Here is a question that should get everyone going.
I have an ecommerce site where I need to pass the order_id to every page. So
which method is the best practice to pass this variable between pages:
Cookies or Session variable or by the HTTP header (either GET querystring or
POST form)?
I do not like to use sessions because they time out after 20 minutes of
inactivity.
I do not like to use cookies because the user can disable the use of cookies
through their browser setttings.
I am not big on the querystring/form method but it looks like it might be
the safest way to ensure the app will not break.
Is there a document which talks about the best practice to do this?
TIA.