#1
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2008
    Location
    Plymouth UK
    Posts
    934
    Rep Power
    160

    Random q time!.. what's the best approach to the common job, a shopping cart!


    Hey guys. I posted this here, cause i wasn't sure where else to create this thread.

    i've been helping quite a few people recently (not always on here) and alot of the help i have been giving is with shopping carts. I have seen many different ways of approaching these projects. Some people are using sessions. Others are using temporary tables, others are using XML, and this has left me wondering. What is the best way? or is there a best way?
    Is it language dependant? eg: is it better to database it in ASP but better to XML it in PHP? or are sessions/cookies best all round? In case you haven't guessed at the moment i am pondering on the cart side of it, not the product information.

    After pondering with it for an hour or so i thought Sod it.. Lets throw it open to a debate, hehe

    So after all that rambling let's boil it down to a simple question.
    What is the best approach to a Shopping cart project?
  2. #2
  3. Contributing User
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jan 2005
    Location
    Internet
    Posts
    7,625
    Rep Power
    6089
    Javascript security is the very best possible protection. Seriously, just code the entire thing in javascript. Instead of a database use .txt files that are in your web root. Do not write a robots.txt, either.

    Comments on this post

    • ryon420 agrees : Gimp forgot the most important rule: let everyone have FTP access.
    Chat Server Project & Tutorial | WiFi-remote-control sailboat (building) | Joke Thread
    “Rational thinkers deplore the excesses of democracy; it abuses the individual and elevates the mob. The death of Socrates was its finest fruit.”
    Use XXX in a comment to flag something that is bogus but works. Use FIXME to flag something that is bogus and broken. Use TODO to leave yourself reminders. Calling a program finished before all these points are checked off is lazy.
    -Partial Credit: Sun

    If I ask you to redescribe your problem, it's because when you describe issues in detail, you often get a *click* and you suddenly know the solutions.
    Ches Koblents
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2008
    Location
    Plymouth UK
    Posts
    934
    Rep Power
    160
    Hmm i detect a hint of sarcasm there :P lol
  6. #4
  7. garish grotesque gargoyle
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2006
    Location
    gracing gargantuan gothic gateways
    Posts
    1,323
    Rep Power
    0
    in my opinion, to make a simple answer of a complex subject -- store all cart information in a database; it's just an order with a pending status anyway -- and cookie the user with the orderID to keep it current. also, if the site is user based then you associate the order with the user, so it gets reinstated when the user signs in, with or without cookies.

    all code should be server side, to reduce susceptibility to tampering (prices should never be client variables).

    I've written... several... shopping carts and e commerce systems in the last 10 years and have countless tips and pointers, but them's the basics (and, duh, secure all info pages with SSL).

    depends on what part of the cart you're talking about... table structure for items, order details, transactions, shipping, etc; how long to store cart data, and what authentication should be required to retrieve it; choosing a merchant account provider and transaction gateway; methods of securing credit card data; ups and downs of CC processing and merchant restrictions; using AVS and/or CVV2; maintaining multiple shipping/billing addresses per customer; quantity discounts or bundle packages; packaging shipments to minimize shipping costs, by weight and/or bulk; integration with shipping providers e.g. FedEx or USPS; running promotions and discounts; cross-selling items at item detail view and/or cart view and/or checkout; storing, listing, and communicating variants of color, size, style; customizations; downloadable products; inventory systems... you name it...

    the real question is the best way to do what part of 'the cart side of it'?
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2008
    Location
    Plymouth UK
    Posts
    934
    Rep Power
    160
    hehe.. yeah maybe i should have been a little more secure...
    The basics really of tracking the orders.. or the items in the basket.

    and yes.. i have had to remove the prices from the client side of some peoples scripts!!!! lol

    But for the basic tracking of items in the cart i have seen temp tables being used.. i have seen them in session vars (which is probably the last one i was helping with on this site), I have seen them stored in XML...

    So lets say i was just tracking the productID and the Qty of each product in the basket ... which method of the lot would be best suited to the job?
  10. #6
  11. garish grotesque gargoyle
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2006
    Location
    gracing gargantuan gothic gateways
    Posts
    1,323
    Rep Power
    0
    how do you store the products when they actually get ordered?

    do it that way, and set a cookie for the user indicating which database record corresponds with their order.

    common practice is an orders table, with a related table of orderItems.

    any order that hasn't been paid is still just a cart; run a cron every day/week/month depending on activity to clear out abandoned carts, and be done with it, I say!
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2008
    Location
    Plymouth UK
    Posts
    934
    Rep Power
    160
    hmm yeah that makes perfect sense

    The only issue aarising then tho is the assigning carts to unregistered users.. then again, that's easily curcumvented with the use of session or cookie
  14. #8
  15. Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Sep 2007
    Location
    outside Washington DC
    Posts
    2,576
    Rep Power
    3704
    Software reuse. Don't write it, find one and use it.

    Better yet, use Amazon's shopping cart for your store.
  16. #9
  17. Type Cast Exception
    Devshed Supreme Being (6500+ posts)

    Join Date
    Apr 2004
    Location
    OAKLAND CA | Adam's Point (Fairyland)
    Posts
    14,883
    Rep Power
    891
    I'd go with fishtop's method.

    However, Gimp's suggestion is impervious to SQL Injection attacks ;-)

    Comments on this post

    • gimp agrees : It's also impossible to hack into as long as javascript is turned on
    medialint.com

    “Today you are You, that is truer than true. There is no one alive who is Youer than You.” - Dr. Seuss
  18. #10
  19. Can I get an Amen!
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Jun 2004
    Location
    Disclosed Location
    Posts
    1,070
    Rep Power
    578
    I agree with Fishtop's approach as well. Buy versus build is always my first consideration, and shopping carts are seemingly a dime a dozen right now.

    I suggest a solution based on 3 levels of business.

    The first is a cart solution like amazon, yahoo or whoever. The host it for you, they do all the credit card processing etc.

    The second is when you're able to take a little more control, you want your own look but still small. Something like xcart, cartel or oscommerce that can be skinned and provide some decent functionality up front.

    Finally you have something that is more commercial strength like Webpshere Commerce Express, Microsoft Commerce Standard or the like. Much more functionality and tools out of the box; completely customizable front end and still a decently low price (considering).

    From there I suppose I would suggest the phantom 4th which is really a custom solution, or rather most customization specific to the business, perhaps built on top of Websphere or Microsoft Commerce (non express).

    Re-inventing the wheel might make the developer a good amount of money, but it usually doesn't come out that great for the client who has to pay more for less.

    Comments on this post

    • gimp agrees : Amen!
    The voice from the outer world

IMN logo majestic logo threadwatch logo seochat tools logo