Need procedural advice

gufmn

I'm assuming there are a few around here who have dealt with this before. I on the other hand am attempting this for the first time.

I've been developing a site for a while now that uses a custom shopping cart. Users need to be able to add items to their cart without logging in, so the session ID is used to keep track of which items belong to which user.

I'm now at the point where I need to finalize the transaction. I have created a login system which is working fine. The client still has to set up a merchant account, so for now I'm just planning on having an empty function called processCreditCard() or something and have it return true.

My question is this:

I'm trying to figure out the best way to handle the data from the time the anonymous user adds items to their cart, to them logging in, to checking out. My thought is to have a column in the cart table to store the user ID. As soon as the user logs in, update the table and set the user ID in all rows containing their session ID.
As soon as they hit submit to process the credit card, copy all cart data to an "orders" table which will contain a status column. As soon as authorization is recieved, update the status column as "paid", send out confirmation emails and clear the shopping cart. Unless, of course, authorization fails. In which case I would remove all items from the orders table and leave the cart in tact.

Is this a sensible way of handling this? Can someone suggest a better way?

Thanks

Drakla

I'd store all the shopping details in the session and only commit it to an orders table when they'd signed in and their card validated.

This way you don't have to worry if they just get fed up and leave, as all shopping info is in the session, which will be trashed for you, rather than you having to clean up dead table entries.

gufmn

Drakla,

Hrmmm....not a bad idea. Wish I would have thought of that when I started. As it stands, there is a time stamp in the cart table and I have a cron job that runs once a day that removes all old cart entries.

I'm seriously considering a re-design though. Is it fairly common practice to handle transactions the way you suggested?

And thanks for the response.

Drakla

Yup - I've seen umpteen shopping site examples and most do it that way. Even his lord and ladyship Luke and Laura Welling, and the example in the Amazon API create session based classes. Some do it in cookies, but that's pointless if sessions are available. If it's not a hassle you might think about converting, but if your method is stable and you've got more important stuff it might be worth staying with it.

gufmn

The only reasons I can think of for switching to a session based cart are:

Tons of useless info fillng up a db possibly ending up in long delays while waiting for selects to finish. But I don't really see this being a high volume site and I think the cron will take care of this just fine.
Speed in general. Prolly quicker to just grab info from a session array than query the db.

Thoughts?

Drakla

Sessions are definitely faster than database work, I did some benchmarking today and they're easily ten times quicker even when the database table is tiny with fixed row lengths, but it's usually the time of connection that increases the time, as even with connect / close and no query it's about six times as slow. But if your site isn't going to take heat then that shouldn't be something to base an entire restructuring on, as you're probably going to connect to the db anyway for displaying products or whatever. But if you were building it from the ground up, or have time to change it then would recommend the session method.

gufmn

Thanks for the advice. If I thought this were going to be a high traffic site, I'd definitely re-do it. For now, I think I'll just leave it as it is and save the session cart for version 2.0 🙂

So, to recap:

Store items to be purchased in cart.
User logs in.
Check out. Credit card is processed.
Upon approval, all items are moved from cart to orders table along with user ID.
Clear items from cart.

Sounds pretty straight forward. I think I was making more of this than it really is.