Shopping Cart advice

Rodders

I'm about to start coding a product catalogue and online ordering system (shopping cart) for a friend/client! I know there are plenty of products already out there and some are even free/cheap.

However, this is a personal project and my friend wants something very simple to maintain so we thought it would be best if it was custom built for her specific requirements.

Well, so far we have signed up for a decent hosting package that supports PHP and MySQL as well as SSL and Cron jobs. I'm quite capable of designing the database and even writing the code, but I don't have experience in this field.

What I'm wondering about is, will I encounter performance problems with my SQL executions if more than one user attempts the same thing at the same time ? Are transactions something I should look at ? Any other advice ?

Thanks

Richard

dalecosp

I generally implement the cart within the SESSION array, so the database mainly gets used for content for the catalog, sizes, colours, prices, etc.

The orders are emailed locally, behind a firewall and VPN.

Even if you wrote the orders to the db after they hit the "commit" button (purchase, send order, whatever...) it doesn't seem too likely to cause big problems, even without transactions.

It's possible as well that the hosting company has a version of MySQL that has the InnoDB backend, so transactions would be automagic...

My twopence....

Rodders

That's great dalescop!

Has anyone any thoughts on the security. It's not a great concern as we are considering using a third party to deal with online payments so their security should be tip-top, but we'd also like to track some of our customers data. Is there any security issues with SESSIONs and/or using a database and code password protection ?

One question with regard to sessions.....
How can I track a variable number of items, for example one user may order 3 items and one may order 23. How can I use the $SESSION array and loop through these and know when I've reached the end. Can I store an array within a $SESSION variable ?

dalecosp

Yes, storing an array is easy.

session_start();
$clothes=array("shoes", "jacket", "tie");
$_SESSION['cart'][]=$clothes;
echo $_SESSION['garments'][0];
//prints "shoes"...

The trick I had a tad of difficulty with: what if a user puts several items in a cart, (each item being an array) and then decides to take the third one out? ( unset $_SESSION['cart'][2] )

Then my loop will end prematurely!!

I finally wrote some reverse counting and comparing hack that works for that situation.

I'd think the main difficulties in re: security would be the database stuff. SQL injection, for example, in your scripts. And I'd be nervous about storing much personal customer information in the db. Of course, there's really some question as to whether or not anything's secure on the internet. Ever googled for your name?