使用 PHP/MySQL 实现购物车的最佳方式
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/457903/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Best way to implement shopping cart using PHP/MySQL
提问by Skilldrick
I'm working on a customer's website, and they've asked for a shopping cart. They need to use securetrading.net for the payment, so I don't need to ask for any credit card details. All I need to do is keep track of the items in their cart.
我在客户的网站上工作,他们要求提供购物车。他们需要使用securetrading.net 进行付款,因此我不需要询问任何信用卡详细信息。我需要做的就是跟踪他们购物车中的物品。
I've read about using PHP sessions, but I'm concerned about security there. Is this not a problem if the only information I'm storing is product codes and quantities? Otherwise, is it worth using a MySQL database?
我读过有关使用 PHP 会话的信息,但我担心那里的安全性。如果我存储的唯一信息是产品代码和数量,这不是问题吗?否则,值得使用 MySQL 数据库吗?
I'm sorry if this seems like an obvious thing to know, but this is my first time implementing this kind of thing!
如果这似乎是一件显而易见的事情,我很抱歉,但这是我第一次实施这种事情!
回答by esmajic
There is tutorial for simple/small php/MySQL cart that keeps cart status in sessions, there is even downloadable demo code and online demo.
有简单/小型 php/MySQL 购物车的教程,可以在会话中保持购物车状态,甚至还有可下载的演示代码和在线演示。
http://v3.thewatchmakerproject.com/journal/276/building-a-simple-php-shopping-cart
http://v3.thewatchmakerproject.com/journal/276/building-a-simple-php-shopping-cart
I used it when full blown online shoping programs were just that "over blown". Same as you there was no need to take cc data, user registration, etc... just siple place to send selected items to payment gateway's purchase proces and after that to forget about it. That is what client wanted, and that is what he got on the end (my first choice was magento but it was too complicated for clients 3 products).
当完全成熟的在线购物程序只是“过度夸大”时,我使用了它。与您一样,无需获取抄送数据、用户注册等...只是将所选项目发送到支付网关的购买流程的简单地方,然后就可以忘记它了。这就是客户想要的,这就是他最终得到的(我的第一选择是 magento,但它对于客户 3 产品来说太复杂了)。
Of course you need to extend it to fit your need but it's good starting point for something simple.
当然,您需要扩展它以满足您的需要,但它是简单事物的良好起点。
回答by Oli
I'd use a prefab open-source solution. You really don't want to let in silly security issues when you're dealing with other people's money.
我会使用预制开源解决方案。当你处理别人的钱时,你真的不想让愚蠢的安全问题出现。
Magentocomes to mind. It's certainly the slickest I've seen in a while... And there appears to be securetrading support if you hack it in yourself.
回答by Andrew G. Johnson
I'd use PHP sessions since you're only storing product codes/quantities. Yes these are open to "attack" -- but the attack would be something along the lines of changing product codes (make sure you add a check for valid codes before passing info to your payment gateway) and quantities (again do a check for quantity on hand if need be)
我会使用 PHP 会话,因为您只存储产品代码/数量。是的,这些对“攻击”是开放的——但攻击将是改变产品代码(确保在将信息传递到支付网关之前检查有效代码)和数量(再次检查数量)如果需要,手头上)
Session variables are open to attack by users but if someone wants to "trick" my system and checkout 4 items instead of 1 it's really not a problem at all.
会话变量很容易受到用户的攻击,但如果有人想“欺骗”我的系统并结帐 4 个项目而不是 1 个项目,那真的根本不是问题。
回答by Rik Heywood
Keep in mind that sessions will only last for, well, the session. If your customer walks away and comes back tomorrow to carry on shopping, they will find their basket is empty again.
请记住,会话只会持续到会话中。如果您的客户离开并明天回来继续购物,他们会发现他们的购物篮又是空的。
If you are going to use sessions to get things going quickly, try and design your code so that it would be simple to change your mind in the future and switch to a Mysql solution.
如果您打算使用会话来使事情快速进行,请尝试设计您的代码,以便将来可以轻松改变主意并切换到 Mysql 解决方案。
However, unless you have very specific requirements, just find one of the hundreds of free solutions out there and save yourself a load of time.
但是,除非您有非常具体的要求,否则只需找到数百种免费解决方案中的一种即可,从而节省大量时间。
