1

I integrated PayPal Button in my website.

When an user select pay with PayPal Button, a PayPal login screen appears. The user login into, select your card, shipping address and click in "continue".

After that, PayPal redirects (using JS) to my callback URL:

https://foo.com/paypalbutton/callback

In some cases, after redirect, the session is changed. So my PHP script, that handle /paypalbutton/redirect, cant read the cart_id stored in the session.

Any ideas ?

ramiromd
  • 2,019
  • 8
  • 33
  • 62
  • 1
    Hmm, are you using multiple web server instances or some sort of load balancing? – War10ck Nov 08 '18 at 16:10
  • @War10ck only 1 server, without load balancing. – ramiromd Nov 08 '18 at 16:11
  • Possible duplicate of [PHP session lost after redirect](https://stackoverflow.com/questions/17242346/php-session-lost-after-redirect) – Blackbam Nov 08 '18 at 16:16
  • @RainerPlumer makes a good point in their answer. Depending on whether or not the user is routed back to the same subdomain, the session may be lost if it is not set to properly propagate across all subdomains. Consider using the `session_set_cookie_params()` function with domain set to `.foo.com` to allow the session to operate on all subdomains regardless of where the session is first started. – War10ck Nov 08 '18 at 16:24

1 Answers1

0

Hard to say for sure but my guesses are below I've had a similar problem when a url was http://example.org but a webhook redirected to http://www.example.com. www.example.org is not the same as example.org

Make sore your url is the same before and after the redirect. If it was https - make sure it remains https, If it had www prefix - make sure it will still have www prefix after redirect If it had subdomain prefix - keep that as well.

If nothing else helps - save session is database

Rainer Plumer
  • 3,693
  • 2
  • 24
  • 42
  • 1
    Good call on the _subdomain_. I hadn't thought of that. The OP could try setting the session cookie to propagate across subdomains using the [`session_set_cookie_params()`](http://php.net/manual/en/function.session-set-cookie-params.php) function and setting the `domain` parameter to `.example.com`... – War10ck Nov 08 '18 at 16:22
  • I access the website using www.foo.com and yes ! The session is renewed after redirects ! – ramiromd Nov 08 '18 at 16:27