Ideas for Hacking This Script
This is a fairly simple, fairly standard shopping cart. These days, you can't go three clicks on the Web without landing on a commerce site that's got some kind of slick features. With a little thought, many of the things you see out there could be grafted to these scripts. Some good places to start might include:
Limiting how many records are displayed on one page. If you get to the point where you have a large number of items for sale, you may want to let people look at only 10 or 15 items at a time.
You can connect the shopping cart to a card authentication system. There is a number of companies out there that will make sure that payment information is valid and then transfer funds to a merchant account.
Make an additional lookup against the database before collecting payment information to make sure that the prices stored in the session object are valid. The way the cart currently works, it is possible for a malicious shopper to edit price information and try to purchase an item for less than the price listed.