Want to contribute, but not ready for the big time
7 views
Skip to first unread message
Brent Hoover
Apr 24, 2009, 11:56:41 AM4/24/09
to sutekishop
I really like the suteki shop and am using it for a model for MVC
projects going forward and for a Pro Bono project in the here and now.
I would like to contribute but am still getting up to speed on all the
new (to me) technologies. However I have 10 years eCommerce experience
and have written gateways for all major payment providers, real-time
ship quoting for all major shippers (at least in US) and integration
with all major shopping engines (Google Base, Pricegrabber, etc). But
right now I am probably best taking some grunt work from some of the
more heavy hitters.
So if y'all have anything on your todo list that you want to unload
like documentation, Google Analytics, Web Testing scripts, etc. let me
know and I would love to add whatever I can until I can add something
significant.
I am on a little hiatus doing some "sharpening of the saw" so it's a
rare opportunity for me to contribute and catch up with the last
couple of years while I was keeping a business afloat.
Or not if delegating is just another todo.
--Brent
projects going forward and for a Pro Bono project in the here and now.
I would like to contribute but am still getting up to speed on all the
new (to me) technologies. However I have 10 years eCommerce experience
and have written gateways for all major payment providers, real-time
ship quoting for all major shippers (at least in US) and integration
with all major shopping engines (Google Base, Pricegrabber, etc). But
right now I am probably best taking some grunt work from some of the
more heavy hitters.
So if y'all have anything on your todo list that you want to unload
like documentation, Google Analytics, Web Testing scripts, etc. let me
know and I would love to add whatever I can until I can add something
significant.
I am on a little hiatus doing some "sharpening of the saw" so it's a
rare opportunity for me to contribute and catch up with the last
couple of years while I was keeping a business afloat.
Or not if delegating is just another todo.
--Brent
Mike Hadlow
Apr 24, 2009, 5:06:05 PM4/24/09
to sutek...@googlegroups.com
Hi Brent,
Wow, 10 years eCommerce experience is *very* useful :) We're all relative newcomers to eCommerce. Suteki Shop has had one commercial customer, Jump the Gun, who have driven all the requirements.
You could really help us. Even just checking it out and giving us an opinion about useful features, things we're doing wrong, suggestions etc, would be great.
All of the current contributors, me, Jeremy, Iain, Graham are based in the UK, so a US perspective on the software would be good too.
Documentation is sorely needed and test scripts would be fantastic.
If you feel like coding something up. Just go ahead. You always submit a patch. If you need any help on how to do it, just ask.
So welcome!
Mike
Wow, 10 years eCommerce experience is *very* useful :) We're all relative newcomers to eCommerce. Suteki Shop has had one commercial customer, Jump the Gun, who have driven all the requirements.
You could really help us. Even just checking it out and giving us an opinion about useful features, things we're doing wrong, suggestions etc, would be great.
All of the current contributors, me, Jeremy, Iain, Graham are based in the UK, so a US perspective on the software would be good too.
Documentation is sorely needed and test scripts would be fantastic.
If you feel like coding something up. Just go ahead. You always submit a patch. If you need any help on how to do it, just ask.
So welcome!
Mike
Brent Hoover
Apr 28, 2009, 8:59:39 PM4/28/09
to sutekishop
Most of my comments would have to do with stuff like payment and
shipment. I could ramble off thousand of features but I don't think
that helps much. And I am pretty sure you are aware of the must haves.
I like the CMS/eCommerce approach, and I am sure it's especially
appropriate for a small retailer.
I understand that Mike make a specific choice in not creating a
separate "admin" interface and I think for his customer that would
make sense. However, when you get into handling credit cards you up
the security issue 1000 fold. I am going to be writing a payment
gateway soon so I can put my code where my mouth is, but this "Order
processing" section should be put somewhere separately that is always
https so people can deal with Credit card issues and do fraud
verification without risking exposure. The last system we did, we
created a desktop client that did credit card processing using Web
Services so that the info was only available if you had the client. I
am going to guess that banks are as evil as they are in the US and
merchants eat 100% of all fraud charges PLUS a fee.
I am going to really talk out of turn since I have only read about it,
not actually played with it, but is MEF an appropriate platform for
creating Shipping/Payment/Feature plug-ins?
