[pmwiki-devel] ZAPcart question...
The Editor
editor at fast.st
Tue Mar 20 12:50:22 CDT 2007
On 3/20/07, Ben Stallings <ben at interdependentweb.com> wrote:
> Dan wrote,
> > In ZAPcart, the shopping cart stores their order information in a wiki
> > page connected to their authid. However, I don't want to require
> > users to create a full-fledged members account to use the store. So
> > I'm thinking I would log them in under a temporary AuthId keyed to
> > some 10 digit random number or maybe Guest131224232.
>
> I suggest using the session ID. Since ZAP uses cookies extensively,
> anybody who's using ZAPcart will have a session ID, which is
> sufficiently long and random for your purposes, and has the added
> benefit of expiring along with the cookie. print_r($_SESSION) to see
> it. --Ben
This is a great idea, and would save me some trouble. No need to
login, etc. In fact, this way the store could operate regardless of
your authentication scheme... However, printing out $_SESSION just
gives me the session array, and there's no ID in it as far as I can
tell...
Ahh, I think I might use strtoupper(substr(session_id(), 0, 12)) or
something similar for the order data. Or maybe combine with a
timestamp so there's no chance of duplicates...
Couple quick questions.
1) Each user gets assigned a unique session_ide when the visit the site?
2) Is there anything that might cause that number to be changed?
3) What about login/logout. Will it change anything?
I don't want multiple users having the same number of course, and I
don't want their data lost somewhere along the way either. Of course
if I use a timestamp, everything goes caput at midnight... Like
Cinderella.
Anyway, this was a great idea. Thanks Ben!
Cheers,
Dan
More information about the pmwiki-devel
mailing list