I have a situation where I need access to a shopping cart over several pages.
So, on the product page - create the cart an add some items
On the cart checkout page - confirm the billing address
On the cart checkout post - do a final check, add cart to DB and go off to payment
My question is, whats the best way to pass around the cart?
I have tried passing the Cart from page to postback and keeping all the values alive, however on some pages (the billing address confirmation page) this seems like a lot of hassle, all I want to check is the billing address and dont really want tons of HiddenFor() on the page to populate the cart back again
TempData[] is what I used for the product to checkout page, then wondered is it best to keep on setting TempData all the time when....
you could just use a session variable?
For some reason I read its not great practice to use Session, hence the question.
Thanks for your guidance, I can happy provide some code/more info if you deem it helpful.
It is perfectly OK to use sessions in ASP.NET MVC, especially in the shopping cart scenario of yours.
There are drawbacks of using sessions, but they seem not to apply to your case:
1) The sessions prevent a user to properly browse your site from multiple browser tabs, the changes made in one tab are reflected in all others.
But with a shopping cart, it's exactly what you need. You don't need several shopping carts per user, do you?
2) The sessions aren't persisted by default, and if you're operating on a webfarm, you need to save the sessions in your database to be accessible by every farm node.
But it seems unlikely that you're scaling like this. And if you meet the scaling neccessity, sessions won't be your top problems.
3) Sessions require additional functionality from the user's browser (typically, cookies). But modern browsers all support cookies, so you only have to worry about very special browsers.
There are also some benefits of the sessions over hidden inputs:
1) The smaller overhead. Only a small session cookie is passed back and forth between you and the client, rather than the complete set of hidden inputs.
2) Simpler programming. You don't have to make sure you included your hidden inputs in every single one of your pages.
3) Security. The client can alter the contents of hidden inputs however he pleases. You can't easily pass sensitive information via hidden inputs, you need to encrypt it. Session values are stored on the server, so the client doesn't have access to them.
Sessions are fine, but consider the Amazon-style system whereby you are issued with a recognition cookie even when you are not logged in. This allows them to store your shopping basket in the database, keyed against the recognition cookie.
The result is that you avoid the horrible user experience of losing your shopping basket due to session timeout / server appdomain recycling (the latter is mitigated by using SQLState session storage, which I recommend). The user can come back days later and their basket will still be there. Unless that's a security / privacy problem, I find it the better solution.
It is very much ok to use session with asp.net mvc application. steve sanderson has used session for cart in sample application that comes with his book. The code is available here
I would use Session, unless there were reasons to avoid it.
For example, I have one project where I have repeated calls to an MVC action in the background. This action serves a file, which is slow over the network. I used to use Session, but I quickly discovered the main adverse effect: IIS won't execute calls from the same user in parallel, but only sequentially one after the other. This had a dramatic impact on performance, so I used an alternative method: I set HttpContext.User.Identity to the username, and use it as the key to fetch things from the database. But you could probably set it to some random GUID and have this to replace Sessions.
For a shopping cart, you should definitely not use session state. A sound approach is to use the Anonymous Identification Module to manage a cookie for you. All you need is one line in web.config.
<system.web>
<anonymousIdentification enabled="true" />
</system.web>
Then, on each request you can use the Request.AnonymousID property (which returns a string representing a GUID) to lookup the shopping cart in the database.
public ActionResult ShowCartDetails()
{
var CartId = new Guid(Request.AnonymousID);
// Lookup cart...
return View();
}
This is not only more efficient than using session state, it is also simpler.
References:
- http://brockallen.com/2012/04/07/think-twice-about-using-session-state/
- http://forums.asp.net/t/1785321.aspx?Stored+Shopping+Cart+for+unknown+user
I tend to use a cookie with my shopping cart serialized into base64 string this seems to work quite well
In cart system the products that are added to cart are very important so using session is not good idea in my view. Using cookies and a temporary table in database is one of best Idea. We can store those data for forever or can clear after certain days.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 冷血范 的文章《Still ok to use Session variables in ASP.NET mvc, 》','https://www.manongdao.com/article-144806.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}