Magento 2: User get Redirected to Empty Cart Page?












0














When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.










share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.











  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57
















0














When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.










share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.











  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57














0












0








0







When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.










share|improve this question















When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.







magento2 checkout onestepcheckout






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 9 '17 at 13:48







Pankaj Sharma

















asked Feb 9 '17 at 13:28









Pankaj SharmaPankaj Sharma

4901421




4901421





bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.










  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57














  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57








1




1




You should check error log.
– Khoa TruongDinh
Feb 9 '17 at 13:57




You should check error log.
– Khoa TruongDinh
Feb 9 '17 at 13:57










3 Answers
3






active

oldest

votes


















0














Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



Just comment this line of code:



// return $this->resultRedirectFactory->create()->setPath('checkout/cart');



OR



you can create an observer for Success.php and custamize success controller.






share|improve this answer























  • Did you ever get an update?
    – tjjen
    2 days ago



















0














Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






share|improve this answer





























    0














    We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



    ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



    MDVA-10441_EE_2.3.3_v3.composer

    diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
    index 0a5b7f190e3..9fe760d3fa7 100644
    --- a/vendor/magento/module-checkout/Controller/Index/Index.php
    +++ b/vendor/magento/module-checkout/Controller/Index/Index.php
    @@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
    return $this->resultRedirectFactory->create()->setPath('checkout/cart');
    }

    - $this->_customerSession->regenerateId();
    + // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
    + // @see http://php.net/manual/en/function.session-regenerate-id.php
    + if (!$this->isSecureRequest()) {
    + $this->_customerSession->regenerateId();
    + }
    $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
    $this->getOnepage()->initCheckout();
    $resultPage = $this->resultPageFactory->create();
    $resultPage->getConfig()->getTitle()->set(__('Checkout'));
    return $resultPage;
    }
    +
    + /**
    + * Checks if current request uses SSL and referer also is secure.
    + *
    + * @return bool
    + */
    + private function isSecureRequest(): bool
    + {
    + $secure = false;
    + $request = $this->getRequest();
    +
    + if ($request->isSecure()) {
    + $secure = true;
    + }
    +
    + if ($request->getHeader('referer')) {
    + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
    + $secure = $scheme === 'https';
    + }
    +
    + return $secure;
    + }
    }
    diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    index f0679c657ab..0bb0a53ce0a 100644
    --- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    +++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    @@ -22,6 +22,7 @@ define([

    return false;
    }
    + $(element).attr('disabled', true);
    location.href = config.checkoutUrl;
    });

    diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    index 13a2b524e51..93a78e7d34c 100644
    --- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    +++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    @@ -60,13 +60,15 @@ define([
    };
    events['click ' + this.options.button.checkout] = $.proxy(function () {
    var cart = customerData.get('cart'),
    - customer = customerData.get('customer');
    + customer = customerData.get('customer'),
    + element = $(this.options.button.checkout);

    if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
    // set URL for redirect on successful login/registration. It's postprocessed on backend.
    $.cookie('login_redirect', this.options.url.checkout);

    if (this.options.url.isRedirectRequired) {
    + element.prop('disabled', true);
    location.href = this.options.url.loginUrl;
    } else {
    authenticationPopup.showModal();
    @@ -74,6 +76,7 @@ define([

    return false;
    }
    + element.prop('disabled', true);
    location.href = this.options.url.checkout;
    }, this);

    diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    index 3f73c8cdaee..2181e5b4578 100644
    --- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    +++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    @@ -85,11 +85,36 @@ class CustomerNotification
    $customer = $this->customerRepository->getById($customerId);
    $this->session->setCustomerData($customer);
    $this->session->setCustomerGroupId($customer->getGroupId());
    - $this->session->regenerateId();
    + if (!$this->isSecureRequest($request)) {
    + $this->session->regenerateId();
    + }
    $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
    } catch (NoSuchEntityException $e) {
    $this->logger->error($e);
    }
    }
    }
    +
    + /**
    + * Checks if current request uses SSL and referer also is secure.
    + *
    + * @param RequestInterface $request
    + *
    + * @return bool
    + */
    + private function isSecureRequest(RequestInterface $request)
    + {
    + $secure = false;
    +
    + if ($request->isSecure()) {
    + $secure = true;
    + }
    +
    + if ($request->getHeader('referer')) {
    + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
    + $secure = $scheme === 'https';
    + }
    +
    + return $secure;
    + }
    }





    share|improve this answer























    • Did you get this resolved?
      – tjjen
      2 days ago











    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "479"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f159021%2fmagento-2-user-get-redirected-to-empty-cart-page%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer























