I just released the 2nd free zen cart template —- hot summer template, features included below,
- Need no database support, easy to install.
- Three column design, width is 1020px(you can change to 2 column, width is adjusted through stylesheet.css file).
- There is a fashion Social Bookmark Button on Footer section.
- Main color:summer yellow, like current hot weather.
Screen shot,
Welcome any suggestion or comments.
This is my first free zen cart template, I called it by ThreeJujuber, three means 3 column, jujuber is my site name,
Features,
- Mini size template, no more than 300kb.
- Need no database support, installation is very simply, just transfer to your remote zen cart server.
- Three Column Design, you can put many things to this template.
- Languages & Currencies Selector along with Bookmark, yes, this is a fashion feature.
- Header,Footer EZPAGE, easy to customize.
Below is screenshot,
Current version is 1.0, I will continue to update this zen cart template, so if you have any suggestions, please post here.
Recently, there are many zen cart shopping store were attacked by hackers, for example, main page has been changed to add a lot of garbage link(fix this please refer step 5), here list some of important security recommendations.
1. Rename your “/admin” folder and install the latest zen cart security patch
Renaming the “admin” folder makes it much harder for would-be hackers to get into your admin area.
(Before making the following changes, make sure to have a current backup of your files and your database.)
A- Open your admin/includes/configure.php, using a simple text editor like notepad.
Change all instances of /admin/ to your chosen new admin folder-name.
Change this section:
define(’DIR_WS_ADMIN’, ‘/admin/’);
define(’DIR_WS_CATALOG’, ‘/’);
define(’DIR_WS_HTTPS_ADMIN’, ‘/admin/’);
define(’DIR_WS_HTTPS_CATALOG’, ‘/’);
And this section:
define(’DIR_FS_ADMIN’, ‘/home/mystore.com/www/public/admin/’);
define(’DIR_FS_CATALOG’, ‘/home/mystore.com/www/public/’);
B- Find your Zen Cart /admin/ directory, using your FTP software or your webhost File Manager.
Rename the directory to match the settings you just made in your admin/includes/configure.php.
C - To login to your admin system you will now have to visit a new URL that matches the new name used in steps A and B above. For example instead of visiting http://www.example.com/admin/ visit http://www.example.com/NeW_NamE4u/.
D - You should also protect your admin area by using a .htaccess file similar to the one shown below, and placing it into /admin/includes. (This should already exist in Zen Cart versions 1.2.7 and greater.)
E- Install the security patch on your Zen Cart™ 1.3.x store
2. Set configure.php files read-only
It’s important that you CHMOD (set permissions) on the two configure.php files as read-only.
Typically this means setting it to “644″, or in some cases “444″.
The configure.php files are located in:
/<YourStoresFolder>/includes/configure.php
/<YourStoresFolder>/admin/includes/configure.php
Quite often setting permissions on a file to read only via FTP will not work. Even if the permission looks like it was set to read only, it really may not have been. You must verify the correct setting by entering the store and seeing if there is a warning message on the top of the screen. “Warning: I am able to write to the configuration file:…” In this case you will need to use the “File Manager” supplied with your webhosting account.
If you’re using a Windows server, simply set the file as Read-Only for Everyone and especially the IUSR_xxxxx (Internet Guest Account) user if running IIS, or the System account or apache user if running Apache.
3. Delete any unused Admin accounts
Admin->Tools->Admin Settings
In your admin area, open the Tools menu, and choose Admin Settings
- Check for any unused admin accounts, and delete them. Especially the “Demo” account, if it exists.
4. Admin Password Security
It is wise to use complicated passwords so that a would-be hacker cannot easily guess them.
You can change your admin password in Admin->Tools->Admin Settings, and click on the “Reset Password” button, or click on the icon that looks like a recycle symbol.
We recommend that you use passwords that are at least 8 characters long.
Making them alpha-numeric (including letters, numbers, upper-and-lower-case, etc) helps too.
If you are going to use normal words it is a good idea to join together two normal words that don’t normally go together.
5. Protect your “define pages” content in “html_includes”
After you have finished editing your define pages (Admin->Tools->Define Pages Editor), you should protect them:
A. Download a copy of them to your PC using your FTP software. They are located in the /includes/languages/english/html_includes area.
