E-commerce building_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-04-05 06:32 出处：网络

I´m starting with MySQL developing and consider to make my own e-commerce site. If I want to store customer´s wish list in a table should I do it, like first column has user id and second has prod

相关专题：e-commerce php

I´m starting with MySQL developing and consider to make my own e-commerce site.

If I want to store customer´s wish list in a table should I do it, like first column has user id and second has product ids separated like product0|product1|product2 or is there some more effective way to do this in MySQL?
Should I store the user details forever, or remove them when the order has be开发者_高级运维en processed?

Is this enough secure function to take off dangerous characters from user inputs:

function siisti($str){
$str = strip_tags($str);
$str = htmlentities($str);
$str = trim($str);
$str = htmlspecialchars($str);
$str = mysql_real_escape_string($str);
$str = str_replace(array("&auml;", "&ouml;"), array("ä", "ö"), $str);
return $str;
}

Is there any other that I should look when creating it?

EDIT: One more question Is this good way to do the pages:

up.php

Content to be inserted top of all pages


 | Some Site
etc.

down.php

Content to be inserted footer of all pages
some copyright notes etc.
<./body>
<./html>


somepage.php

i.nclude("up.php"); 
some content here

In some reason the code handling does not work at all! So just click edit to see what I have as code. This bug should really fixed in this site.

Use a table with columns customer and product and insert multiple rows for each customer - one for each product they own.

+-----------+----------+
| customer  | product  |
+-----------+----------+
| customer0 | product0 |
| customer0 | product1 |
| customer0 | product2 |
| customer1 | product2 |
| customer2 | product0 |
+-----------+----------+

In general, do not delete rows. Just mark them as processed. This allows you to audit the system.
Use mysql_real_escape_string or parameterized queries when accessing the database. Use HTML escaping functions when writing HTML. There is no such thing as "dangerous characters", only "dangerous programming". Never try to write "cleaning" functions yourself. Using generic cleaning functions makes you lazy. You won't understand what you are doing and that will lead to mistakes.

1: NO NO NO NO, don't do this. Have a separate table for products, have a table called "cart" or something with two columns... one for customer ID and one for product ID. Quantity and price-in-cart might be also useful to you.

2: You have to store some data for later. Do not store credit card information. Read up on PCI compliance.

3: Do not do this. You are mangling your data beyond repair. Use the functions as necessary when they are necessary.

4: Given the questions you are asking, and the fact that this wheel has been made 100 times over, stop now, modify an existing solution.