[dataspotgr]

Hi,

 

I'm having having with some mail notifications.

When someone places an order and pays with credit card, the order lands in CS-Cart as Paid (Status "P").

 

After that, neither me, or the customer gets a notification mail that a new order have been placed. When an order comes, with any other payment method, the order lands as open and mail notification sents normaly.

 

Any suggestions on what i should look at to solve my problem?

 

Bellow you can see the code the from payment method, in case you think that its related to my issue. Seems fine to me, and works without no errors

<?php

use Tygh\Http;
use Tygh\Registry;

if (!defined('BOOTSTRAP')) { die('Access denied'); }

if (defined('PAYMENT_NOTIFICATION')) {

    if ($mode == 'notify') {
		
        $order_id = (strpos($_REQUEST['MerchantReference'], '_')) ? substr($_REQUEST['MerchantReference'], 0, strpos($_REQUEST['MerchantReference'], '_')) : $_REQUEST['MerchantReference'];
        $order_info = fn_get_order_info($order_id);
        $processor_data = fn_get_payment_method_data($order_info['payment_id']);

        $pp_response = array();
        $pp_response['transaction_id'] = $_REQUEST['TransactionId'];
        $pp_response['transaction_datetime'] = $_REQUEST['TransactionDateTime'];
        $pp_response['reason_text'] = $_REQUEST['ResponseDescription'];

        if ($_REQUEST['ResultCode'] == 0) {
            if ( $_REQUEST['StatusFlag'] == 'Success' && in_array($_REQUEST['ResponseCode'], array('00', '08', '10', '11', '16')) ) {

                $tran_ticket = db_get_field("SELECT data FROM ?:order_data WHERE type = 'E' AND order_id = ?i", $order_id);

                $cart_hashkey_str = $tran_ticket.';'.$processor_data['processor_params']['posid'].';'.$processor_data['processor_params']['acquirerid'].';'.$_REQUEST['MerchantReference'].';'.$_REQUEST['ApprovalCode'].';'.$_REQUEST['Parameters'].';'.$_REQUEST['ResponseCode'].';'.$_REQUEST['SupportReferenceID'].';'.$_REQUEST['AuthStatus'].';'.$_REQUEST['PackageNo'].';'.$_REQUEST['StatusFlag'];
				$cart_hashkey = strtoupper(hash_hmac('sha256', $cart_hashkey_str, $tran_ticket));

                if ($cart_hashkey == $_REQUEST['HashKey']) {
                    $pp_response['order_status'] = 'P';

                    db_query("DELETE FROM ?:order_data WHERE type = 'E' AND order_id = ?i", $order_id);

                    if (!empty($_REQUEST['SupportReferenceID'])) {
                        $pp_response['reason_text'] .= '; SupportReferenceID: ' . $_REQUEST['SupportReferenceID'];
                    }

                    if (!empty($_REQUEST['ApprovalCode'])) {
                        $pp_response['reason_text'] .= '; ApprovalCode: ' . $_REQUEST['ApprovalCode'];
                    }

                } else {
                    $pp_response['order_status'] = 'F';
                    $pp_response['reason_text'] .= 'Hash value is incorrect';
                }
            } elseif ($_REQUEST['StatusFlag'] == 'Failure') {
                $pp_response['order_status'] = 'F';

            } elseif ($_REQUEST['StatusFlag'] == 'Asynchronous') {
                $pp_response['order_status'] = 'O';
                $pp_response['reason_text'] .= '; Asynchronous';
            }

        } else {
            $pp_response['order_status'] = 'F';
        }

        if (fn_check_payment_script('winpay.php', $order_id)) {
            fn_finish_payment($order_id, $pp_response, false);
        }

        fn_order_placement_routines('route', $order_id);
    } elseif ($mode == 'cancel') {

        if (!empty($_SESSION['stored_piraeus_orderid'])) {
            $order_id = $_SESSION['stored_piraeus_orderid'];
            unset($_SESSION['stored_piraeus_orderid']);
        } else {
            fn_order_placement_routines('checkout_redirect');
        }