The nested categories is cool, but it would be great to have product
be in more than one category. So for example I wanted to have a sale,
I could create a "Earth Month Sale" category, attach the on-sale
products to the category and run my adverts pointing to the page. Plus
it gives you some leeway if you have a lot of products and trying to
find the "one true spot" is sometimes impossible. This is one of those
features that is a huge pain to graft on later on so....just a
suggestion.
One thing I did notice was that if I purchased, and then came back
later when my cookie had expired so I was anonymous, shopped and
shopped, and then when it came to checkout I decided to login because
I am lazy and don't want to enter my address, poof, there went my
cart.
Who are the major shipping carriers in the U.K? I've look at
establishing warehouses in Germany but don't remember if there was a
dominant carrier that would be equivalent to UPS in the States.That
and payment gateways would be the things I would start on. Plus data
interchange with Amazon. Again, a lot of this stuff would make great
add-ons in a commercial product so you can keep the simple version
open source.
That's my ramble. Next time you hear from me I will have something to
show.
--Brent
On Apr 24, 2:06 pm, Mike Hadlow <mikehad...@googlemail.com> wrote:
> Hi Brent,
>
> Wow, 10 years eCommerce experience is *very* useful :) We're all relative
> newcomers to eCommerce. Suteki Shop has had one commercial customer, Jump
> the Gun, who have driven all the requirements.
>
> You could really help us. Even just checking it out and giving us an opinion
> about useful features, things we're doing wrong, suggestions etc, would be
> great.
>
> All of the current contributors, me, Jeremy, Iain, Graham are based in the
> UK, so a US perspective on the software would be good too.
>
> Documentation is sorely needed and test scripts would be fantastic.
>
> If you feel like coding something up. Just go ahead. You always submit a
> patch. If you need any help on how to do it, just ask.
>
> So welcome!
>
> Mike
>
shipment. I could ramble off thousand of features but I don't think
that helps much. And I am pretty sure you are aware of the must haves.
I like the CMS/eCommerce approach, and I am sure it's especially
appropriate for a small retailer.
I understand that Mike make a specific choice in not creating a
separate "admin" interface and I think for his customer that would
make sense. However, when you get into handling credit cards you up
the security issue 1000 fold. I am going to be writing a payment
gateway soon so I can put my code where my mouth is, but this "Order
processing" section should be put somewhere separately that is always
https so people can deal with Credit card issues and do fraud
verification without risking exposure. The last system we did, we
created a desktop client that did credit card processing using Web
Services so that the info was only available if you had the client. I
am going to guess that banks are as evil as they are in the US and
merchants eat 100% of all fraud charges PLUS a fee.
I am going to really talk out of turn since I have only read about it,
not actually played with it, but is MEF an appropriate platform for
creating Shipping/Payment/Feature plug-ins?
The nested categories is cool, but it would be great to have product
be in more than one category. So for example I wanted to have a sale,
I could create a "Earth Month Sale" category, attach the on-sale
products to the category and run my adverts pointing to the page. Plus
it gives you some leeway if you have a lot of products and trying to
find the "one true spot" is sometimes impossible. This is one of those
features that is a huge pain to graft on later on so....just a
suggestion.
One thing I did notice was that if I purchased, and then came back
later when my cookie had expired so I was anonymous, shopped and
shopped, and then when it came to checkout I decided to login because
I am lazy and don't want to enter my address, poof, there went my
cart.
Who are the major shipping carriers in the U.K? I've look at
establishing warehouses in Germany but don't remember if there was a
dominant carrier that would be equivalent to UPS in the States.That
and payment gateways would be the things I would start on. Plus data
interchange with Amazon. Again, a lot of this stuff would make great
add-ons in a commercial product so you can keep the simple version
open source.
That's my ramble. Next time you hear from me I will have something to
show.
--Brent
On Apr 24, 2:06 pm, Mike Hadlow <mikehad...@googlemail.com> wrote:
> Hi Brent,
>
> Wow, 10 years eCommerce experience is *very* useful :) We're all relative
> newcomers to eCommerce. Suteki Shop has had one commercial customer, Jump
> the Gun, who have driven all the requirements.
>
> You could really help us. Even just checking it out and giving us an opinion
> about useful features, things we're doing wrong, suggestions etc, would be
> great.
>
> All of the current contributors, me, Jeremy, Iain, Graham are based in the
> UK, so a US perspective on the software would be good too.
>
> Documentation is sorely needed and test scripts would be fantastic.
