I am working on an e-commerce website. When the user is not logged into my website and clicks on "Buy Now" button, I want to store this information into the cookie as well as in the database. The table for the shopping cart looks like
SHOPPING_CART
(
sessionid int(10),
itemid int(10),
quantity tinyint(10) unsigned
date_added datetime
);
Primary key is: (sessionid, itemid)
When the user closes the browser then also the shopping cart items should be preserved. Now my question is the following:
When the user is not logged into my website, on what basis I should identify the user?
Should I store the information using the IP address? If yes then HOW? In this case sessionid in the above mentioned table would be the IP address of the user. Right?
Should I create a temporary session for each and every user who
visits my website and then store the information? If yes then HOW?
How can the shopping cart items be preserved even when the user
closes the browser window? Should I retrieve from database or
cookie?
Any other better method to store and retrieval of the information?
Note1: I can use plenty of Shopping Cart softwares/codes/libraries available. But I want to know: How to identify the user? And storing/retrieval of data.
Note2: The price of each item, ordering, shipping information all are stored in different tables.
All you can do is create a unique fake identity for the user
No. Multiple users may have the same IP address, and a single user may change its IP address
Yes. PHP will create a session for you as soon as you ask to start a session. You must associate an identity with this session. Just use a random number, or a UUID generator, or something like that to generate something unique and not easily guessable. Then store the identity in a cookie so that when the user comes back some time later, you can re-associate his identity with the new session.
I would just store the identity in the cookie. A cookie only holds a small amount of information, and may be modified by the user without you knowing it.
If the users don't log in, I don't see any other way.
the only thing you have to do is set the sessionid into a client-cookie.
if a customer returns and presents a sessionid cookie you update your cart table with his new sessionid (and set the new sessionid in the cookie).
session (that's what it is for)
no
'temporary session'?
the cart is in the database
better in what sense? secure? robust? user friendly?
Related
I need to be able to be able to get the same data from my database using 1 of 3 different ID's.
In this instance I am fetching shopping cart data using either a session_id (for guest users), account_id (for logged in users) or just by the cart's primary auto-incrementing key.
At the moment I have three GET API routes set up but I want to know if there's a more efficient way of accomplishing this
$router->get('carts/{id:i}', ['Controller\\CartController', 'getCartById']);
$router->get('carts/session-id/{sessionId:s}', ['Controller\\CartController', 'getCartBySessionId']);
$router->get('carts/account-id/{accountId:i}', ['Controller\\CartController', 'getCartByAccountId']);
A session_id is stored in a browser cookie with a TTL. A shopping cart will always have at least a session_id in the database but not always an account_id (signifying a guest user).
In this instance you are either logged in or a guest.
If the Cookie storing the session_id associated with a cart expires and you're not logged in we can assume that the cart has expired. If that guest user wants to add something to their cart again we will generate them a new one with a new session_id.
I think this chart explains things pretty well
I create an online store website
when user add some product to cart i save this information in session (if user not logged in)
and
when user logged in and select some product i insert them into table
is this true way?
can i store all information of user selected product in session?
I think the best way to go in this case is not using the database at all, but use cookies instead.
PHP Cookies
This way you don't have to query the database, and all data will be saved on the computer of the user. This will also keep the information for the people who are not logged in. Which will be more user friendly.
Better to store items in session (for both visitors or logged in people)
Only needeed of store them is only when they intend to buy the product.
On visit (even if user is loged in or not) you donot have to store them in db.
Further, use db only for values you have to refer in future.
I am trying to get my head around how to correctly implement a shopping cart based on saving a cookie with a unique identifier to identify a users shopping cart in the database whether the user is logged in or as shopping a guest. I've tried to look at as many examples as i can, but i am not understanding it clearly enough.
