First thought: why is the first action to assign a cookie? I'm betraying my own prejudice against these badly exploited critters here, but given the existance of other, less exploitable, and therefore, less rejected mechanisms for session state persistance, why use a cookie.

Second. In order to assign the visitor a unique id, you need to gather identifying information from the user by which to associate them with the ID. As a visitor who has just come by to gather information, if the first thing I am met with is a long form asking for personal identification, you've lost me as a potential customer. I've moved on before your form has finished rendering.

Much better I think to create a session ID and allow me to 'bookmark' any products I see of interest at the server end--usually described as "Add to your shopping trolley/basket/cart", and not actually ask for identification until such times as I opt to 'Go to the checkout'. One benefit, apart from allowing browsers to browse without supplying their life history, is that if the visitor never makes it to the checkout, you haven't created records in your DB that will serve no useful purpose other than to clutter it up. Unless you are thinking of using their details for spamming, and your not one of 'those' I'm sure:^).

If, as and when the visitor makes it to the checkout, I think I would personally do the calculations, present the 'Invoice' with the opportunity for changes, deletions etc, and the final tally, and upon confirmation that the user wishes to purchase, hand over to the SLL session to gather (minimal) user information, delivery address and CC details etc.

From my perspective as a consumer/customer, it would be even better if the actual financial information was gathered and processed by a third party, specialising in such transactions (but not Passport!), that would--once the details have been processed--simply pass back to the originating site, a confirmation of purchase and a delivery address. That way, I only have to provide my details to once, and can use my electronic wallet (for want of a better description) to make purchases at a range of sites without having to re-supply my personal details. Less frustration for me as a consumer. Less risk as my details are only kept at one place specialising in secure transactions. Less risk to you the site owner as you are less liable to be held liable if something goes wrong, as you never had any details for anyone to steal.

That's how I would like things to work. I just hope the guys working on the open alternative to Passport get their act together and make it work.

Well It's better than the Abottoire, but Yorkshire!

In reply to Re: shopping cart implementation by BrowserUk
in thread shopping cart implementation by silent11

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.