This project relies entirely on PHP’s native session mechanism — no database writes happen for cart state until the order is placed. Every page in the store callsDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/wreyesus/Sencillo_Carrito_de_Compras_en_PHP/llms.txt
Use this file to discover all available pages before exploring further.
session_start() at the top, and two logical groups of session keys drive the entire experience: one that identifies the authenticated user and one that holds the live contents of the shopping cart.
Session keys
The table below covers every$_SESSION key used across the project. All three are set and read without any intermediate caching layer.
| Key | Type | Description |
|---|---|---|
$_SESSION['usuario'] | string | The logged-in user’s nickname, exactly as stored in the usuario table. Set on successful login; checked on every page that requires authentication. |
$_SESSION['idusuario'] | int | The user’s primary key (idusuario) from the usuario table. Set alongside 'usuario' on login so that pages can reference the user’s database record without an extra query. |
$_SESSION['carrito'] | array | An array of cart-item arrays (see structure below). Written whenever an item is added, updated, or removed. Persists across all pages until the session is destroyed. |
Cart session structure
Each product the shopper adds to the cart is appended to$_SESSION['carrito'] as an associative array with three keys. The outer array is numerically indexed and grows with each unique product that is added.
carrito.php receives $_POST['id2']), the corresponding element is set to NULL rather than being spliced out of the array:
if ($item != NULL) before processing each element.
Session lifecycle
Start session
Every PHP page in the project opens with
session_start(). This either resumes an existing session identified by the browser’s cookie or creates a new empty session.Login
When a user submits valid credentials,
index.php or carrito.php runs a SELECT against the usuario table. On success it sets both session keys and redirects:Add to cart
carrito.php reads the incoming POST fields (nombre, precio, cantidad) and either appends a new item or increments the quantity if the same product name already exists in $_SESSION['carrito']:Checkout
resumenc_compra.php reads $_SESSION['carrito'] to display the order summary. final.php reads the same key to build the order confirmation email body and to calculate the PayPal total that is passed to the payment form.Guest vs. authenticated cart
Guests can browse products and even trigger the add-to-cart POST from any product page without being logged in. The cart data is written to$_SESSION['carrito'] regardless of authentication state. However, carrito.php checks for a logged-in user before rendering the cart table — if no session exists it shows inline login and registration forms instead:
Gotchas
Items are indexed by array position
Items are indexed by array position
Because items are NULLed rather than spliced, the numeric index of each item never changes during a session. The update form on
carrito.php passes the array index as a hidden id field. If item 0 is removed (set to NULL) and item 2 is still present, the update POST for item 2 still uses id=2 — which is correct. The pattern can be confusing when iterating the array: always loop from 0 to count($compras) - 1 and skip NULL entries.Session not cleared after checkout
Session not cleared after checkout
final.php sends the order confirmation email and redirects the shopper to PayPal, but it does not call session_destroy() or unset $_SESSION['carrito']. If the user presses the browser back button or navigates back to carrito.php after completing payment, the cart will still contain the items from the previous order. In a production application, the cart should be cleared after a successful order is submitted.session_start() must come before any output
session_start() must come before any output
Every PHP page in the project calls
session_start() at the very top of the file, before any HTML output. If a page accidentally emits whitespace or a byte-order mark before session_start() is reached, PHP will emit a Cannot send session cookie - headers already sent warning and the session will not be created. Keep the opening <?php tag on the very first byte of every file and do not add blank lines before it.