Zen Cart

Zen Cart

Zen Cart ist eine Open-Source E-Commerce Software und wurde 2003 aus “osCommerce” weiterentwickelt.

Installation mit einem Klick Zen Cart

Installation mit einem Klick

Einfache Aktualisierung Zen Cart

Einfache Aktualisierung

Speichern und wiederherstellen Zen Cart

Speichern und wiederherstellen


e-Commerce und Business
Laufende Version
Letzte Aktualisierung
20 March 2016
English , Nederlands (Dutch)


Grösse der Installation
22 MB
Was gibt es Neues?


20 März - 22MB
  • All known v1.5.4 bugfixes and security fixes are included in v1.5.5, including tighter control around XSS as well as clickjacking
  • Template: The default out-of-the-box template (called "Responsive Classic") is now a mobile-friendly responsive-design theme built for flexibility with tablets, mobile devices, and desktops.
  • Template: The core template_default files have been reviewed for HTML5 compliance, and a number of classes and IDs have been added to move older styling to CSS instead. Specific input-types like email/telephone for easier use on mobiles
  • Admin: Admin menu improvements to help it fit tablet screens better
  • Admin: Added customer-password reset via Admin
  • Admin: Products Price Manager: Added display of taxes into prices
  • Admin: Improvements to developers-toolkit and whos-online
  • SEO: Numerous updates to canonical-url handling
  • SEO: Added hreflang markup for better indexing of multilingual sites, and other HTML page-header metatag improvements
  • Checkout: Order Details added to Checkout-Success page
  • Payment: PayPal Express Checkout has numerous updated compatibilities added, including their latest InContext mobile support
  • Payment: Added SagePay Form payment module (for hosted offsite PCI compliant credit card processing)
  • Payment: Added First Data Hosted Checkout Payment Pages (Global Gateway e4) module (for hosted offsite PCI compliant credit card processing)
  • Payment: Retired obsolete Linkpoint_API payment module (replaced by the new Payeezy JS module)
  • Payment: Added Payeezy JS (First Data/Global Gateway e4) Payment module (for onsite PCI compliant credit card processing)
  • Core: Added PHP 7.0 compatibility
  • Core: Added MySQL 5.7 compatibility
  • Core: Improved error-logging for troubleshooting (included @lat9's debug-backtrace mod)
  • Core: Improved/simplified code for db query handling, allowing simple foreach() iterations instead of requiring while(!EOF) loops,
  • Core: Added hooks to allow for 3rd-party-handling of taxes, for plugin support with orders, attributes, and much more
  • Core: Fix some rounding errors
  • Core: Added cron code for automated currency-updating, and currency sources can be selected from Admin->Config->My Store menu, and plugins can auto-show in this list
  • Core: Fixed bug with a race condition causing database errors related to sessions
  • Core: Simplified the configure.php file contents significantly by retaining only the most-often-customized components, and added an automatic-converter as part of zc_install's initial inspection
  • Email: Integrated @lat9's "common CSS styling" for HTML emails
  • Email: Added newer phpMailer integration (better compatibility with more email services), and email-failure errors are logged to /logs/ for easier debugging if problems occur
  • Some language-file cleanups
  • Improved compatibility for payment/shipping modules and SSL/TLS to work with the 2016 SHA-256 Secure Server initiatives being embraced by modern hosting companies and PCI Compliance
  • Rewrote zc_install - fresh new look, will make future internal maintenance easier
  • Replaced phpBB integration with generic hooks to allow for various external forums
  • Security patches for alerts provided from various security watchdog sites
  • Numerous other small improvements to make things work faster, sleeker, smarter and be easier to use

Lesen Sie mehr: http://zen-cart.com/showthread.php?219730


31 Dezember 2014 - 22MBImprovements
  • CHANGE-714 - Add progressive-enhancement to checkout flow for PCI compliance when card details collected onsite (added ajax infrastructure, and jQuery)
  • Fix #209 - POODLE protection - Remove SSLv3 mode, to allow autonegotiation

