Easy Basket is a very original shopping cart application which enables us to sell items inside any web page without any big code/structure updates. Once installed, the products and basket can be inserted into any part your web page where they will start functioning instantly. When an item is added to the basket, a sliding + Ajaxed basket can appear to to show the total price and display the checkout options. Also, you can drag 'n' drop a product into the shopping cart as well.Visit publisher site: Easy Basket
Displaying 1-2 out of 2 reviews
Hi in reply to the poster above, yes Easy Basket does store the password in index.php, as far as i know this not a security vulnerability, as an example Google Checkout tell you to store your Merchant ID and Key in a php file. Settings.php is the xml for your settings if you try to view this directly you are just redirected to the easy basket index page, i have tracked this with firebug and at no time is the xml sent to the client. If you can demonstrate how to bypass these measures, i will be very happy to update Easy Basket
Bottom Line: Yes, I would recommend this to a friend
Although this script is neat and shows how java script can be utilized, it has some major securities flaws. The password for the admin is contained within the index.php file. The google embedded references and paypal are in a file named: settings.php, which is in the root. This is a hacker's delight. For an e-comm script is this not good. Also hackers may be able may themselves from your Paypal account setup. I would use an mature e-comm open source script and leave this alone. Just think, the people from Hotscripts recommend Easy Basket. What are they about? Summary, EasyBasket needs a security fix. I am sure they will easy fix this.
Bottom Line: No, I would not recommend this to a friend