Solved

unique ID cookie for shopping cart

Posted on 2000-04-07
8
293 Views
Last Modified: 2013-12-25
I'm in the process of finishing a mySQL backed e-commerce site, and will be implementing a shopping cart. The best way I've thought to do this would be to give every user a cookie with a unique ID number. Then everytime they place something in their cart, a record is added to the database with thier unique ID as the key.

I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?

Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?

I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...

-Mike King
0
Comment
Question by:lunaboy
  • 4
  • 2
  • 2
8 Comments
 
LVL 1

Expert Comment

by:mafweb
Comment Utility
hi Mike,

would be interesting to know which language you're using. PHP, for example, gives you the possibility to create an unique id with
uniqid()  (have a look at http://www.php3.de/manual/function.uniqid.php3).

Besides, what you can do to create such a token is to take the current time in milliseconds and concatenate it with some random value. This should be good enough (I know, there is slight a very slight chance that this is not unique *sigh*, but I don't know any other solution)

hope this helps,
maf
0
 
LVL 1

Expert Comment

by:mafweb
Comment Utility
by the way, you don't necessarily need SSI to set the cookie, all you need is the possiblity to send the cookie string before the end of the HTTP-header, especially before any HTML content

maf
0
 
LVL 1

Author Comment

by:lunaboy
Comment Utility
Thanks for the tip...

How would I set the cookie string before the end of the HTTP-header if the document is the index.shtml of the domain?

ex/ http://www.domain.com/index.shtml

0
 
LVL 8

Expert Comment

by:jhurst
Comment Utility
the milliseconds and random is not a good approach - those 'tiny windows' always come back and haunt you.  And the worst thing about that one is that it only starts to hurt when you system starts to get lots of hits and is sucessful.

The general method of making a guaranteed unique number is language non-specific.  Open a file in which you keep a count, lock it, increment the count, unlock the file and use the count as the next sequence number.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Expert Comment

by:mafweb
Comment Utility
that depends on the language. in php3, you just say

<?php
setcookie ("cookie_name", "cookie_val", time()+$expire);

in the first line of your page.
For Perl, this is similar, only that it does not provide an own setcookie function

maf
0
 
LVL 1

Author Comment

by:lunaboy
Comment Utility
okay, I have set the cookie as
uniqueID=<IP ADDRESS><RANDOM NUMBER>

That should work fine. This isn't a high traffic site, and we won't be getting so many users from the same IP at the same time ;-)

But, I'm using Perl and mySQL as a database (which is irrelavent to this quesiton), the front page is an .shtml doc, parsed by SSI of course. The problem I am having is that I want EVERY visitor to the site to get the cookie on the first page they visit, no matter where they enter. If there a way to make sure apache sends the set-cookie statement in every header? How can I do this?

Or how else could I ensure that every person gets a cookie?

-Mike K.
0
 
LVL 1

Accepted Solution

by:
mafweb earned 100 total points
Comment Utility
I don't know whether you can configure apache like that, but if you have a logo displayed on that page, you could write a little perl script like this (let's hope your visitors have images on):

#!/path/perl
print ""; #cookie-code here, look at netscape's site for details
print "location:yourlogo.gif";

and insert it with
<img src=cookie.pl alt=logo>

this will set the cookie and display your logo. As said, can only be used, if your visitors have their images setting to "show"

maf
0
 
LVL 8

Expert Comment

by:jhurst
Comment Utility
Apache does allow you to send the header first from your cgi.  I can not believe that there would be any server that would not allow this.  The header needs to go and as part of this is the content type, cachece control, cookies, etc.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

It is becoming increasingly popular to have a front-page slider on a web site. Nearly every TV website,  magazine or online news has one on their site, and even some e-commerce sites have one. Today you can use sliders with Joomla, WordPress or …
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now