Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

About concurrent control & reliability of oscommerce


chunzhi

Recommended Posts

Hi,

As I saw in source code, oscommerce2 doesn't use transaction for actions such as checkout. So I am a bit worry about concurrency issues & reliability of oscommerce.

 

Question 1: Is it possible that 2 customers buying a same item will both successfully checkout when there is only 1 item in stock? How do you handle such concurrency issue?

 

Question 2: Is it possible that consistency will be violated if system failure happens? For example, when a customer is checking out, the system will (1) insert the order into database; (2) decrease the number of items in stock. What if the whole server crashed after (1) but before (2)? After restarting, is it possible that the order is in database but the number of items in stock has not been changed? How do you handle such issue? If it might happen, how can administrator discover such consistent issue and recover from it?

 

p.s.: I know oscommerce 3 is using transactions, but I am much more interested in oscommerce 2 and want to know its reliability and design logic.

 

Sincerely,

Chunzhi

Link to comment
Share on other sites

@@chunzhi

 

1) No, as long as you have stock control active. Whoever checks out first, gets the item.

 

2) Inventory reduction and completed checkout flags are processed AFTER checkout completion (checkout_success)

 

 

I have designed and built hundreds of osCommerce websites and have never had concurrency issues with properly coded carts.

 

 

 

Chris

Link to comment
Share on other sites

@@DunWeb

 

Thank you for the information. But it's still amazing for me that how one can maintain atomicy without transaction? Even the inventory reduction are processed after checkout, it is still possible that system crash inside the reduction procedure. For example, if a user bought 10 items, what if the system crash after reducing the stock level of 5 items?

Link to comment
Share on other sites

@@DunWeb

Thank you very much, I agree with you on the consistency issue after system crash, but I still worry about the concurrency bugs in oscommerce.

Let's look at the source code, version=v2.3.3

 

(1) The stock level check is in includes/checkout_process.php, line 57 to 67, fulfilled by tep_check_stock().

(2) After passing the check, there are operations and queries to create this order.

(3) Decrease of stock level is executed after check-out, but also in checkout_process.php (not checkout_success.php as you mentioned), between line 145 to line 179.

All of these database queries are executed as row-level separate queries rather than ACID transactions.

 

So, if two users simultaneously order a same product, whose quantity is 1. Nothing would stop them to execute stock level check together (and both will pass the check), insert the order together, and finally decrease stock level twice. In this case, both customers will successfully get the order, but stock level will become -1, and you cannot fulfill both orders. I think this will be a VERY BAD experience for customers, right?

 

Sincerely,

Chunzhi

Link to comment
Share on other sites

It is possible that if 2 customers checkout at about the same time they might both be able to complete the purchase even if there is just 1 item in stock. (Possible, but not very likely)

 

You could modify the checkout and place stock checks at every step to reduce the risk of this happening even further.

 

If you are "very" wary of this happening you could go even further and do the stock subtraction at the beginning of the checkout instead of at the end. (Then you would also need to have a stock re-adjustment solution for unsuccessful checkouts)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...