Here's how i have it so far:
[Guest user]
Create cookie with unique id when user adds item to cart
Check for existing cart associated with cookie ID in database
If cart does not exist, create entry in DB table 'cart_id' with the cookie ID as session identifier
create entry in DB table 'cart_items' with the cookie ID as an identifier
[Logged in user]
Check for existing cart in DB table 'cart_id' associated with username and cookie ID
If cart exists, rewrite new cookie ID with cookie ID from database
If cart does not exist, assign username ID to table 'cart_id' with users unique cookie ID
Here is where i am having troubles:, all the previous is well and good, assuming the user hadn't only decided to login after filling their cart which is where i am going wrong. Here's what i have:
Check for existing cart in DB table 'cart_id' associated with username and cookie ID
If cart does not exist, assign username to 'cart_id' table
If cart already exists, rewrite new cookie ID with existing cookie ID stored in database
rewrite 'new' cart items(items chosen while not logged in) with the users stored cookie ID
Check for duplicate cart items from existing cart and new cart items
If duplicate items are found, delete old items and replace with new item quantities
etc etc So basically i dont think it's going too well, though i currently works okay, it seems i am going a really crappy way about it.
How can i better handle a registered users shopping cart if they choose to log in after they have filled their shopping cart? Will i need to have a separate table for guest users and registered users, how can i transfer a guest shopping cart list to the registered users shopping cart if they log in after they pick their cart?
I think you're better off at storing every ordered item (or the whole shopping cart content) locally, either through localStorage or cookie.
The way you do it, you're doing too much request on your DB. Why? Because you're assuming a cookie is something reliable, and in fact, it is not. So all of your operations using "cookie ID" are for nothing if the user chooses to reset his browser / delete his cookies.
There are many ways a cookie can be destroyed, at least it's harder with localStorage.
I would say : store it locally, and if logged, sync what has been saved locally with what is on the DB. But don't store unlogged users shopping carts on the DB : eventually you'll end up with orphans (no more cookie present for some reason), and you won't be able to understand why.
I try to execute a shopping cart .In the beginning I save the selected products in an array SESSION
while the customer order doesn't complete.
But,my work was imperfect because I don't use the session ID and I don't insert the selected products
to database,therefore I can't management the sessions.
Now, I want to improve my code to get an unique sessionID for each customer.
I see more examples in this issue and here I want to know which better to use:
//session_id($_GET['PHPSESSID']); session_start();
$session_id=session_id('PHPSESSID');
-OR-
session_start();
$sessionID = $_COOKIE['PHPSESSID'];
then,I will save the selected products to db width this $session_id.
note that, I use a simple way to complete the customer order and store the selected
items to db, which is via customer email verification .after custmer verify his/her email
I want to go back him/her to a page that he/she can update his/her cart items or continue shopping.
here how to get the $session_id to do that successfully.
please guide me in this issue.Thanks
They both should return the same thing its just two different ways of referencing it. Although I would recommend against keying your users against session ids because the user can delete the cookie (which is where the id is stored) at anytime or it can expire and then you will have to create a whole new user which will cause you to lose all your records every time. I recommend keying your users against a primary key in the database.
Just store session id in cookie until (2 day for example) user return to site after email verification and then finish the order.
I figure that this should be possible, as it is a requirement asked by my supervisor. There are a few types of accounts, one of them is a 'company' account which should allow anyone in the company who has these credentials to log in at the same time.
Now my question is, how do I store temporary data like:
(this is fictive)
shopping carts, keeping track of wizards,...
I suppose that I'll have to store this in the database?
What would be my best option. Link it to the unique session id?
Yes, you can store sessions in your database if you like. A nice way to do it, is by creating a sessions like table that stores states. Therefore, if you have a cart, you can have a cart table that represents what products the cart has and replay that after a user logs back in.
Session information isn't based on your account-system but on the system of the visitor (cookie). Unless you want all information to be shared across all users logged in on the company account (which I doubt) you shouldn't have to store any of the information in the database.
To store the data you can simply keep using session (as I suppose you already do for the 'normal' account.