Slashdot Mirror
Selling Online with Drupal e-Commerce
Michael J. Ross writes "Many Web developers wish to create e-commerce sites that also support collaborative editing of content, community forums, and other features that can increase traffic to the sites. But most shopping cart products do not include those capabilities, or, if such third-party add-ons exist, they may be quite limited in functionality. Similarly, most if not all content management systems (CMSs) lack native e-commerce capabilities. Yet that barrier is being overcome, because a handful of e-commerce modules have been created for the most popular CMSs. Perhaps the most promising pairing, at this time, is Drupal and the e-Commerce module — a combination covered in the book Selling Online with Drupal e-Commerce by Michael Peacock." Keep reading for the rest of Michael's review.
Selling Online with Drupal e-Commerce
author
Michael Peacock
pages
264
publisher
Packt Publishing
rating
7/10
reviewer
Michael J. Ross
ISBN
1847194060
summary
A thorough guide to the Drupal e-Commerce
This title was published by Packt Publishing on 31 March 2008, under the ISBNs 1847194060 and 978-1847194060, and is a recent addition to their growing lineup of books focusing on Drupal and Joomla. The firm hosts the book's Web page, where readers can download the sample code, submit feedback, post a question about the book, read an online excerpt, and download a sample chapter (number 8) on "Creating a Better Selling Experience," as a PDF file. In addition, readers can purchase the handy e-book version, which contains everything found in the print version.
The first chapter serves as an introduction to Drupal and the e-Commerce module, and also explains how to download the two of them, as well as the additional module (Token) upon which the latter depends. The author explains the purpose of each area within Drupal's "Site configuration" section, and what changes the reader should make, if any. Also, he provides the background story for the sample e-commerce Web site that is built throughout the book — in this case, a dinosaur model shop. It should be noted that the diagram on page 6 does an effective job of explaining the basic idea of how a CMS works (better than the similar figures seen in other CMS books), and it is followed by an explanation of what e-commerce is. However, it is doubtful that any developer who purchased this book would need to be told what are CMSs and e-commerce.
In the second chapter, the author briefly reviews the steps for adding content and navigation to a Drupal-powered site, by adding pages and menus, respectively. Also, some additional modules are enabled, for creating a contact form and a blog, for the sample site. Up to this point in the book, readers will have become accustomed to the author explicitly guiding them through the steps necessary for creating the sample site. Thus it may come as a surprise to such readers when they see the second figure on page 40, showing the navigation menu, including new sections for dinosaurs and the museum, and a link to a contact page. The two new sections were briefly mentioned three pages earlier, but the steps for creating them were not; the steps for adding the contact page link were apparently not mentioned anywhere. However, any experienced Drupal developer should have no difficulty figuring out how to add these navigation menu items.
With the third chapter, the book shifts focus from Drupal basics to implementing an e-commerce site. Aspects of running an online business — such as site accessibility laws, legal issues, and privacy laws — are mentioned, though readers outside of the United Kingdom will most likely not be pleased by the UK-centricity of the material. Other topics covered include product types, groupings, details, photos, and advertising, as well as customer service.
In Chapter 4, readers learn about the e-Commerce product types and their corresponding modules, and how to add products to the store catalog — including specialized types of products, such as apparel, services, and bundled products ("parcels"). Chapter 5 briefly covers users, rules, permissions, settings, rules, registration, e-mail messages to users, users' pictures, taxonomy, requiring registration, customer management, user orders, contacting users, and adding your business's staff to your site. It also touches upon taxonomy and how to use it for controlling user access to content. But the author fails to explain why this is needed for the online store. Providing such a rationale up front is especially important when asking readers to work their way through potentially daunting subjects such as taxonomy, and implementing them in their own test sites, if they are following what the author is doing.
The sixth chapter begins with an unneeded review of the themes built into Drupal version 5.x, with even more space taken up describing three red-based color schemes. This is followed by a discussion of how to modify whichever of those themes is enabled, and, very briefly, how to create a new theme. In this chapter and many others, the author frequently reminds us that the hypothetical client, Doug of Doug's Dinos, is "really pleased" with the "great looking site." Readers can judge for themselves just how great is the site's design. Admittedly, in a book such as this that does not focus on Web design, a sample site can be quite basic. But the constant praise is unwarranted.