>
> If you feel like coding something up. Just go ahead. You always submit a
> patch. If you need any help on how to do it, just ask.
>
> So welcome!
>
> Mike
>
Jeremy Skinner
Apr 29, 2009, 3:10:43 AM4/29/09
to sutek...@googlegroups.com
> The nested categories is cool, but it would be great to have product
> be in more than one category.
I've actually implemented this already - it's in a separate branch that I'm working on (http://sutekishop.googlecode.com/svn/branches/JtG_Enhancements) and should hopefully be merged back into the trunk in the next couple of weeks.> be in more than one category.
Jeremy
Mike Hadlow
May 1, 2009, 5:09:57 PM5/1/09
to sutek...@googlegroups.com
Hi Brent,
I know we need to be very aware of security issues. We actually provide credit card capture for the client. The numbers are stored using asymetric encryption with the public key deployed with the application and the private key held by the client. If the server was compromised there wouldn't be any danger of the credit card numbers being stolen because the hacker wouldn't have the private key.
I would like to move the private key decryption completely client side because at the moment there is a small possiblity that it could be vulnerable to a cross site scripting attack. I was thinking of looking at Silverlight for that, although I noticed that the Silverlight CLR doesn't support the full cryptography namespace of the standard CLR.
I don't really buy the argument that a separte admin interface is any more secure. Sure you have to take more care with the integrated mode, but I think it's worth the effort for the seamless experience it gives the client. However, you aren't the first person who has commented on it. Graham also thinks a separate admin site would be better.
MEF would certainly be a possibility for plugin payment providers. The software is built around the Windsor IoC container which gives us a certain amount of plugability, but I guess if people wanted to write and add their own payment providers MEF would probably be a better choice. I'd certainly be interested in playing with MEF/Windsor interop.
The login is currently only for admin users. I did start out with the idea of having customer login, but JtG weren't interested in that feature, so it fell by the wayside. It's something that we should look at putting back in. Currently if you shop as a standard, anonymous, user, then login as an administrator you are effectively two different identities to the system so you will loose your cart.
The top UK shipping carrier is the Post Office, but there are many more. I'd be very interesting in learning what you have done in the past to integrate with UPS.
Data exchange with Amazon (and eBay too) are also very exciting ideas. The whole idea of providing an integration solution to retailers is interesting. A client would use Suteki Shop as a product catalogue that would then be propogated onto Amazon, Google product search, eBay shops etc. Could be very cool :)
Thanks again for your excellent suggestions/comments. I'm really looking forward to seeing what you come up with :)
Cheers
Mike
I know we need to be very aware of security issues. We actually provide credit card capture for the client. The numbers are stored using asymetric encryption with the public key deployed with the application and the private key held by the client. If the server was compromised there wouldn't be any danger of the credit card numbers being stolen because the hacker wouldn't have the private key.
I would like to move the private key decryption completely client side because at the moment there is a small possiblity that it could be vulnerable to a cross site scripting attack. I was thinking of looking at Silverlight for that, although I noticed that the Silverlight CLR doesn't support the full cryptography namespace of the standard CLR.
I don't really buy the argument that a separte admin interface is any more secure. Sure you have to take more care with the integrated mode, but I think it's worth the effort for the seamless experience it gives the client. However, you aren't the first person who has commented on it. Graham also thinks a separate admin site would be better.
MEF would certainly be a possibility for plugin payment providers. The software is built around the Windsor IoC container which gives us a certain amount of plugability, but I guess if people wanted to write and add their own payment providers MEF would probably be a better choice. I'd certainly be interested in playing with MEF/Windsor interop.
The login is currently only for admin users. I did start out with the idea of having customer login, but JtG weren't interested in that feature, so it fell by the wayside. It's something that we should look at putting back in. Currently if you shop as a standard, anonymous, user, then login as an administrator you are effectively two different identities to the system so you will loose your cart.
The top UK shipping carrier is the Post Office, but there are many more. I'd be very interesting in learning what you have done in the past to integrate with UPS.
Data exchange with Amazon (and eBay too) are also very exciting ideas. The whole idea of providing an integration solution to retailers is interesting. A client would use Suteki Shop as a product catalogue that would then be propogated onto Amazon, Google product search, eBay shops etc. Could be very cool :)
Thanks again for your excellent suggestions/comments. I'm really looking forward to seeing what you come up with :)
Cheers
Mike
Reply all
Reply to author
Forward
0 new messages