Al Brookbanks

Yes someone pointed out that CubeCart looks badly managed/full of bugs on github due to the sheer volume of open issues. Most of these are in fact features request. The idea is to close them without milestone for future consideration. Once we start integrating we will assign a milestone and open.

No no no. It's closed with no milestone. This doesn't mean it won't be implemented.

If SSL is not enabled I have no answer for you. Please check PHP sessions work and the basket data as a test holds.

Check the php error log. "ZipArchive" with PHP is required. If its not that something else may be blocking it working.

Hi Matt, you should be able to download it from our website once logged in with the email address used to purchase it.

I've seen this before on rare occasions. Has data in the database been changed manually? Maybe some data was deleted outside of CubeCart. To fix it change the cardinality if the auto increment of the customer_id to be greater than the maximum customer I'd in the CubeCart_addressbook table.

Just order status change automatically from payment status responses.

Please find fix for when CSRF is enabled on the front end here: https://github.com/cubecart/v6/commit/df12071a6e99bab5e87534557e02cc4740a1173c

It didn't work for me. There is no default product? Did you delete it after install? Maybe the store isn't installed right or there was an error on install.

@SergeiG Can you go to the stores settings and just click save then see if it works?

Clearing temporary internet files will fix this in 6.1.7.

It should have done. It's CSRF protection. CubeCart needs to know where to expect data from to rule out tricked URL's and data that could be malicious.

The only thing changed concerning sessions is that under SSL a secure session cookie is used. That shouldn't make a difference. Please note that they will get booted out if they share logins or have multiple tabs/windows open.

I can do this for you in the morning if you want.

Sorry.. I'm flat out doing 55 things at once. Leave it false for now.

Yes.

So the CSRF test needs exceptions for remote server calls.

Card payments on site and not IPN dependant for status.

.. but it will probably work if you configure PHP with Ioncube.

modules/plugins/

Ok can you change; https://github.com/cubecart/v6/blob/master/skins/foundation/config.xml#L20 <csrf>true</csrf> To: <csrf>false</csrf>

Isn't your issue intermittent? If so my thoughts are not relevant. It would be all or nothing.

I'm wondering if for those stores with CSRF turned on on the front end payment gateway data is failing as there is no CSRF token.

Are you all using stock Foundation skin from 6.1.7 or a mixture?

You don't need to specify the URL in PayPal and IPN can be turned off. CubeCart sends the IPN URL with every transaction. The issue here is more likely to he related to this (which has had the goal posts moved a few times): Also please check your IPN history for status codes: https://support.cubecart.com/Knowledgebase/Article/View/213/41/orders-placed-with-paypal-are-not-automatically-changing-status-to-processing