Allowing customer checkout and payment are critical to any e-commerce site, and those topics are explored in Chapter 7. The topic coverage is fairly complete, though occasionally the author does not make clear where in the Drupal administration section the reader will find the particular topic under discussion, e.g., the global anonymous purchase policy. Chapter 8 offers a lot of valuable information, including how to: add shopping cart and search elements to every page, automatically create user accounts, add images to product listings, offer discounts based on customer role, provide coupons, allow bulk purchasing, set up auction and donation products, and automatically adjust charge prices based on various conditions.
Chapter 9 delves into the particulars of calculating taxes and shipping costs, as well as accepting payments through various gateways, including PayPal, which is explored in detail. The only part that will be misleading to readers, is the claim that PayPal's IPN "pings" your server for each customer transaction. Actually, their server does not ping yours, but instead posts transaction data that you can use for updating your online database.
Chapter 10 presents a number of modules and techniques for making an e-commerce site more secure, and also covers domain name, Web hosting, and site maintenance issues. The security modules discussed are definitely worth considering. Some readers may be confused by the Backups section of cPanel mentioned by the author, since not all cPanel installations offer it.
The last two chapters of the book address invoicing, CRM, and marketing one's site. The discussions of search engine optimization, viral marketing, newsletters, etc., are quite cursory, and readers interested in those topics would fare better by consulting books, online articles, and other resources that are much more thorough. The chapter's topic that will probably be of most value to e-commerce developers, is the demonstration of how to significantly customize the layout of invoices, using CSS. The book's sole appendix explains how to install WampServer.
All the chapters conclude with brief summaries, which, without exception, are a waste of space — especially considering the brevity of most of the chapters. The old oratory principle of "tell them what you're going to tell them; tell them; tell them what you told them" may be terrific for speeches, but not for books. That is primarily because someone in an audience listening to a live speech does not have the luxury of looking into the past to hear a portion of the speech again, nor of looking into the future to anticipate what the speaker will say next. Readers of books, on the other hand, can of course jump backward and forward quickly to review or preview material, as needed.
The quality of the book's writing is noticeably weak, with countless awkward phrases and run-on sentences. Some are downright puzzling, e.g., "Thanks for your custom!" (page 125); did the author mean "order?" Throughout the book, one finds a remarkable underuse of commas, frequent mixing up of "that" and "which," misplacement of commas and parentheses, misuse of commas in place of semicolons and even periods (e.g., page 124), semicolons in place of colons, and missing hyphens from adjective phrases. Most noticeable — and at times laughable — is the excessive use of exclamation marks, reflecting a common misconception that they jazz up otherwise dull material. For example, page 49 contains three completely unnecessary exclamation marks, not counting the two contained within a customer testimonial. In addition, the book contains several errata, such as: "loose" (should read "lose"; pages 8 and 195), "leads customers" (should read "leads to customers"; page 57), "products" (should read "product's"; page 62), "customers' role" (should read "customers' roles"; page 88), "to mentioned" (should read "to mention"; page 131), "its does" (page 159), "If a more" (should read "If more"; page 202), "businesses" (should read "business's"; page 221), and many more.
An additional blemish of the book, albeit minor, is that there is little consistency in how the author describes to the reader the navigation steps for going to a particular area of Drupal administration. Sometimes he presents a breadcrumb-style menu path, starting with the highest level menu item. (The majority of readers would probably find this to be the most logical format.) On other occasions, he reverses the order and describes it narratively. Least useful is his listing of the URL, such as "http://localhost/drupal-5.7/admin/users/roles," which may not even match the Drupal root URL that the reader has set up in their development environment.
Despite the aforementioned problems, Selling Online with Drupal e-Commerce is a welcome addition to the growing list of more specialized Drupal titles, and is currently the premier resource for anyone who wishes to use Drupal and the e-Commerce module for creating a virtual store.
Michael J. Ross is a Web developer, writer, and freelance editor.
You can purchase Selling Online with Drupal e-Commerce from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
The first chapter serves as an introduction to Drupal and the e-Commerce module, and also explains how to download the two of them, as well as the additional module (Token) upon which the latter depends. The author explains the purpose of each area within Drupal's "Site configuration" section, and what changes the reader should make, if any. Also, he provides the background story for the sample e-commerce Web site that is built throughout the book — in this case, a dinosaur model shop. It should be noted that the diagram on page 6 does an effective job of explaining the basic idea of how a CMS works (better than the similar figures seen in other CMS books), and it is followed by an explanation of what e-commerce is. However, it is doubtful that any developer who purchased this book would need to be told what are CMSs and e-commerce.