Bugfixes and feature updates
  • CHANGE-724 - Fix init_cache_key_check.php redirect loop which occurred when the user deletes the /cache/ folder
  • CHANGE-423 - PayPal Express Checkout - recover funding failure (10486) with "retry" if card is declined
  • CHANGE-725 - Authorizenet SIM module now hashes x_currency_code
  • CHANGE-730 - Linkpoint CURL SSL bug triggers PHP Warning: Illegal string offset
  • CHANGE-731 - Update Authorize.net SIM and AIM to add support for AUD,NZD currencies (now supports USD CAD GBP EUR AUD NZD)
  • CHANGE-732 - Update Authorize.net SIM and AIM to set defaults for merchant accounts capable of doing POS and Web transactions in one account
  • CHANGE-733 - Store-pickup module not activating properly for zone restrictions
  • CHANGE-311 - Data sanity check in admin/customers.php
  • CHANGE-709 - Refactor logging infrastructure
  • CHANGE-735 - Fix CSRF in admin profiles for action=delete
  • CHANGE-736 - Fix CSRF in layout_controllers for action=reset_defaults
  • CHANGE-737 - Replace hard-coded language text in /admin/orders.php
  • Fix #136 - Error in html syntax in admin_activity and CSS comment syntax in who's online
  • Fix #152 - Page not found when incorrect EZPage link remove status
  • Fix #188 - Remove code comment causing false-positive in security scan
  • Fix #210 - Fix code dealing with apostrophes in filenames
  • Fix #215 - Added additional common destinations to curltester script
  • Fix #221 - Fix Discount Coupon and Shipping Cost
  • Fix #246 - Fix errors about passwords during zc_install upgrade
  • ISSUE-82 - (continuation of) Fix odd PHP quirk which triggers fatal error "Allowed memory size of --- bytes exhausted" when accessing SID constant
  • Optimizations and improvements to various database queries
  • Fix queries in class.phpbb.php
  • Fix fmod_round and shopping_cart using (int) on quantity
  • Backported a PHP 5.4 fix to attributes_controller
  • zc_install - Fix email validation in zc_install to allow for new domain name TLDs
  • Fix override of mexico addresses with paypal pro
  • Substitute gethostname for shell_exec since some hosts disable shell_exec

Lesen Sie mehr: http://zen-cart.com/showthread.php?215684


7 Juli 2014 - 22MBImprovements:
  • CHANGE-511 - Change DB functions from mysql to mysqli
  • CHANGE-89 - Convert to bcrypt for password security hashing (requires PHP 5.3.7 or newer)
  • CHANGE-491 - Timezone patch for PHP 5.3/5.4/5.5 (this makes the "timezone offset" plugin obsolete)
  • CHANGE-566 - Add Admin switch to relax PA-DSS "strong" password requirements when in Demo mode
  • CHANGE-543 - Updates for PHP 5.5 Compatibility; Verified PHP 5.6-beta compatibility
  • CHANGE-432 - Numerous fixes for stricter PHP 5.4 compatibility
  • CHANGE-350 - Improvements to queryFactory to better support sql caching
  • CHANGE-359 - Add advanced developer tool for Notifier Trace and a global eventID
  • CHANGE-412 - Increase length of session key field due to changes in PHP defaults
  • CHANGE-421 - Update Authorize.net modules to support CAD and UK currencies
  • CHANGE-427 - Fix Memory Leak with PHP 5.3/5.4
  • CHANGE-434 - Add additional SSL detection checks to accommodate more poorly configured hosting companies
  • CHANGE-450 - Switch to SSL for contact-us form (when SSL is enabled)
  • CHANGE-452 - Add multiple-language and multiple-location support to the Store Pickup shipping module
  • CHANGE-454 - Made low-stock emails interceptable by notifier/observer
  • CHANGE-524 - Fix SaleMaker issues on Discount Quantity
  • ISSUE-54 - Session handling improvements
  • ISSUE-82 - Fix odd PHP 5.4 quirk which triggers fatal error "Allowed memory size of --- bytes exhausted" when accessing SID constant

