• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 318
  • Last Modified:

unique ID cookie for shopping cart

I'm in the process of finishing a mySQL backed e-commerce site, and will be implementing a shopping cart. The best way I've thought to do this would be to give every user a cookie with a unique ID number. Then everytime they place something in their cart, a record is added to the database with thier unique ID as the key.

I'm unsure of how to go about assigning this unique ID cookie, though. I know how to set and retrieve cookies, and process their info. But how would I set the cookie in the first place? Would I need an SSI call to set the cookie?

Also, how can I generate the unique ID? And how can I make sure that this cookie is secure (not SSL), so that their unique ID will not change over the course of their visit to the site?

I'm not interested much in the code needed to accomplish this, but rather the logistics involved. I appreciate any help, and will generously reward those who can help...

-Mike King
0
lunaboy
Asked:
lunaboy
  • 4
  • 2
  • 2
1 Solution
 
mafwebCommented:
hi Mike,

would be interesting to know which language you're using. PHP, for example, gives you the possibility to create an unique id with
uniqid()  (have a look at http://www.php3.de/manual/function.uniqid.php3).

Besides, what you can do to create such a token is to take the current time in milliseconds and concatenate it with some random value. This should be good enough (I know, there is slight a very slight chance that this is not unique *sigh*, but I don't know any other solution)

hope this helps,
maf
0
 
mafwebCommented:
by the way, you don't necessarily need SSI to set the cookie, all you need is the possiblity to send the cookie string before the end of the HTTP-header, especially before any HTML content

maf
0
 
lunaboyAuthor Commented:
Thanks for the tip...

How would I set the cookie string before the end of the HTTP-header if the document is the index.shtml of the domain?

ex/ http://www.domain.com/index.shtml

0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jhurstCommented:
the milliseconds and random is not a good approach - those 'tiny windows' always come back and haunt you.  And the worst thing about that one is that it only starts to hurt when you system starts to get lots of hits and is sucessful.

The general method of making a guaranteed unique number is language non-specific.  Open a file in which you keep a count, lock it, increment the count, unlock the file and use the count as the next sequence number.
0
 
mafwebCommented:
that depends on the language. in php3, you just say

<?php
setcookie ("cookie_name", "cookie_val", time()+$expire);

in the first line of your page.
For Perl, this is similar, only that it does not provide an own setcookie function

maf
0
 
lunaboyAuthor Commented:
okay, I have set the cookie as
uniqueID=<IP ADDRESS><RANDOM NUMBER>

That should work fine. This isn't a high traffic site, and we won't be getting so many users from the same IP at the same time ;-)

But, I'm using Perl and mySQL as a database (which is irrelavent to this quesiton), the front page is an .shtml doc, parsed by SSI of course. The problem I am having is that I want EVERY visitor to the site to get the cookie on the first page they visit, no matter where they enter. If there a way to make sure apache sends the set-cookie statement in every header? How can I do this?

Or how else could I ensure that every person gets a cookie?

-Mike K.
0
 
mafwebCommented:
I don't know whether you can configure apache like that, but if you have a logo displayed on that page, you could write a little perl script like this (let's hope your visitors have images on):

#!/path/perl
print ""; #cookie-code here, look at netscape's site for details
print "location:yourlogo.gif";

and insert it with
<img src=cookie.pl alt=logo>

this will set the cookie and display your logo. As said, can only be used, if your visitors have their images setting to "show"

maf
0
 
jhurstCommented:
Apache does allow you to send the header first from your cgi.  I can not believe that there would be any server that would not allow this.  The header needs to go and as part of this is the content type, cachece control, cookies, etc.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now