View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007784 | module PayPal Checkout | module PayPal checkout - sub | public | 2025-04-10 08:37 | 2025-08-19 11:03 |
| Reporter | fcos | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | random |
| Status | resolved | Resolution | fixed | ||
| Product Version | 2.5.2 / 3.4.0 | ||||
| Fixed in Version | 2.6.0 | ||||
| Summary | 0007784: order handling when paypal checkout order id is missing | ||||
| Description | Hello, we had some weird order state combination and it seem that it could be a missing paypal checkout order id and the handling in vendor/oxid-solution-catalysts/paypal-module/src/Controller/OrderController.php;:finalizepaypalsession(). The order is payed in paypal, oxtransstatus = OK. Folder is new and mail got send, but the order was automatically canceled in oxid. We found the following in the log: PayPal Payment Logger.ERROR: Client error: `GET https://api.paypal.com/v2/checkout/orders/` resulted in a `404 Not Found` response , wich comes from OxidSolutionCatalysts\\PayPal\\Service\\Payment->fetchOrderFields('', ''), because it got requested with an empty order id. It seems the checkout order id from the paypal session PayPalSession::getCheckoutOrderId() was missing in finalizepaypalsession(). That triggers the following code: ```` $cancelSession = !$sessionOrderId || !$sessionCheckoutOrderId || ($standardRequestId !== $sessionCheckoutOrderId); if (!$vaulting && $cancelSession) { $this->getServiceFromContainer(OrderPayPalService::class) ->cancelPayPalSession('request to session mismatch'); } ```` wich calls removeTemporaryOrder() and cancels the order, but the return from cancelPayPalSession doesnt get processed in finalizepaypalsession so the code in finalizepaypalsession continues. Shouldnt there be a redirect for the return from cancelPayPalSession() or is the current logic correct? At the moment we cant say why the paypal order id was missing, but it seems the oxid order id (sess_challenge) was there because we didtn see other hard faulure for not loading the order and the order state... was set. | ||||
| Steps To Reproduce | Unfortunately thats nothing we can reproduce under normal circumstances, to test this we just set $sessionCheckoutOrderId = '' in finalizepaypalsession (): | ||||
| Tags | No tags attached. | ||||
|
|
If the problem is not resolved, please reopen the ticket. |
|
|
In the current module version (v2.6.1 for OXID6 and v3.5.0 for OXID7), we have revised how we handle canceled orders and subsequent retries. This means that the customer can now retry a previously canceled order using PayPal or credit card. This may have been the exact problem of the missing OrderID in the session. Could you try this again? If the problem is still not resolved, please reopen the ticket. |
