Help for Aimeos

hello, I use aimeos laravel 2020.07
as I mentioned in another topic: laravel-package-f18/not-found-order-aft ... t3084.html

I have my custom payment service provider, i successfully send payment request to payment provider but when payment provider redirect customer to payment.url-success i give this error: No order ID available
I check it and find that $session->get( 'aimeos/orderid' ) in the Checkout/Confirm/Order/Standard class return null.

and we came to the conclusion that for this I should use ssl in my shop.
but in this topic I have request from @aimeos and that is how to retrieve order in session after redirect from online payment just with order id in url query string?
mean I want to send order id to my payment service provider as a parameter of callback (redirect) payment request url and after customer redirected to shop use that order id to find and retrieve order related to that payment request to be more sure of finding the desired order when I do not use the ssl certificate or for any reason I lost the order 'aimeos/orderid' in the session?
I want this retrieve to be such that before session clear and customer can see order and payment fault/success message or in the fault status customer can change payment method?

how can I retrieve order in session after redirect from online payment just with order id in url query string?

As long as the order ID in your GET query string isn't crypographically secured, you can't use it at all because then, everybody can change the value and they could update the payment status of every order. Therefore, the order ID is stored in the session of the user and you should find out why the order ID is missing in the session.

you should find out why the order ID is missing in the session

I know about this and find out why this happen, according to our conversation in this topic : laravel-package-f18/not-found-order-aft ... t3084.html this happen because Google Chrome has introduced a stricter sameSite cookie handling and that causes problems sometimes like the browser doesn't send the cookie to the site even if it should and I use shop without SSL, I change SameSite=None but problem was still standing.

I don't want use SSL for my domain at this time, if you know how can I fix this problem in the continuation of this topic: laravel-package-f18/not-found-order-aft ... t3084.html please give me a solution

but I think we can get order without order ID and with a secure way:

As long as the order ID in your GET query string isn't crypographically secured, you can't use it at all because then, everybody can change the value and they could update the payment status of every order.

instead use order ID in query string find order with hashed token in query string or hashed token in redirected http request body or header parameters, I can access this token but I don't know how can I retrieve order and set it again in session?

aimeos wrote: ↑25 Nov 2020, 09:51

Ahmad wrote: ↑24 Nov 2020, 09:48 I don't want use SSL for my domain at this time, if you know how can I fix this problem in the continuation of this topic: laravel-package-f18/not-found-order-aft ... t3084.html please give me a solution

If you don't want SSL, you should not set up a shop at all because you are risking the personal details of all your clients!

I say don't want use SSL

at this time

, because I want try this in localhost and for another reason I want try this to learn how can I retrieve an order from my own controller to use for some actions like send data to Invoice Generator module.

say me how can get Order in my own controller with items and other order details like delivery and payment infos, please?

You can get the complete order by ID using: If you don't need some parts, you can reduce the $domains array to speed up retrieving the order.