Build a Shopping Cart Admin Tool for Your PHP Online Store | WebReference

Build a Shopping Cart Admin Tool for Your PHP Online Store

By Leidago Noabeb


Your online business is doing well, but a couple of months down the line your online shopping application gets very slow and unresponsive. Why? It could be a number of things, but most likely, because you do not remove redundant data from your database, your tables are collapsing under the weight of all this data. The obvious answer is to delete the data from your database, but how? Your website is being hosted by some other company; you cannot just go into the next room and turn a switch to make the data disappear. Unless you have your own web hosting company, the best solution is a remote administration tool, or in this case, an online shopping cart administration tool. That is what you are going to create in this article.

First, you will create a login script.

The Login/Logout Scripts

This is a dual-purpose login script that you can adapt to either the admin section or the main application. A login form takes input from a user and then validates it by checking if the username or password matches an entry in a database. Basically, all you need is the username and password, but because you also have an administration interface, it would be nice to have some way of determining whether the person that is logged in has administrative rights. So, a rough outline of the database table would be something like:

  • user_id
  • uname
  • upass
  • admin
  • normal
  • fname
  • lname

If you quickly normalize this, do away with admin/normal, add something like level, and enumerate that to include admin or normal, the revised table would look something like this:

  • user_id – create a unique id for every new user
  • uname – username
  • upass – password
  • level – level of access
  • fname – first name of user
  • lname – last name of user

So let's create a table called users with the following code:

Now, you need to create login and logout scripts.


A login script typically has two fields, one for the username and another for the password. Let's create the form:

After the user enters his or her credentials and submits the form, the code first grabs the form data and then checks that they are not empty:

You can also use JavaScript to check if the values sent by the form are empty:

Sometimes JavaScript is turned off, but you have the PHP code to catch empty fields when that happens. With the next line of code, you clean the form values with the mysql_escape_string() function:

Finally, you check the user table to see if there are any records of this user:

If the user exists, you put some information into session variables. These values can be used to check the user's access rights later. Then you go to the next page:

If there is an error, it is stored in the $error variable and shown when the login form is displayed:


That's all there is to the login form. Logging out is very simple; all you have to do is destroy the sessions that you were using:

And that's it for the login/logout form. Below is a style sheet that goes with the login form. Save it in the same directory as your login form or any PHP page that you want to use it with.

If you are going to use a login script for your online shop, you should also create a user registration script, particularly for the administration side of the online shop. This way, you can easily create as many administrators and non-administrators for your site as you need. Creating a registration script should be easy. Simply take the login form and add three text fields to it. This will match the fields in the user table with the field count on the form. Then you simply add an insert query to add a new member to the users table: