Excellent! I agree 100% on the osCommerce comment, BakeSale has lots going for it and is very easy to extend, so far its been mostly the work of a single person (not me), but i think hes looking to get more people involved.
Please do post to BakeSaleHQ, look forward to hearing from you. Drayen. On Aug 1, 11:22 am, housebolt <[EMAIL PROTECTED]> wrote: > > I've committed code tobakesaleand use it myself > > Glad to hear from you. I'll post some of the stuff over at BakeSaleHq > as soon as I get some time this week. It's a great platform, and I > think it could go further than osCommerce (and be 10 times more easy > to use and customize). I personally think all shopping carts should > use some sort of framework, andBakeSaleis the first of its kind for > Cake. > > On Aug 1, 1:25 am, drayen <[EMAIL PROTECTED]> wrote: > > > Hi, > > > I've committed code tobakesaleand use it myself, i would be > > interested to hear what you've found. I can also confirm you never > > contacted thebakesaleteam. Onto your image : > > > The system doesn't look like its released any useful data? > > > The output your showing is on the demo site, which is deliberately > > unsecured to allow people to test the admin interface. Were you able > > to re-create your results on your own server? > > > If you want to help, by all means apply to be a part of thebakesale > > cakeforge group and commit updated and more secure code, i am sure we > > would welcome the help. We are soon going to move to 1.2 and will be > > using the security class you talked about in a post you made 34 hours > > ago, which should close a few holes. > > > Or if not how about submit the holes you've found, ideally with > > solution code via our bug tracker on google code > > :http://code.google.com/p/bakesale/issues/list > > > <rant> > > > > I'm not trying to make trouble here > > > Your also not being constructive, don't just troll without even > > talking to the people who can change things for the better, or fully > > understanding what your criticizing. > > > > So, if you're > > > thinking about usingBakeSale, make sure that you take a good look at > > > the code before you use it, especially if you're going to be saving > > > credit card numbers in your database. > > >Bakesaledoes NOT store CC information, it uses external payment > > gateways e.g. paypal. > > </rant> > > > Drayen. > > > On Aug 1, 3:38 am, housebolt <[EMAIL PROTECTED]> wrote: > > > > There's nothing to disclose. I haven't given out anything, and it's > > > blatantly apparent. There is not one single security measure in place > > > within the code, so I would have to disclose the entire code base. > > > > I'm not trying to make trouble here, I'm just warning people about the > > > danger of usingBakeSale"straight out of the box". > > > > I would be fine if they were marketing it as a basic starting point > > > for building a shopping cart, but they're making it out to be a > > > complete product. > > > > On Jul 31, 7:30 pm, "Dr. Tarique Sani" <[EMAIL PROTECTED]> wrote: > > > > > On 8/1/07, housebolt <[EMAIL PROTECTED]> wrote: > > > > > > I was just taking a look atbakesalefor some ideas on building my own > > > > > shopping cart. > > > > > > Please don't usebakesalein its current form without looking into its > > > > > security issues. > > > > > Did you contact the deveopers ofBakesaleabout this before disclosing > > > > here? > > > > > If yes what was the response? > > > > > Tarique > > > > > -- > > > > ============================================================= > > > > Cheesecake-Photoblog:http://cheesecake-photoblog.org > > > > PHP for E-Biz:http://sanisoft.com > > > > ============================================================= --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
