SUPEE-10570 and SUPEE-10570 VERSION 2
The following is relevant if you have applied SUPEE-10570 (VERSION 1)
or are using a Magento version that includes SUPEE-10570 (VERSION 1).
Please note that Magento issued a fix for SUPEE-10570 and SUPEE-10570 VERSION 2 fixed that issue.
If you are using SUPEE-10570 VERSION 2 you do not need a code change and can ignore the following.
The issue can be replicated when "required registration" is enabled.
Symptom: when clicking "Place Order Now" placing the order,
you are redirected to the homepage (in some cases to cart page)
instead of redirecting to the payment provider.
The order is not saved, the cart is empty.
When "required registration" is disabled in backend the checkout works correctly.
OUR COMMENTS AND FIX:
There's an bug with the SUPEE-10570 patch and Magento has issued VERSION 2 of it which fixes that bug.
The issue has been documented on the web if you require more information,
you will find on google.
Please have your developer apply this patch,
--- a/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
+++ b/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
@@ -415,7 +415,7 @@ class Mage_Core_Model_Session_Abstract_Varien extends Varien_Object
&& isset($validatorData[self::VALIDATOR_PASSWORD_CREATE_TIMESTAMP])
&& isset($sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP])
&& $validatorData[self::VALIDATOR_PASSWORD_CREATE_TIMESTAMP]
- > $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP] - $this->getCookie()->getLifetime()
+ > $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP]
) {
return false;
}
In human language:
open up the file app/code/core/Mage/Core/Model/Session/Abstract/Varien.php
and replace the line 415:
> $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP] - $this->getCookie()->getLifetime()
with
> $sessionData[self::VALIDATOR_SESSION_EXPIRE_TIMESTAMP]