A shopping cart application is more difficult to implement than it
may seem. Because the HTTP protocol is stateless,
a Web server regards every connection as entirely new, with no
relationship to any previous or future connections.
However, a shopping cart application requires persistent
state maintenance - each HTML page sent contains
information derived from earlier pages.
A hidden field within a form is the simplest way
to maintain state. A hidden field is like any other FORM entity; it
is simply not displayed by the browser. It can be inspected using,
for example, the "View Source" option of the browser, where it will
look something like:
<input type="hidden" name="sid" value="XYZZY">.
When an initial connection is made to the server, the HTML page
which is sent contains the indentifying hidden field value within
the page FORM.
A subsequent HTTP CGI request issued by the browser to this
server will thus also contain the hidden field.
The CGI which processes the FORM at the server can return the
same hidden field to the browser. The hidden field value thus acts
as a "session identifier" between the shopping cart application and
the browser.