Re: [PHP] Session for creating a unique shopping cart for each user

From: Pete M (pmorgan_at_ukds.net)
Date: 10/31/03 

To: php-general@lists.php.net
Date: Fri, 31 Oct 2003 15:17:48 +0000

why use a cookie - the $_SESSION is itself a cookie
I'd code it like

<php
session_start()

if (!isset($_SESSION['cart_id']))
{
        // code to get cart_id
        $_SESSION['cart_id'] = $cart_id;

}

include(db)
include(products)

Tore E. Mackay wrote:
> Don't realy know.
>
> Here is what I have:
> 1. An index.php that inculdes products.php if $file=products.php.
> 2. products.php includes db.php that contains databse connection and the
> code for creating a session.
> 3. When I click "add product" $file=cart.php and cart.php includes the
> db.php file that should connect me to the db and check if there is a
> session.
>
> It works fine if I go passed the index.php file. Maybe it is because the
> index.php file has echoed information. Any idea????
>
> Tore
>
> "Gareth Williams" <gareth@venditor.com> skrev i melding
> news:5C845C18-0BB1-11D8-9384-000A956BB5B4@venditor.com...
>
>>Have you already sent anything to the browser? Once the first echo has
>>been performed, you can't send header information, as the header is
>>sent with the first bit of text.
>>
>>
>>On Friday, Oct 31, 2003, at 15:47 Europe/Amsterdam, Tore E. Mackay
>>wrote:
>>
>>
>>>Hi,
>>>
>>>I am creating a shopping cart but experiensing some difficulty in
>>>creating
>>>unique shopping carts for each user. When I try to create a session I
>>>get
>>>this error message:
>>>Warning: session_start(): Cannot send session cookie - headers already
>>>sent
>>>
>>>This is the code:
>>>if(isset($_COOKIE["cartId"]))
>>>{
>>>return $_COOKIE["cartId"];
>>>}
>>>else
>>>{
>>>session_start();
>>>session_register("cartId", session_id(), time() + ((3600 * 24) * 30));
>>>return session_id();
>>>}
>>>
>>>If I remove the session_start() and session_register it works fine,
>>>but then
>>>everyone uses the same cart and that can't be good.
>>>
>>>Thanx!!!
>>>
>>>Regards
>>>Tore
>>>
>>>--
>>>PHP General Mailing List (http://www.php.net/)
>>>To unsubscribe, visit: http://www.php.net/unsub.php
>>>

Relevant Pages

  • Re: Sessions vs Cookies
    ... There is a session cookie which simply allows the server to identify the client and retrieve relevant session data for it. ... If cookies can be read or forged, it makes little odds whether you have the master key or all the little keys,. ... Suppose you only send the PHPSESSID: Now you cannot change a thing on the server, even if you have the 'master key'. ...
    (comp.lang.php)
  • Re: session wont timeout
    ... Maybe this is a session cookie issue? ... client browser there is this one: WSS_KeepSessionAuthenticated Expires: At ... If I kill the session cookie using IE Developer Toolbar, ... possible and IIS would throw another challenge. ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Is it safe to store user_id in Session?
    ... What I was wondering is how safe it is to store user_id or username or ... session so I do not need to search the database all the time. ... OVERRIDING BASIC SESSION COOKIE AUTHENTICATION ... So what is described in the article only works for bad php scripts. ...
    (comp.lang.php)
  • Chicken and egg issue with Cookie based login?
    ... I have few questions I hope someone can clear up for me with the cookie ... private web server. ... It also says this about the secret key: ... Second, would be an example of the "Session ID" or more general, what is an ...
    (comp.security.misc)
  • Re: [PHP] Question about authenticating people...
    ... Would I be better to store that in a cookie rather then a session variable? ... The search variable is not sensitive data, there's no need to keep it on the server so it's an ideal candidate for a cookie. ... Also bear in mind that the client can change the contents of a cookie at any time so you need to re-validate them on every page request. ... If you need to verify the contents of a cookie from request to request you can a) encrypt it, or b) add a checksum to it. ...
    (php.general)