There is that risk, yes. But what I haven't said is that you're really the only one here who knows your application best. There is no one-size-fits all answer to stuff like ecommerce. No one can just tell you what to do and be totally right about it: every company needs something a little different, and when random people on the internet give advice some of it will be right and some of it will be wrong.
I also don't think I mentioned but your questions are (mostly) not technical questions. They're business questions. Application requirements. So what you should do is figure out, as best as you can, what the requirements are and how to go about satisfying them. Is there a requirement that an order exist in the system before the user submitted payment? Is there a requirement that a cart be saved in an account instead of temporarily held in the browser? Create a specification that describes everything you need to support, then make sure what you code supports it.