You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Under certain rare circumstances the session stores an non-existing order id. If a user abandons checkout and an admin deletes that pending order in the meantime. If the user returns before their session expired the session will still pass that old (non existing) order id causing an error on checkout if the payment module relies on it.
To Reproduce
Steps to reproduce the behavior:
Customer: Go through checkout but abort the order at the payment provider
Customer: deletes his cart (likely not needed for this error to show but not tested)
Admin: deletes the abandoned order
Customer: returns with old session not timed out and tries to checkout again
$this->session->data['order_id'] still contains the old order id and checkout fails if there is anything relying on that order id.
Expected behavior
The cart should imo check if the order id still exists in the system at some point before processing the payment to make sure it does not error.
Server / Test environment (please complete the following information):
DDEV (docker setup)
Linux Ubuntu 22.04 LTS
PHP 8.1.23
Nginx
Browser(s) tested with Chrome 118
The text was updated successfully, but these errors were encountered:
OpenCart 4.0.2.3
Describe the bug
Under certain rare circumstances the session stores an non-existing order id. If a user abandons checkout and an admin deletes that pending order in the meantime. If the user returns before their session expired the session will still pass that old (non existing) order id causing an error on checkout if the payment module relies on it.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The cart should imo check if the order id still exists in the system at some point before processing the payment to make sure it does not error.
Server / Test environment (please complete the following information):
The text was updated successfully, but these errors were encountered: