phpvpsrealex-payments-api

Realex Payment Redirect Issue - 302 Moved Temporarily


I have recently moved servers and am having issues with our payment module since the move. We moved from PHP 5.2 to PHP 5.4.

We have a Realex Payment Module installed on xcart to process our payments, during checkout users are sent to a secure site to enter their payment details, the payment processes but they get the error: Your transaction has been successful but there was a problem connecting back to the merchant's web site

Realex have informed me that a 302 redirect is causing the problem, we have nothing in place to cause this redirect.

The following is the logs received from realex:

27.08.2013 17:02:18 carbonaction $response_uri = https://www.energysavingwarehouse.co.uk/store/payment/cc_realex_redirect.php 
27.08.2013 17:02:18 carbonaction $num_remaining = 0 
27.08.2013 17:02:18 carbonaction $client_return_url = https://www.energysavingwarehouse.co.uk/store/payment/cc_realex_redirect.php 
27.08.2013 17:02:18 carbonaction $num_remaining = 0 
27.08.2013 17:02:18 carbonaction Return URL: https://www.energysavingwarehouse.co.uk/store/payment/cc_realex_redirect.php 
27.08.2013 17:02:18 carbonaction Client Host: www.energysavingwarehouse.co.uk 
27.08.2013 17:02:18 carbonaction Client URLs: store/payment/cc_realex_redirect.php 
27.08.2013 17:02:18 carbonaction ..start POST request, UserAgent timeout set to 180 seconds.
27.08.2013 17:02:20 carbonaction ..end POST request, UserAgent returned the status: 302 Moved Temporarily
27.08.2013 17:02:20 carbonaction Error connecting to client site:Moved Temporarily

This works fine on the old server, we recently moved to a vps, could there be a potential server configuration issue here?

Thanks for your help.

Liam


Solution

  • When I visit https://www.energysavingwarehouse.co.uk/store/payment/cc_realex_redirect.php a 302 redirect bounces me to ../. This is probably because I'm doing a GET rather than a POST and there's no POST fields.

    If you've upgraded to a newer version of PHP, it's possible that the configuration has changed and the code is no longer finding all the POST fields - previously $HTTP_POST_VARS[] was OK, but now you should use $_POST[], and sometimes PHP can be configured to automatically create new variables for each POST field - e.g. name=Owen automatically creates a variable $name with the value Owen. In particular, the register_globals option was removed completely in 5.4.0 and you now need to explicitly declare variables in some situations where you didn't before (See http://php.net/manual/en/security.globals.php).

    Can you check the code in cc_realex_redirect.php to see what scenarios trigger the 302 redirect? This should look like:

    header('Location: ../');
    

    Then add some logging to ensure that all the POST data is being picked up correctly. This should lead you to the solution.