Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Barclays EPDQ referrer URL problems (sessions ids)

gazzzzzza

By gazzzzzza
in General Support

Recommended Posts

gazzzzzza

gazzzzzza

Posted
Posted

We have recently installed Barclays EPDQ system and it works ok but for a major problem with Barclays not recognising the referrer URL when the session is being passed around via the URL. e.g. the referrer page is correct (checkout_confirmation.php) but it doesn't understand the need to ignore the ?osCsid=956ef1aaf82306ef7b066f75d02a8354. Very frustrating. I thought about preventing the checkout_payment page from sending the session, but then users not using cookies will lose their session should they go back into the shop and may even lose their order details prior to accessing the confirmation page. Jump pages are another option but I believe this would require javascript to make the jump automatically, and that would rule out non javascript users.

 

Does anyone know a good way to get round this problem?

 

Incidentally, Barclays EPDQ is not a good system because some browsers (and there additional mods) mean that a referrer URL is never sent so those users will never be able to pay using Barclays EPDQ :( - anyone got any feedback on better systems?

always here to offer some useless advice....

  • 1 month later...
Gazonice

Gazonice

Posted
Posted
We have recently installed Barclays EPDQ system and it works ok but for a major problem with Barclays not recognising the referrer URL when the session is being passed around via the URL. e.g. the referrer page is correct (checkout_confirmation.php) but it doesn't understand the need to ignore the ?osCsid=956ef1aaf82306ef7b066f75d02a8354. Very frustrating. I thought about preventing the checkout_payment page from sending the session, but then users not using cookies will lose their session should they go back into the shop and may even lose their order details prior to accessing the confirmation page. Jump pages are another option but I believe this would require javascript to make the jump automatically, and that would rule out non javascript users.

 

Does anyone know a good way to get round this problem?

 

Incidentally, Barclays EPDQ is not a good system because some browsers (and there additional mods) mean that a referrer URL is never sent so those users will never be able to pay using Barclays EPDQ :( - anyone got any feedback on better systems?

Hello,

 

I have a workaround for this problem:

 

I believe some servers that use shared SSL depend on the session ID.

 

My workaround is to remove the session ID from checkout_confirmation.php by asking the previous page - checkout_payment.php to remove it from the url and store it in a hidden field instead.

 

To do this you need to modify the line of code on checkout_payment.php from this:

 

<?php echo tep_draw_form('checkout_payment', tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'), 'post', 'onsubmit="return check_form();"'); ?>

 

 

to this:

 

<?php echo tep_draw_form('checkout_payment', tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL', false), 'post', 'onsubmit="return check_form();"') . tep_draw_hidden_field(osCsid, tep_session_id()); ?>

 

This should allow your customer to checkout to EPDQ successfully, but after making their payment (success or declined) the session will have ended and so in my case I use index.php for the return URL where they simply have to login again.

 

Please note: if your session ID is not called 'osCid', you need to alter this to match your chosen name.

 

I hope this helps someone,

 

Regards,

 

Garry

Garry

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...