Hello,
I have a shopping cart that uses paypal for checkout. Once the customer completes payment information, I use a "return link" from paypal to bring 'em back to my site and send email confirmation of order, clean up shopping cart db, etc.
Here's the problem...
If you view source on final order page before you go to paypal, you can see the return link. Here's the way customers should progress:
checkout1.php3-->paypal.com-->checkout2.php3
If the customer views source and jumps from checkout1 to checkout2 bypassing paypal, they get email confirmation and cart gets dumped even though merchant didn't get payment.
I've tried to use $HTTP_REFERER on "checkout2" to make sure customer comes to that page from URL containing term "paypal" but $HTTP_REFERER comes in blank. Is this because it's coming from a secure server?
Is there a better way to do this?
