You can use sessions, but the wish list won't be remembered between sessions unless you store it in a database along with a user id of some sort and then require login using that user id.



You can try storing the information in cookies on the user's computer, but that isn't a universal solution because some users don't accept cookies. You can do the standard thing involving a mesage saying "Your computer must accept cookies if you wish to create a wish list," but some still just won't play along.



You have to decide what you want to accomplish and then how far you're willing to go to assure every user can use your site. Even the logon/database solution (if you need to store information between visits) has its drawbacks because some will forget their logon id. For that you would also store a user email address and if they forget they can enter their email address and you would email the user id corresponding to that email address to that email address.



The project is a bit ambitious for a novice, but if you break the tasks down into manageable pieces and have acces to a forum where you can ask questions, I think you can get it done.



But PLEASE - if you incorporate a database, such as MySQL, learn something about database security, specifically "SQL Injection," and incorporate good security into your application before putting it on-line.



Good luck.

Create a table linked by the users username on your database and store the wish list here for a more permanent solution sessions won't last forever and their wish list will be gone. Tables will last until deleted and can be added to updated or have rows removed at will.



The solution would be to have items have a product code or something like that, that uniquely identifies them. The PHP would then use this product code to search other product tables for that item and display as is required.

Simply use start_session(). From that point on you should be able to use $_SESSION["variablename"]=$value as well as $something=$_SESSION["variablename"].



$value does not have to be a single value only. You can put arrays and objects in session variables as needed just as well.



For security, if you're storing any kind of user input in session variables, be paranoid. Make sure the user input is validated and filter out any unwanted characters. Same goes for any user input, really.

If the wishlist is an array, you could serialize it and store it in a text file. You'll need a file for each user and you'll need to make sure the username doesn't contain any illegal characters (such as slashes, etc) otherwise it could be a security risk.



Serializing stores a PHP variable as a text string. You can convert it back to a variable by calling 'unserialize';



$wishlist = array ('one', 'two', 'three');



$username = 'daniel';



// Check username only contains letters or numbers

if (preg_match ('/^[a-zA-Z0-9]*$/', $username))

{

// Convert $wishlist to an array

$data = serialize ($wishlist);



// Store in a text file

if (file_put_contents ("wishlists/$username.txt", $data))

{

echo "Ok.\n";

}

else

{

// Make sure you've created 'wishlists' directory

echo "Error.\n";

}



}

else

{

echo "Username contains illegal characters.\n";

}



// Load wishlist from file

if ($data = file_get_contents ("wishlists/$username.txt"))

{

$wishlist = unserialize ($data);

print_r ($wishlist);

}

else

{

echo "Cannot load file.\n";

}