Bugfixes and feature updates:
  • CHANGE-196 - Fix issue with Store-pickup module vs taxes
  • CHANGE-206 - Fix admin profiles code to also manage product types
  • CHANGE-225 - Handle use of comma as decimal point for Gift Voucher
  • CHANGE-235 - Fix for create_account_success doesn't honor session timeout
  • CHANGE-274 - Installer improvement - alert if new version available at install time
  • CHANGE-309 - Changes to avoid spam flags on Admin Emails about payment/shipping modules, and prevent autoresponder replies to newsletters and contact-us emails
  • CHANGE-311 - Data sanity check in customer login and admin customer mgmt to handle missing records resulting from bad imports or damaged data
  • CHANGE-315 - Performance tuning with .htaccess tweaks
  • CHANGE-323 - Fix rounding error with attributes and salemaker
  • CHANGE-332 - Update PayPal WPS to prevent mistakenly entering localized country domain for accessing PayPal services (per PayPal change Q3-2012)
  • CHANGE-341 - Updates to observer/notifier code to better support legacy procedural code
  • CHANGE-343 - Fix various language wording and dist-configure examples vis a vis the logs foldername
  • CHANGE-345 - Fix typo in whos_online legend
  • CHANGE-346 - Fix outdated language in configuration menu help texts, mainly around the name of the logs folder
  • CHANGE-347 - Fix TRY currency in paypal modules
  • CHANGE-348 - Fix Secunia advisory SA50574 - XSS in admin login.php
  • CHANGE-351 - Fix EZ-Pages Table of Contents links not displaying (if queryCache enabled, such as was added in v1.5.1)
  • CHANGE-352 - Fix attributes controller fatal error after upgrade
  • CHANGE-353 - Fix for password_forgotten generates log file
  • CHANGE-354 - Installer now bypasses APC and other caching mechanisms during zc_install, to prevent confusion caused by caching of files which require alteration.
  • CHANGE-355 - Fix redirect error when product is not General
  • CHANGE-361 - Fix blank page problem caused by clash with output_handler in hosting configuration
  • CHANGE-362 - Fix for template_filename not selecting for admin-initiated emails
  • CHANGE-363 - Trap for constant-not-found errors with badly-configured admin plugins
  • CHANGE-364 - Fix installer error: Failed to initialize storage module: memcache
  • CHANGE-365 - Fix missing noindex,nofollow missing on "forgotten" screen in admin
  • CHANGE-368 - Installer was allowing browser to remember old form data
  • CHANGE-371 - Fix for checkout_shipping creating debug logs when shipping method fails to generate methods
  • CHANGE-378 - Fix for Downloads of virtual products fail when site is Down For Maintenance
  • CHANGE-386 - Fix CURL/SSL Vulnerabilities
  • CHANGE-389 - Fix confusion about password reset message
  • CHANGE-392 - Fix coupon_admin.php contains double 'p' tag
  • CHANGE-396 - Removed nde-basic.css because it is obsolete since v1.5.0
  • CHANGE-397 - Fix Developers Tool Kit where Line number values in results were off by one
  • CHANGE-398 - Store Manager log purge improvements
  • CHANGE-403 - Fix PayPal EC to prevent use of ImmediatePayment when AuthOnly is selected
  • CHANGE-411 - Increase size of fields in tables for admin profiles
  • CHANGE-413 - Change date/time display format in admin header to be consistent with configured preference
  • CHANGE-416 - Prevent unauthorized information disclosure with editor
  • CHANGE-417 - Fix for issue where email confirmation gets truncated on the less-than symbol in product names
  • CHANGE-422 - Fix overzealous regex for handling IPv6
  • CHANGE-424 - Fix PayPal Micropayments bug which was preventing non-micro payments from working if micropayments credentials were present
  • CHANGE-425 - Fix for: Deleted ez-pages didn't trigger a 404 not found. Disabled pages were still reachable. Now sends to home page and shows message.
