Fixed Payment\AbstractProvider validateTransaction bug (for child providers also)

Yoskaldyr

Well-known member
Affected version
2.x
In the Payment\AbstractProvider class in the validateTransaction method this code is used:
PHP:
    public function validateTransaction(CallbackState $state)
    {
        /** @var \XF\Repository\Payment $paymentRepo */
        $paymentRepo = \XF::repository('XF:Payment');
        if ($paymentRepo->findLogsByTransactionId($state->transactionId)->total())
        {
            $state->logType = 'info';
            $state->logMessage = 'Transaction already processed. Skipping.';
            return false;
        }
        return true;
    }
But this code doesn't have any checks for providerId. As result in some situations when different providers have the same transaction id some transactions are confirmed incorrectly. Transaction id is unique for the same provider, but doesn't unique between providers

The same problem exists in child provider classes (PayPal, etc...)
 
I can confirm that. Besides all this when using completeTransaction.
Besides all this when using completeTransaction. breaks the logic of work of purchaseble content.
Any attempts to complete the transaction by the completePurchase () method on the $ purchasableHandler side result in redefining the transaction status by the payment gateway to type 'info' with the message 'YES'.
In addition, there are times when the payment system requires json headers in the response, then there are problems. And you have to create your own payment_callback with your own headers and a crutch comes out.
 
Thank you for reporting this issue. It has now been resolved and we are aiming to include it in a future XF release (2.1.5).

Change log:
When trying to find matching transactions when processing payments, ensure we limit it to transactions from the same provider.
Any changes made as a result of this issue being resolved may not be rolled out here until later.
 
Back
Top Bottom