The Workshop is designed to help you anticipate possible questions, review what you've learned, and begin learning how to put your knowledge into practice.



When removing an item from the cart, why do you suppose the query validates the session id of the user against the record?


Users should only be able to remove their own items.


What would be a reason not to store the price in a hidden field when adding to the cart?


If you stored the price in a hidden field, a rogue user could change that value before posting the form, therefore, writing whatever price they wanted into the store_shoppertrack table, as opposed to the actual price.

    Part III: Getting Involved with the Code