Magento 2: User get Redirected to Empty Cart Page?












0














When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.






magento2 checkout onestepcheckout







share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.











  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57
















0














When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.






magento2 checkout onestepcheckout







share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.











  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57














0












0








0







When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.






magento2 checkout onestepcheckout







share|improve this question















When I placed order from checkout page with money order. User get redirected to empty cart page instead of success page.



I am using one step checkout in website.






magento2 checkout onestepcheckout




magento2 checkout onestepcheckout






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 9 '17 at 13:48







Pankaj Sharma

















asked Feb 9 '17 at 13:28









Pankaj SharmaPankaj Sharma

4901421




4901421





bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.










  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57














  • 1




    You should check error log.
    – Khoa TruongDinh
    Feb 9 '17 at 13:57








1




1




You should check error log.
– Khoa TruongDinh
Feb 9 '17 at 13:57




You should check error log.
– Khoa TruongDinh
Feb 9 '17 at 13:57










3 Answers
3






active

oldest

votes


















0














Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



Just comment this line of code:



// return $this->resultRedirectFactory->create()->setPath('checkout/cart');



OR



you can create an observer for Success.php and custamize success controller.






share|improve this answer























  • Did you ever get an update?
    – tjjen
    2 days ago



















0














Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






share|improve this answer





























    0














    We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



    ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



    MDVA-10441_EE_2.3.3_v3.composer
    

    
diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
    
index 0a5b7f190e3..9fe760d3fa7 100644
    
--- a/vendor/magento/module-checkout/Controller/Index/Index.php
    
+++ b/vendor/magento/module-checkout/Controller/Index/Index.php
    
@@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
    
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
    
         }
    

    
-        $this->_customerSession->regenerateId();
    
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
    
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
    
+        if (!$this->isSecureRequest()) {
    
+            $this->_customerSession->regenerateId();
    
+        }
    
         $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
    
         $this->getOnepage()->initCheckout();
    
         $resultPage = $this->resultPageFactory->create();
    
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
    
         return $resultPage;
    
     }
    
+
    
+    /**
    
+     * Checks if current request uses SSL and referer also is secure.
    
+     *
    
+     * @return bool
    
+     */
    
+    private function isSecureRequest(): bool
    
+    {
    
+        $secure = false;
    
+        $request = $this->getRequest();
    
+
    
+        if ($request->isSecure()) {
    
+            $secure = true;
    
+        }
    
+
    
+        if ($request->getHeader('referer')) {
    
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
    
+            $secure = $scheme === 'https';
    
+        }
    
+
    
+        return $secure;
    
+    }
    
 }
    
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    
index f0679c657ab..0bb0a53ce0a 100644
    
--- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    
+++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
    
@@ -22,6 +22,7 @@ define([
    

    
                 return false;
    
             }
    
+            $(element).attr('disabled', true);
    
             location.href = config.checkoutUrl;
    
         });
    

    
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    
index 13a2b524e51..93a78e7d34c 100644
    
--- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    
+++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
    
@@ -60,13 +60,15 @@ define([
    
             };
    
             events['click ' + this.options.button.checkout] = $.proxy(function () {
    
                 var cart = customerData.get('cart'),
    
-                    customer = customerData.get('customer');
    
+                    customer = customerData.get('customer'),
    
+                    element = $(this.options.button.checkout);
    

    
                 if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
    
                     // set URL for redirect on successful login/registration. It's postprocessed on backend.
    
                     $.cookie('login_redirect', this.options.url.checkout);
    

    
                     if (this.options.url.isRedirectRequired) {
    
+                        element.prop('disabled', true);
    
                         location.href = this.options.url.loginUrl;
    
                     } else {
    
                         authenticationPopup.showModal();
    
@@ -74,6 +76,7 @@ define([
    

    
                     return false;
    
                 }
    
+                element.prop('disabled', true);
    
                 location.href = this.options.url.checkout;
    
             }, this);
    

    
diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    
index 3f73c8cdaee..2181e5b4578 100644
    
--- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    
+++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
    
@@ -85,11 +85,36 @@ class CustomerNotification
    
                 $customer = $this->customerRepository->getById($customerId);
    
                 $this->session->setCustomerData($customer);
    
                 $this->session->setCustomerGroupId($customer->getGroupId());
    
-                $this->session->regenerateId();
    
+                if (!$this->isSecureRequest($request)) {
    
+                    $this->session->regenerateId();
    
+                }
    
                 $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
    
             } catch (NoSuchEntityException $e) {
    
                 $this->logger->error($e);
    
             }
    
         }
    
     }
    
+
    
+    /**
    
+     * Checks if current request uses SSL and referer also is secure.
    
