Shopping cart store on client or server? [closed]

Question

Shopping cart store on client or server? [closed]

Navigation

#1 by (8 votes)
#2 by (5 votes)

1

How best to store items in a shopping cart?

In the javascript itself, on the client side or on a server session, either using $_SESSION(php) or Session["sessao"](C#

Which would be better? safer and better for the user?

php javascript c#

asked by anonymous 01.04.2014 / 05:11

2 answers

5

No server.

One of the reasons would be that the variable Session evaporates when the user leaves the site or closes the browser. In this case, it would be interesting for the site to "remember" the last attempt made by the user.

01.04.2014 / 06:14

Login authentication error [closed] Pseudo Code Chess [closed]

score 8 · Accepted Answer

In the session or in a cookie.

If you save in JavaScript, first it will not work if the user has disabled JavaScript, depending on whether the browser or the computer "hangs" it loses its entire cart (you can mitigate this using localStorage - when supported).

If you use the session, it depends on: what happens if the user closes the browser (intentionally or not - even if above)? If all data is deleted at the end of the session, then there is the same problem. And performance may be worse if you need to access the database every time the user adds a new item.

Usability

A common problem with shopping carts is what happens when the user opens more than one tab at a time, or uses the "Back" button - in these cases, what is appearing on the screen is one thing, which really is in the cart can be something else. Personally, I do not know what the user's expectation will be: a) that the cart is exactly the same as it is on the screen; or: b) that what he did on a flap is "saved" in some way, even when he moves the other. The way you implement impacts one or the other scenario.

The best I have to suggest in this case is to include a random token in the submission forms (for example, as a hidden input ) and always compare that token with that of the cart before performing an action . If they are different, show the same page again to the user, updated - so that he is seeing the correct trolley before the action actually takes place.

Safety

If you're using https as I expect it to, it does not make much difference how it's stored. You can sign the cookie data on the server if you want to prevent the client from tampering with values inappropriately (that's how many frameworks do to keep session data in a cookie - not BD - without compromising site security) , but this may not even be necessary.