B. Make them CHMOD 644 or 444 (or “read-only” for Windows hosts). See notes above on CHMOD.
/includes/languages/english/html_includes – and all files/folders underneath
(note: on “some” hosts, you must use at least 645 or 555 in order for the contents to still display)
If you make them read-only, then a would-be hacker cannot edit them if they gain access to your system, unless they can get permissions to change the read-only status, which is more complicated.
NOTE: Of course, once you set them read-only, then you’ll have to go and set them read-write before making additional changes using the define-pages editor.
6. Use .htaccess files to protect against unwanted snooping
In several folders, there are .htaccess files to prevent users from being able to browse through the files on your site unless they know exact filenames. Some also prevent access to “any” .PHP scripts, since it’s expected that all PHP files in those folders will be accessed by other PHP files, and not by a browser directly. This is good for security.
If you delete these files, you run the risk of leaving yourself open to people snooping around.
There are also some semi-”blank” index.html files in several folders. These files are there to protect you in case your FTP software won’t upload .htaccess files, or your server won’t accept them. These only prevent directory browsing, and do not stop execution of .PHP files. It’s a good “alternative”, although using .htaccess files in ALL of these folders is the better choice, for servers that accept them.
Suggested content for .htaccess files in folders where there is an index.html file but NOT yet an .htaccess file would be something like the following (depends on your server configuration):
#.htaccess to prevent unauthorized directory browsing or access to .php files
IndexIgnore */*
<Files *.php>
Order Deny,Allow
Deny from all
</Files>
#add the following to protect against people finding your spiders.txt version
<Files *.txt>
Order Deny,Allow
Deny from all
</Files>
If your webhost configuration doesn’t allow you to create/use your own .htaccess files, sometimes they provide an interface in your hosting admin control panel where you can set the desired .htaccess settings.
It is recommended that you work with your host to configure these settings if this is the method they require. You need to choose — and use — the appropriate method for your server. As mentioned above, it’s best to work with your web hosting company to select and implement the best method for your specific server. We can’t tell you what to use for your specific server, but we offer these guidelines as a starting point.
Disable “Allow Guest To Tell A Friend” feature
You may wish to go to Admin->Configuration->Email Options->Allow Guest To Tell A Friend and set the option to ‘false’. This will prevent non-logged-in customers from using your server to send unwanted email messages.
Protect your “images” and other folders
During initial installation, you are advised to set your images folder to read/write, so that you can use the Admin interface to upload product/category images without having to use FTP for each one. Similar recommendations are made to other files for various reasons.
However, leaving the images (or any other) folder in read/write mode means that hackers might be able to put malicious files in this (or other) folder(s) and thus create access points from which to attempt nasty exploits.
Thus, once your site is built and your images have been created/loaded, you should drop the security down from read/write to read. ie: change from CHMOD 777 down to 644 for files, and to 755 for folders.
File/Folder permissions settings
On Linux/Unix hosts, generally, permission-setting recommendations for basic security are:
folders/directories: 755
files: 644
On Windows hosts, setting files read-only is usually sufficient. Should double-check that the Internet Guest Account has limited (read-only) access.
Folder Purposes
The folders for which installation suggests read-write access for setup are these. If your site supports .htaccess protection, then you should use it for these folders.
/cache
This is used to cache session and database information. The BEST security protection for this is to move it to a folder “above” the webroot (public_html or htdocs or www) area, so that it’s not accessible via a browser. (Requires changes to DIR_FS_SQL_CACHE setting in configure.php files as well as Admin > Configuration > Sessions > Session Directory.)
/images
See other suggestions earlier.
/includes/languages/english/html_includes
See other suggestions earlier.
/media
This is only suggested read-write for the sake of being able to upload music-product media files via the admin. Could be done by FTP as an alternative.
/pub
This is used on Linux/Unix hosts to have downloadable products made available to customers via a secure delivery method which doesn’t disclose the ‘real’ location of files/data on your server (so that people can’t share a URL and have their friends steal downloads from your site)
/admin/backups
This is used by automated backup routines to store database backups. Optional.
