Ecommerce Shopify WordPress Discussion

php, wordpress – I am handling data from one page to another with php session. Is it good and secure?

In wordpress I am using a plugin for booking and I want to display booking data on thank you page. Thank you page has custom template. I customized the plugin and before redirecting it will store booking and user info into session. After redirect on thank you page I will get info from session and after that, I will destroy the session. I am also using session variable "is_booked" to check if user booked service and if user didn't it will redirect him to the homepage. My question is, is it safe to store user information into a session. And if I am using it the right way. Php code in plugin that I customized session_start(); $_SESSION['is_booked'] = true; $_SESSION['bookig_id'] = $bookingId; $_SESSION['client_full_name'] = $client_full_name; ... Php custom thank-you-page template code <?php /* Template Name: thankyoupage */ session_start(); if (!isset($_SESSION['is_booked'])){ wp_redirect(home_url()); exit; } else { get_header(); ?> <style> MY STYLE </style> HERE IS MY HTML <?php } session_destroy(); get_footer(); ?>
It’s acceptable to save information that is not sensitive such as booking IDs or names, but any personal data should be encrypted. Session usage appears to be appropriate based on your description. You're utilising them to store non-sensitive records and properly discarding them after usage. Alternative Approaches: Check if you can use WordPress's existing features and services. Transients or custom user meta, for example, could be used to hold transitory data. These are built into WordPress and have been optimized for speed and security. Transients API, which offers a simple and standardized way of storing cached data in the database temporarily by giving it a custom name and a timeframe after which it will expire and be deleted. The Transients API is very similar to the Options API but with the added feature of an expiration time, which simplifies the process of using the wp_options database table to temporarily store cached information. Note that the “site_” functions are essentially the same as their counterparts, but work network wide when using WordPress Multisite. Also of note is that Transients are inherently sped up by caching plugins, where normal Options are not. A memcached plugin, for example, would make WordPress store transient values in fast memory instead of in the database. For this reason, transients should be used to store any data that is expected to expire, or which can expire at any time. Transients should also never be assumed to be in the database, since they may not be stored there at all. Read about it here more

January 7, 2024

TurboCommerce make the better internet purchasing globaly

Turbo Multi-language Translator

Make the better internet purchasing globaly

Turbosify SEO Speed Booster

5.0 (7) Free plan available
Get better conversions by improving store loading speed Installed

Turbo Multi-language Chat - AI Customer service in one hand

TurboCommerce make the better internet purchasing globaly
Our products

The help you need, when you need it

App by Turbo Engine

3 apps • 5.0 average rating

Turbosify Speed Booster

5.0 (7)
Get better conversions by optimizing shopify store Google page speed Installed

Turbosify Translator for Wordpress Woocommerce

5.0 (74) Free Wordpress Woocommerce Plugin
Translate your wordpress website to multiple language within 1 click, no configuration needed, no No technical required

Grow your business here

Whether you want to sell products down the street or around the world, we have all the tools you need.