Hi All,
When I click on the Place Order button at the checkout page, the page will be redirected to my custom page where I can enter the card details. On submitting the card details the page is redirected to the 3DS ACS Emulator page for which the redirection url is given to my opencart controller function.
When I click the submit button of the ACS Emulator the page comes back to my controller(where I need to do the other stuffs).
But the problem I'm facing is that when I comes back to my controller all my sessions are distroyed and the user is automatically logout.
Here Im making an extension for MPGS (MasterCard Payment Gateway)hosted session and Im using the opencart version 3.0.3.2
Could anyone please help me for have a solution when i comes back the session doen't unset.
Thanks in advance!
Nobody can help you unless you can provide some more details, such as the OpenCart version, any extensions uses, especially what payment extension, etc.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
@JNeuhoff I have updated my question. Kindly go through it and let me know if you can help me in finding the solution for this.
Thanks in advance.
Is the customer staying on your website during the whole checkout sequence, or is he being redirected to the MC payment gateway at some stage? If the latter is the case, how does he get back to your checkout/success page? There are different ways to implement a payment extension, depending on what the payment gateway provider offers and/or requires.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
I'm returning to my controller by the POST method. Also I getting the posted value when i try to print the the values. But my sessions are gone by this time and is logout.ADD Creative wrote: ↑Fri Aug 28, 2020 11:34 pmHow are you returning to your controller, GET or POST, etc.?
I dont understand why Im getting logout once i return to my controller?
Yes,my customer is staying on my website during the checkout process and he is redirected to the MC gateway (Access Control Server (ACS) method call) upon submitting the card details and once he is redirected to the ACS emulator page and redirected to my contoller the sessions are getting unset.JNeuhoff wrote: ↑Fri Aug 28, 2020 11:47 pmIs the customer staying on your website during the whole checkout sequence, or is he being redirected to the MC payment gateway at some stage? If the latter is the case, how does he get back to your checkout/success page? There are different ways to implement a payment extension, depending on what the payment gateway provider offers and/or requires.
Could be a issue caused by the new browser cookie attribute default of SameSite=Lax. This would mean the if your customer gets redirected back to your site with a POST no session cookie will be set, which would cause you customer to be logged out. Quickest way to test, is to use a web browser that still defaults to SameSite=None.
You can check your browser behaviour here.
https://samesite-sandbox.glitch.me/
More information on forcing SameSite=None here, which will be different depending on which PHP version you are using.
viewtopic.php?f=202&t=219633
You can check your browser behaviour here.
https://samesite-sandbox.glitch.me/
More information on forcing SameSite=None here, which will be different depending on which PHP version you are using.
viewtopic.php?f=202&t=219633
Thanks for the reply. But here Im creating a plugin and the answer given above is changing in the core level. Therefore i need a solution that can fix with my plugin. Is there any other option for overcomming this?ADD Creative wrote: ↑Tue Sep 01, 2020 8:09 pmCould be a issue caused by the new browser cookie attribute default of SameSite=Lax. This would mean the if your customer gets redirected back to your site with a POST no session cookie will be set, which would cause you customer to be logged out. Quickest way to test, is to use a web browser that still defaults to SameSite=None.
You can check your browser behaviour here.
https://samesite-sandbox.glitch.me/
More information on forcing SameSite=None here, which will be different depending on which PHP version you are using.
viewtopic.php?f=202&t=219633
The issue is only happing in chrome browser.
its a core level issue so it has to be fixed there.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
iSenseLabs has already developed an extension for MPGS: https://docs.isenselabs.com/mastercard/welcome . See by using his extension if that solves the issue.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Hi All,
Thanks for the reply from all.
I have solved this by adding the below code to the function of the controller once it is redirected back to my controller.
header('Set-Cookie: ' . $this->config->get('session_name') . '=' . $this->session->getId() . '; SameSite=None; Secure');
Not sure this is the proper way. But this solved my problem.
Thanks for the reply from all.
I have solved this by adding the below code to the function of the controller once it is redirected back to my controller.
header('Set-Cookie: ' . $this->config->get('session_name') . '=' . $this->session->getId() . '; SameSite=None; Secure');
Not sure this is the proper way. But this solved my problem.
You would need to add it before the return to your controller, otherwise the first time might fail.
For the session cookie you should also add the following.
For the session cookie you should also add the following.
Code: Select all
; HttpOnlyThanks a lotADD Creative wrote: ↑Mon Sep 14, 2020 10:45 pmYou would need to add it before the return to your controller, otherwise the first time might fail.
For the session cookie you should also add the following.Code: Select all
; HttpOnly
We have released a plugin that handles all this for you and more, for your specific issue you need to cownload our "None" version - Secure Cookies & Sessions (with Strict, Lax, None samesite)
Regards, WebDesires.
We are a team of developers in the UK - professional and friendly, message us or give us a call anytime and we will be happy to help.
Phone: +44 (0) 121 318 6336 - Web: webdesires.co.uk - Skype: WebDesires
OpenCart Support - OpenCart Web Development - Our OpenCart Plugins
Active Member
Adding the following line in my virtual host helpe me solve this issue.
Header always edit Set-Cookie (.*) "$1; SameSite=Lax"
Header always edit Set-Cookie (.*) "$1; SameSite=Lax"
sreejajs wrote: ↑Tue Sep 15, 2020 12:10 pmThanks a lotADD Creative wrote: ↑Mon Sep 14, 2020 10:45 pmYou would need to add it before the return to your controller, otherwise the first time might fail.
For the session cookie you should also add the following.Code: Select all
; HttpOnly
i'm in this case and can't solve it i hope your help what code should put and where
my issue: if your login and payment successfully then return all session on my site gone and user logout but this happen first time while login again i see my order still in my cart and repeat process again done with no problem happen this happen only when use 3D secure with google chrom .
php version: 7.2
opencart version: 1.5
thanks
Who is online
Users browsing this forum: No registered users and 5 guests