/admin/images/graphs
This is used by the Admin > Tools > Banner Manager for updating/displaying bar graphs related to banner usage. If not writable, feature is ignored.
Things to Check Up on Regularly
- Be sure you’ve done all the steps listed in this document
- Keep good backups of your website files and database
- Check your server’s errorlog regularly for odd or suspicious activity
- look for any links that went to a page that isn’t in your site
- look for links that have http after the index.php
- Check your website files regularly to be sure nothing’s been added or altered
- Ask your webhost what they have done to be sure the server you’re on is safe and secure so that outsiders cannot do any harm, and so that other websites on your server cannot be used to get to your site and cause any harm (in case they have security holes in them)
- If your business warrants, or you still want additional assurance (esp if running forum software on your site, or other scripts outside of Zen Cart), hire a security consultant to check your site regularly and give you peace of mind in exchange for a few dollars
In Zen Cart, to change the “Sales Message Goes Here” or “Tagline Here” text to say what you want open the includes/languages/english/header.php file in your text editor. Please find the following line of code:
define(’HEADER_SALES_TEXT’, ‘Tagline Here’);
Replace the tagline text with your own text, making sure that the single quote marks are not left out.
Save the edited file to includes/languages/english/custom/header.php and upload it to your server.
NB: By default the text “Sales Message Goes Here” is located in includes/languages/english/classic/header.php
define(’HEADER_SALES_TEXT’, ‘Sales Message Goes Here’);
This article teach you how to remove zen cart congratulation messages.
If you want to replace “Congratulations! You have successfully installed your Zen Cart™; E-Commerce Solution” with your own text open the includes/languages/ENGLISH/index.php file and find the following code:
// This section deals with the “home” page at the top level with no options/products selected
/*Replace this text with the headline you would like for your shop. For example: ‘Welcome to My SHOP!’*/
define(’HEADING_TITLE’, ‘Congratulations! You have successfully installed your Zen Cart™ E-Commerce Solution.’);
} elseif ($category_depth == ‘nested’) {
// This section deals with displaying a subcategory
/*Replace this line with the headline you would like for your shop. For example: ‘Welcome to My SHOP!’*/
define(’HEADING_TITLE’, ‘Congratulations! You have successfully installed your Zen Cart™ E-Commerce Solution.’);
}
Replace the text starting “Congratulations” with your own text(or just deleted these definition). Make sure that the single quote marks are not left out.
Save the edited file to includes/languages/ENGLISH/CUSTOM/index.php and upload it to your server.
This article teach you how to delete zen cart greeting messages.
If you want to remove“Welcome Guest!” Would you like to log yourself in?” message completely, turn off the Customer Greeting in your Zen Cart Admin -> Configuration -> Layout settings -> Customer Greeting -> Show on Index Page and set to 0.
If you want to replace this message with one of your own, start your text editor and open the includes/languages/ENGLISH/index.php file and locate these lines of code
if (STORE_STATUS == ‘0′) {
define(’TEXT_GREETING_GUEST’, ‘Welcome <span class=”greetUser”>Guest!</span> Would you like to <a href=”%s”>log yourself in</a>?’);
} else {
define(’TEXT_GREETING_GUEST’, ‘Welcome, please enjoy our online showcase.’);
}
define(’TEXT_GREETING_PERSONAL’, ‘Hello <span class=”greetUser”>%s</span>!’);
As you can see, there are two Welcome messages depending upon whether you wish Zen Cart to be a fully functioning store, or just a showroom.
Edit the message starting from the word “Welcome” but be careful not to change the text in angled brackets, or the brackets themselves. Make sure that the single quote marks are not left out. If you want to include an apostrophe in your text e.g. “Lucy’s Store”, you will need to put an escape character before the apostrophe, i.e. “Lucy\’s Store”.
Save the edited file to includes/languages/ENGLISH/CUSTOM/index.php and upload it to your server.
Getting a zen cart blank page or blank part of a page
If you’re getting a blank page when trying to browse to a certain page on your store, or after clicking to have it do something, you’ve almost certainly got a PHP error in one or more of your files.
Blank pages can be caused by a number of things, and often occur just after installing, upgrading, or customizing your store. Any time you touch a PHP file, you must be sure to not introduce syntax problems(even worse you have a blank space after a “?>” at the end of one of your files), and you need to be sure that it uploaded correctly.