  • CHANGE-429 - Suppress HTML-formatting in PHP error messages, to aid in eliminating accidental posting of private links when requesting help
  • CHANGE-432 - Fix several issues causing warnings in debug logs due to PHP 5.4 compatibility
  • CHANGE-435 - Set reply-to header in admin copy of order-confirmation email - to make for easier replying to customers
  • CHANGE-437 - Set proper exclusion metatags to prevent gv_faq pages from being spidered/indexed
  • CHANGE-442 - Fix HTML id=reviewsContent already defined error in reviews sidebox
  • CHANGE-444 - Fix missing 'echo' and centerboxes in tpl_product_info_noproduct.php
  • CHANGE-446 - Cleanup: Remove duplicate code in update_product.php
  • CHANGE-451 - Fix canonical link handling for cases where the site operates entirely in SSL
  • CHANGE-455 - Improve zen_get_all_get_params to accommodate plugin issues throwing PHP Warning: strlen() expects parameter 1 to be string
  • CHANGE-459 - Fix inconsistencies in some zc_install help text
  • CHANGE-463 - Add insulation to protect against inaccessible products caused by errors in custom-written product types (where mistakenly type=0)
  • CHANGE-464 - Fix PHP warning: Use of undefined constant SUPERUSER_PROFILE ...
  • CHANGE-470 - Fix missing closing table row in /admin/orders.php
  • CHANGE-471 - Fix a couple small logic bugs in table_block.php
  • CHANGE-472 - Improve caching for product-type settings
  • CHANGE-474 - Fix boolean typo on comparison in ot_cod_fee module
  • CHANGE-476 - Fix for zen_mail doesn't always use default template for non-english use
  • CHANGE-478 - Fix Incorrect base_href in admin-sent HTML emails in some configurations
  • CHANGE-484 - Quantities added to cart should adjust to stock rather than just a message
  • CHANGE-487 - a Simplify filesmatch rules in htaccess by adding case-insensitivity flag
  • CHANGE-487 - b Add webm permission to htaccess rules for media-playback and downloadable-files
  • CHANGE-489 - Added additional notifiers to order.php class
  • CHANGE-491 - Improvements to automated timezone detection
  • CHANGE-497 - Improvements to date/time display in admin header
  • CHANGE-498 - Fix proxy-detection support for EXCLUDE_ADMIN_IP_FOR_MAINTENANCE and zen_get_ip_address() vs $_SERVER['REMOTE_ADDR']
  • CHANGE-506 - Fix robots tag in admin pages
  • CHANGE-509 - Fix minor incorrect variable declaration in option_values_manager.php
  • CHANGE-514 - Improve Developers Tool Kit to allow the search of single and double quotes
  • CHANGE-519 - Add more error checking in check_page()
  • CHANGE-520 - Remove inline javascript and tags which may not be stripped correctly in product listings etc
  • CHANGE-521 - Fix error on Incorrect integer value: products_priced_by_attribute
  • CHANGE-526 - Additional notifier to allow additional validation in account_edit page
  • CHANGE-527 - Add configuration-settings-search to Developers Toolkit, credit B.Bellamy,torvista (makes the search_configuration_keys plugin obsolete)
  • CHANGE-528 - Updates to valid cart issues with attributes and changes prior to checkout
  • CHANGE-529 - Fix variable initialization in Shipping Estimator
  • CHANGE-532 - Init system - move navigation history to after init_sanitize
  • CHANGE-544 - phpMailer upgrade
  • CHANGE-545 - Allow countries to be flagged as available/unavailable for shipping (built from a combination of code backported from v2 and a contribution by lat9)
  • CHANGE-546 - Init system - Relocate version constants to the beginning of the autoloader process.
  • CHANGE-547 - Utilities updates - CURLtester update
  • CHANGE-548 - Fix PHP Notice: Only variable references should be returned by reference
  • CHANGE-549 - Fix for PHP Notice: Object of class queryFactoryResult could not be converted to int
  • CHANGE-550 - Fix PHP Notice: Constant ATTRIBUTES_PRICE_FACTOR_FROM_SPECIAL already defined
