I'm working on a customer's website, and they've asked for a shopping cart. They need to use securetrading.net for the payment, so I don't need to ask for any credit card details. All I need to do is keep track of the items in their cart.
I've read about using PHP sessions, but I'm concerned about security there. Is this not a problem if the only information I'm storing is product codes and quantities? Otherwise, is it worth using a MySQL database?
I'm sorry if this seems like an obvious thing to know, but this is my first time implementing this kind of thing!
There is tutorial for simple/small php/MySQL cart that keeps cart status in sessions, there is even downloadable demo code and online demo.
http://v3.thewatchmakerproject.com/journal/276/building-a-simple-php-shopping-cart
I used it when full blown online shoping programs were just that "over blown". Same as you there was no need to take cc data, user registration, etc... just siple place to send selected items to payment gateway's purchase proces and after that to forget about it. That is what client wanted, and that is what he got on the end (my first choice was magento but it was too complicated for clients 3 products).
Of course you need to extend it to fit your need but it's good starting point for something simple.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With