Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
A short cookie as a unique transaction-id, and the data in a temporary part of the database sounds a better approach. You never know what havoc a hacker can do if they start editing cookies that contain meaningful data.
Just remenber to have a daily (?) task that deletes abandoned carts -- otherwise your server's hard drives will one day overflow.
Thanks. I'll go down the database path for sure then, 4k isn't a much at all.
It's one hell of a lot for a cookie! If you're setting a cookie that is 4k in size, it'll add almost a second to the download time of every web page tat a modem user accesses on your site!
The database route is the right way to go about it. Set a unique id (preferably in hex) that relates to your database and set that as a cookie.