In the second chapter, the author briefly reviews the steps for adding content and navigation to a Drupal-powered site, by adding pages and menus, respectively. Also, some additional modules are enabled, for creating a contact form and a blog, for the sample site. Up to this point in the book, readers will have become accustomed to the author explicitly guiding them through the steps necessary for creating the sample site. Thus it may come as a surprise to such readers when they see the second figure on page 40, showing the navigation menu, including new sections for dinosaurs and the museum, and a link to a contact page. The two new sections were briefly mentioned three pages earlier, but the steps for creating them were not; the steps for adding the contact page link were apparently not mentioned anywhere. However, any experienced Drupal developer should have no difficulty figuring out how to add these navigation menu items.
With the third chapter, the book shifts focus from Drupal basics to implementing an e-commerce site. Aspects of running an online business — such as site accessibility laws, legal issues, and privacy laws — are mentioned, though readers outside of the United Kingdom will most likely not be pleased by the UK-centricity of the material. Other topics covered include product types, groupings, details, photos, and advertising, as well as customer service.
In Chapter 4, readers learn about the e-Commerce product types and their corresponding modules, and how to add products to the store catalog — including specialized types of products, such as apparel, services, and bundled products ("parcels"). Chapter 5 briefly covers users, rules, permissions, settings, rules, registration, e-mail messages to users, users' pictures, taxonomy, requiring registration, customer management, user orders, contacting users, and adding your business's staff to your site. It also touches upon taxonomy and how to use it for controlling user access to content. But the author fails to explain why this is needed for the online store. Providing such a rationale up front is especially important when asking readers to work their way through potentially daunting subjects such as taxonomy, and implementing them in their own test sites, if they are following what the author is doing.
The sixth chapter begins with an unneeded review of the themes built into Drupal version 5.x, with even more space taken up describing three red-based color schemes. This is followed by a discussion of how to modify whichever of those themes is enabled, and, very briefly, how to create a new theme. In this chapter and many others, the author frequently reminds us that the hypothetical client, Doug of Doug's Dinos, is "really pleased" with the "great looking site." Readers can judge for themselves just how great is the site's design. Admittedly, in a book such as this that does not focus on Web design, a sample site can be quite basic. But the constant praise is unwarranted.
Allowing customer checkout and payment are critical to any e-commerce site, and those topics are explored in Chapter 7. The topic coverage is fairly complete, though occasionally the author does not make clear where in the Drupal administration section the reader will find the particular topic under discussion, e.g., the global anonymous purchase policy. Chapter 8 offers a lot of valuable information, including how to: add shopping cart and search elements to every page, automatically create user accounts, add images to product listings, offer discounts based on customer role, provide coupons, allow bulk purchasing, set up auction and donation products, and automatically adjust charge prices based on various conditions.
Chapter 9 delves into the particulars of calculating taxes and shipping costs, as well as accepting payments through various gateways, including PayPal, which is explored in detail. The only part that will be misleading to readers, is the claim that PayPal's IPN "pings" your server for each customer transaction. Actually, their server does not ping yours, but instead posts transaction data that you can use for updating your online database.
Chapter 10 presents a number of modules and techniques for making an e-commerce site more secure, and also covers domain name, Web hosting, and site maintenance issues. The security modules discussed are definitely worth considering. Some readers may be confused by the Backups section of cPanel mentioned by the author, since not all cPanel installations offer it.
The last two chapters of the book address invoicing, CRM, and marketing one's site. The discussions of search engine optimization, viral marketing, newsletters, etc., are quite cursory, and readers interested in those topics would fare better by consulting books, online articles, and other resources that are much more thorough. The chapter's topic that will probably be of most value to e-commerce developers, is the demonstration of how to significantly customize the layout of invoices, using CSS. The book's sole appendix explains how to install WampServer.
All the chapters conclude with brief summaries, which, without exception, are a waste of space — especially considering the brevity of most of the chapters. The old oratory principle of "tell them what you're going to tell them; tell them; tell them what you told them" may be terrific for speeches, but not for books. That is primarily because someone in an audience listening to a live speech does not have the luxury of looking into the past to hear a portion of the speech again, nor of looking into the future to anticipate what the speaker will say next. Readers of books, on the other hand, can of course jump backward and forward quickly to review or preview material, as needed.