1. Did all your file-uploads work properly?
Sometimes FTP programs experience a timeout when uploading large quantities of files (such as when installing or upgrading your site), or fail to fully upload some files, or leave them as just 0-bytes in size. Some programs like SmartFTP and CuteFTP are well-known to be problematic in this area. For Windows PCs, we recommend FileZilla as a free, fast, and reliable FTP program. On Mac, Transmit or CyberDuck are commonly acclaimed FTP tools.
2. Have you created any syntax errors in your customizations?
A PHP syntax error will very often result in a blank screen.
a) Turn on debug logging to store errors to a log file
Install the Debug Error-Logging Utility
One way to identify what PHP errors are happening, especially if you have no access to server errorlogs, is to use the Debug Error-Logging Tool from our downloads area. It’s a simple install, and can expose the source of your problems fairly quickly. Click {here} to download it.
If you’re dealing with blank admin pages, for the upload destination, substitute the /admin/includes/extra_configures folder instead of /includes/extra_configures where mentioned in the instructions.
Then see the “Dealing with Error Messages” section, below …
b) Attempt to show errors on-screen.
While the method above is far more reliable and preferable (since messages are never shown to customers), Another way to help identify *where* an error is happening is to show the errors on your browser. The drawback to this is that your customers can also see the errors, and search engines might catch them too … which could be embarrassing.
To attempt to show PHP debug errors on-screen, create and upload a new file, like this:
Filename: /includes/local/configure.php
<?php
define(’STRICT_ERROR_REPORTING’, true);
?>
Then try to access your site again. You may see many warning messages on the screen.
Dealing with the Error Messages
The “fatal” messages are the more important ones to deal with. “Notice” messages can be ignored in most cases. “Warnings” should draw some attention, but are not fatal.
Also note that many error/warning messages will be a result of previous error/warning messages.
Deal with them in the order they appear, and don’t blame the later errors until the earlier ones are dealt with first.
3. Common customization errors
The most common customization errors include:
using ‘ or ” marks inside define() statements, resulting in mismatched quotes
removing or adding punctuation to define() statements, thus breaking the correct syntax. A define() statement should look like this: define(’CONSTANT_NAME’, ‘value here’);
missing semi-colons and periods, unbalanced parentheses, braces, brackets
uploading files to the wrong places.
This is a zen cart login in side box,
Login Box takes advantage of the Zen Cart Magic Smart Technologies based on the use of autoloading language files that can be unique per template or identical for all templates based on installation.
==================================
INSTALLATION:
The files are arranged in the same structure as Zen Cart
These can all be uploaded via FTP to your server as they are without any editing required.
You can just FTP the whole /includes directory to your site.
Go to the Admin …
Go to Tools …
Go to Layout Controller …
The Login Box will automatically be found and installed.
Next configure it for the Left or Right Column and the Sort Order. 0 will put it at the Top.
Turn the box on.
===================================
TO ACTIVATE THE LOGIN BOX:
After uploading the files, follow the next 3 steps.
Go to Admin …
Go to Tools …
Go to Layout Controller …
The Login Box will automatically be added to the current template.
You can then configure it for the Left/Right or Single Columns and the sort order.
===================
Download:http://www.zen-cart.com/index.php?main_page=product_contrib_info&products_id=154
Here I listed some of the top free zen cart themes from my point of view,
- Official zen cart themes http://www.zen-cart.com/index.php?main_page=index&cPath=40_53 , collected many of templates, but from my point of view, they are not professional, you even can described ugly.
- ichoze zen cart themes zen-cart-templates.ichoze.net, there are two free zen cart template,Acadame and Atheme, maybe Acadame is a most widely used zen cart template, at least this is the first template I adopted.
- zen cart power themes www.zen-cart-power.com, a good website, but there are no many peoply knew this site.
- http://www.zenflavor.com, I am not familiar with this site, they seems both povide paid & nonpaid themes.
- www.zencarttemplates.info , they did not invent any thing, just collect most of above templates and give a “what you see is what you get” functionality.
Categories
Archives
Meta
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jul | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||