Just looking for some advice over a feature I am currently working on. I am building on top of a custom e-commerce site and to increase conversions etc. I want to be able to send a URL to customers that is encoded with their details so that I can identify them when they arrive on the site.
For example
customer_id=1&offer_id=50&sale_products=1,2,3,4&promoted_product=12&agent=99
From this query string I can query the database and get:
- the customer details from their id
- which special offer to display i.e. 20% of products
- Which products are on sale for them
- promoted product to display on the landing page
- who the referrer / agent was so we can show the partner logo
I could use 2 way encryption to encrypt / decrypt this (was thinking to encode the whole query string as one item) and then I would be able to use the parameters and variables, but I would have to split then and check which were there. Not all the vars are required.
But got a bad feeling over this it's almost obscurity and not secure (don't know why, it just does not feel right... and that there is a better way to do this....)
Can anyone see if this is a good way to achieve this or think of a better way...
Thanks
