Hi,
I'm learning PHP and I was curious about this. I've learnt about cookies and sessions, and I'd like to know - which one do you use for a shopping cart? What's the actual mechanism behind it? As the user builds up a cart full of stuff, is the data for that maintained on the server-side in a MySQL database or something?

Thanks.

Maybe you can find this all at the side that is responsible for the Internet standard and how it have to be used at:
http://www.w3.org/

I only know the german projects for internet standard support at:
http://de.selfhtml.org/
and PHP at:
http://www.selfphp.de/

But think about if you want to use Perl, it is faster more stable, more flexible and individually.
You can also take cookies as option and store the cart over the IP-Address if cookies are not available, disabled, so you have more buyers.

Cookies transmit the cookie data to and from the browser every time a request is made. This means that for a site with a lot of graphics and other files, if you've got a lot of cookie data, you could be adding quite a lot of extra bandwidth to your site.

Cookies are also insecure and can be modified by the browser user, so shouldn't be used for anything the needs to be kept secure.

PHP sessions use a cookie behind the scenes to track the sessionID, but all other session data is kept on the server.

Therefore, given the choice between cookies and PHP sessions, I would put most things into the PHP session, especially in a shopping basket scenario.

Keeping a set of shopping basket data in the session is relatively simple:
(very much simplified; there's obviously more to it than that, but demonstrates the principle)

As you suggest, the best solution is to store the order data in a database as the user adds items to his basket. This is better than storing basket data in the PHP session because it gives your system a better audit trail of what's happening, and also it allows you to write a system such that a user can add items to his basket and come back later, log in, and they'll still be there.

This is obviously a lot more work than just adding it to the session array; you'll need to design your database tables and write the code to read and write to them. But you're going to need to do that anyway at some point, so may as well start here.

Cheers.

Can you please explain this line? :

$_SESSION['basket'][]=array('product'=>$_POST['product'],'qty'=>$_POST['qty']);


What's got me foxed is the [] you put after the $_SESSION['basket'] - are you building a 2-Dimensional array or something? Why is that necessary?

Also, don't you need DOUBLE quotes for the 'product' key?




Thanks for all your help

The example was deliberately simplified, so I wasn't expecting you to use it exactly as shown, just as a starting point to try things out.

Yes, in the example, I'm building a 2-D array. (In fact, the way I've done it with the product/qty array it ends up being 3-Dimensional)

The empty square brackets tell PHP to create a new array element with the next available numeric key.

It isn't absolutely necessary in this example to create a multi-dimensional array since it doesn't have anything else, but if you wanted to use the session variable for anything else (eg user login, etc), then you'd need to keep the basket contents in their own array element.

In my example, I could have simplified it down one level like this:

[code]
$_SESSION['basket'][$_POST['product']]=$_POST['qty'];
[/quote]

...which would have done a similar job, but has the down-side that you could only have one entry for any given product in the basket (this may be what you want, but I'd prefer the flexibility of the other method even though the array is more complex)

No. PHP accepts single or double quotes for all strings.


No problem. Hope it all goes well.