The quality of the book's writing is noticeably weak, with countless awkward phrases and run-on sentences. Some are downright puzzling, e.g., "Thanks for your custom!" (page 125); did the author mean "order?" Throughout the book, one finds a remarkable underuse of commas, frequent mixing up of "that" and "which," misplacement of commas and parentheses, misuse of commas in place of semicolons and even periods (e.g., page 124), semicolons in place of colons, and missing hyphens from adjective phrases. Most noticeable — and at times laughable — is the excessive use of exclamation marks, reflecting a common misconception that they jazz up otherwise dull material. For example, page 49 contains three completely unnecessary exclamation marks, not counting the two contained within a customer testimonial. In addition, the book contains several errata, such as: "loose" (should read "lose"; pages 8 and 195), "leads customers" (should read "leads to customers"; page 57), "products" (should read "product's"; page 62), "customers' role" (should read "customers' roles"; page 88), "to mentioned" (should read "to mention"; page 131), "its does" (page 159), "If a more" (should read "If more"; page 202), "businesses" (should read "business's"; page 221), and many more.
An additional blemish of the book, albeit minor, is that there is little consistency in how the author describes to the reader the navigation steps for going to a particular area of Drupal administration. Sometimes he presents a breadcrumb-style menu path, starting with the highest level menu item. (The majority of readers would probably find this to be the most logical format.) On other occasions, he reverses the order and describes it narratively. Least useful is his listing of the URL, such as "http://localhost/drupal-5.7/admin/users/roles," which may not even match the Drupal root URL that the reader has set up in their development environment.
Despite the aforementioned problems, Selling Online with Drupal e-Commerce is a welcome addition to the growing list of more specialized Drupal titles, and is currently the premier resource for anyone who wishes to use Drupal and the e-Commerce module for creating a virtual store.
Michael J. Ross is a Web developer, writer, and freelance editor.
You can purchase Selling Online with Drupal e-Commerce from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Some of the grammar in this review looks like it came from a google translated page...
Seven Days with Ubuntu Unity
The book pretty much sucks then. What about the actual software? Is anyone using it in real-world situations?
I've never heard of this Drupal module, to be honest.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
The site http://localhost/drupal-5.7/admin/users/roles, is already down and cannot be found.
problem is, Drupal ecommerce (and ubercart, et al) don't run on Drupal's current stable release. And Drupal 4/5 leave a lot to be desired.
I question the relevance of a book written about outdated, unsupported ecommerce tech.
$
Never used the e-commerce module but I'm currently building two stores using Ubercart http://www.ubercart.org/ and even though its still a fairly new module its quite nice and usable for an e-commerce site.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
YADMNRF6 ? If I expended effort to come up with a funny acroynym. ... and congrats to the LDAP module for finally getting an Alpha out yesterday (July 20th) for 6.0.
Why is 6 so hard to code for? Why is the enterprise module development so lagging?
I don't want to know anything about a product that makes me think of tall black drag queens.
Reminds me of a funny conversation with a friend who doesn't follow politics closely.
friend: Man, I don't think the Dems have any good candidates running this year.
me: Yeah, but i know you won't go Republican.
friend: Hell, no! But there's one guy they all seem to be going on about, who is it, Rupal?
me: I think you're thinking about Ron Paul.
friend: What's the difference?
me: One's a tall, black drag queen, the other is a fringe libertarian candidate.
friend: Heh. What are the chances of either of them getting the nomination?
me: About the same.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I've never heard of Drupal before. Is this another flavor of the month software package?
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
Social networking, content management, Web 2.0, and e-commerce in the same program! Think of the fraud opportunities!
"Creates a direct connection between your wallet and us!"
It gets very elaborate, very fast. And there are TONS of security issues, and you will miss most of them. Not to mention that usability is a major concern, and will take a lot of time to get right.
Bite-the-bullet and pay one of the companies that specializes in e-commerce to do this for you. They have already worked out all kinds of issues that you don't even know exist. You and your customers will be MUCH happier.
