> > > > Hi, > > > > > > > > I'm wondering if anyone can tell me about the current security status of > > > > the MS2.2 release of osCommerce? > > > > > > > > I understand that there have been XSS vulnerabilities and DOS exploits, > > > > heve these been fixed in the MS2.2 downloadable from the site? > > > > > > > > Any help appreciated. > > > > > > > > -- > > > > Joel Merrick > > > > > > I highly recommend Interchange if you're willing to deal with a steep > > > curve: > > > > > > http://www.icdevgroup.org > > > > > > - Grant > > > > let me try typing a response on this one... > > can you post some pro's/con's of why you like that over OCS? > > thanks
If you're a PHP guy you might want to stick with OSC, but even then I would encourage you to switch to IC. I have to admit I've never delved into OSC and I don't know PHP (IC is a perl app), but now that I've got it under my belt I feel like I have a huge leg up on every non-IC website out there. IC is really just another layer between the code and the developer, but it seems like if someone was building websites in, say: Perl, HTML, and MySQL for a while, eventually they would want to write tools (and a daemon) for the things they are doing over and over again so they can save themselves time, produce highly readable code, and have a really dynamic system in place. IC is like that, but with a bunch of different people developing it over about 10 years. It's still being very actively developed. Of course it's open-source, but I feel like I have 100% control over every aspect of what I produce, and I have never had to modify the core source files. - Grant -- [email protected] mailing list