        $pp_response['order_status'] = 'N';
        $pp_response["reason_text"] = __('text_transaction_cancelled');

        if (fn_check_payment_script('piraeus.php', $order_id)) {
            fn_finish_payment($order_id, $pp_response, false);
        }

        fn_order_placement_routines('route', $order_id);
    }

} else {

    if (!empty($payment_info['installments'])) {

        if (Registry::get('addons.winpay.show_all_installments') == 'Y') {
			$installment = db_get_row('SELECT * FROM ?:winpay_installments WHERE installment_id = ?i', $payment_info['installment_id']);
			$installment['installments'] = $payment_info['installments'];
		} else {
			$installment = db_get_row('SELECT * FROM ?:winpay_installments WHERE installment_id = ?i', $payment_info['installments']);
		}
		$ab_interest = $order_info['total'] * ($installment['p_interest']/100) + $installment['a_interest'];
		$ab_total = $order_info['total'] + $ab_interest;
		$ab_payment_surcharge = $ab_interest + $order_info['payment_surcharge'];
		db_query("UPDATE ?:orders SET ?u WHERE order_id = ?i", array('total' => $ab_total, 'payment_surcharge' => $ab_payment_surcharge), $order_info['order_id']);
		$order_info['total'] = $ab_total;
		$period = $installment['installments'];

		$_data = array (
			'order_id' => $order_id,
			'type' => 'P', //payment information
			'data' => fn_encrypt_text(serialize(array('installments' => $period))),
		);

		db_query("REPLACE INTO ?:order_data ?e", $_data);

    } else {

		$period = 0;

    }

	$ticketing_data = Array (
        'AcquirerId' => $processor_data['processor_params']['acquirerid'],
        'MerchantId' => $processor_data['processor_params']['merchantid'],
        'PosId' => $processor_data['processor_params']['posid'],
        'Username' => $processor_data['processor_params']['username'],
        'Password' => md5($processor_data['processor_params']['password']),
        'RequestType' => $processor_data['processor_params']['requesttype'],
        'CurrencyCode' => $processor_data['processor_params']['currencycode'],
        'MerchantReference' => (($order_info['repaid']) ? ($order_id . '_' . $order_info['repaid']) : $order_id),
        'Amount' => $order_info['total'],
        'Installments' => $period,
        'Bnpl' => 0,
        'ExpirePreauth' => (($processor_data['processor_params']['requesttype'] == '00') ? $processor_data['processor_params']['expirepreauth'] : '0'),
        'Parameters' => '',
        'MyBank' => (isset($processor_data['processor_params']['mybank']) && $processor_data['processor_params']['mybank'] == 'Y') ? 'yes' : 'no',
    );

    $str = <<<EOT
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<IssueNewTicket xmlns="http://piraeusbank.gr/paycenter/redirection">
<Request>
EOT;
    $str .= fn_array_to_xml($ticketing_data);
    $str .= <<<EOT
</Request>
</IssueNewTicket>
</soap:Body>
</soap:Envelope>
EOT;
    $str = str_replace(array("\t", "\n", "\r"), '', $str);

    $response_data = Http::post("https://paycenter.piraeusbank.gr/services/tickets/issuer.asmx", $str, array(
        'headers' => array(
            'Content-type: text/xml; charset=utf-8',
            'SOAPAction: http://piraeusbank.gr/paycenter/redirection/IssueNewTicket'
        )
    ));

    $resultcode = true;
    $pp_response = array();

    if (strpos($response_data, '<ResultCode') !== false) {
        if (preg_match('!<ResultCode[^>]*>([^>]+)</ResultCode>!', $response_data, $matches)) {
            $resultcode = $matches[1];
        }
    }

    if ($resultcode == "0") {

        if (strpos($response_data, '<TranTicket') !== false) {
            if (preg_match('!<TranTicket[^>]*>([^>]+)</TranTicket>!', $response_data, $matches)) {
                $data = array (
                    'order_id' => $order_id,
                    'type' => 'E',
                    'data' => $matches[1],
                );
                db_query("REPLACE INTO ?:order_data ?e", $data);
            }
        }

        $post_url = 'https://paycenter.piraeusbank.gr/redirection/pay.aspx';