    • Did you ever get an update?
      – tjjen
      2 days ago
















    0














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer























    • Did you ever get an update?
      – tjjen
      2 days ago














    0












    0








    0






    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Mar 16 '18 at 4:26









    Teja Bhagavan Kollepara

    2,94841847




    2,94841847










    answered Feb 17 '17 at 6:46









    Pankaj SharmaPankaj Sharma

    4901421




    4901421












    • Did you ever get an update?
      – tjjen
      2 days ago


















    • Did you ever get an update?
      – tjjen
      2 days ago
















    Did you ever get an update?
    – tjjen
    2 days ago




    Did you ever get an update?
    – tjjen
    2 days ago













    0














    Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






    share|improve this answer


























      0














      Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






      share|improve this answer
























        0












        0








        0






        Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






        share|improve this answer












        Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 2 '18 at 13:06









        JustinPJustinP

        369415




        369415























            0














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer

            diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            index 0a5b7f190e3..9fe760d3fa7 100644
            --- a/vendor/magento/module-checkout/Controller/Index/Index.php
            +++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            @@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            }

            - $this->_customerSession->regenerateId();
            + // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            + // @see http://php.net/manual/en/function.session-regenerate-id.php
            + if (!$this->isSecureRequest()) {
            + $this->_customerSession->regenerateId();
            + }
            $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            $this->getOnepage()->initCheckout();
            $resultPage = $this->resultPageFactory->create();
            $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            return $resultPage;
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @return bool
            + */
            + private function isSecureRequest(): bool
            + {
            + $secure = false;
            + $request = $this->getRequest();
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }
            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            index f0679c657ab..0bb0a53ce0a 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            @@ -22,6 +22,7 @@ define([

            return false;
            }
            + $(element).attr('disabled', true);
            location.href = config.checkoutUrl;
            });

            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            index 13a2b524e51..93a78e7d34c 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            @@ -60,13 +60,15 @@ define([
            };
            events['click ' + this.options.button.checkout] = $.proxy(function () {
            var cart = customerData.get('cart'),
            - customer = customerData.get('customer');
            + customer = customerData.get('customer'),
            + element = $(this.options.button.checkout);

            if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            // set URL for redirect on successful login/registration. It's postprocessed on backend.
            $.cookie('login_redirect', this.options.url.checkout);

            if (this.options.url.isRedirectRequired) {
            + element.prop('disabled', true);
            location.href = this.options.url.loginUrl;
            } else {
            authenticationPopup.showModal();
            @@ -74,6 +76,7 @@ define([

            return false;
            }
            + element.prop('disabled', true);
            location.href = this.options.url.checkout;
            }, this);

            diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            index 3f73c8cdaee..2181e5b4578 100644
            --- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            +++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            @@ -85,11 +85,36 @@ class CustomerNotification
            $customer = $this->customerRepository->getById($customerId);
            $this->session->setCustomerData($customer);
            $this->session->setCustomerGroupId($customer->getGroupId());
            - $this->session->regenerateId();
            + if (!$this->isSecureRequest($request)) {
            + $this->session->regenerateId();
            + }
            $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            } catch (NoSuchEntityException $e) {
            $this->logger->error($e);
            }
            }
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @param RequestInterface $request
            + *
            + * @return bool
            + */
            + private function isSecureRequest(RequestInterface $request)
            + {
            + $secure = false;
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }





            share|improve this answer























            • Did you get this resolved?
              – tjjen
              2 days ago
















            0














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer

            diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            index 0a5b7f190e3..9fe760d3fa7 100644
            --- a/vendor/magento/module-checkout/Controller/Index/Index.php
            +++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            @@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            }