+     *
    
+     * @param RequestInterface $request
    
+     *
    
+     * @return bool
    
+     */
    
+    private function isSecureRequest(RequestInterface $request)
    
+    {
    
+        $secure = false;
    
+
    
+        if ($request->isSecure()) {
    
+            $secure = true;
    
+        }
    
+
    
+        if ($request->getHeader('referer')) {
    
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
    
+            $secure = $scheme === 'https';
    
+        }
    
+
    
+        return $secure;
    
+    }
    
 }





    share|improve this answer























    • Did you get this resolved?
      – tjjen
      2 days ago











    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "479"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f159021%2fmagento-2-user-get-redirected-to-empty-cart-page%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer























    • Did you ever get an update?
      – tjjen
      2 days ago
















    0














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer























    • Did you ever get an update?
      – tjjen
      2 days ago














    0












    0








    0






    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.






    share|improve this answer














    Here is a temporary fix, it is not as per magento 2 standard. But as there is some existing issue with session in magento 2 and I have seen many of people facing same issue. I am sharing this temporary fix. Soon, I will update you with Correct answer.



    Under vendor controller MagentoCheckoutControllerOnepage open success.php file vendormagentomodule-checkoutControllerOnepageSuccess.php



    Just comment this line of code:



    // return $this->resultRedirectFactory->create()->setPath('checkout/cart');



    OR



    you can create an observer for Success.php and custamize success controller.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Mar 16 '18 at 4:26









    Teja Bhagavan Kollepara

    2,94841847




    2,94841847










    answered Feb 17 '17 at 6:46









    Pankaj SharmaPankaj Sharma

    4901421




    4901421












    • Did you ever get an update?
      – tjjen
      2 days ago


















    • Did you ever get an update?
      – tjjen
      2 days ago
















    Did you ever get an update?
    – tjjen
    2 days ago




    Did you ever get an update?
    – tjjen
    2 days ago













    0














    Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






    share|improve this answer


























      0














      Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






      share|improve this answer
























        0












        0








        0






        Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(






        share|improve this answer












        Are there any updates on this? I'm running across this now and seeing that this post is about 1-2 years old.. Is it still the appropriate fix, even if it's a temporary fix. It's unacceptable to be giving customers a confusing experience like this.. they are spending money, order is executing and they are getting a cart-empty page :(







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 2 '18 at 13:06









        JustinPJustinP

        369415




        369415























            0














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer
            

            
diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            
index 0a5b7f190e3..9fe760d3fa7 100644
            
--- a/vendor/magento/module-checkout/Controller/Index/Index.php
            
+++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            
@@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            
         }
            

            
-        $this->_customerSession->regenerateId();
            
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
            
+        if (!$this->isSecureRequest()) {
            
+            $this->_customerSession->regenerateId();
            
+        }
            
         $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            
         $this->getOnepage()->initCheckout();
            
         $resultPage = $this->resultPageFactory->create();
            
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            
         return $resultPage;
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(): bool
            
+    {
            
+        $secure = false;
            
+        $request = $this->getRequest();
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }
            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
index f0679c657ab..0bb0a53ce0a 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
@@ -22,6 +22,7 @@ define([
            

            
                 return false;
            
             }
            
+            $(element).attr('disabled', true);
            
             location.href = config.checkoutUrl;
            
         });
            

            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
index 13a2b524e51..93a78e7d34c 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
@@ -60,13 +60,15 @@ define([
            
             };
            
             events['click ' + this.options.button.checkout] = $.proxy(function () {
            
                 var cart = customerData.get('cart'),
            
-                    customer = customerData.get('customer');
            
+                    customer = customerData.get('customer'),
            
+                    element = $(this.options.button.checkout);
            

            
                 if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            
                     // set URL for redirect on successful login/registration. It's postprocessed on backend.
            
