0
login->purchase->stored data->log out
how to make after user login into user session when he purchase something in this website will store in database
1 Answer
0
I wouldnât recommend using a session variable for purchases since they can be altered by malicious users or MitM or other sniffing attacks. Iâd say try just posting the data using AJAX or directly through a POST ($_POST[âsome-form-input-nameâ]) and having it update in your database. Once itâs updated you could use the session variable to identify if a purchase was successful and match it up with the data from the database. Make sure to run reference checks on your own data and not trust what may be coming from the client side. Thatâll save you any headache from people tampering to try and get free stuff. Good luck!