-1

I currently have a WP website that implements a PayPal integration using PHP (this is an old project I am going back to after several years away, too much time on my hands).

Current versions WordPress 5.4.1 PHP 7.1 (host providers limitations, not mine)

In the old version logged in users have access to the PayPal button, once payment is complete they were returned to a custom url (needed). During the payment process, on successful payment, I create a $_SESSION['fromProcess'] = "true"; and header('Location: customurl').

On the custom url page I check to see where the user came from and if the session is set 

if ( is_user_logged_in() ) { 

    // logged in 
    if($_SESSION['fromProcess'] == "false"){ 
        //send them back 
        header("Location: https://example.com/error-page/"); 
    } 
    else{ 
        //reset the variable 
        $_SESSION['fromProcess'] = "false"; 
    } 

    $uid = $_SESSION['uid']; 
    $txn = $_SESSION['token']; 

    if( (!isset($_SESSION['uid'])) && (!isset($_SESSION['token'])) ){ 
        header('Location: https://example.com/error-page/') ; 
        //stop executing the script 
        exit(); 
    } 

}

This seemed to work perfectly fine in the older version, but not in the newer WP,PHP versions.

Is there any way to make this work or do I need to be looking at a different approach?

Thanks

user1903887
  • 37
  • 1
  • 9
  • 1
    Where exactly is the problem, i seem not to find a reload in script, only redirect, and also shouldn't your last comparison be || instead of && ? So as to redirect if either of the conditions are false. – GeniusGeek May 23 '20 at 19:33
  • Hi GeniusGeek, the problem seems to be that it only partially works, when I redirect from PayPal (test account), it takes me back to the custom url as required, however, I can hit page refresh and it reloads, not what is required. But, if I ctrl f5 it goes to the error page, as it should do. So it would seem that for some reason it isn't capturing the session on first loading the page. That's why I was asking if there any changes between php 5 and 7 that were causing the issue. I have tried enabling php sessions with a plugin and the functions.php method as per the WordPress suggestions. – user1903887 May 24 '20 at 10:51
  • Using the logical OR ||solved some most of the issues, thanks for the suggestion. Just the browser back button to solve now as it still allows me to go back after leaving the custom url page. – user1903887 May 24 '20 at 12:43
  • some people just downvote questions, ignore it. You do not want to go back? do you have session_start() on the page? also, make use of unset() to unset session where necessary. Going back is a browser's function your web app should use a logic to redirect if the back button is used like using $_SERVER['HTTP_REFFERER'] to check where the request came from. – GeniusGeek May 25 '20 at 18:37
  • Hi GeniusGeek, thanks for the response. I had missed unsetting the session once the user moved off the page :(. I ended up using add_action('init', 'start_session', 1);, function start_session(), add_action('end_session_action','end_session'); in the theme functions. Then added do_action('end_session_action'); on the redirect page. Thanks for your advise, very much appreciated. – user1903887 May 27 '20 at 10:02
  • your are welcomed – GeniusGeek May 27 '20 at 16:42

1 Answers1

-1

make use of unset() to unset session where necessary. Going back is a browser's function, your web app should use logic to redirect if the back button is used like using $_SERVER['HTTP_REFFERER'] to check where the request came from. I hope it helps.

GeniusGeek
  • 315
  • 6
  • 14