                     $.cookie('login_redirect', this.options.url.checkout);
            

            
                     if (this.options.url.isRedirectRequired) {
            
+                        element.prop('disabled', true);
            
                         location.href = this.options.url.loginUrl;
            
                     } else {
            
                         authenticationPopup.showModal();
            
@@ -74,6 +76,7 @@ define([
            

            
                     return false;
            
                 }
            
+                element.prop('disabled', true);
            
                 location.href = this.options.url.checkout;
            
             }, this);
            

            
diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
index 3f73c8cdaee..2181e5b4578 100644
            
--- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
+++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
@@ -85,11 +85,36 @@ class CustomerNotification
            
                 $customer = $this->customerRepository->getById($customerId);
            
                 $this->session->setCustomerData($customer);
            
                 $this->session->setCustomerGroupId($customer->getGroupId());
            
-                $this->session->regenerateId();
            
+                if (!$this->isSecureRequest($request)) {
            
+                    $this->session->regenerateId();
            
+                }
            
                 $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            
             } catch (NoSuchEntityException $e) {
            
                 $this->logger->error($e);
            
             }
            
         }
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @param RequestInterface $request
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(RequestInterface $request)
            
+    {
            
+        $secure = false;
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }





            share|improve this answer























            • Did you get this resolved?
              – tjjen
              2 days ago
















            0














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer
            

            
diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            
index 0a5b7f190e3..9fe760d3fa7 100644
            
--- a/vendor/magento/module-checkout/Controller/Index/Index.php
            
+++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            
@@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            
         }
            

            
-        $this->_customerSession->regenerateId();
            
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
            
+        if (!$this->isSecureRequest()) {
            
+            $this->_customerSession->regenerateId();
            
+        }
            
         $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            
         $this->getOnepage()->initCheckout();
            
         $resultPage = $this->resultPageFactory->create();
            
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            
         return $resultPage;
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(): bool
            
+    {
            
+        $secure = false;
            
+        $request = $this->getRequest();
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }
            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
index f0679c657ab..0bb0a53ce0a 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
@@ -22,6 +22,7 @@ define([
            

            
                 return false;
            
             }
            
+            $(element).attr('disabled', true);
            
             location.href = config.checkoutUrl;
            
         });
            

            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
index 13a2b524e51..93a78e7d34c 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
@@ -60,13 +60,15 @@ define([
            
             };
            
             events['click ' + this.options.button.checkout] = $.proxy(function () {
            
                 var cart = customerData.get('cart'),
            
-                    customer = customerData.get('customer');
            
+                    customer = customerData.get('customer'),
            
+                    element = $(this.options.button.checkout);
            

            
                 if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            
                     // set URL for redirect on successful login/registration. It's postprocessed on backend.
            
                     $.cookie('login_redirect', this.options.url.checkout);
            

            
                     if (this.options.url.isRedirectRequired) {
            
+                        element.prop('disabled', true);
            
                         location.href = this.options.url.loginUrl;
            
                     } else {
            
                         authenticationPopup.showModal();
            
@@ -74,6 +76,7 @@ define([
            

            
                     return false;
            
                 }
            
+                element.prop('disabled', true);
            
                 location.href = this.options.url.checkout;
            
             }, this);
            

            
diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
index 3f73c8cdaee..2181e5b4578 100644
            
--- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
+++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
@@ -85,11 +85,36 @@ class CustomerNotification
            
                 $customer = $this->customerRepository->getById($customerId);
            
                 $this->session->setCustomerData($customer);
            
                 $this->session->setCustomerGroupId($customer->getGroupId());
            
-                $this->session->regenerateId();
            
+                if (!$this->isSecureRequest($request)) {
            
+                    $this->session->regenerateId();
            
+                }
            
                 $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            
             } catch (NoSuchEntityException $e) {
            
                 $this->logger->error($e);
            
             }
            
         }
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @param RequestInterface $request
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(RequestInterface $request)
            
+    {
            
+        $secure = false;
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }





            share|improve this answer























            • Did you get this resolved?
              – tjjen
              2 days ago














            0












            0








            0






            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer
            

            
diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            
index 0a5b7f190e3..9fe760d3fa7 100644
            
--- a/vendor/magento/module-checkout/Controller/Index/Index.php
            
+++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            
@@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            
         }
            

            
-        $this->_customerSession->regenerateId();
            
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
            
+        if (!$this->isSecureRequest()) {
            
+            $this->_customerSession->regenerateId();
            
+        }
            
         $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            
         $this->getOnepage()->initCheckout();
            
         $resultPage = $this->resultPageFactory->create();
            
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            
         return $resultPage;
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(): bool
            
+    {
            
+        $secure = false;
            
+        $request = $this->getRequest();
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }
            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
index f0679c657ab..0bb0a53ce0a 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
@@ -22,6 +22,7 @@ define([
            

            
                 return false;
            
             }
            
+            $(element).attr('disabled', true);
            
             location.href = config.checkoutUrl;
            
         });
            

            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
index 13a2b524e51..93a78e7d34c 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
@@ -60,13 +60,15 @@ define([
            
             };
            
             events['click ' + this.options.button.checkout] = $.proxy(function () {
            
                 var cart = customerData.get('cart'),
            
-                    customer = customerData.get('customer');
            
+                    customer = customerData.get('customer'),
            
+                    element = $(this.options.button.checkout);
            

            
                 if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            
                     // set URL for redirect on successful login/registration. It's postprocessed on backend.
            
