow separation between php, sendmail, smtp etc methods of transport instead of only smtp/sendmail
  • Change: Alternate email-encoding methods available. Default is now 7bit instead of 8bit. Can override via new file in extra_configures folder
  • Change: image ALT text no longer displays if image not found
  • Change: "Mixed ON/OFF" text no longer appears if there are no attributes for selected product
  • Change: removed auto_increment from metatags tables for foreign-key fields
  • Change: default editor plugins now selectable from Admin->Config->My Store via pulldown
  • Change: status message added to messageStack if add-to-cart set to return to product
  • Change: if customer record is deleted during a shopping session, they will now be logged out

  • PayPal: no longer requires case-sensitivity on email address of PayPal account
  • PayPal: was encountering an error if ez-pages functions were called in language files
    (unrelated to PayPal ... only related to customizations affecting PayPal loading)
  • PayPal: fixed problem where purchase of a GV via PayPal was leaving GV linked to wrong order #

  • Bugfix: banner bug related to status change ... missing parenthesis found
  • Bugfix: textarea displays for define-pages area in Opera not displaying properly
  • Bugfix: line-ending problem in the admin language file for coupon_admin.php
  • Bugfix: email problems for SMTP mailservers resolved
  • Bugfix: New Products date fixed to manage "All", "Current Month", and any number of days
  • Bugfix: download-resets via Admin were not properly considering "unlimited" vs max days
  • Bugfix: breadcrumb was displaying incompletely/incorrectly when navigating prev/next
  • Bugfix: zen_redirect function works smarter for SSL pages
  • Bugfix: USPS/UPS modules were incorrectly adjusting weight in some cases
  • Bugfix: Manual-Add of Specials/Features product numbers in admin now checks proper ID's
  • Bugfix: ot modules were not properly handling taxes when "tax in" pricing enabled
  • Bugfix: maximum address book entries restriction was allowing one too many
  • Bugfix: added missing switch to configuration menu for Page Not Found "define page"
  • Bugfix: sidebox "id" duplicates removed
  • Bugfix: stylesheet fixes
  • Bugfix: Discount Quantity would occasionally vanish when editing by product price manager
  • Bugfix: preg was breaking when testing template override files in template_func.php
  • Bugfix: admin footer now properly shows version details
  • Bugfix: admin coupon editor was incompletely handling multiple languages
  • Bugfix: Coupon Zone notice in popup and lookup pages added
  • Bugfix: Search page MySQL errors due to version-specific query problem
  • Bugfix: tax calculations fixed for order total modules where include tax/shipping flags selected
  • Bugfix: shopping cart was holding on to old quantity during some adjustment requests
  • Bugfix: admin categories-metatags editor not handling language properly and giving SQL errors
  • Bugfix: UPS shipping module changed to retrieve Fuel Surcharge rate if exists
  • Bugfix: remove ereg_replace errors on additional-image-popup window (now uses str_replace)
  • Bugfix: fixed occasional DOB errors when format changed or null data supplied
  • Bugfix: coupon "amounts" now allowed 15,4 precision instead of 11
  • Bugfix: product-listing quantity boxes are now similar on advanced-search results
  • Bugfix: sales/specials/features were not accurately expiring once-per-session
  • Bugfix: apostrophes were causing problems when sending mail from admin
  • Bugfix: admin menu pulldown borders were inconsistently displaying in FF
  • Bugfix: admin banner manager page-selection occasionally lost
  • Bugfix: remove hard-coded "Store Pickup" text from admin orders screen
  • Bugfix: CURL proxy support consistency tidied
  • Bugfix: currency-updater was timing out if more than 6 currencies had to be processed
  • Bugfix: some MySQL5 strict_trans issues resolved
  • Bugfix: shipping estimator was showing blank if all shipping modules were restricted by zones and the customer wasn't logged in
  • Bugfix: remove stray NAVBAR_TITLE constant name from showing in metatags in popups etc
  • Bugfix: $lng object consistency between catalog and admin fixed
  • Bugfix: order of parameters in some URL's tidied (ie: mfg selection etc)
  • Bugfix: media manager was including recursive cat/prod listings in pulldown
  • Bugfix: status messages fixed where uploads failed when adding product to cart
  • Bugfix: zone-definitions page wasn't retaining pointers properly for sidebox during navigation

Zen Cart™ Copyright 2006