I'm considering several options for building my own shopping basket with PHP.

I'm thinking of using cookies to store the potential customers current choices of purchase. Would this be a wise decision or are there better solutions out there?

Cookies and session IDs are the main choices.

There can be some security risks with cookies, e.g. people could copy cookies (highly unlikely). This can easily be stopped by encrypting the data etc.

Amazon use the cookie method. Session ID's might screw with Googlebot and friends.

You should have a look at oscommerce

http://www.oscommerce.com/

It is open source and accepts NOCHEX for the english market :)

Have a look at Cubecart (http://forums.cubecart.com/site/home/)

Very easy to use and mod plus supports most gateways

Helpful forum as well

I think I might timestamp the cookies, hence making it almost impossible to copy.

Thanks for the links. I'm building a content management system however to sell my own shopping cart to businesses. I was worried about the security risk of cookies as xml stated so thought I'd ask what everyone else uses.

Would it even matter though if someone copied the cookies? If you display the items on the screen before checkout then it doesnt really matter whether you can copy them or not.

I highly suggest using a database to store the session information. It's much more reliable than cookies, especially when the user has cookies turned off. If they do and you put up a message that they need to enable cookies, say bye-bye to a potential customer. You can set a session on the server and track by IP address as a backup if you have a database to store the rest of the session information.

I highly suggest using a database to store the session information. It's much more reliable than cookies, especially when the user has cookies turned off. If they do and you put up a message that they need to enable cookies, say bye-bye to a potential customer. You can set a session on the server and track by IP address as a backup if you have a database to store the rest of the session information.

Thats good advise mopacfan as I lost some customers for the very reason that the cookies were turned off.

OS commerce seems to be the best. Some hosts even install it for you by default.

Thanks guys. Will definitely look into sessions now. I've heard they are nasty little things to learn though.

I think I might timestamp the cookies, hence making it almost impossible to copy.

$id=uniqid(); could be what you are looking for.
http://fr.php.net/manual/en/function.uniqid.php

Nice one mushroom

Thanks