[SOLVED] Duplicate orders & payments

[hotrod]

Just got another..

2 out of the last 4..
So I'm gunna leave this as.. no  it's not fixed..

And remember.. with SSL off..   There are no Double orders.  that I proved.

[Robert_ITMan]

hotrod - thanks again for your updates... I stupidly updated to 2.6.6 on my live sites when you indicated it was fixed and that it had something to do with entering the prices / costs incorrectly... hope the dev team is on it! We haven't received any orders since updating yet..! Again SSL issue makes sense! Again (as I stated before): Work around - disable SSL for now..? Maybe it is something with your SSL settings, look at all the settings with SSL in them, including:

• VM Config > Shop > Enable SSL for sensitive areas (recommended)  [I have this checked]
• Site > Global Config > Server > Force SSL [I have this 'entire site']
• maybe SEF/SEO url rewritting [try turning this off]
• .htaccess file [maybe you have something there]

I'm thinking it might have something to do with VM seeing the session / order twice, once as SSL and once without it - try forcing SSL as I have done above and add the following to the top of your .htaccess file (as copied from mine - you need to change the 'domain-name' to yours):

Code: [Select]

#following added to force www. and SSL
RewriteCond %{HTTP_HOST} !^www\.domain-name\.com [NC]
RewriteRule ^(.*)$ https://www.domain-name.com/$1 [R,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain-name.com/$1 [R,L]


[hotrod]

I'm having a very hard time having to think I should be making changes to a perfectly working site before 2.6.6   I only use SSL in account and cart..

I am also against the full site SSL because a lot of browsers.. detect secure pages differential and always throw up that warning of secure and none secure pages on every page load.  this will cause people IMO to just leave..

I do have a 301 redirect to force all pages to  ( Without) www.  Since The SSL would need to be registered under both with or without..  But none of this was a factor because 9 months and 500 orders we have never had an issue..  No clue what has changed.  and it didn't start happening for maybe 20 orders into 2.6.6..

While I was typing this....

Just called our last 4 Double orders.. Every one of them was using IE.  Some didn't know the version.. 2 know it's the latest version..

I called my last 4 orders that were fine. and none of them used internet explorer......

My issue started on June 11th.
Internet Explorer Had a huge update on June 10th !!
http://www.zdnet.com/large-internet-explorer-update-headlines-june-patch-tuesday-7000030390/

BAM!!

[Robert_ITMan]

hotrod - Still, I suggest you TRY full SSL and make sure all the links in your template are relative or use https to remove any error messages - also force www. (even when not SSL - as this might be creating duplicates when SSL is later activated?). IE browser issues are the worst! No debate that IE is too strict ... yet I've learned that every issue with IE turned out to be something on my end and after resolving the issues I'm grateful for IE because it forces me to correct the errors or conflicts that I wasn't aware of before.

FYI - we have received 4 orders and no duplicates so far since updating to 2.6.6 - will keep you posted.

[hotrod]

I'm Confused..

Should I remove the Force no WWW

How will forcing SSL  work in my indexed Pages in google?  we do very well in the search engines when people search for parts?  will it automatically go to SSL.. ?

I'm assuming your telling me to add the code you have above and Force SSL in server settings..  Yes?

And then what should I do with my Force Http:  I have in my Htacsess..

[Robert_ITMan]

hotrod - OFF TOPIC, but here: your existing (old) links without www. or SSL will simply be rewritten ... eventually google and other search engines will update your links even if you don't update your sitemap (if the change is temporary no harm done, especially if you keep the code as I provided without 301)... you might want to clear your cache and make sure your SEF links are all correct too before updating and submitting your sitemap ... the end result will give you more consistent links going forward - and better rankings too (I use Artio JoomSEF - do you use a program?). Hope that helps.

Yes, I'm curious to see if forcing https://www. will stop the duplicates for you.

Restore the default htaccess or remove any custom htaccess that might undo the code I provided (use # at the beginning of a line to comment) - attached is a copy of my htaccess (rename it remove the ending .txt).

[attachment cleanup by admin]

[hotrod]

Ugh..  Right now I don't want to force www..  I'd be ok forcing the SSL with out it.. Because I have been forcing just Http  with no www..

I think I may elect to let it ride and see what happens..  It would be great if you knew you got a IE order with no Duplication..  Lets see what happens with you in the next 5 or 6 orders..

And I won't be the only one having this issue. I would assume..

[Robert_ITMan]

hotrod - too bad you won't try it, notice I attached my htaccess above - that might be all you need to try it.

Seeing as you are the only one reporting an issue I think you need to work on your site to remove any conflicts or issues, these tools might help:
http://validator.w3.org/
http://tools.pingdom.com/fpt/
https://developers.google.com/speed/pagespeed/insights/

[hotrod]

For Now..  If it don't go away..  I will be trying all the above..  Thanks for all your help.  I'll keep you posted  you do the same..

Do you think 90% of VM users force SSL on the whole site?  I would think most run it just like I do..

[tophatco]

I have been having this problem with random credit card orders with authorize.net as well. Using Joomla 2.5.22 and Virtuemart 2.6.6. 

I see references to forcing SSL and www in previous posts.  The SSL was registered for domain.com without the www so I have been forcing visitors to the site without www, with the following code in my .htaccess

Code: [Select]

RewriteCond %{HTTP_HOST} ^www.domain.com
RewriteRule (.*) http://domain.com/$1 [R=301,L]
I am not sure if it's related and I am currently looking into why it's happening myself.

[hotrod]

I am still getting them  from users using Internet Explorer..
I thought that maybe it was from their update.. but I just ran an order through my store using IE9  it it duplicated.

This really needs to be looked into yes?  hard to believe out of the blue it goes bad and now I'm forced to make code change on what was a perfectly working store for 9 months..

Is the team Looking into this? 

[Milbo]

Code: [Select]

[quote author=hotrod link=topic=123644.msg425491#msg425491 date=1403222204]
I thought that maybe it was from their update.. but I just ran an order through my store using IE9  it it duplicated.
Therefore we should kick Microsoft, no?

Is the team Looking into this? 

The team is writing vm3. The bug happens for a minority of users only for certain browsers. We added already two fixes, which lowered the problem. So we keep an eye on it, but we wont invest unpaied hours for one user for an old version.

[hotrod]

Understood..

I am Sorry.. but I just came across the information where I can support VM.  not sure why I never knew this.. I will be looking into doing such. 

This is a great program and has served me and my clients well for many years..  and I thank you all for this.

Rod

[Milbo]

The support membership is quite new. here are two reviews http://forum.virtuemart.net/index.php?topic=124355.0 .

[hotrod]

Thank You Mibo, 

I just purchased a Silver membership.  not for you guys to fix my issue. But to show how thankful I am for such a great program.