the comapny
the company sells rhinestoned products such as clothing, jewellry, and accessories - everything customizable in color of product and color of rhinestone. as this is a small company i decided there isnt a need for user accounts yet, and a simple temporary storage of orders for upto 24hrs would be suffice for the amount of traffic the site is likely to receive in its infancy. at the moment the site is not live, but i aim to upload it over the next few days for online testing.
temporary storage of orders
when a user visits the shop, php coding checks for the existance of a cookie on the users computer. if it is found it is deemed that the user is returning and the value held by the cookie is used to retrieve that users temporary order ID from the database so they can continue shopping. if the cookie is not found then the user is a new user and a record is inserted in the temporary order table. a timestamp field in the table is set to time() + 24hrs when a new temp order is created - every page load deletes any temporary orders that have essentially expired (have not been used in 24 hrs) but also refreshes the timestamp on the users temporary order (and any lineitems that are associated with that order) to time() + 24hrs.
the code for this is as follows (inserted at the beginning of shop.php)
Code: Select all
//connect to database
$connection = mysql_connect("localhost", "root", "") or die (mysql_error());
mysql_select_db("individ-jewels", $connection) or die (mysql_error());
//check database for expired temporders/lineitems and delete them
$sql = "DELETE FROM tbl_temporder WHERE timestamp < " . time() . "";
mysql_query($sql, $connection) or die (mysql_error());
$sql = "DELETE FROM tbl_templineitem WHERE timestamp < " . time() . "";
mysql_query($sql, $connection) or die (mysql_error());
//check if cookie has been set
if(isset($_COOKIE['sessionRef'])){ //cookie is set, it is returning user
//get sessionID of returning user
$sql = "SELECT sessionID FROM tbl_temporder WHERE sessionRef='" . $_COOKIE['sessionRef'] . "'";
$mysql_result = mysql_query($sql, $connection) or die (mysql_error());
$aUser = mysql_fetch_assoc($mysql_result);
$sessionID = $aUser['sessionID'];
//refresh timestamp on temp order
$sql = "UPDATE tbl_temporder SET timestamp='" . (time() + 360) . "' WHERE sessionID='$sessionID'";
mysql_query($sql, $connection);
//refresh timestamp on lineitems for temp order (if they exist)
$sql = "UPDATE tbl_templineitem SET timestamp='" . (time() + 360) . "' WHERE sessionID='$sessionID'";
mysql_query($sql, $connection);
//refresh cookie expiry time
setcookie("sessionRef", $_COOKIE['sessionRef'], time() + 360);
}
else{ //cookie is not set, it is a new user
//start a session to create a new sessionID
session_start();
$sessionID = session_id();
//create md5 hash of a unique 32 bit string to be stored as a reference to the users sessionID in a cookie
$reference = md5(uniqid(rand(), true));
//create reference to users session ID
setcookie("sessionRef", $reference, time() + 360);
//insert new temporary order into database
$sql = "INSERT INTO tbl_temporder (sessionID, sessionRef, timestamp) VALUES ('" . $sessionID . "', '" . $reference . "', '" . (time() + 360) . "')";
mysql_query($sql, $connection) or die (mysql_error());
}
//close connection to database
mysql_close($connection);the basket
nothing special here so i dont feel as if this needs any explaining, its simply retreives and prettily formats the users temporary order from the database using their temporary order ID.
the checkout
the company specified the use of paypal as the primary method of payment for orders so after looking into their merchant options there seemed to be a number of ways of implementing this depending on the level of integration you wanted with paypal itself - which was minimal, passing only the order reference and order total to paypal (among other required fields). this is done via a form with 5 hidden fields predefined by paypal - pretty straightforward.
step 1 of the checkout is for the user to fill out his/her delivery details, and also gives a summary of the items ordered for reference - upon "proceeding to step 2" the temporary order is now made an actual order (and therefore inserted in the order table) using the last 8 digits of the temporary order ID as the order reference. the order status field of the order table is set to "awaiting payment". php then directs the user to step 2. also, another cookie is created on the users computer storing the order reference so it can still be retreived following the user leaving the current domain to goto paypals secure webspace.
step 2 is a simple redirect page informing the user that payment is handled by paypal and gives them to option to proceed (this is the form i described earlier - the one with 5 hidden fields). the order reference and order total have been passed to the form.
***some crazy paypal stuff here***
the aftermath
the paypal account has been configured to autoreturn following payment to thankyou.php which will check if the order reference cookie exists, and if it does, displays a printable invoice of the order. it also deletes the temporary order from the database and changes the order status of the order from "awaiting payment" to "pending processing".
thanks for taking the time to read this - i know i still have a lot to learn and am also looking for ways in which i can improve so any feedback will be much appreciated!