How ShopAdmin works



ShopAdmin shows your shopping cart data within a completely self-contained browser window, separate from the main Zen Cart/osCommerce admin window (see diagram above). This enables ShopAdmin to make full use of the window space to present a highly-responsive user experience. ShopAdmin uses the latest JavaScript and AJAX technologies for this purpose.

ShopAdmin interacts directly with your shopping cart database, and does not require copying or downloading your data to any external database or storage service. This means that the ShopAdmin window and your cart admin window are both viewing and manipulating the same database at the same time. Thus changes made in one window are reflected immediately in the other window.

From the technical architecture perspective, ShopAdmin relies on two components:
  • the ShopAdmin add-on, a thin layer of PHP code that works within your shopping cart application, and
  • the ShopAdmin UI, a rich user interface layer that works with the ShopAdmin add-on from within your browser.
This architecture enables Apsona ShopAdmin to interact directly with your database. The result is a simple, easy-to-use interface that manages your data. You can directly maintain and update your customers, products and order information from within Apsona ShopAdmin.

Installing the ShopAdmin add-on

The ShopAdmin add-on is distributed in a zip file containing everything you need to install into your shopping cart. To install this add-on, simply unzip the attached zip file's contents into the admin folder for your OpenCart, Zen Cart or osCommerce application. This will create several files in the folder, all of whose names begin with apsona, so you can identify them easily. Additionally, it will create two database tables with names apsona_report and apsona_filter in your database.

Zen Cart systems

For a Zen Cart, the installation will automatically create a menu item for Apsona ShopAdmin in the Tools menu of your Zen Cart admin area. You can use this menu item to access ShopAdmin.

OpenCart systems

After copying the files into your admin folder, please access the URL apsona_install.php. For example, if your store admin URL (after you log in) is, please access This will install the necessary database tables and create a menu item in the System menu of your admin area. Also, please enable access to the ShopAdmin files via the user groups page. You can use this menu item to access ShopAdmin. Detailed instructions are available on the OpenCart installation page.

osCommerce systems

Immediately after installing ShopAdmin into your osCommerce system, access the URL apsona_index.php instead of index.php within your admin area. For example, if your store admin URL (after you log in) is, your ShopAdmin URL would be The first time you access the ShopAdmin URL, the add-on tries to create a link to the ShopAdmin window in your Admin Tools menu. It does this by trying to modify the file catalog/admin/includes/boxes/tools.php. The add-on might not succeed in doing so, depending on the file's permissions and whether or not the file has already been modified. After you have accessed the ShopAdmin URL once, you can inspect this file and manually add the link if needed.

Accessing ShopAdmin from within your admin area

Once you have the add-on installed as described above, you can access it by clicking the Apsona ShopAdmin item in your Tools menu. Please bear in mind that ShopAdmin opens in a new browser window, so that you can switch between the Zen Cart and ShopAdmin windows to retain context while working.

Uninstalling the ShopAdmin add-on

If you ever need to uninstall ShopAdmin, simply remove the files whose names begin with apsona, and drop the two database tables named above.

Technical aspects

The ShopAdmin add-on downloads the ShopAdmin UI software layer (JavaScript and CSS files) into the user's browser. These files are available on Apsona's ShopAdmin servers, typically from Here we run into a technical limitation imposed by the Same Origin Policy, which forbids direct downloads from third-party servers. This basically means that the browser cannot download the UI layer directly from the ShopAdmin servers. Consequently, the ShopAdmin add-on implements a pass-through mechanism so that the UI layer can be downloaded from the ShopAdmin servers via the shopping cart application.

PHP provides two ways of implementing such a pass-through: one using the fopen call, and the other using curl. The fopen call requires that the PHP parameter allow_url_fopen be set to "on" in the shopping cart's php.ini file. ShopAdmin uses the fopen method in preference to curl, primarily because curl spawns a new child process on the server, with two undesirable results:

  1. It will require the child-process-spawning capability, and there are lots of attack vectors that open up if you include that capability. This is in fact the usual trick that Windows viruses use to get in to a victim computer.
  2. It increases the load on the server, because spawning another process is a high-overhead operation (the same reason why FastCGI is preferable to CGI).
In contrast, the fopen technique has neither of these drawbacks, since it is implemented directly within the PHP virtual machine. It also offers fine-grain control to the web server setup.

The ShopAdmin code is written to take care that nothing else is downloaded through the shopping cart server, and more importantly, it does not write anything to the server's file system (other than updating the database, according to the user's instructions).