ubercart

With Drupal+Ubercart, be wary of alternative payment gateways

If you are using Ubercart to do ecommerce with Drupal, be sure to use one of the mainstream payment gatways: Authorize.net or Paypal.

While Ubercart does support a number of alternative payment gateways, the dangers in going with these alternatives are significant. Here's an example of a single day where two of the less well known Ubercart payment modules were exposed as having flaws that allow people to checkout without needing to pay:

SA-CONTRIB-2010-062 - Ogone | Ubercart payment - Access Bypass

More complete breadcrumbs for Ubercart checkout

By default, Ubercart sets the breadcrumb on the checkout page to simply "Home", which I personally find a bit odd. Because it calls drupal_set_breadcrumb() late in the request cycle, it's not even possible to create menu links for use by the menu_breadcrumb or menutrails modules. Stranger still, the cart settings page offers a "Custom cart breadcrumb" text and URL option, but it's hard-coded to use a single link instead of a trail of links.

Here is a small snippet that will set the breadcrumbs to mimic the URL paths, for example:

Home › Cart › Checkout

Ready for transformation?