                     $.cookie('login_redirect', this.options.url.checkout);
            

            
                     if (this.options.url.isRedirectRequired) {
            
+                        element.prop('disabled', true);
            
                         location.href = this.options.url.loginUrl;
            
                     } else {
            
                         authenticationPopup.showModal();
            
@@ -74,6 +76,7 @@ define([
            

            
                     return false;
            
                 }
            
+                element.prop('disabled', true);
            
                 location.href = this.options.url.checkout;
            
             }, this);
            

            
diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
index 3f73c8cdaee..2181e5b4578 100644
            
--- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
+++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
@@ -85,11 +85,36 @@ class CustomerNotification
            
                 $customer = $this->customerRepository->getById($customerId);
            
                 $this->session->setCustomerData($customer);
            
                 $this->session->setCustomerGroupId($customer->getGroupId());
            
-                $this->session->regenerateId();
            
+                if (!$this->isSecureRequest($request)) {
            
+                    $this->session->regenerateId();
            
+                }
            
                 $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            
             } catch (NoSuchEntityException $e) {
            
                 $this->logger->error($e);
            
             }
            
         }
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @param RequestInterface $request
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(RequestInterface $request)
            
+    {
            
+        $secure = false;
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }





            share|improve this answer














            We are too (Magento Commerce Cloud 2.2.5) -- but for any payment type, not just MO. Magento Support issued us a patch that addresses the PHP issue regarding secure sessions and referral checks...



            ... but that didn't fix the problem for us -- still getting random redirects to empty cart after the user presses Place Order (potential race condition).



            MDVA-10441_EE_2.3.3_v3.composer
            

            
diff --git a/vendor/magento/module-checkout/Controller/Index/Index.php b/vendor/magento/module-checkout/Controller/Index/Index.php
            
index 0a5b7f190e3..9fe760d3fa7 100644
            
--- a/vendor/magento/module-checkout/Controller/Index/Index.php
            
+++ b/vendor/magento/module-checkout/Controller/Index/Index.php
            
@@ -32,11 +32,37 @@ class Index extends MagentoCheckoutControllerOnepage
            
             return $this->resultRedirectFactory->create()->setPath('checkout/cart');
            
         }
            

            
-        $this->_customerSession->regenerateId();
            
+        // generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
            
+        // @see http://php.net/manual/en/function.session-regenerate-id.php
            
+        if (!$this->isSecureRequest()) {
            
+            $this->_customerSession->regenerateId();
            
+        }
            
         $this->_objectManager->get(MagentoCheckoutModelSession::class)->setCartWasUpdated(false);
            
         $this->getOnepage()->initCheckout();
            
         $resultPage = $this->resultPageFactory->create();
            
         $resultPage->getConfig()->getTitle()->set(__('Checkout'));
            
         return $resultPage;
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(): bool
            
+    {
            
+        $secure = false;
            
+        $request = $this->getRequest();
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }
            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
index f0679c657ab..0bb0a53ce0a 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/proceed-to-checkout.js
            
@@ -22,6 +22,7 @@ define([
            

            
                 return false;
            
             }
            
+            $(element).attr('disabled', true);
            
             location.href = config.checkoutUrl;
            
         });
            

            
diff --git a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
index 13a2b524e51..93a78e7d34c 100644
            
--- a/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
+++ b/vendor/magento/module-checkout/view/frontend/web/js/sidebar.js
            
@@ -60,13 +60,15 @@ define([
            
             };
            
             events['click ' + this.options.button.checkout] = $.proxy(function () {
            
                 var cart = customerData.get('cart'),
            
-                    customer = customerData.get('customer');
            
+                    customer = customerData.get('customer'),
            
+                    element = $(this.options.button.checkout);
            

            
                 if (!customer().firstname && cart().isGuestCheckoutAllowed === false) {
            
                     // set URL for redirect on successful login/registration. It's postprocessed on backend.
            
