[ic] displaying a users basket to an external script

John Allman interchange-users@icdevgroup.org
Fri Oct 18 05:00:01 2002


Hi - i need to be able to show the contents of a users basket to a script that is called from another website. The idea is that users ariving on this "portal" website will be able to shop on our site among others. our site will be loaded in a frame and a paramater will be passed to us via a http GET to identify that the user is browsing from this portal site. when the user reaches the checkout our site will call a script on the portal site which will in turn call a script on our site to display the basket in a specified xml format for them to parse.

The issue then is identifying the correct basket and doing it in as secure a manner as possible. The way that springs to mind is to use the session id to identify the correct basket. we could then pass the session id to their script and when they passed it back to us we could display the correct basket.

Now my understanding of how interchange handles sessions is poor at best. i believe it either maintains the session by appending an id string to each URL or by cookies. Could i use this id string to load up the same session from another ip address (the portal site in this case)? Can i get this string by using [read-cookie]? ie is the string stored in the cookie the same as the id string appended to the URL?

I read this post: http://www.icdevgroup.org/pipermail/interchange-users/2000-October/001375.html which seems to be along the same lines as what i'm trying to do but it doesn't go into the details of handling the session.

Is what i'm suggestion a bad way to do things? If so - what might be a good idea? If not - how would i actually go about implementing it? Am i working along the right lines now?

Any advice would be appreciated

thanks

John