Add-cart.php | Num
Analisis Saham Menggunakan Pendekatan Teknikal, Fundamental, dan Makroekonomi
Three requests. Same session ID. Same product SKU: DRN-7X .
But for the last three nights, someone had been bending the rules.
Instead, he clicked over to the user's profile. gh0st_walker had been a member for four years. Bought three pairs of boots, left glowing reviews each time. Their last order was a size 11—the same size in the ghost cart.
Leo leaned back in his creaking office chair, the glow of three monitors painting his tired face in pale blue light. He was the senior backend engineer for Velvet & Sole , a boutique online shoe retailer that had, against all odds, become a cult hit. Their signature "Dragonhide 7X" boot sold out in eleven minutes every restock. add-cart.php num
Tonight, he'd let the ghost walker win. The next morning, a new commit appeared on the main branch: fix: add unique constraint and row-level locking to add-cart.php (thanks gh0st_walk3r for the pentest)
He checked gh0st_walker 's IP address. Traced it back to a residential block in Akron, Ohio. Not a botnet. Not a competitor. Someone sitting in a basement, probably using a simple bash script:
Leo clicked through to the checkout table. The order hadn't been placed yet. But the cart's total? $1,197.00. The user had effectively bypassed the "max 1 per customer" rule without triggering a single alarm. Not a hack. Not an SQL injection. Just the ugly poetry of concurrency. Three requests
The server logs didn't blink. They never did. But for Leo, the silent, green-on-black text of /var/log/nginx/access.log might as well have been a screaming headline.
– 11:34:02.447 POST /add-cart.php HTTP/1.1 – 11:34:02.451 POST /add-cart.php HTTP/1.1 – 11:34:02.453
<?php // Legacy code. No locking. No transactions. $product_id = $_POST['product_id']; $user_id = $_SESSION['user_id']; $quantity = 1; // default // Check if item exists in cart $result = $db->query("SELECT * FROM cart WHERE user_id=$user_id AND product_id=$product_id"); if($result->num_rows == 0) { $db->query("INSERT INTO cart (user_id, product_id, quantity) VALUES ($user_id, $product_id, $quantity)"); } else { $db->query("UPDATE cart SET quantity = quantity + $quantity WHERE user_id=$user_id AND product_id=$product_id"); } ?> But for the last three nights, someone had
He pulled up the session data. User ID: gh0st_walk3r . Cart contents: 1x DRN-7X (size 11). Then the log showed the pattern: add, add, add. The PHP script was supposed to increment quantity. But this user was triggering a race condition—three identical requests arriving before the first one finished writing to the database.
Leo swore under his breath. No BEGIN TRANSACTION . No FOR UPDATE . Just two naïve queries and a prayer. The three simultaneous POSTs had each run the SELECT , seen an empty cart, and each fired an INSERT . Three rows. Same product.
Three separate line items for the same boot. Quantity: 1. Three times.
But he didn't type a single line.