The review seems pre-occupied with errors that were missed by the editors that do not reflect the quality (or lack thereof) of the writing itself. While the reviewer does touch on some serious issues (awkward phrases, run-on sentences), using over 10% of a review to harp on editorial gaffes is a waste of space. This is especially true considering that some of the "mistakes" are not mistakes at all, but instead, use of British English instead of American English. "Thanks for your custom!" is perfectly acceptable in England, it is equivalent to saying "Thanks for your business!" in the US.
In short, grammar Nazism doesn't belong in a book review, other than perhaps making a slight mention of it. I'm also very curious as to whether the review read a review copy, or a retail copy. Review copies are frequently filled with errors that will be caught later during final copy editing.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
ecommerce is one of the lumpier drupal modules. I'm not saying it's not possible to build sites with it, lots of people have done it. Just that it's not necessarily straightforward, and if you're not comfortable with PHP, you probably won't be doing much customization outside of theming. Which, come to think of it, depends pretty heavily on PHP too. It's been a long time since I played with the ecommerce module, so I won't comment on those experiences except to say that they were harrowing :)
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I agree. Unless you want to be in the business of supporting and maintaining e-commerce solutions, this isn't the kind of thing you want to be building on your own. If you want to just sell stuff online, go with a package that's already made.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
Or, you can split the store and the payment into two sections, letting someone else handle the actual payment side. There's nothing worse than an off-the-shelf ecommerce web interface.
I'm having trouble (I wonder if IE7 isn't compatible with Slashdot's new format) posting this as a reply to the subject "Ubercart", but I'm hoping the poster of that comment will notice (and respond to) this. All else are welcome to response, of course: How do you mean "usable"? Is "usable" truly good enough in a site in which security and usability is of utmost importance? I'd just like for you to (please) explain your perspective of this term. I want to know if I can really expect to use an open source CMS like this to run a potentially excellent e-commerce site.
Harold
I've been playing with content management and e-commerce systems for years and my preference is Joomla! and VirtueMart. Joomla! is far more powerful and has a wider array of components, modules, mambots, and free themes.
As a webmaster (oh how I hate that title) who oversees three fairly busy (800-900 transactions per day)e-commerce sites and who has seen us go from build it ourselves to hosted solutions, I could not agree with realmolo more.
E-commerce is not one of those things that you want to be in charge of. Late night terrors, cold sweats, constant paranoia, if those things are your bag baby then go right ahead. E-commerce, like health care is a buy it don't build it sort of things for the saner among us.
In my country people prefer to pay by bank wire before the shipment. As such, there's no payment section in the stores. Another popular option is COD payment. The upside: web stores are straightforward. Downside: the e-commerce software written in the US is completely out of whack, because it assumes people will pay using credit cards or money transfer services. I whipped up my own web store, because removing things from Drupal or Magento or Zencart would take more time than writing it from scratch, and would probably be less stable. On top of that, localized versions of those systems universally use the shitty ISO-8859-2 encoding, which is supported neither by Windows (it uses cp1250) nor Linux (it uses UTF-8)...
Those who would give up liberty to obtain working drivers, deserve neither liberty nor working drivers.
Ugh, it is alright. We adopted a project that ran on Drupal, but the old developers just didn't do it right. One problem about Drupal is it's performance - at least, for any project where you want very dynamic content (up to the minute). It really slows down then, especially if you have lot's of modules.
The module idea is OK, but it turns drupal into a single-paradigm framework.
It gets very elaborate, very fast. And there are TONS of security issues, and you will miss most of them. Not to mention that usability is a major concern, and will take a lot of time to get right.
This is why you use drupal. No one should be building websites, ecommerce or not, from scratch anymore. SQL injection, XSS, etc are reason enough. Thats why Sony BMG, AOL, MTV, etc are starting to roll out web platforms based on drupal. Using the Ecommerce package in drupal will insure security, and for the most part, usability.
Bite-the-bullet and pay one of the companies that specializes in e-commerce to do this for you. They have already worked out all kinds of issues that you don't even know exist. You and your customers will be MUCH happier.
Naw, you don't need to do this. Many people use oScommerce or Magento or many other F/OSS packages to do Ecommerce. The big problem with them is that they lack the CMS and customization that drupal allows. In fact the big problem with 'buying' some package is that many times your site and your 'store' will look like totally different websites, and you loose control over managing your data with other tools. While e-commerce can be inherently complex, it doesn't have to. Drupal E-commerce v4 is working to separate products, payments, shipping, etc so they don't have to rely on each other. Ubercart and ECv3 are very large projects because the assume that most people are buying many products, want multiple ways to pay for them, and need them shipped.
When 1.1 rolls out life will become much easier. I am sort of working backwards regarding the /. post but.... Magento has some CMS features for folks to edit content etc. I have found its never a good idea to mix and match scripts to add say a forum to something, especially when e-commerce is involved.
How's that for a run on sentence :)
N.
Finding a good ecommerce package that's not written in PHP is a big pain. If you'd prefer to use Python and want to combine your store with CMS type functions you can use the Django framework along with Satchmo - http://www.satchmoproject.com
To be fair, I'm one of the developers but I figured I'd chime in with some alternatives if you don't like the current PHP-based offerings.
In light of the current Drupal release being 6.3, I hope this review will prompt the developers to shift priorities to getting a v6 compatible module out for testing.
In the mean time, you might want to take a look at Ubercart, another Drupal module.
Drupal is my favorite open source CMS. Despite legitimate critiques it is an amazingly engineered piece of software; the customizability is unparalleled for a such a capable out-of-the-box package. Drupal makes many projects possible which would otherwise not be possible at all. Unfortunately Drupal is no panacea because all of this costs in terms of complexity.
No, this is why you use a framework. A good framework enables best practices with minimal overhead. Even a framework may be overkill because there are tons of websites that are extremely simple in nature, and maybe only need a dab of PHP here or there to add the necessary dynamic elements.
You use Drupal when you need a ton of boiler-plate functionality, and no budget to build from scratch using a framework. If you do have a reasonable budget you better think hard for several reasons:
First of all SQL injection is trivial to prevent. XSS is a little trickier, but is pretty manageable without a lot of mental overhead for the sufficiently paranoid developer. Of course things get trickier with XSRF and such. But look at the reality, if a security vulnerability is discovered in Drupal, pretty soon the bots are going to be out in force, and you'll be forced to upgrade. But what if your modules aren't compatible or you have other difficult to migrate upgrades? With a local XSS exploit at least someone has to write a custom script to attack you. Bottom line is you choose your poison.
Since 2005 I have been wo
I think you will find:
- Drupal uses UTF8 by default
- Drupal has a robust multilanguage approach.
- Drupal includes a COD module and doesn't assume a particular payment flow.
- The Drupal developers are international. In fact this can be a downside since a good portion of the ec subsystem was developed in Australia (thank you Gordon), and at times it needs to be massaged. I'm thinking of tax issues.
IMO, having implemented Drupal-based ecommerce systems a few times now, I'd say that it's just short of ready for prime-time, and that this book is premature: a case of a publisher trying to climb on a band wagon. (I have no comment on the content of the book - I haven't read it.) I find that Drupal ecommerce is not yet slick enough that I don't worry about details that I shouldn't have to worry about, on the other hand I trust it enough to have implemented it for people who are not technical, and it does contain some really useful specialist product types.
The rate at which Drupal and subsystems such as the ecommerce subsystem improve means that the shortcomings will be fixed inside 18 months.
I'd say that the most important shortcomings are:
Drupal ecommerce does not yet have multi-currency options: it assumes pricing is in a single currency. There are modules which tell you pricing in alternative currencies, but the final bill is in the admin chosen basis currency. If you are in the US, buying from Japan, expect to see a bill in Yen on your credit card statement.
Drupal wants people to be logged in. Anonymous purchasing is a second-class citizen. IMO forcing users through a registration process before they can give you money is bad for business.
There is no nice standard for international addressing, and Drupal suffers from this. EC address management is not integrated with other address-orientated modules.
But...
It Drupal and EC are remarkably flexible. Anything can be a product. It's open source and you can add new stuff: I've built a number of modules including a specialist shipping module for Royal Mail shipping. I haven't found it to be a problem.
Someone complained about the lack of an API. In fact Drupal has a well-developed well-structured API. It's one of the reasons that it has coped well with growth. Try http://api.drupal.org/. The api is largely stable despite the established Drupal policy that backward compatibility is a nice-to-have rather than a given: I've used modules built for later versions which transferred to earlier versions without problems. Your mileage may vary, and of course things change as the system grows. But the changes between versions are well documented. I do think that the established callback injection points could be better documented. But I'd say the complaint about API was uninformed.