            - $this->_customerSession->regenerateId();
            + // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            + // @see http://php.net/manual/en/function.session-regenerate-id.php
            + if (!$this->isSecureRequest()) {
            + $this->_customerSession->regenerateId();
            + }
            $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            $this->getOnepage()->initCheckout();
            $resultPage = $this->resultPageFactory->create();
            $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            return $resultPage;
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @return bool
            + */
            + private function isSecureRequest(): bool
            + {
            + $secure = false;
            + $request = $this->getRequest();
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }
            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            index f0679c657ab..0bb0a53ce0a 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            @@ -22,6 +22,7 @@ define([

            return false;
            }
            + $(element).attr('disabled', true);
            location.href = config.checkoutUrl;
            });

            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            index 13a2b524e51..93a78e7d34c 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            @@ -60,13 +60,15 @@ define([
            };
            events['click ' + this.options.button.checkout] = $.proxy(function () {
            var cart = customerData.get('cart'),
            - customer = customerData.get('customer');
            + customer = customerData.get('customer'),
            + element = $(this.options.button.checkout);

            if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            // set URL for redirect on successful login/registration. It's postprocessed on backend.
            $.cookie('login_redirect', this.options.url.checkout);

            if (this.options.url.isRedirectRequired) {
            + element.prop('disabled', true);
            location.href = this.options.url.loginUrl;
            } else {
            authenticationPopup.showModal();
            @@ -74,6 +76,7 @@ define([

            return false;
            }
            + element.prop('disabled', true);
            location.href = this.options.url.checkout;
            }, this);

            diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            index 3f73c8cdaee..2181e5b4578 100644
            --- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            +++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            @@ -85,11 +85,36 @@ class CustomerNotification
            $customer = $this->customerRepository->getById($customerId);
            $this->session->setCustomerData($customer);
            $this->session->setCustomerGroupId($customer->getGroupId());
            - $this->session->regenerateId();
            + if (!$this->isSecureRequest($request)) {
            + $this->session->regenerateId();
            + }
            $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            } catch (NoSuchEntityException $e) {
            $this->logger->error($e);
            }
            }
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @param RequestInterface $request
            + *
            + * @return bool
            + */
            + private function isSecureRequest(RequestInterface $request)
            + {
            + $secure = false;
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }





            share|improve this answer























            • Did you get this resolved?
              – tjjen
              2 days ago














            0












            0








            0






            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer

            diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            index 0a5b7f190e3..9fe760d3fa7 100644
            --- a/vendor/magento/module-checkout/Controller/Index/Index.php
            +++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            @@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            }

            - $this->_customerSession->regenerateId();
            + // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            + // @see http://php.net/manual/en/function.session-regenerate-id.php
            + if (!$this->isSecureRequest()) {
            + $this->_customerSession->regenerateId();
            + }
            $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            $this->getOnepage()->initCheckout();
            $resultPage = $this->resultPageFactory->create();
            $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            return $resultPage;
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @return bool
            + */
            + private function isSecureRequest(): bool
            + {
            + $secure = false;
            + $request = $this->getRequest();
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }
            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            index f0679c657ab..0bb0a53ce0a 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            @@ -22,6 +22,7 @@ define([

            return false;
            }
            + $(element).attr('disabled', true);
            location.href = config.checkoutUrl;
            });

            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            index 13a2b524e51..93a78e7d34c 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            @@ -60,13 +60,15 @@ define([
            };
            events['click ' + this.options.button.checkout] = $.proxy(function () {
            var cart = customerData.get('cart'),
            - customer = customerData.get('customer');
            + customer = customerData.get('customer'),
            + element = $(this.options.button.checkout);

            if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            // set URL for redirect on successful login/registration. It's postprocessed on backend.
            $.cookie('login_redirect', this.options.url.checkout);

            if (this.options.url.isRedirectRequired) {
            + element.prop('disabled', true);
            location.href = this.options.url.loginUrl;
            } else {
            authenticationPopup.showModal();
            @@ -74,6 +76,7 @@ define([

            return false;
            }
            + element.prop('disabled', true);
            location.href = this.options.url.checkout;
            }, this);

            diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            index 3f73c8cdaee..2181e5b4578 100644
            --- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            +++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            @@ -85,11 +85,36 @@ class CustomerNotification
            $customer = $this->customerRepository->getById($customerId);
            $this->session->setCustomerData($customer);
            $this->session->setCustomerGroupId($customer->getGroupId());
            - $this->session->regenerateId();
            + if (!$this->isSecureRequest($request)) {
            + $this->session->regenerateId();
            + }
            $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            } catch (NoSuchEntityException $e) {
            $this->logger->error($e);
            }
            }
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @param RequestInterface $request
            + *
            + * @return bool
            + */
            + private function isSecureRequest(RequestInterface $request)
            + {
            + $secure = false;
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }





            share|improve this answer














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer

            diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            index 0a5b7f190e3..9fe760d3fa7 100644
            --- a/vendor/magento/module-checkout/Controller/Index/Index.php
            +++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            @@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            }

            - $this->_customerSession->regenerateId();
            + // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            + // @see http://php.net/manual/en/function.session-regenerate-id.php
            + if (!$this->isSecureRequest()) {
            + $this->_customerSession->regenerateId();
            + }
            $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            $this->getOnepage()->initCheckout();
            $resultPage = $this->resultPageFactory->create();
            $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            return $resultPage;
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @return bool
            + */
            + private function isSecureRequest(): bool
            + {
            + $secure = false;
            + $request = $this->getRequest();
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }
            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            index f0679c657ab..0bb0a53ce0a 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            @@ -22,6 +22,7 @@ define([

            return false;
            }
            + $(element).attr('disabled', true);
            location.href = config.checkoutUrl;
            });

            diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            index 13a2b524e51..93a78e7d34c 100644
            --- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            +++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            @@ -60,13 +60,15 @@ define([
            };
            events['click ' + this.options.button.checkout] = $.proxy(function () {
            var cart = customerData.get('cart'),
            - customer = customerData.get('customer');
            + customer = customerData.get('customer'),
            + element = $(this.options.button.checkout);

            if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            // set URL for redirect on successful login/registration. It's postprocessed on backend.
            $.cookie('login_redirect', this.options.url.checkout);

            if (this.options.url.isRedirectRequired) {
            + element.prop('disabled', true);
            location.href = this.options.url.loginUrl;
            } else {
            authenticationPopup.showModal();
            @@ -74,6 +76,7 @@ define([

            return false;
            }
            + element.prop('disabled', true);
            location.href = this.options.url.checkout;
            }, this);

            diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            index 3f73c8cdaee..2181e5b4578 100644
            --- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            +++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            @@ -85,11 +85,36 @@ class CustomerNotification
            $customer = $this->customerRepository->getById($customerId);
            $this->session->setCustomerData($customer);
            $this->session->setCustomerGroupId($customer->getGroupId());
            - $this->session->regenerateId();
            + if (!$this->isSecureRequest($request)) {
            + $this->session->regenerateId();
            + }
            $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            } catch (NoSuchEntityException $e) {
            $this->logger->error($e);
            }
            }
            }
            +
            + /**
            + * Checks if current request uses SSL and referer also is secure.
            + *
            + * @param RequestInterface $request
            + *
            + * @return bool
            + */
            + private function isSecureRequest(RequestInterface $request)
            + {
            + $secure = false;
            +
            + if ($request->isSecure()) {
            + $secure = true;
            + }
            +
            + if ($request->getHeader('referer')) {
            + $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            + $secure = $scheme === 'https';
            + }
            +
            + return $secure;
            + }
            }






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Nov 5 '18 at 12:58

























            answered Nov 5 '18 at 12:43









            Jeff OwensJeff Owens

            11




            11












            • Did you get this resolved?
              – tjjen
              2 days ago


















            • Did you get this resolved?
              – tjjen
              2 days ago
















            Did you get this resolved?
            – tjjen
            2 days ago




            Did you get this resolved?
            – tjjen
            2 days ago


















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f159021%2fmagento-2-user-get-redirected-to-empty-cart-page%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            1300-talet

            1300-talet

            Display a custom attribute below product name in the front-end Magento 1.9.3.8