                     $.cookie('login_redirect', this.options.url.checkout);
            

            
                     if (this.options.url.isRedirectRequired) {
            
+                        element.prop('disabled', true);
            
                         location.href = this.options.url.loginUrl;
            
                     } else {
            
                         authenticationPopup.showModal();
            
@@ -74,6 +76,7 @@ define([
            

            
                     return false;
            
                 }
            
+                element.prop('disabled', true);
            
                 location.href = this.options.url.checkout;
            
             }, this);
            

            
diff --git a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
index 3f73c8cdaee..2181e5b4578 100644
            
--- a/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
+++ b/vendor/magento/module-customer/Model/Plugin/CustomerNotification.php
            
@@ -85,11 +85,36 @@ class CustomerNotification
            
                 $customer = $this->customerRepository->getById($customerId);
            
                 $this->session->setCustomerData($customer);
            
                 $this->session->setCustomerGroupId($customer->getGroupId());
            
-                $this->session->regenerateId();
            
+                if (!$this->isSecureRequest($request)) {
            
+                    $this->session->regenerateId();
            
+                }
            
                 $this->notificationStorage->remove(NotificationStorage::UPDATE_CUSTOMER_SESSION, $customerId);
            
             } catch (NoSuchEntityException $e) {
            
                 $this->logger->error($e);
            
             }
            
         }
            
     }
            
+
            
+    /**
            
+     * Checks if current request uses SSL and referer also is secure.
            
+     *
            
+     * @param RequestInterface $request
            
+     *
            
+     * @return bool
            
+     */
            
+    private function isSecureRequest(RequestInterface $request)
            
+    {
            
+        $secure = false;
            
+
            
+        if ($request->isSecure()) {
            
+            $secure = true;
            
+        }
            
+
            
+        if ($request->getHeader('referer')) {
            
+            $scheme = parse_url($request->getHeader('referer'), PHP_URL_SCHEME);
            
+            $secure = $scheme === 'https';
            
+        }
            
+
            
+        return $secure;
            
+    }
            
 }






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Nov 5 '18 at 12:58

























            answered Nov 5 '18 at 12:43









            Jeff OwensJeff Owens

            11




            11












            • Did you get this resolved?
              – tjjen
              2 days ago


















            • Did you get this resolved?
              – tjjen
              2 days ago
















            Did you get this resolved?
            – tjjen
            2 days ago




            Did you get this resolved?
            – tjjen
            2 days ago


















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f159021%2fmagento-2-user-get-redirected-to-empty-cart-page%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            An IMO inspired problem

            Image
            14 4 This problem from IMO 1988 is said to be one of the most elegant ones in functional equations. Problem : The function $f$ is defined on the set of all positive integers as follows: begin{align} f(1) = 1, f(3) &= 3, f(2n) = f(n), \ f(4n+1) &= 2f(2n+1) - f(n), \ f(4n+3) &= 3 f(2n+1) - 2f(n) end{align} Find the number of $n$ with $f(n) = n, 1 leq n leq 1988$. The main idea towards the solution is realizing that these conditions stand for the fact that $f(n)$ just reverses the digits in the binary representation of the number $n$. So, essentially the solution is finding the number of binary pallindromes $leq 1988_{10}$. My question is the following : How to reformulate the problem so that $f(n)$ reverses the digits of $n$ in its ternary representation. Or even better, can we reformulate it for a
            Read more

            Management

            Image
            Management From Wikipedia, the free encyclopedia Jump to navigation Jump to search "Manager" redirects here. For other uses, see Management (disambiguation) and Manager (disambiguation). An organization chart for the United States Coast Guard shows the hierarchy of managerial roles in that organization. Business administration Management of a business Accounting Management accounting Financial accounting Financial audit Business entities Cooperative Corporation Limited liability company Partnership Sole proprietorship State-owned enterprise Corporate governance Annual general meeting Board of directors Supervisory board Advisory board Audit committee Corporate law Commercial law Constitutional documents Contract Corporate crime Corporate liability Insolvency law International trade law Mergers and acquisitions Economics Commodity Pu
            Read more

            Investment

            Image
            Investment From Wikipedia, the free encyclopedia Jump to navigation Jump to search This article is about investment in finance. For investment in macroeconomics, see Investment (macroeconomics). For other uses, see Investment (disambiguation). "Invest" redirects here. For the term in meteorology, see Invest (meteorology). This article needs additional citations for verification . Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. ( February 2017 ) (Learn how and when to remove this template message) In general, to invest is to distribute money in the expectation of some benefit in the future – for example, investment in durable goods, in real estate by the service industry, in factories for manufacturing, in product development, and in research and development. However, this article focuses specifically on investment in financial
            Read more