        $post_data = array (
            'AcquirerId' => $processor_data['processor_params']['acquirerid'],
            'MerchantId' => $processor_data['processor_params']['merchantid'],
            'PosId' => $processor_data['processor_params']['posid'],
            'User' => $processor_data['processor_params']['username'],
            'LanguageCode' => $processor_data['processor_params']['languagecode'],
            'MerchantReference' => (($order_info['repaid']) ? ($order_id . '_' . $order_info['repaid']) : $order_id),
            'ParamBackLink' => ""
        );

        $_SESSION['stored_piraeus_orderid'] = $order_id;

        fn_create_payment_form($post_url, $post_data, 'Piraeus server');
    exit;

    } else {
        $pp_response['order_status'] = 'F';
        $pp_response["ResultCode"] = $resultcode;

        if (strpos($response_data, '<ResultDescription') !== false) {
            if (preg_match('!<ResultDescription[^>]*>([^>]+)</ResultDescription>!', $response_data, $matches)) {
                $pp_response["reason_text"] = $matches[1];
            }
        }
    }


}

[eComLabs]

Try to replace (2 lines)

fn_order_placement_routines('route', $order_id);

with

fn_order_placement_routines('route', $order_id, true);

[dataspotgr]

 

Try to replace (2 lines)

fn_order_placement_routines('route', $order_id);

with

fn_order_placement_routines('route', $order_id, true);

Thank you eComLabs. I'll give it a try and i'll let you know!

[dataspotgr]

Well, that didn't solve my problem. I'm running CS-Cart 4.11.5. I was aware for a bug with cs-cart 4.9-4.11.4 that after the chrome upgrade the jQuery had to be updated, otherwise the old jQuery version was redirecting the customers after the payment to the log in page and not to the thank you page.

 

As log as i run 4.11.5 version thats not an issue for me because in the last cs-cart upgrade the jQuery version got updated too.

 

Any other suggestions?

[tbirnseth]

Sounds obvious, but double check the settings for the "orders department" email address.  Ensure it doesn't have any leading/trailing whitespace since cs-cart is not very good at trimming data.

[dataspotgr]

 

 

Sounds obvious, but double check the settings for the "orders department" email address.  Ensure it doesn't have any leading/trailing whitespace since cs-cart is not very good at trimming data.

 

Did that too and its fine. I just have to mention again, that the e-mail not get sent only when a customer makes payment by card. With any other payment method everything works fine.

[eComLabs]

Well, that didn't solve my problem

 

Did you change 2 lines? Additional parameter should force order notification

[dataspotgr]

Yes i changed both lines and cleared cache too

[eComLabs]

Please also make sure that the following emails are enabled

 

Administration -> Notifications -> Customer notifications -> Order status changed to Paid

Administration -> Notifications -> Administrator notifications -> Order status changed to Paid

[dataspotgr]

I would like to post an update for this problem.

 

I have done everthing you told me so far and nothing worked. Seems like i have a idea about what could cause the problem of mail not beeing sent and i would like to share it with you for.

 

After the payment is succesfully done on the bank's website, when the customer is redirecting back to the e-shop, insteand of landing to the "Thank you" page, is landing to the "Log in/Register" page and the URL seems like this:

/index.php?dispatch=auth.login_form&return_url=index.php%3Fdispatch%3Dcheckout.complete%26order_id%3D1110

 

I thinking that if the customer is not landing to "Thank you" page may cause the problem with mail notifications.

 

Right now i'm using a clean in build CS-Cart payment method the "Winbank (Piraeus) Redirection" on CS-Cart Version 4.11.5 (/app/payments/piraeus.php).

[eComLabs]

 

After the payment is succesfully done on the bank's website, when the customer is redirecting back to the e-shop, insteand of landing to the "Thank you" page, is landing to the "Log in/Register" page and the URL seems like this:

 

Several users here wrote about the same issue. Please make a post in the bug tracker

[dvsgr]

The problem is with cookie policy on Google Chrome after version 80.

 

Its about the  cookies where the SameSite has no value so they are considered as SameSite=Lax. Cookies that are included in cross-site requests should be SameSite=None and Secure.

 

So when bank is running a cross-site request like POST request, after the payment towards the store in order to refresh the order status and get the order confirmation page 

 

PHP 7.3 ships the feature natively. Before that you need a library liek https://github.com/d...t-im/PHP-Cookie

[tbirnseth]

Thanks Fotis...  So much to keep up on!