lunaboy
asked on
cookie value for shopping cart....
I'm in the process of finishing a mySQL backed e-commerce site, and will be implementing a shopping cart. The best way I've thought to do this would be to give every user a cookie with a unique ID number. Then everytime they place something in their cart, a record is added to the database with thier unique ID as the key.
I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?
Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?
I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...
-Mike King
I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?
Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?
I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...
-Mike King
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
be careful about making your RANDOM# too predictable, or it may be possible for someone to forge a unique ID to impersonate another user.
"I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?"
no you need to check the HTTP_REFERER environment variable to find out which page is calling your cookie setting script.
no you need to check the HTTP_REFERER environment variable to find out which page is calling your cookie setting script.
ASKER
I want the user to get a cookie no matter what page of the site they first visit. How can I do that?
then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!!
ASKER
"then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!! "
Yes, but how can I make sure that the person gets the cookie when they enter the front page? The front page is flat, not dynamic. How can I check the cookie from there?
Yes, but how can I make sure that the person gets the cookie when they enter the front page? The front page is flat, not dynamic. How can I check the cookie from there?
ASKER
I think I'll use TIMESTAMP+RANDOM# as the unique ID.
I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?
-Mike K.