Solved

cookie value for shopping cart....

Posted on 2000-04-07
7
248 Views
Last Modified: 2013-11-29
I'm in the process of finishing a mySQL backed e-commerce site, and will be implementing a shopping cart. The best way I've thought to do this would be to give every user a cookie with a unique ID number. Then everytime they place something in their cart, a record is added to the database with thier unique ID as the key.

I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?

Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?

I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...

-Mike King
0
Comment
Question by:lunaboy
  • 3
  • 3
7 Comments
 
LVL 16

Accepted Solution

by:
maneshr earned 150 total points
ID: 2694011
"I'm unsure of how to go about assigning this unique ID cookie, though. "

you might want to use scheme of some kind for your cookie.Eg. unique user identifier+date time stamp.


"I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?"

you can do a simple check in PERL so see if the cookie has already been set. if the cookie is not set & the user is coming/being referred to by the login page, you just set the cookie using the print statement.

Eg.

$DOMAIN=".ny.smb.com";

print "Set-Cookie: back=yes; domain=$DOMAIN; path=/; \n";

you need to print the above before you print the content type MIMe header (viz.   print "Content-type: text/html\n\n";)


"Also, how can I generate the unique ID?"

you can use the above combination of unique userid+datetimestamp+ some random number to make the cookie ID uinque.

" And how can I make sure that this cookie is secure (not SSL),
so that their unique ID will not change over the course of their visit to the site? "

you can use, in fact will have to use, encryption algorithm of some kind to encrypt the cookie data. Also you might want to use PGP key to encrypt the cookie, therefore ensuring that ONLY the user with the corresponding private key can decruypt the cookie.

the encryption would only be one step in the entire authentication process. the next check would be to verify the same against the DB etc..

Also you might want to have a certain timeout period before the cookie becomes unusable. Finally you need to decide if you want to use a persistant on non-persistant/session cookie.


More info on cookies @

http://www.cookiecentral.com/
Hope that helps
0
 
LVL 1

Author Comment

by:lunaboy
ID: 2694071
Just for the URL, you get the points.

I think I'll use TIMESTAMP+RANDOM# as the unique ID.

I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?

-Mike K.
0
 
LVL 84

Expert Comment

by:ozo
ID: 2694177
be careful about making your RANDOM# too predictable, or it may be possible for someone to forge a unique ID to impersonate another user.
0
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

 
LVL 16

Expert Comment

by:maneshr
ID: 2694181
"I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?"

no you need to check the HTTP_REFERER environment variable to find out which page is calling your cookie setting script.

0
 
LVL 1

Author Comment

by:lunaboy
ID: 2695229
I want the user to get a cookie no matter what page of the site they first visit. How can I do that?
0
 
LVL 16

Expert Comment

by:maneshr
ID: 2695360
then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!!
0
 
LVL 1

Author Comment

by:lunaboy
ID: 2696424
"then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!! "

Yes, but how can I make sure that the person gets the cookie when they enter the front page? The front page is flat, not dynamic. How can I check the cookie from there?
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now