I have a checkout.php going to a payment gateway using a form and "process payment" button, as the user is sent to the payment gateway hosted page the orderID with other information is sent to the database. The trouble i am having is if the user hits the back button on the brower then returns back to the checkout.php then try and click process payment again the are given the duplicate key as this orderID has already been sent to the database
what options do i have for correcting this. i thought about having a refresh once script then killing the orderID on the checkout.php page. this way if they return to the page via the back button the page should refresh then kill the orderID.
is this a way of doing it or incorrect?
thanks in advance
browser back button ...orderID already sent to DB giving dup
Moderator: General Moderators
-
jonnyfortis
- Forum Contributor
- Posts: 462
- Joined: Tue Jan 10, 2012 6:05 am
Re: browser back button ...orderID already sent to DB giving
The method I like best is, basically, recording that the order was placed (with that order ID) as one of the first things your payment processing script does. It can be in a pending state which you would then update later to indicate it's been processed, or even whether it succeeded.
That way if they click back and resubmit, that order ID will already be associated with something and the processing script can abort with some kind of "duplicate order" error.
That way if they click back and resubmit, that order ID will already be associated with something and the processing script can abort with some kind of "duplicate order" error.
-
jonnyfortis
- Forum Contributor
- Posts: 462
- Joined: Tue Jan 10, 2012 6:05 am
Re: browser back button ...orderID already sent to DB giving
hello I have a value of pending that is sent to the order details that is associated with the orderID but how to i tell the code the if pending choose that orderID and continue?requinix wrote:The method I like best is, basically, recording that the order was placed (with that order ID) as one of the first things your payment processing script does. It can be in a pending state which you would then update later to indicate it's been processed, or even whether it succeeded.
That way if they click back and resubmit, that order ID will already be associated with something and the processing script can abort with some kind of "duplicate order" error.
this is the code i have for getting the order ID etc..
Code: Select all
// *** Retrieve X ID ***
if (!session_id()) session_start();
$XC_OrderIdSessionVar = "OrderID";
if (!isset($_SESSION[$XC_OrderIdSessionVar])) {
// Get a unique OrderID number and save to session.
$XC_tableName = "LOTTIE_nextorder";
$XC_fieldName = "NextOrderID";
mysql_select_db($database_lotties, $lotties);
$XC_IdSource = "select " . $XC_fieldName . " from " . $XC_tableName;
$XC_rsId = mysql_query($XC_IdSource, $lotties) or die(mysql_error());
$row_XC_rsId = mysql_fetch_assoc($XC_rsId);
$_SESSION[$XC_OrderIdSessionVar] = $row_XC_rsId[$XC_fieldName];
$$XC_OrderIdSessionVar = $_SESSION[$XC_OrderIdSessionVar];
session_register($XC_OrderIdSessionVar);
$XC_next = $_SESSION[$XC_OrderIdSessionVar] + 1;
$XC_upd = "update " . $XC_tableName . " set " . $XC_fieldName . " = " . $XC_next;
$XC_rsId = mysql_query($XC_upd, $lotties) or die(mysql_error());
$XC_rsId = null;
}Code: Select all
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO LOTTIE_orders (OrderID, CustomerID, OrderDate, Shipping, Discount, Tax, Total, TransactResult) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['OrderID'], "text"),
GetSQLValueString($_POST['CustomerID'], "int"),
GetSQLValueString($_POST['OrderDate'], "date"),
GetSQLValueString($_POST['Shipping'], "double"),
GetSQLValueString($_POST['Discount'], "double"),
GetSQLValueString($_POST['Tax'], "double"),
GetSQLValueString($_POST['XC_Amount'], "double"),
GetSQLValueString($_POST['TransactResult'], "text"));
Re: browser back button ...orderID already sent to DB giving
Isn't there a second page in your checkout process? Something that comes after the order is initiated and before the payment is committed, like a confirmation page?
-
jonnyfortis
- Forum Contributor
- Posts: 462
- Joined: Tue Jan 10, 2012 6:05 am
Re: browser back button ...orderID already sent to DB giving
its is sent to a process.php page using this coderequinix wrote:Isn't there a second page in your checkout process? Something that comes after the order is initiated and before the payment is committed, like a confirmation page?
Code: Select all
// *** Save XCart contents to table ***
require_once('XCInc/XCsaveAction.inc');
if (isset($_GET['XC_SaveCartToTable']) && ($_GET['XC_SaveCartToTable'] == "1")) {
$XC_destColName = array("ProductID","Quantity","","UnitPrice","","Total");
$XC_destColType = array("str","str","str","num","num","num");
$XC_orderId = $_SESSION['OrderID'];
$XC_tableName = "LOTTIE_orderdetails";
$XC_OrderIDCol = "OrderID";
$XC_OrderIDType = "num";
$XC_AddToTableRedirect = "../HostedSample/Process.php?$x_reqstr";
$XC_conName = "lotties";
require_once('XCInc/SaveXCartToTable.inc');
}
Code: Select all
<?php
// variables to send
if (!session_id()) session_start();
$itemNumber = $_SESSION["OrderID"];
//$itemNumber = $_SESSION["OrderID"];
$itemName = "Shopping at Lottie and Jakes ";
$amount = $_GET["amount"];
$firstN = $_GET["firstname"];
$lastN = $_GET["lastname"];
$emailC = $_GET["cemail"];
?>