No, this is why you use a framework. A good framework enables best practices with minimal overhead. Even a framework may be overkill because there are tons of websites that are extremely simple in nature, and maybe only need a dab of PHP here or there to add the necessary dynamic elements.
Drupal is (now) just as much a framework as it is a CMS.
# Drupal starts you off with huge overhead. You will be running tons of code you aren't using from the get-go. You're basically starting off with quite a low ceiling.
Not quite. the core modules are getting more and more efficient, cutting out everything that isn't basic content and framework code. It isn't CakePHP or Rails yet, but its still quite small.
You will be sacrificing design for ease of development.
False. With zen theme and drupal documentation, you have FULL CONTROL over every aspect of your website. With drupal 6, it gets even easier with Theme developer. My friend just started using drupal a month ago, with limited PHP and Zero drupal experience. He just finished up his gf's page: http://thelovebugdj.com/
Drupal makes it hard to optimize your database usage.
True, that is a tradeoff with -ANY- framework by default. However if you have the need for further database optimization, there are many documented ways to make drupal perform well. Instead of spending the budget on building a site from scratch, instead you can dedicate a portion of it in optimizing it. Remember, Popsci.com, MTV.uk, SonyBMG all run drupal.
Drupal requires an expert to really make it sing.
Depends on the size of the site. A small one as shown above doesn't require an expert, just some nights looking at documentation; which by the way, thanks to Lullabot, pingvision, Acquia, and others, drupal has some of the best documentation around. However, for bigger sites, you're already going to need experts to get it to do what you want. In the context of E-commerce, I'm CERTAIN you will have a more complete system, built in less time, if you go with drupal rather than building an ecommerce system in Rails. Sure, there will be features that a client will need, and will need to be added to the quote, but you'll be leaps and bounds further from the get-go than if you use a basic framework or build from scratch.
SQL injection, user login, search functionality, XSS, XSRF, user input verification, all are things that are annoying and need to be taken care of. I'd rather have a tested system with a workable upgrade path and spend my time working on the content I need to build the app.
Drupal used to be hard to upgrade, but these issues have largely been resolved in 5 and 6. If you haven't seriously worked with drupal since 5 came out, take a second look at drupal, its community, and evolving modules. Its quite impressive.
you're saying it's not because of the DNS vulnerability?
Saying something like that demonstrates weak knowledge of fundamental software engineering principles. Every line of code and feature has a conceptual overhead to it. "Full Control" is just a marketing term. In reality you can always do anything you want, the underlying system merely encourages or discourages certain constructions.
Drupal chooses a content model, theming system, form system, and hook-based request processing that make a great deal of things extremely easy. But you don't get that for free. In order to generalize code to meet a wider variety of needs, the code itself must become more complex than any specific implementation of the functionality it is attempting to support in general. That's great if it does what you need, or if the customization you want fits easily into the existing model. However if it doesn't you have to deal with the complexity of an architecture that is not optimized towards your particular need at all.
While that's true, additional development will be slower. Why? Because you can write very concrete code that does exactly what you need. For instance, I designed and developed a custom e-commerce store in about 30 hours in Rails. It imports 20,000 products from their inventory system database. Allows for wholesale sales to approved customers from a different database. Entire site is under 10 database tables. There is not one unnecessary feature in either the public or the admin interface. Further customizations would be quite easy as well as I have complete unit test coverage. If I want to completely change the order of the checkout process that would be the matter of a couple hours work.
I've had that exact requirement come up in a Drupal project and it was a nightmare. The e-commerce module is far too complex to go in and change any fundamental workflow. Sure, it was possible to set up a workflow that got the data into the database, but the user experience was horrible.
To be fair, frameworks also make choices that box you in... that is true of all code. However the philosophical difference is that pure frameworks in general tend towards solutions to more universal problems of web development, and those solutions tend to be smaller and scope and more independent of application code itself.
"most if not all content management systems (CMSs) lack native e-commerce capabilities."
Wrong.
We just started a large development project using KenticoCMS and, while we don't need it, it comes with e-commerce built-in.
If support for e-com is anything like the rest of the framework, I'd say it's outstanding. We've been beating up on Kentico for almost two months and haven't run into any bear traps yet.
.Net 3.5 compatible, full API, web and VS development environments, and good support.
It's not open source but still reasonably priced (~$5K US).
Very impressive.
And...no...I don't work for them. :)