The realization principle of the shopping cart

Shopping cart is equivalent to the real supermarket shopping cart, the difference is a physical car, a virtual car just. Users can jump between the different pages of the shopping site to purchase their favorite products, click on the purchase, the product automatically saved to your shopping cart, repeat the purchase, the final selection of all items in the shopping cart unified to the payment desk checkout, which is to try to make customers experience the real life of shopping feeling. The server tracks each user's actions to ensure that each item has its owner at checkout.

The shopping cart features include the following items:

n Add a product to the shopping cart, i.e. order

N Delete items already ordered in the cart

n Modify the order quantity of a book in a shopping Cart

N Empty Shopping Cart

n Displays the list and quantity and price of the items in the shopping cart

The key to realizing a shopping cart is that the server identifies each user and maintains contact with them. But the HTTP protocol is a "stateless (stateless)" protocol, so the server can not remember who is the purchase of goods, when the product added to the shopping cart, the server does not know what was originally in the shopping cart, so that users jump between different pages when the shopping cart can not "carry", This has caused some difficulties in the realization of the shopping cart.

The current implementation of the shopping cart is mainly through a cookie, session, or a combination of database methods. The following analysis of their mechanism and role.

1. Cookies

A cookie is a piece of information that is generated by the server and stored on the client. It defines a mechanism by which a Web server stores and returns information on the client, which contains content such as domain, path, lifetime, and variable values set by the server. When a user accesses the same Web server later, the browser sends the cookie as-is to the server. By having the server read the information originally saved to the client, the website can provide a series of convenience for the browser, such as identifying the user identity during the online transaction, the security requirements are not high, avoid the user to re-enter the name and password, the portal website customization, targeted advertising and so on. The feature of cookies greatly expands the function of Web application, not only can establish the connection between server and client, because the cookie can be customized by server, so it can also store the shopping information to generate cookie value in the client, so as to realize the function of shopping cart. A cookie-based approach to a server-browser session or shopping cart has the following characteristics:

n cookies are stored on the client and occupy very little resources, the browser allows to store 300 cookies, each cookie size 4KB, enough to meet the requirements of the shopping cart, but also reduce the load of the server;

n cookies are built into the browser and are easy to use. Even if the user accidentally closes the browser window, the information in the shopping cart will not be lost if the cookie is defined for the period of validity;

n the cookie is not an executable file, so it is not executed in any way, and therefore does not bring viruses or attacks on the user's system;

n a cookie-based shopping cart requires that the user's browser must support and be set to enable cookies, otherwise the cart will fail;

N There is a controversy over the privacy of cookies against visitors, so some users prohibit the cookie function of the computer.

2. Session

The session is another way to implement a shopping cart. The session provides the ability to save and track the user's state information, so that the variables and objects defined by the current user in the session can be shared between pages, but cannot be accessed by other users in the app, and the most significant difference with cookies is that Session stores the user's private information during the session on the server side, which improves security. After the server generates a session, the client generates a SessionID identification number that is saved on the client to maintain synchronization with the server. This sessionid is read-only and if the client prohibits cookie functionality, the session is routed between pages by attaching parameters to the URL, or by implicitly submitting it in the form, among other ways. Therefore, the use of session implementation of the user management is more secure and effective.

Similarly, the use of the session can also be achieved shopping cart, this way is characterized by:

n session with a new mechanism to maintain synchronization with the client, not dependent on the client settings;

n compared with a cookie, the session is stored on the server side of the information, it is more secure, it can be identified, shopping and other information stored in the session;

N session will occupy server resources, increase server load, especially when the number of concurrent users, will generate a large number of sessions, affecting the performance of the server;

n because the information stored in the session is more sensitive and is saved as a file in the server, there is still a security risk.

3. How to combine Databases

This is also the current more common pattern, in which the database assumes the role of storing shopping information, session or cookie is used to track the user. This approach has the following characteristics:

n databases and cookies are responsible for recording data and maintaining sessions respectively, and can play their respective advantages, so that security and server performance have been improved;

n Every act of shopping, you have to directly establish a connection to the database, until the operation of the table is complete, the connection is released. When the number of concurrent users, it will affect the performance of the database, therefore, the performance of the database has raised a higher demand;

n Making the cookie maintenance session depends on the support of the client.

Options in various ways:

Although a cookie can be used to implement a shopping cart, it must be supported by the browser, plus it is stored on the client's information and is easily accessible, so it also limits its storage of more and more important information. Therefore, the general cookie is only used to maintain the session with the server, for example, the largest in the country when the network bookstore is to use cookies to maintain contact with the customer, but this way the biggest disadvantage is that if the client does not support cookies will make the shopping cart invalid.

Session can be very good with the trading parties to maintain the conversation, you can ignore the client settings. In the shopping cart technology has been widely used. However, the session's file attributes leave it with a security risk.

The method of combining the database has solved the above problem to some extent, but from the above example can be seen: in this shopping process involves the frequent operation of the database table, especially the user every time the purchase of goods, to connect with the database, when the user a lot of time to increase the server and database load.

The realization principle of the shopping cart