My site is developed in ASP.NET
I have users that purchase on my site.
In order to do that, I have a Class called Purchase.
After the user has finished selecting all the products he desire, he is redirected to do SetExpressCheckout in Paypal.
After his return, I want to load all the data he left with so I could keep on handling the GetExpressCheckout and PaymentProfile creation (these are recurring charges).
public class Purchase
{
public string PurchaseID{ get; set; }
public string Description { get; set; }
public decimal TotalPrice { get; set; }
public string AccountID { get; set; }
public string Token{ get; set; }
public Dictionary<string, Product> productsDict { get; set; }
}
On the return, I want to load the purchase again and finish purchase.
To do that I came across two different methods: The Database and the Session
According to my understanding, the Database is more time consuming. Saving to tables, loading it by id, but it seems to me that it's more secure.
Using Session to do that, I risk the user losing Session and not being able to retrieve the Purchase details on later login and I need to Serialize my class to be added to session (DataContract and DataMember)
Is there a conventional way to that? Am I missing some key element here?
I've always used session variables and it's never been an issue. The only time it could be is if the user leaves and comes back after the session has timed out. It's never been a problem for me though.
That said, doing it with the database shouldn't be all that time consuming if you've got a nice class setup to work with your DB.