|
 |
asp_databases thread: Shopping Cart
Message #1 by "Pete Cofrancesco" <pcofran@y...> on Fri, 25 May 2001 17:08:00
|
|
I'm trying to improve an existing shopping cart i inherited. Can someone
give me the pros and cons of the following methods of storing a shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #2 by "Ian Richardson" <ian@i...> on Sat, 26 May 2001 07:09:57 +0100
|
|
Hi,
When I embarked on my shopping cart I started quite an interesting thread on
these lists on the pros and cons of Session Variables and their use. The
general opinion was that Sesion Variables are to be avoided for scalability
and server performance issues. Therefore, my conclusions have been such that
I have built my shop cart with the use of only one, small, Session Variable
all the other information I need to maintain state is stored as Cookies or
in database tables. One point that may be useful is: if you don't specify an
expiration date on a cookie, it can be made to behave similarly to a Session
Variable, but stored in the client's RAM instead of on the server and
deleted when the browser session ends.
hth
ianmetaxa
-----Original Message-----
From: Pete Cofrancesco [mailto:pcofran@y...]
Sent: 25 May 2001 17:08
To: ASP Databases
Subject: [asp_databases] Shopping Cart
I'm trying to improve an existing shopping cart i inherited. Can someone
give me the pros and cons of the following methods of storing a shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #3 by Hal Levy <hal.levy@s...> on Tue, 29 May 2001 09:31:52 -0400
|
|
1. Good solution- but you need to set a single cookie to be a "key" to
the
database so set a cookie with an encrypted unique ID and then use that
to
look into the database.
2. OK solution- This increases network traffic over the internet and
makes
your data vulnerable through cookie editing. (that's why we use an
encrypted
ID in solution 1)
3. Poor solution- This will cause a drain on system resources. The best
thing to do is forget that session objects even exist.
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Pete Cofrancesco [mailto:pcofran@y...]
Sent: Friday, May 25, 2001 1:08 PM
To: ASP Databases
Subject: [asp_databases] Shopping Cart
I'm trying to improve an existing shopping cart i inherited. Can
someone
give me the pros and cons of the following methods of storing a
shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #4 by Ben Lew <formula1@o...> on Tue, 29 May 2001 11:16:35 -0400
|
|
How do you create an cookie that is encrypted?
Thanks,
Ben
-----Original Message-----
From: Hal Levy [mailto:hal.levy@s...]
Sent: Tuesday, May 29, 2001 9:32 AM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
1. Good solution- but you need to set a single cookie to be a "key" to the
database so set a cookie with an encrypted unique ID and then use that to
look into the database.
2. OK solution- This increases network traffic over the internet and makes
your data vulnerable through cookie editing. (that's why we use an encrypted
ID in solution 1)
3. Poor solution- This will cause a drain on system resources. The best
thing to do is forget that session objects even exist.
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Pete Cofrancesco [mailto:pcofran@y...]
Sent: Friday, May 25, 2001 1:08 PM
To: ASP Databases
Subject: [asp_databases] Shopping Cart
I'm trying to improve an existing shopping cart i inherited. Can someone
give me the pros and cons of the following methods of storing a shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #5 by Hal Levy <hal.levy@s...> on Tue, 29 May 2001 15:17:58 -0400
|
|
Ben- the easiest way to do this is to (either with SQL or your own com
object) create a GUID. This is something that the user can not easily
change
and still have it be a valid ID for your database.
I can't recall off the top of my head the SQL command to say "give me a
GUID".
to create one in VB - create a COM object with a method to grab a GUID.
for
information on how to create a GUID in VB see:
http://support.microsoft.com/support/kb/articles/Q176/7/90.ASP
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Ben Lew [mailto:formula1@o...]
Sent: Tuesday, May 29, 2001 11:17 AM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
How do you create an cookie that is encrypted?
Thanks,
Ben
-----Original Message-----
From: Hal Levy [mailto:hal.levy@s...]
Sent: Tuesday, May 29, 2001 9:32 AM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
1. Good solution- but you need to set a single cookie to be a "key" to
the
database so set a cookie with an encrypted unique ID and then use that
to
look into the database.
2. OK solution- This increases network traffic over the internet and
makes
your data vulnerable through cookie editing. (that's why we use an
encrypted
ID in solution 1)
3. Poor solution- This will cause a drain on system resources. The best
thing to do is forget that session objects even exist.
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Pete Cofrancesco [mailto:pcofran@y...]
Sent: Friday, May 25, 2001 1:08 PM
To: ASP Databases
Subject: [asp_databases] Shopping Cart
I'm trying to improve an existing shopping cart i inherited. Can
someone
give me the pros and cons of the following methods of storing a
shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #6 by Ben Lew <formula1@o...> on Wed, 30 May 2001 12:27:00 -0400
|
|
Thanks for the info, however, I was actually referring to the part about an
encrypted cookie since I didn't know you could encrypt a cookie.
Ben
-----Original Message-----
From: Hal Levy [mailto:hal.levy@s...]
Sent: Tuesday, May 29, 2001 3:18 PM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
Ben- the easiest way to do this is to (either with SQL or your own com
object) create a GUID. This is something that the user can not easily change
and still have it be a valid ID for your database.
I can't recall off the top of my head the SQL command to say "give me a
GUID".
to create one in VB - create a COM object with a method to grab a GUID. for
information on how to create a GUID in VB see:
http://support.microsoft.com/support/kb/articles/Q176/7/90.ASP
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Ben Lew [mailto:formula1@o...]
Sent: Tuesday, May 29, 2001 11:17 AM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
How do you create an cookie that is encrypted?
Thanks,
Ben
-----Original Message-----
From: Hal Levy [mailto:hal.levy@s...]
Sent: Tuesday, May 29, 2001 9:32 AM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
1. Good solution- but you need to set a single cookie to be a "key" to the
database so set a cookie with an encrypted unique ID and then use that to
look into the database.
2. OK solution- This increases network traffic over the internet and makes
your data vulnerable through cookie editing. (that's why we use an encrypted
ID in solution 1)
3. Poor solution- This will cause a drain on system resources. The best
thing to do is forget that session objects even exist.
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Pete Cofrancesco [mailto:pcofran@y...]
Sent: Friday, May 25, 2001 1:08 PM
To: ASP Databases
Subject: [asp_databases] Shopping Cart
I'm trying to improve an existing shopping cart i inherited. Can someone
give me the pros and cons of the following methods of storing a shopping
cart:
1. use a tempory table in a database.
2. use a cookie.
3. use an array stored in a Session variable.
PS i heard "Beginning E-Commerce" is good book. I plan on buying it but
need to work on quick solution first.
Message #7 by Hal Levy <hal.levy@s...> on Wed, 30 May 2001 14:06:04 -0400
|
|
Ben,
The data in the cookie is "encrypted"- not the cookie itself.
Encryption in this case is defined as unique and not easily guessable.
So using a cookie UID=3D4 is bad since I could get another account by
changing
it to UID=3D5. However, a cookie UID=3D GUID is good since it's
unlikely that if
I change one character in the GUID I would get another account.
Hal Levy
StarMedia Network, Inc.
Intranet Development Manager
-----Original Message-----
From: Ben Lew [mailto:formula1@o...]
Sent: Wednesday, May 30, 2001 12:27 PM
To: ASP Databases
Subject: [asp_databases] RE: Shopping Cart
Thanks for the info, however, I was actually referring to the part
about an
encrypted cookie since I didn't know you could encrypt a cookie.
Ben
|
|
|
View Cart
