The Return of the Shop

The shop is back. It’s a bit different now. If you can recall from a month ago, I gave up on yak because it doesn’t work with WordPress MU. I found a plugin that does: Quick-Shop. It’s less fancy, but a lot easier to maintain. When you click “Add to Cart” on any page, you get redirected to the shopping cart, with that item added. To go back, press back in your browser (the old-fashioned way). To buy, click the PayPal button; you’ll be redirected to them so you can enter your payment info. Here’s the cart in action:

the shopping cart

You can change quantities; just press enter to update. The red X’s remove items, and more shipping policies and such are below the form.

Since this new software has no database and keeps no inventory or shipping logic, shipping is USA only now. You can email me if you really want some prints and can’t move to my country, though. Also, you can order like 500 of a print, because there’s no stock tracking. If you do this, it’ll take me a week extra to have the copies printed.

I’ve released all of my portfolio in the shop, to start. The price is $0.95 plus $0.42 shipping per print, and the size is 4*6 for them all. I like the new software because I can put multiple items to a post, unlike with yak, and I don’t have to do tedious updating of custom fields; it’s really quick for me to add an Add to Cart button.

Unfortunately, the plugin has security issues. I tried commenting about them on the author’s site, but just got a blank screen. Here is that comment:

I’m liking this plugin a lot and am using it on my site. It’s so basic, yet effective, and the lack of stock control isn’t an issue if you can produce an unlimited quantity of your products, like with mine. My only concern is the lack of security. You can easily fudge the HTML to get a site to display a lower price. For example with your site, putting the code below in a local file and clicking the button in a browser will actually load your site with the item at the reduced price ($5.00 from $359.99).

<p>Budget Intel PC: <strike>$359.99</strike> <strong>$5.00</strong> <object><form method="post" action="" style="display:inline"><input type="submit" value="Add to Cart" /><input type="hidden" name="product" value="Budget Intel PC" /><input type="hidden" name="price" value="5.00" /><input type="hidden" name="shipping" value="0.99" /><input type="hidden" name="addcart" value="1" /><input type="hidden" name="qslink" value="" /></form></object></p>

Obviously, if anyone does this, you don’t have to send them the item. It gets tricky if you’re giving them a receipt with the price they’ve forged, though. Might even be troublesome if they just cut the price in half and then complain to PayPal if you refuse to take the loss (they’ll have a PayPal confirmation with the product and lower price).

I’m not too worried about it because I’m dealing with low-value items, but otherwise I would be. Nice work on the plugin, nonetheless.

If you do the above to fake a lower price on my prints, I’m taking it as a donation. Most people are good and will use the shop as intended. :sunglasses: Thanks!