Your ultimate shopping cart system?

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Your ultimate shopping cart system?

Post by JPlush76 »

Just trying to get people's opinion on their ideal way to handle a shopping cart... for example.

User not logged in - track their shopping cart items with session vars

User is signed in - track their items with a user id key in a shopping cart table

Using cookies, etc....

Currently I'm just using a cookie to track a shopping cart id and I need to redesign my system as that approach doesn't seem to catch 100% of the people.

How would you do it? 8O
User avatar
SantaGhost
Forum Commoner
Posts: 41
Joined: Mon Sep 15, 2003 11:54 am

Post by SantaGhost »

for the cookies i have encountered some problems, its certainly not fullproof. Ive been using sessions for a simple cart system.

This will shurely be one of the things ill be working on, something like a multifunctional shop class. Anyone using something like that?
saramoon28
Forum Newbie
Posts: 2
Joined: Mon Sep 15, 2003 9:52 pm
Location: Mexico
Contact:

Post by saramoon28 »

Im using pear session manager HTTP_SESSION with cookies for my shopping cart. I was using phplib session class with mysql, but the table that holds the sessions breaks up every third day. I guess cookies will work for me (hopefuly)

:roll:
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

I'd use sessions. Mainly because of the whole cookie acceptance issue.

That was why your old system didn't catch all of your surfers, right?
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

sessions only shopping carts are only half a solution as well.

I have to design a nice mix of cookie, session, and database to be able to handle everyone properly. We have alot of schools that take weeks to build orders in their carts so I have to retain that info.
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

To use or not to use

Post by evilMind »

Cookies, much easier to deal with. Actually I use cookies+a_db to manage carts. For simple checks to see if cookies are enabled you might try something along the lines of...

Code: Select all

function CookieCheck( $cookieName ) {
      if (!isset($_COOKIEї$cookieName]) ) {
         if ( !isset($_GETї$cookieName]) ) {
            // If no cookie and no $_GETїfoo]=foo variable then we haven't tested yet. We need to test.
            $randNum = rand( 5000 , 50000 );
            $testCookieExpire = time() + ( 60 * 60 * 24 * 7 * 52 * 10 );
            setcookie( $cookieName , $randNum , $testCookieExpire , '/' , $_SERVERї'SERVER_NAME'] , 0 );
            $redirectHeader = 'Location: http://' . 
               $_SERVERї'SERVER_NAME'] . 
               $_SERVERї'REQUEST_URI'] . 
               ( strpos( $_SERVERї'REQUEST_URI'] , '?') ? ('&' . $cookieName . '=' . $randNum) : ('?' . $cookieName . '=' . $randNum) );
            header( $redirectHeader );
            exit( 0 );
         } else {
            $cookiesEnabled = false;
            // Or define( 'COOKIES_ENABLED' , false ); for global use
         }
      } else {
         $cookiesEnabled = true;
         // Run some code or exit or something.. 
      }
   }
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

I like cookies as well but I've seen problems with them since we launched almost a year ago. Some people have them disabled or a number of other different situations...

what I'm thinking now is:
custom session class that writes to a database

>> user adds an item to their cart
if they are logged in the item gets logged into a cart table with the user_id as the key
if they are not logged on the item will be kept by session id

if they log in, that session id will update with the user id so the user's items are still in their cart.


so basically logged users will have the benefit of having their cart saved and visiting carts will just be session based and will delete upon exit.

thats what I'm thinkin of going with now
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Just a reminder, sessions use cookies as thier primary means of identifying the client; if that fails sessions use a transient sid (which in my opinion is less secure than a cookie (I don't believe that cookies are more secure, but when compared to a transient sid, hands down cookies) ). With that in mind, what's the difference of going cookie/DB based Vs. Session/DB Based?

Also, you mentioned that you had problems with cookies, what kind of problems have you experienced???
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

I know that if php can't set a session cookie it passes the PHPSESSID for each page, which wouldn't be a big deal.

The problems I've seen so far have been people who dont have cookies enabled or if they are in a secure network at work where cookies go through an approval program so ad tracking cookies can't get in.

by keeping tracking of their cart contents with a cookie variable I'm losing a few people a week probably. We've done over 1.6 million so far in a year on the site so its not a huge deal but it would be nice to accomodate everyone.
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

As far as the problem with people not having cookies enabled, try the code I posted earlier, that will take care of the checking of cookies being enabled or not; if not let me know. As far as corporate users having cookies blocked, well that's a whole different ball game there. Not sure I could help in that aspect.

The main reason why I push cookies so much, and not sessions, is because sessions create a file to keep track of the data. So you have to check for the cookie, then if that's not present, check the $_REQUEST[] variables for a transient sid, then find the file, open it, read the contents, setup any variables, and display the page based on the contents of the file (if it even exists, if not you have to create it...). That's a lot of work.. But either way you go, if you have a method that works the way you need it to, as I've been told, "Why re-invent the wheel?" :)
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

I'm just trying to think of a system that will accomodate everyone best. Like I said using cookies ain't "cuttin it" now lol
qads
DevNet Resident
Posts: 1199
Joined: Tue Apr 23, 2002 10:02 am
Location: Brisbane

Post by qads »

i am building my first shopping cart so yay for me :P

i used a temp table to store user orders, later when the user wants to checkout i check to see if the user is logged in, if s/he is then put the temp data into hidden fields and pass it on to merchant service :D else, ask the user to login.

after the payment, the merchant account calls one of my pages and passes me the user id, i move the temp data to another table and delete it (delete temp data)....

thats about it i guess :roll:

uh..one more thing...

if the user is not logged in then i use MD5(time() * random number.session id) as user ID, i also have this in a session var...when the user logins in, i update the temp table data and set user_id to the real USER ID...

hope that made sense 8O
User avatar
mr_griff
Forum Commoner
Posts: 64
Joined: Tue Sep 17, 2002 11:11 am
Location: Bozeman, Montana

Post by mr_griff »

I have been using a custom session/db cart system for two years and we haven't really had any one reporting problems due to the session/db backend. We have processed 21,000+ orders and $3.88 million in revenue over the last two years.

Our main concern is losing customers that experience things like session timeout, get frustrated and leave. A cookie based system could solve the session timeout issue, but then you might end up losing people with cookies turned off.

I would be very interested if you find/workout a system that covers both sides of this issue.
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

I need some advices, too! I have just started to build a shopping site and couldn't decide how to create the database structure and security things..
Unipus
Forum Contributor
Posts: 409
Joined: Tue Aug 26, 2003 2:06 pm
Location: Los Angeles, CA

Post by Unipus »

So I see you're not listening to anything we said in that other thread. What's the URL of this site you'll be building? :?
Post Reply