Tips on creating a plugin

Things to remember when creating a plugin for Zen Cart

Security

It is wise to ensure that ALL your PHP plugin files include a line near the top which checks whether IS_ADMIN_FLAG is defined. This way if you have a file that’s accessed via unauthorized methods then it will just abort. For example:

if (!defined('IS_ADMIN_FLAG')) die();

Other variations for specific use in either admin or catalog might check whether it is set to boolean true/false.

Optimizing the use of Overrides

There are built-in override capabilities in Zen Cart to prevent needing to edit some core files which would otherwise need updating.

(As a reminder, the override basics are covered in the storefront help; you may read the introduction, the details, and then the summary.)

Some of the commonly-overlooked override capabilities are listed here:

database_tables.php & filenames.php

Combine your extra details for these two files into one file, and then add it to both the storefront and the admin:

includes/extra_datafiles/my-contribution-name_datafiles.php

admin/includes/extra_datafiles/my-contribution-name_datafiles.php

(these will auto-load)

stylesheet.css

includes/templates/YOURTEMPLATE/css/styles_my-contribution-name.css

(This will auto-load)

Do not auto delete your installer!

Once upon a time someone thought it would be clever to delete the installation script after running it.

A common pattern was to create a script in YOURADMIN/includes/init_includes (or perhaps YOURADMIN/includes/functions/extra_functions) which performed the installation and then deleted itself.

Please note: THIS IS A TERRIBLE IDEA. Don’t do this.

The reason is simple. Frequently people set up a test cart with a test database on their local machine in order to do an upgrade, and install all the files. They will then install the same fileset on their live server at upgrade time. If your installer auto-deletes, it won’t be available for them when their live database is being used.

A better practice is to check the database and see if the install has already been done.

  • Use zen_page_key_exists
  • Check for specific configuration keys you would have added.

Other Resources

Forum Resources

If you run into trouble working on your plugin, you can always post your question on the Contribution-Writing Subforum.



Still have questions? Use the Search box in the upper right, or try the full list of FAQs. If you can't find it there, head over to the Zen Cart support forum and ask there in the appropriate subforum. In your post, please include your Zen Cart and PHP versions, and a link to your site.

Is there an error or omission on this page? Please post to General Questions on the support forum. Or, if you'd like to open a pull request, just review the guidelines and get started. You can even PR right here.
Last modified March 5, 2021 by Scott C Wilson (16a66e8).