Jump to content
Larry Ullman's Book Forums

Session id variable


Recommended Posts

Hi Larry,

 

Hope you are well.

 

I managed to implement the login system from the first site, into the 2nd ecommerce coffee site.

 

My question is:

 

1) How would I connect the user's unique session id, with the their saved shopping cart items, so if the user logs out, and goes to a completely different computer and logs back in, his stored shopping cart items will reappear?

 

Thanks

regards

 

Link to comment
Share on other sites

Good question! So you'll need a way to tie sessions to users. The sessions are separate from any user as-is. There are three paths:

- Add a cart ID column to the user's table

- Add a user ID column to the cart table

- Create a new users_sessions table

In the second case, you'll want to allow for null values, as there is no user ID until the user has logged in. In all of the cases, though, you'll need to add logic that makes the connection between the user and the session when they log in. At base, this is just simply an UPDATE query or two.

The tricky bit is if the user has two carts. You'll want to think about how to handle that. It may be a matter of always using the most current, or always using the non-empty one, or merging the contents of two carts together. 

Link to comment
Share on other sites

Hi  Larry,

Thanks for the response!

What I was thinking of doing is adding the user's email address to the Cart table. So the Cart table would now have an extra column, ie email, wIth a DEFAUL NULL value.

The logic would be:

A random user visits the website, they then start adding items to the Cart, without registering or logging in. So now the Cart has items in it, with no user information, ie email or user id, only the session id, along with product information. The email address column in the Cart table is blank(DEFAUL NULL).

The user then registers, or logs in, and the email address is automatically sent to the empty email column in the Cart table. This email address is now connected to the session id, which resides in the current Cart table. So now all the products with a particular session id, is now tied to the user via the unique email address in the Cart table.

So now if the user logs off, and logs back on a different computer, the logic would be, retrieve all items from the shopping Cart table, for the currrent email address(which pertains to the current user).

So the shopping cart page will display all the items from the Cart table for that user, which would be unique to that user because of their unique email address.

If the user then logs off, we can run the same query, which is, retrieve all the items from the shopping Cart table, for the current email address.

Because the user has now logged off, the email value would be an empty string or null.

So therefore, no items would be retrieved for a null email address. The page would then display, "The shopping cart is empy."

 

Can you let me know if this logic sounds correct, and I would therefore only have to add the user's email address in the Cart table to achieve the above logic.

 

Thanks

 

 

Link to comment
Share on other sites

That all sounds fine. The email address is effectively the same as the user ID, except for being a string instead of a number. However, I'd be inclined to still rely upon the session ID for primary cart access. It's stored in a cookie and exists whether or not the user is logged in. So if the user is logged in, does stuff, and logs out, the cart isn't suddenly empty. The only additional logic then is reflecting the user's email address in the Cart table when they log in (and, again, avoiding duplicate sessions). 

Link to comment
Share on other sites

Hi Larry,

 

The reason I don't want to depend on the session ID for primary access to the cart when logging in, is because the user might access the site from a completely different computer, which then renders the session ID useless in terms of retrieving the cart items.

Whereas if the user stores their email address in the cart, then whatever computer or wherever the user accesses the site, and then logs in, the user's shopping cart items will be retrieved, based on the user's email address and NOT the user's sesssion id( which would only come in handy if they access the site from the same computer where the session id is stored, also assuming no one else visited the site after them).

 

Larry, my logic could be totally flawed, so forgive me if what I said makes no sense.

Link to comment
Share on other sites

I get what you're saying, however, the email address is only available when they are logged in, whereas the session ID is available when they are logged in and when they are logged out. So it always works on every computer. To maintain the session across computers (when logged in), you just need to associate the email address with the session ID. But you can still rely upon the session ID whether they are logged in or not on that other computer. 

For example...

1. User is on computer A (or even just browser A) but not logged in. Session ID is stored in a cookie and provides access to the cart. 

2. User logs in on computer A. Email address is associated with the session ID. Session ID is still stored in a cookie and provides access to the cart. 

3. User logs out on computer A. Session ID is still stored in a cookie and provides access to the cart. 

4. User is on computer B but not logged in. Session ID is stored in a cookie and provides access to the cart. Currently this is an empty cart, which is reasonable. 

5. User logs in on computer B. Email address is used to find the existing session ID. Session ID is still stored in a cookie and provides access to the previous cart. *

6. User logs out on computer B. Session ID is still stored in a cookie and provides access to the cart. 

So using the session ID approach, the user *always* has access to the cart (or, more precisely, the site can always find the user's cart). The only catch (the asterisk above) is when the user logs in the site needs to handle the possibility of two populated cart sessions: one while logged in on computer A previously and another while not logged in on computer B. 

Of course it's entirely up to you, but this is how I'd do it. 

Link to comment
Share on other sites

Hi Larry,

 

How you have explained it is exactly how I was intending to do it.

Regarding the last scenario where the user has populated two carts, one while logged in on computer A previously and another while not logged in on computer B.

Shopping cart items will only be recorded in the database and attached to the user's email if the user has logged in.

If the user adds items to the shopping cart without logging in,  and then goes to another computer and then logs in,  the items added to the cart without logging in won't be shown in their cart if they log into another computer.

So basically, the user has to log in, in order for the shopping cart items to be recorded in the database, and in turn can be accessed from any computer.

Also, if the user adds items to the shopping cart, and then logs in or registers, their email address will automatically be sent to  the email column in the cart table and associated with the session id in the cart table.

 

Hope I understood the scenario correctly and what I said makes sense!!

Link to comment
Share on other sites

I read your comments again, and undestand the scenario!

Basically, a session id is generated on every different computer that the user visits, so they could end up with a situation where there are multiple items in the cart which multiple user_session id's.

What I would do is retrieve the items based on the user's current email address, and NOT session id.

This way, all the items stored in the database which is linked to the user's email address, but different session id's would still be returned.

I could overwrite all the previous user_session id's already stored in the database with the current session id,  if the user logged in from a different computer, in order to account for that scenario.

 

My confusion came because I thought the session id was only generated when the user logged in, as opposed to being generated automatically, when they visit the site.

 

 

Link to comment
Share on other sites

 Share

×
×
  • Create New...