Well I have waited a good long time to write this. I really wanted to get a detailed “take” on the new version before I ran my mouth =-). Never the less, now I am ready to give you a 360 tour on the new Zen Cart 1.3.9!

Expectations for Zen Cart 2.0 are quite high and impatient. Originally, and still in documentation, 1.3.9 is a security or rollup release. While this is true, it’s not the whole story….

As we sift through the changes and play around with the new software, security is definitely a high priority. Some added features include htaccess files to limit access, filetype and other previous vulnerabilities we have been fixing by hand. Some things remain the same, you must still rename your admin folder by hand. This is a very frustrating process for less experienced shop owners, and I hope that 2.0 will allow this function to be accomplished in setup.

The offline credit card processing module has been removed for PCI/DSS compliance standards. You can steal code from 1.3.8 to reinstall this, but consider the risk and look at a proper gateway for processing. The cost of a breech can be in the thousands of dollars, vs a few bucks a month for a proper gateway account such as Authorize.net.

Quite a few changes in payment modules, as they were upgraded for new security protocols, API and integration changes and overall updates that have been previously gimping along or required manual updating. The only downside here is when you upgrade you will need to uninstall these modules in your Zen Cart admin and then reinstall once the upgrade is complete.

All order total and shipping modules were updated with bug fixes and such from 1.3.8.  Nothing new here, just added the bug fixes we have been completing by hand. Again, when upgrading, uninstall these modules and then reinstall them after the upgrade.

Templating is not a big upgrade issue, as the only file touched is tpl_reviews_random.php, which is a bug fix. So your templates for the most part will upgrade without issue.

Modules are a huge issue. Many Most are untested and not compatible with Zen Cart 1.3.9. Forum users have been maintaining a makeshift list of working modules here, but your own testing is an absolute necessity. The truth of the matter is that you will likely want to wait a few months to upgrade if you have customized and modded your cart.

There has already been a patched release of 1.3.9 which is only less than a month old. While this was only a file update, there is no guarantee that other updates will not occur and be more complicated. This small file update took me 45 minutes to accomplish with only one module to re-merge files for…. I also had issues with the new .htaccess files in the admin section and replaced them with the working ones from 1.3.9a. About 18 new bugs were fixed in the 1.3.9 second release (B).

Zen Cart 1.3.9

Zen Cart 1.3.9

So what’s new?

Actually quite a bit is new, and that is why the release is not really just a security update. Some additional functionality and compatibility was added….

  • Zen Cart 1.3.9 is PHP 5.3 ready, without patching
  • PCI issues have been dramatically reduced
  • SSL handling and renegotiation, session handling and detection are fixed for most server configurations
  • Canonical url tags were added
  • Developers toolkit has most robust filtering and search ability
  • New P