  • CHANGE-551 - PHP Notice: Undefined index: freeshipper
  • CHANGE-559 - Fix for Shipping Estimator which was causing shipping modules to request quotes twice
  • CHANGE-562 - ironlady github pull request - Add webfont files support to .htaccess whitelist
  • CHANGE-563 - Fix zone misspelling in latin1 encoding. Add translations in utf8 version.
  • CHANGE-564 - docs
  • CHANGE-565 - Incorporate the Fix_Cache_key utility code into ZC Admin core (thus the plugin by the same name is now obsolete)
  • CHANGE-568 - Add storeowner-definable session timeout limit
  • CHANGE-570 - Add notifier hook to provide ability for Admin Activity Logs be exportable to CLFS or other standard format (PA-DSS feature)
  • CHANGE-573 - Rename Email HTML switch setting text and description to be clearer
  • CHANGE-574 - Add strict check to some admin pages to protect against invalid variables created by plugins that don't clean up after themselves, like MagneticOne stuff
  • CHANGE-575 - update spiders.txt
  • CHANGE-580 - torvista pull request 11 - locale addition for Windows servers
  • CHANGE-591 - Fix Australia address format to remove comma
  • CHANGE-591 - Fix Australia address format to remove comma
  • CHANGE-593 - PayPal - Change to Pending Reason responses, required one table schema change
  • CHANGE-594 - PayPal API changes - July 2013 (A: deprecated some rarely-used parameters)
  • CHANGE-594 - PayPal API changes - July 2013 (B: Updated treatment of currencies which don't support decimal places)
  • CHANGE-595 - Expand locale support for PayPal to perform better matching and to include PayPal's latest updates
  • CHANGE-601 - Relax PA-DSS "strong" password requirements - sql upgrade changes
  • CHANGE-605 - Fix error in PayPal Standard - PHP Fatal error: Using $this when not in object context
  • CHANGE-609 - PR12 - Address formats for Belgium, Netherlands
  • CHANGE-610,614,617 - lat9 $param1 array output reduction in notifier trace
  • CHANGE-611 - Sanitize all known get parameters.
  • CHANGE-612 - Sanitize all known get parameters.
  • CHANGE-616 - For consistency and PHP 5.4 compatibility $_SESSION['shipping'] should always be treated as an array
  • CHANGE-619 - Improve speed of stores with over 10,000 products
  • CHANGE-621 - Set defaults on Developers Toolkit pulldowns to improve ease of use
  • CHANGE-622 - Fix issues with ot-coupon for ship/free combo
  • CHANGE-626 - Fix fresh install error if cache table is damaged or database has no tables
  • CHANGE-632 - Change paypal modules to use /logs/ directory for logging
  • CHANGE-638 - Fix review-text stripping html characters into wrong symbols
  • CHANGE-639 - Fix XSS display problem in back-end preview screen
  • CHANGE-666 - minor typo in option_name.php language file
  • CHANGE-667 - Constant OFFICE_IP_TO_HOST_ADDRESS already set
  • CHANGE-671 - Change default address-format layout for Sweden
  • CHANGE-673 - Remove obsolete ssl-unclean-shutdown hack from admin
  • CHANGE-675 - Update country names to reflect changes in the ISO standards thru end of 2013
  • CHANGE-677 - Adjust admin categories code to stop triggering false-positive on security scan
  • CHANGE-678 - Adjust admin banner code to stop triggering a false-positive alert on security scan
  • CHANGE-679 - Adjust admin categories code to stop triggering false-positive on security scan
  • CHANGE-681 - Fix admin scenario of mixed content embedded on a page
  • CHANGE-682 - Adjust admin product-music code to stop triggering false-positive on security scan
  • CHANGE-683 - Backport compatibility fix
  • CHANGE-685 - Fix stock reduction problem with checkbox/attribute combinations in cart
  • CHANGE-686 - Changes to ensure output is correctly sanitized even in places protected by authentication requirements
  • CHANGE-689 - zc_install updates
  • CHANGE-690 - Add function to do lookup of latest version of plugins
