跨域会话 - 跨域共享购物车 [英] Cross domains sessions - shared shopping cart cross domains

问题描述

我们正在用 eshop (php, mysql) 解决这个问题.客户希望在共享购物车的两个域上拥有相同的 eshop.在商店中，顾客可以在没有用户帐户的情况下进行购物(无法登录).还有一个问题，如何让共享购物车跨域.

we are solving the problem with eshop (php, mysql). The client want to have the same eshop on two domains with shared shopping cart. In the shop customer can do the shopping without users account (can't be logged in). And there is the problem, how to make the shared shopping cart cross domain.

来自购物车的数据存储在会话中，我们也存储在数据库中.但是我们无法解决跨域承载数据的问题.识别未登录的用户并非万无一失(研究).

The data from cart is stored in sessions, which we stored in database too. But we can't solve the problem in carrying data over domains. Identifying unlogged user is not holeproof (research).

客户转到 domainOne 并将一些东西添加到购物车.然后他转到 domainTwo(通过链接，输入域地址，但是)并将其他一些东西添加到购物车中.在购物车中，他有来自两个域的东西(刷新页面后).

Customer goes to domainOne and add some things to the cart. Than he goes to domainTwo (by link, typing domain address, however) and add some other things to the cart. In the cart he has things from both domains (after refreshing page).

你知道如何解决这个问题吗?

Do you have any idea, how to solve this problem?

• 由于客户要求，无法重定向
• cookies 与域相关
• set_cookie 与其他域不起作用
• 最简单的方法是仅保留 sessionid(存储在 cookie 中)，但我们不知道如何全面识别未登录的用户.
• 除了cookies之外，还有其他地方可以在客户端存储数据吗?(可能不是)
• 我们不能使用通过 url 中的参数发送 sessionid(如果用户点击链接到另一个域)或解析标头引用，bcs 我们不知道，用户如何实现另一个域.

如果你不明白我的意思，问我一个问题.如果您认为在具有共享(公共)购物车的两个域上拥有 eshop 是个坏主意，请不要告诉我，我们知道.

If you can't understand me, take me a question. If you think, that having eshop on two domains with shared (common) cart is bad idea, don't tell me, we know it.

感谢您的每一个回答.

推荐答案

您可以使用第三个域来识别所有域中的客户.

You can use a third domain to identify your customers over all domains.

例如使用 http://thirdDomain.com/session.php 上的 PHP 文件，即包含在两家商店的所有页面上.

Use for example a PHP File on http://thirdDomain.com/session.php that is included on all pages on both shops.

示例:

<script type="text/javascript" src="http://thirdDomain.com/session.php"></script>

您的客户切换域后，您可以使用第三个域将他识别为同一客户.

After your customer switches domains, you can identify him as the same customer using the third domain.

您可以将两个商店的会话 ID 分配给第三个域上的会话 ID，以访问两个商店的购物车.您只需要将您的商店会话通知第三个域(即，将它们添加为参数).

You can assign the session id on both shops to the session id on the third domain to access the cart on both shops. You only need to inform the third domain about your shop sessions (i.e. add them as parameter).

根据您对代码和模板的灵活程度，您甚至可以使用来自第三个域的输出来定义您商店中的会话 ID.这样您就可以在所有域上使用相同的会话 ID.但通常会话 ID 分配应该是更安全的方式.

Depending on how flexible you are with your code and templates, you can even use an output from the third domain to define the session id in your shops. This way you can use the same session id on all domains. But normally a session id assignment should be the more secure way.

使用 javascript 版本，您还可以输出脚本，这些脚本可能会向当前 html 页面中的其他域的所有传出链接和表单添加会话 ID.如果您可以将您的客户识别为阻止了 cookie，这可能会很有趣.您还可以使用 javascript 通知父文档有关现有会话的信息.

Using the javascript version you can also output scripts that may add a session id to all outgoing links and forms to the other domain in the current html page. This might be interesting if you can identify your customer as having cookies blocked. You can also use the javascript to inform the parent document about an existing session.

这篇关于跨域会话 - 跨域共享购物车的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！