Solved

cookie value for shopping cart....

Posted on 2000-04-07
7
252 Views
Last Modified: 2013-11-29
I'm in the process of finishing a mySQL backed e-commerce site, and will be implementing a shopping cart. The best way I've thought to do this would be to give every user a cookie with a unique ID number. Then everytime they place something in their cart, a record is added to the database with thier unique ID as the key.

I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?

Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?

I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...

-Mike King
0
Comment
Question by:lunaboy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 16

Accepted Solution

by:
maneshr earned 150 total points
ID: 2694011
"I'm unsure of how to go about assigning this unique ID cookie, though. "

you might want to use scheme of some kind for your cookie.Eg. unique user identifier+date time stamp.


"I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?"

you can do a simple check in PERL so see if the cookie has already been set. if the cookie is not set & the user is coming/being referred to by the login page, you just set the cookie using the print statement.

Eg.

$DOMAIN=".ny.smb.com";

print "Set-Cookie: back=yes; domain=$DOMAIN; path=/; \n";

you need to print the above before you print the content type MIMe header (viz.   print "Content-type: text/html\n\n";)


"Also, how can I generate the unique ID?"

you can use the above combination of unique userid+datetimestamp+ some random number to make the cookie ID uinque.

" And how can I make sure that this cookie is secure (not SSL),
so that their unique ID will not change over the course of their visit to the site? "

you can use, in fact will have to use, encryption algorithm of some kind to encrypt the cookie data. Also you might want to use PGP key to encrypt the cookie, therefore ensuring that ONLY the user with the corresponding private key can decruypt the cookie.

the encryption would only be one step in the entire authentication process. the next check would be to verify the same against the DB etc..

Also you might want to have a certain timeout period before the cookie becomes unusable. Finally you need to decide if you want to use a persistant on non-persistant/session cookie.


More info on cookies @

http://www.cookiecentral.com/
Hope that helps
0
 
LVL 1

Author Comment

by:lunaboy
ID: 2694071
Just for the URL, you get the points.

I think I'll use TIMESTAMP+RANDOM# as the unique ID.

I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?

-Mike K.
0
 
LVL 84

Expert Comment

by:ozo
ID: 2694177
be careful about making your RANDOM# too predictable, or it may be possible for someone to forge a unique ID to impersonate another user.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Expert Comment

by:maneshr
ID: 2694181
"I'll want the cookie to be set by the front page, so would I need to use SSI to check/set it?"

no you need to check the HTTP_REFERER environment variable to find out which page is calling your cookie setting script.

0
 
LVL 1

Author Comment

by:lunaboy
ID: 2695229
I want the user to get a cookie no matter what page of the site they first visit. How can I do that?
0
 
LVL 16

Expert Comment

by:maneshr
ID: 2695360
then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!!
0
 
LVL 1

Author Comment

by:lunaboy
ID: 2696424
"then your code is much simpler. All that you need to do is check if the cookie has already been set. if not set it and let the user continue!! "

Yes, but how can I make sure that the person gets the cookie when they enter the front page? The front page is flat, not dynamic. How can I check the cookie from there?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question