  • CHANGE-691 - Retire obsolete compatibility functions
  • CHANGE-692 - CURL-force SSL3 on Cardinal connections
  • CHANGE-694 - Stopped admin send-mail page from drawing a huge dropdown list even when a single customer is pre-selected from customers screen
  • CHANGE-696 - Display of Product Categories is unclear and needs better layout
  • CHANGE-697 - Change core config entries to not use config-group-id 0 since many sloppy plugin authors delete those core settings
  • CHANGE-698 - Fix bugs in calls to zenCssButton()
  • CHANGE-706 - Clean up display of "php disabled functions" list in zc_install inspect screen
  • CHANGE-707 - Fix admin url autodetection to accommodate :port suffix in admin urls for local dev setups, and better handle shared-ssl configurations
  • CHANGE-708 - EZ Page Title Tag incorrect (introduced by CHANGE-425)
  • CHANGE-713 - zc_install problem with correctly detecting working dir on shared-SSL servers
  • CHANGE-715 - Fix Attributes Controller not accounting for Tax classes
  • CHANGE-716 - General file formatting and syntax cleanups
  • ISSUE-9 - Fix minor issue with model number display on product_reviews page
  • ISSUE-19 - Fix coupon-admin date check since mktime() doesn't support is_dst param anymore
  • ISSUE-23 - Clean up add to cart when non-numeric value is used and display message
  • ISSUE-51 - Add ability to autoload observer classes without needing to also create auto_loaders scripts
  • ISSUE-52 - Change admin rules to allow pass"phrases" by permitting the use of spaces
  • ISSUE-81 - class.base.php: Initialize static observer
  • ISSUE-82 - Fix odd PHP 5.4 quirk which triggers fatal error "Allowed memory size of --- bytes exhausted" when accessing SID constant
  • ISSUE-83 - lat9 requested more notifiers for order-class
  • ISSUE-87 - Fix payment module problem admin-side preventing use of Refund option
  • ISSUE-88 - Fix var assignment operator in ot_gv.php for Calculate Tax
  • ISSUE-89 - Update zenCssButton function and stylesheet to use CSS3 (courtesy of lat9 contribution)
  • ISSUE-90 - Add gTLD support for email addresses (like .marketing or .international)
  • ISSUE-116 - Make admin configure.php "cognizant" of /local subdirectory
  • ISSUE-131 - Change password fields to specify autocomplete=off
  • ISSUE-132 - Clean up some debug logging activity with payment modules
  • ISSUE-133 - Change error messages on password-forgotten screen
  • ISSUE-134 - Fix outputs for locate_configuration in DTK added by recent incorporation of lookup plugin
  • ISSUE-135 - Fix a potential XSS issue on the countries screen
  • ISSUE-136 - Fix frequently-reported scenario where redirect links could be abused to redirect to unverified destinations
  • ISSUE-137 - Add PCI DSS warning to the DB query-logging switch
  • ISSUE-138 - Riddler spider causing performance issues; update spiders.txt list
  • ISSUE-142 - Record Company/Record Artist cannot update language dependant fields
  • ISSUE-143 - Remove (previously commented-out) SecFilter rules from zc_install/.htaccess so aggressive hosting company security systems don't quarantine

Lesen Sie mehr: http://zen-cart.com/showthread.php?213846


18 September 2012 - 22MB


30 Dezember 2011 - 22MB

Unsere Webhostings sind kompatibel mit
Zen Cart


Nur Webhosting

100 GB und mehr
Kostenlose SSL-Zertifikate

Weitere Infos

ab 5.75 € / Monat


Das Web+Mail-Komplettangebot

100 GB und mehr
Kostenlose SSL-Zertifikate

Professionelle E-Mail
25 E-Mail-Adressen mit unbegrenztem Speicherplatz

Instant Messaging
Sychronisation von Kontakten und Kalendern

Weitere Infos

ab 7.42 € / Monat



100 GB und mehr
Multi-Hostings und Multisites
Kostenlose SSL-Zertifikate

2 CPU und mehr
6 GB RAM und mehr
100% SSD
100% dedizierte Ressourcen

Infomaniak verwaltet Ihren Server

Weitere Infos

ab 29 € / Monat

Preise in EUR inkl. MwSt